SoFi Hong Kong is warning that it suffered a data breach after hackers gained access to a database at a third-party vendor containing customer information. […]
SoFi confirms third-party data breach at Hong Kong subsidiary Read More »
New variants of the NFCShare Android malware are being distributed as fake updates for legitimate banking apps hosted on GitHub. […]
NFCShare Android malware spreads via fake banking app updates on GitHub Read More »
At WWDC 26, Apple announced an Apple Intelligence-powered feature that can automatically fix weak and compromised passwords. This works in Safari, and it’s rolling out with iOS 27. […]
New Apple feature automatically changes your compromised passwords Read More »
Monday again. The weekend was meant to be quiet. It wasn’t. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still worked. A chatbot got fooled. A bot token got leaked inside the malware. The same old mistakes showed up again. And while everyone
⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More Read More »
Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for Tier 1 to review, another link to inspect, and another alert that cannot be dismissed at a glance. As
AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload Read More »
Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol. The vulnerability, tracked as CVE-2026-50751 (CVSS score: 9.3), is a case of a logic flow weakness in certificate validation that allows an unauthenticated remote attacker
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups Read More »
Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the tech giant said it’s filing a federal court contempt order against the company for violating a permanent injunction that barred it from targeting WhatsApp and its users. “They tried to trick people into clicking on
Meta Blocks NSO Group’s New WhatsApp Phishing Attack, Files Contempt Order Read More »
Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to steal developer secrets. […]
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages Read More »
Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and access any repositories (including private ones). […]
Gogs patches critical zero-day enabling remote code execution Read More »
WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks. […]
WhatsApp says it disrupted new NSO spyware phishing attacks Read More »