A sophisticated phishing campaign is targeting Signal users, particularly journalists and activists, attempting to steal backup recovery keys that would grant attackers access to encrypted message histories. The attack leverages social engineering tactics mimicking official Signal communications, ex
A Tennessee man has been arrested in connection with the 764 network, a notorious online extremist group involved in child exploitation and violent content distribution. The arrest follows a multi-year investigation dating back to 2022, highlighting the persistent threat posed by organized online cr
GitHub experienced a major global outage that brought critical CI/CD pipelines to a halt across thousands of organizations. The incident affected GitHub Actions, GitHub Pages, API services, and repository access, leaving development teams unable to deploy code, run automated tests, or access version
iOS security researchers at Mysk have revealed that WhatsApp stores chat histories in an unencrypted SQLite database accessible to other Meta apps on the same Apple device. While end-to-end encryption protects messages in transit, there is no equivalent protection once those messages are stored locally.
Microsoft patches YellowKey BitLocker bypass after public disclosure. CVE-2026-45585 lets attackers circumvent disk encryption security features. Update now.
A single XSS vulnerability can silently register an attacker-controlled passkey on a victim’s account, creating a persistent authentication backdoor with zero user interaction. The widespread deployment of passkeys without attestation requirements makes this a critical and largely overlooked threat.
GitHub Actions supply chain attack hits actions-cool/issues-helper. Attackers redirected ALL repository tags to malicious commits, stealing CI/CD credentials.
INTERPOL’s Operation Ramz strikes hard: 201 arrested, 382 suspects identified across MENA region. Major cybercrime networks dismantled in historic crackdown.
Linux kernel flaw lets unprivileged users access root-only files. A critical vulnerability breaks fundamental security boundaries. Patch immediately.
Critical flaws in n8n workflow automation platform can be chained for full remote code execution. Three CVEs put automation systems at serious risk.