11 Jul, 2026

Malicious JetBrains Marketplace plugins steal AI API keys from developers

At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. The campaign, discovered by Aikido Security, includes plugins that act as AI coding assistants, code-review tools, and Git utilities powered by popular AI services such as OpenAI, DeepSeek, and SiliconFlow. “We detected a coordinated malware campaign […]

3 mins read

New Rokarolla Android malware targets 217 banking, crypto apps

A new Android banking trojan named Rokarolla is targeting 217 banking and cryptocurrency applications using an extensive set of 137 commands. The malware is distributed via malicious websites purporting to provide the Google Chrome or TikTok app, and can take complete administrative control of a compromised device. Its capabilities include stealing lock screen credentials, contact […]

3 mins read

Steam Workshop abused to spread malware via Wallpaper Engine app

Threat actors are abusing Steam Workshop, Valve’s community hub for downloading game-related content, to push various malware hidden in wallpaper packages. Infected wallpapers can lead to hijacking Steam accounts, compromising the system with a backdoor, or running cryptomining processes. Steam Workshop is a built-in content-sharing platform on Valve’s Steam gaming service where users can upload […]

2 mins read

UK to require ID or face scan before you can make social media accounts

The UK government will ban under-16s from social media, with regulations due before Christmas and the rules taking effect in spring 2027. To enforce it, platforms must age-check their users. In practice that means anyone opening a new account will likely have to prove they’re over 16 by uploading an ID or passing a facial […]

9 mins read

FTC warns of record $3.5 billion losses to imposter scams in 2025

The U.S. Federal Trade Commission (FTC) warned that Americans lost $3.5 billion to imposter scams in 2025, with reported losses nearly tripling since 2020. Imposter scams were also the most reported fraud category last year, accounting for nearly one in three fraud reports filed with the FTC. In these scams, the fraudsters reach victims through […]

2 mins read

CISA warns of another cPanel plugin flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin. Tracked as CVE-2026-48172, this high-severity vulnerability was reported by Namecheap and allows attackers with FTP or web shell access to escalate privileges to root on […]

2 mins read

Ransomware gang abuses Microsoft Teams relays to hide malicious traffic

DragonForce ransomware used a custom malware named ‘Backdoor.Turn’ to hide command-and-control traffic inside Microsoft Teams relay infrastructure. The backdoor abuses the Traversal Using Relays around NAT (TURN) protocol used by Microsoft Teams to distribute messages when a direct connection to the client is unavailable (e.g., clients on a private network). DragonForce is a ransomware operation active since […]

3 mins read

Critical Fortinet FortiSandbox flaws now exploited in attacks

Attackers are now exploiting several critical vulnerabilities in Fortinet’s FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. Fortinet released security updates for these three critical-severity security flaws (tracked as CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089) on April 14. These flaws allow unauthenticated threat actors to escalate privileges and execute unauthorized code remotely through low-complexity command injection attacks […]

2 mins read

Windows version of SprySOCKS Linux malware used to attack govt orgs

Windows variants for the SprySOCKS Linux malware have been used in attacks targeting government organizations in at least four countries. SprySOCKS has been linked to the Chinese threat group ‘Earth Lusca,’ which deployed it in attacks against government entities focused on foreign affairs, technology, and telecommunications. Now, ESET researchers discovered Windows variants of the same malware family […]

3 mins read

iRhythm discloses data breach, says hackers stole patient info

Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients’ personal and health information stored on third-party-hosted business applications. The company says its cardiac monitoring service has been used to analyze more than 2 billion hours of curated heartbeat data from over 12 million patients. In a filing with the U.S. Securities […]

2 mins read