x86.se

3 Min Read

March 20, 2026

Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams

Google on Thursday announced a new "advanced flow" for Android sideloading that requires a mandatory 24-hour wait period to install apps from unverified d…

4 Min Read

March 20, 2026

The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks

Artificial Intelligence (AI) is changing how individuals and…

2 Min Read

March 20, 2026

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

Sansec is warning of a critical security flaw in Magento's REST API that…

3 Min Read

March 20, 2026

DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks

The U.S. Department of Justice (DoJ) on Thursday announced the…

2 Min Read

March 20, 2026

Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks

Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out…

10 Min Read

March 19, 2026

ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More

ThreatsDay Bulletin is back on The Hacker News, and this week feels off in a familiar way. Nothing loud, nothing breaking everything at once.…

3 Min Read

March 19, 2026

New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data

Cybersecurity researchers have disclosed a new Android malware family called Perseus that's being actively distributed in the wild with an aim…

7 Min Read

March 19, 2026

How Ceros Gives Security Teams Visibility and Control in Claude Code

Security teams have spent years building identity and access controls for human users and service accounts. But a new category of actor has…

2 Min Read

March 18, 2026

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited…

5 Min Read

March 18, 2026

Claude Code Security and Magecart: Getting the Threat Model Right

When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it –…

3 Min Read

March 18, 2026

9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors

Cybersecurity researchers have warned about the risks posed by low-cost IP KVM (Keyboard, Video, Mouse over Internet Protocol) devices, which…

3 Min Read

March 17, 2026

LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader

The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an…

3 Min Read

March 17, 2026

AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds

A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the challenge, according to the…

2 Min Read

March 17, 2026

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim's KakaoTalk desktop…

2 Min Read

March 17, 2026

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Wing FTP to its…

3 Min Read

March 16, 2026

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds…

13 Min Read

March 16, 2026

⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More

Some weeks in security feel normal. Then you read a few tabs and get that immediate “ah, great, we’re doing this now”…

5 Min Read

March 16, 2026

Why Security Validation Is Becoming Agentic

If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool in one…

6 Min Read

March 16, 2026

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called…

3 Min Read

March 16, 2026

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report…

3 Min Read

March 14, 2026

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of…

4 Min Read

March 14, 2026

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a "significant escalation" in how it…

3 Min Read

March 13, 2026

Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign…

2 Min Read

March 13, 2026

Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026

Meta has announced plans to discontinue support for end-to-end encryption (E2EE) for chats on Instagram after May 8, 2026. "If you have chats…

3 Min Read

March 13, 2026

INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime

INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and…

2 Min Read

March 13, 2026

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through…

6 Min Read

March 13, 2026

Investigating a New Click-Fix Variant

Disclaimer: This report has been prepared by the Threat Research Center to enhance cybersecurity awareness and support the strengthening of…

2 Min Read

March 13, 2026

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said have been…

2 Min Read

March 13, 2026

Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation

Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel's AppArmor module that could be exploited…

3 Min Read

March 13, 2026

Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries

A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thousands…

2 Min Read

March 13, 2026

Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution

Veeam has released security updates to address multiple critical vulnerabilities in its Backup & Replication software that, if…

3 Min Read

March 12, 2026

Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that's written in Rust, marking a…

3 Min Read

March 12, 2026

Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

Cybersecurity researchers have disclosed details of a suspected artificial intelligence (AI)-generated malware codenamed Slopoly put to use by…

7 Min Read

March 12, 2026

How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs

Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern…

3 Min Read

March 11, 2026

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two…

2 Min Read

March 11, 2026

Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown

Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a coordinated effort in…

2 Min Read

March 11, 2026

Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code execution on…

4 Min Read

March 11, 2026

What Boards Must Demand in the Age of AI-Automated Exploitation

“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be asked. And…

3 Min Read

March 11, 2026

Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days

Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that…

2 Min Read

March 10, 2026

New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run…

2 Min Read

March 10, 2026

How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows

Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can…

4 Min Read

March 10, 2026

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

You can't control when the next critical vulnerability drops. You can control how much of your environment is exposed when it does. The…

3 Min Read

March 10, 2026

APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to…

2 Min Read

March 10, 2026

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience…

3 Min Read

March 9, 2026

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign targeting a cryptocurrency…

20 Min Read

March 9, 2026

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Another week in cybersecurity. Another week of "you've got to be kidding me." Attackers were busy. Defenders were busy. And somewhere in the…

Explore Trending Topics