Google researchers expose EtherHiding technique storing malware payloads in Ethereum and BNB smart contracts. First nation-state adoption of unkillable blockchain C2 infrastructure.
eSentire researchers expose Omnistealer, a North Korean infostealer storing payloads in blockchain transactions. 300,000 credentials compromised across government and defense sectors.
HUMAN Security exposes Pushpaganda campaign using AI content to poison Google Discover feeds, generating 240 million fraudulent ad requests through scareware and fake news.
Dutch fitness chain Basic-Fit confirms hackers accessed bank account details, addresses, and personal data for up to 1 million members across six European countries.
Microsoft's April 2026 Patch Tuesday fixes 167 vulnerabilities including CVE-2026-32201, an actively exploited SharePoint zero-day. Eight critical RCE flaws patched.
A fraudulent Ledger Live app distributed through Apple's Mac App Store stole $9.5M from 50+ victims who entered seed phrases. ZachXBT traced funds to KuCoin.
Joint FBI-Indonesian operation dismantles W3LL phishing platform behind $20M in fraud attempts. Developer arrested after 25,000+ stolen accounts sold since 2019.
Critical CVSS 9.8 command injection vulnerability in Totolink A7100RU routers enables unauthenticated remote code execution. Public exploit available, no patch released.
FBI IC3 2025 report reveals record $20.9 billion in cybercrime losses. Investment fraud tops $8.6B, cryptocurrency scams reach $11.4B, and ransomware losses surge 259%.
Google warns of UNC6783 threat actor using Okta and Zendesk phishing to breach BPO providers, stealing 13M Adobe support tickets and bug bounty data. FIDO2 keys recommended.
Learn about ransomware, phishing, malware, and essential online safety practices.
Curated books, tools, and resources to deepen your cybersecurity knowledge.
Get the latest cybersecurity news delivered to your inbox.