News
-
CERT-UA impersonation phishing campaign spread AGEWHEEZE malware
A phishing campaign impersonating Ukraine’s CERT-UA spread AGEWHEEZE malware to organizations and individuals in March, though officials said only a small number of personal devices were infected.
-
Phishing campaign uses Casbaneiro and Horabot to target Latin America and Europe
A phishing campaign is using court summons-themed emails, WhatsApp automation and ClickFix tactics to spread Casbaneiro and Horabot across Latin America and Europe, according to a BlueVoyant technical analysis.
-
Microsoft Warns of WhatsApp Campaign Delivering Malicious VBS Files
Microsoft says a campaign that began in late February 2026 has used WhatsApp messages to spread malicious VBS files, then used renamed Windows tools and cloud services to help install persistent access on infected systems.
-
FBI warns Americans about data risks from Chinese mobile apps
The FBI warned Americans about privacy and data security risks from foreign-developed mobile apps, especially those made by Chinese developers, saying some can collect extensive data and store it on servers in China.
-
Google links Axios npm compromise to suspected North Korean group
Google has linked the Axios npm supply chain compromise to a suspected North Korean group after attackers pushed trojanized package versions that could deliver malware to Windows, macOS and Linux systems.
-
Google Drive ransomware detection enabled by default for paying users
Google said its AI-powered Google Drive ransomware detection is now generally available and on by default for paying users, with sync pausing, alerts and file restoration available after an attack is detected.
-
Anthropic employee error exposed Claude Code source code through npm package
Anthropic said an employee exposed Claude Code source code by including a source map in an npm package. The company called it a packaging error, while experts said such files can reveal logic, prompts and secrets.
-
GIGABYTE Control Center flaw could allow remote file writes on Windows systems
GIGABYTE Control Center has a critical arbitrary file-write flaw that could allow remote unauthenticated attacks on Windows systems with pairing enabled. The vendor has released version 25.12.10.01 to address the issue.
-
Claude-assisted analysis finds Vim and Emacs flaws that can run code when files open
Researchers using Claude found remote code execution flaws in Vim and GNU Emacs that can trigger when a file is opened. Vim has been patched, while the Emacs issue remains unresolved.
-
Google rolls out Android developer verification to all developers
Google is rolling out Android developer verification to all developers, with new identity checks for apps distributed outside Google Play. The move starts in four countries in September and expands globally next year.
