Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the popular CPU-Z and HWMonitor tools. The two utilities have millions of users who rely on them for tracking the physical health of internal computer hardware and for comprehensive specifications of a […]
Microsoft: Canadian employees targeted in payroll pirate attacks
A financially motivated threat actor tracked as Storm-2755 is stealing Canadian employees’ salary payments after hijacking their accounts in payroll redirection (also known as payroll pirate) attacks. The attackers used malicious Microsoft 365 sign-in pages to steal victims’ authentication tokens and session cookies by redirecting them to domains (e.g., bluegraintours[.]com) hosting malicious web pages (pushed […]
Google rolls out Gmail end-to-end encryption on mobile devices
Google says Gmail end-to-end encryption (E2EE) is now available on all Android and iOS devices, allowing enterprise users to read and compose emails without additional tools. Starting this week, encrypted messages will be delivered as regular emails to Gmail recipients’ inboxes if they use the Gmail app. Recipients who don’t have the Gmail mobile app […]
New ‘LucidRook’ malware used in targeted attacks on NGOs, universities
A new Lua-based malware, called LucidRook, is being used in spear-phishing campaigns targeting non-governmental organizations and universities in Taiwan. Cisco Talos researchers attribute the malware to a threat group tracked internally as UAT-10362, who they describe as a capable adversary “with mature operational tradecraft.” LucidRook was observed in attacks in October 2025 that relied on […]
Healthcare IT solutions provider ChipSoft hit by ransomware attack
Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. ChipSoft is a large provider of Electronic Health Record (EHR) systems in the Netherlands. Its flagship platform, HiX, is used by many Dutch hospitals. Earlier this week, users […]
Google Chrome adds infostealer protection against session cookie theft
Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block info-stealing malware from harvesting session cookies. macOS users will benefit from this security feature in a future Chrome release that has yet to be announced. The new protection has been announced in 2024, and it works by cryptographically linking […]
Smart Slider updates hijacked to push malicious WordPress, Joomla versions
Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version with multiple backdoors. The developer says that only the Pro version 3.5.1.35 of the plugin is affected and recommends switching immediately to the latest version, currently 3.5.1.36, or 3.5.1.34 and earlier. Apart from installing backdoors in […]
Eurail says December data breach impacts 300,000 individuals
Eurail B.V., a European travel operator that provides digital passes covering 33 national railways, says attackers stole the personal information of over 300,000 individuals in a December 2025 data breach. Eurail is a Netherlands-based company that sells Interrail and Eurail passes for multi-country train travel across Europe, passes that are also available to young Europeans […]
Hackers exploiting Acrobat Reader zero-day flaw since December
Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December. The attacks have been discovered by security researcher Haifei Li (the founder of the sandbox-based exploit-detection platform EXPMON), who warned on Tuesday that the attackers are using what he described as a “highly sophisticated, fingerprinting-style PDF exploit” to […]
Hackers steal $3.6 million from crypto ATM giant Bitcoin Depot
Bitcoin Depot, which operates one of the largest Bitcoin ATM networks, says attackers stole $3.665 million worth of Bitcoin from its crypto wallets after breaching its systems last month. The company manages more than 25,000 Bitcoin ATMs and BDCheckout locations worldwide and reported revenue of $615 million in 2025. As revealed in a filing with […]