Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
UK warns of Iranian cyberattack risks amid Middle-East conflict
The United Kingdom’s National Cyber Security Centre (NCSC) alerted British organizations to a heightened risk of Iranian cyberattacks amid the ongoing conflict in the Middle East. While there is no significant change in the direct cyber threat from Iran to the UK, the NCSC said this could change at any time, given how quickly the […]
ClawJacked attack let malicious websites hijack OpenClaw to steal data
Security researchers have disclosed a high-severity vulnerability dubbed “ClawJacked” in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally running instance and take control over it. Oasis Security discovered the issue and reported it to OpenClaw, with a fix being released in version 2026.2.26 on February 26. OpenClaw […]
Samsung TVs to stop collecting Texans’ data without express consent
Samsung and the State of Texas have reached a settlement agreement over the alleged unlawful collection of content-viewing information through its smart TVs As part of the agreement, the TV manufacturer will revise its privacy disclosures to clearly explain its data collection and processing practices to consumers. Last December, Texas Attorney General Ken Paxton filed […]
QuickLens Chrome extension steals crypto, shows ClickFix attack
A Chrome extension named “QuickLens – Search Screen with Google Lens” has been removed from the Chrome Web Store after it was compromised to push malware and attempt to steal crypto from thousands of users. QuickLens was initially published as a Chrome extension that lets users run Google Lens searches directly in their browser. The extension grew […]
$4.8M in crypto stolen after Korean tax agency exposes wallet seed
Someone jumped at the opportunity to steal $4.4 million in crypto assets after South Korea’s National Tax Service exposed publicly the mnemonic recovery phrase of a seized cryptocurrency wallet. The funds were stored in a Ledger cold wallet seized in law enforcement raids at 124 high-value tax evaders that resulted in confiscating digital assets worth […]
Microsoft testing Windows 11 batch file security improvements
Microsoft is rolling out new Windows 11 Insider Preview builds that improve security and performance during batch file or CMD script execution. As Microsoft explained today, IT administrators can now enable a more secure processing mode that prevents batch files from being modified while they run by adding the LockBatchFilesInUse registry value under HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor. Policy authors can […]
APT37 hackers use new malware to breach air-gapped networks
North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance. The malicious campaign has been named Ruby Jumper and is attributed to the state-backed group APT37, also known as ScarCruft, Ricochet Chollima, and InkySquid. Air-gapped computers are disconnected from external networks, especially […]
Europol-led crackdown on The Com hackers leads to 30 arrests
A yearlong Europol-coordinated operation dubbed “Project Compass” has led to 30 arrests and 179 suspects being tied to “The Com,” an online cybercrime collective that targets children and teenagers. In a press release issued on Thursday, Europol said that investigators identified 62 victims and directly safeguarded four of them from the group’s attacks. Launched in […]
CISA warns that RESURGE malware can be dormant on Ivanti devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices. The update focuses on the implant’s undetected latency on the appliances and its “sophisticated network-level evasion and authentication techniques” that enable covert communication with the attacker. […]
Ukrainian man pleads guilty to running AI-powered fake ID site
A Ukrainian man has pleaded guilty to operating OnlyFake, an AI-powered website that generated and sold more than 10,000 photos of fake identification documents to customers worldwide. 27-year-old Yurii Nazarenko (also known as “John Wick,” “Tor Ford,” and “Uriel Septimberus”) admitted that his OnlyFake subscription-based platform used artificial intelligence to generate realistic-looking counterfeit passports, driver’s licenses, and […]