17 Jul, 2026

MKVCinemas streaming piracy service with 142M visits shuts down

An anti-piracy coalition has dismantled one of India’s most popular streaming piracy services, which has provided free access to movies and TV shows to millions over the past two years. Backed by over 50 major television networks and film studios, including Disney, Warner Bros, Netflix, Paramount, Sony Pictures, and Universal Pictures, the Alliance for Creativity […]

2 mins read

Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks

Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in Gladinet’s CentreStack and Triofox products for secure remote file access and sharing. By leveraging the security issue, the attackers can obtain hardcoded cryptographic keys and achieve remote code execution, researchers warn. Although the new cryptographic vulnerability does not have an […]

3 mins read

Notepad++ fixes flaw that let attackers push malicious update files

Notepad++ version 8.8.9 was released to fix a security weakness in its WinGUp update tool after researchers and users reported incidents in which the updater retrieved malicious executables instead of legitimate update packages. The first signs of this issue appeared in a Notepad++ community forum topic, where a user reported that Notepad++’s update tool, GUP.exe (WinGUp), spawned […]

4 mins read

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with malware hidden inside dependency folders. The malicious activity was uncovered recently, and security researchers found that the operator used a malicious file posing as a .PNG image. The VSCode Market is Microsoft’s official extensions portal for the widely used […]

2 mins read

UK fines LastPass over 2022 data breach impacting 1.6 million users

The UK Information Commissioner’s Office (ICO) fined the LastPass password management firm £1.2 million for failing to implement security measures that allowed an attacker to steal personal information and encrypted password vaults belonging to up to 1.6 million UK users in a 2022 breach. According to the ICO, the incident stemmed from two interconnected breaches […]

5 mins read

Hackers exploit unpatched Gogs zero-day to breach 700 servers

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers. Written in Go and designed as an alternative to GitLab or GitHub Enterprise, Gogs is also often exposed online for remote collaboration. CVE-2025-8110, the Gogs RCE vulnerability exploited in these attacks, stems […]

2 mins read

Google fixes eighth Chrome zero-day exploited in attacks in 2025

Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, marking the eighth such security flaw patched since the start of the year. “Google is aware that an exploit for 466192044 exists in the wild,” Google said in a security advisory issued on Wednesday. The company has now fixed this high-severity vulnerability […]

2 mins read

Google ads for shared ChatGPT, Grok guides push macOS infostealer malware

A new AMOS infostealer campaign is abusing Google search ads to lure users into Grok and ChatGPT conversations that appear to offer “helpful” instructions but ultimately lead to installing the AMOS info-stealing malware on macOS. The campaign was first spotted by researchers at cybersecurity company Kaspersky yesterday, while Huntress managed security platform published a more detailed report earlier today. […]

3 mins read

New DroidLock malware locks Android devices and demands a ransom

A newly discovered Android malware dubbed DroidLock can lock victims’ screens for ransom and access text messages, call logs, contacts, audio recordings, or even erase data. DroidLLock allows its operator to take complete control of the device via the VNC sharing system and can steal the device lock pattern by placing an overlay on the […]

2 mins read