WebKit fix after Coruna exploit kit abused iOS flaws, protecting older iPhones and iPads from memory corruption attacks ...

ThreatsDay: OAuth abuse, Signal hijacks, Zombie ZIP evasion, Teams malware, AI hack, RondoDox botnet, and more cyber stories.

Rust-based VENON malware targets 33 Brazilian financial platforms using advanced evasion and overlays, enabling credential theft.

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...

Interactive sandbox analysis exposes phishing hidden in HTTPS and trusted infrastructure, helping SOCs detect attacks and prevent credential theft.

Phishing floods overwhelm SOC analysts; with 66% unable to keep up, attackers hide spear-phishing in alert queues, increasing ...

Six Android malware families discovered targeting banking apps and crypto wallets, exploiting accessibility features to steal funds and data.

CISA adds n8n RCE flaw CVE-2025-68613 to KEV after active exploitation; 24,700 exposed instances raise compromise risk.

Meta disabled 150,000 scam accounts tied to Southeast Asian fraud networks, prompting arrests and new anti-scam tools to protect users.

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Researchers show GAN-trained phishing pages can trick Perplexity’s Comet AI browser in under four minutes, exposing a new AI-targeted attack surface.

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...