Researchers found 28 fraudulent Android apps on Google Play with 7.3 million downloads that claimed.

PCPJack is a new self-propagating cloud worm that removes TeamPCP infections, then harvests credentials from.

An international investigation reveals Department 4 at Bauman Moscow State Technical University trains 10–15 students.

Elastic Security Labs exposes TCLBANKER, a Brazilian banking trojan targeting 59 financial platforms via DLL.

ShinyHunters defaced Canvas login pages on May 7, 2026, claiming a second Instructure breach with.

Rapid7's May 8 Metasploit update extends CVE-2026-31431 Copy Fail coverage to ARMLE Linux targets and.

CISA AA25-239A: PRC-linked Salt Typhoon exploits CVE-2023-20198 and unpatched routers to compromise 200+ organizations in.

CISA advisory AA25-212A: proactive threat hunt at US critical infrastructure finds plain-text credentials, flat IT/OT.

AI evaluation startup Braintrust confirms AWS account breach exposing AI provider API keys. All org.

ShinyHunters breached Zara parent Inditex via analytics vendor Anodot, stealing 192 GB from Google BigQuery..

PamDOORa is a commercial Linux PAM backdoor sold on the Rehub Russian cybercrime forum. It.

Malwarebytes researchers find NWHStealer, a Rust-based infostealer, being distributed via the Bun JavaScript runtime to.