News
-
Google rolls out Android developer verification to all developers
Google is rolling out Android developer verification to all developers, with new identity checks for apps distributed outside Google Play. The move starts in four countries in September and expands globally next year.
-
TrueConf zero-day exploited in attacks on Southeast Asian government entities
A zero-day in TrueConf client video conferencing software was exploited in attacks on Southeast Asian government entities. The flaw let a tampered update run arbitrary code, and the vendor has since patched it in Windows client 8.5.3.
-
Dutch finance ministry takes treasury banking portal offline after breach
The Dutch Ministry of Finance has taken its treasury banking portal offline while investigating a cyberattack detected on March 19. About 1,600 public institutions are unable to view balances online, though payments continue through regular banking channels.
-
CareCloud says hackers accessed patient data in eight-hour breach
CareCloud said hackers accessed one of its electronic health record environments on March 16, exposing patient data and causing an eight-hour disruption. The company is still investigating how many people were affected and what information was taken.
-
OpenAI patches ChatGPT data leak bug, researchers say
OpenAI patched a ChatGPT flaw on February 20, 2026, after researchers said a malicious prompt could leak chat messages, uploaded files and other sensitive data through a hidden DNS-based channel.
-
DeepLoad malware uses ClickFix lure and WMI to spread and steal credentials
A new DeepLoad malware campaign is using ClickFix lures, Windows tools and WMI to steal credentials, hide activity and reinfect cleaned hosts, according to a technical analysis from ReliaQuest.
-
Apple adds macOS Terminal warning to block ClickFix attacks
Apple has added a macOS Tahoe 26.4 warning in Terminal that pauses risky pasted commands and alerts users to possible ClickFix attacks. The feature is aimed at stopping social engineering lures that trick people into running harmful instructions.
-
European Commission says attackers breached public web infrastructure
The European Commission said attackers broke into cloud systems hosting its Europa websites on March 24 and may have taken data. The sites stayed online, but officials gave few details about what was exposed.
-
Three China-linked clusters targeted Southeast Asian government, researchers say
Researchers said three China-linked clusters targeted a Southeast Asian government organization in 2025, using several malware families and techniques aimed at staying inside networks for long-term access.
-
Intellexa founder says he will appeal Greek spyware conviction
Intellexa founder Tal Dilian said he will appeal his Greek conviction over a mass-wiretapping case tied to Predator spyware, which was used to hack phones belonging to ministers, opposition leaders, military officials and journalists.
