x86.se

2 Min Read

April 1, 2026

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass

Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS) files. The activit…

4 Min Read

April 1, 2026

Block the Prompt, Not the Work: The End of "Doctor No"

There is a character that keeps appearing in enterprise security…

3 Min Read

April 1, 2026

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A multi-pronged phishing campaign is targeting Spanish-speaking users in…

2 Min Read

April 1, 2026

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released

Google on Thursday released security updates for its Chrome web browser…

3 Min Read

April 1, 2026

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s next.…

3 Min Read

March 31, 2026

Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts

Cybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex AI platform that could allow artificial intelligence…

5 Min Read

March 31, 2026

The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority

The cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number of vulnerabilities…

4 Min Read

March 31, 2026

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a…

5 Min Read

March 31, 2026

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a…

17 Min Read

March 30, 2026

⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More

Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods…

5 Min Read

March 30, 2026

3 SOC Process Fixes That Unlock Tier 1 Productivity

What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest delays do not come from the threat…

6 Min Read

March 28, 2026

Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack

Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of…

2 Min Read

March 28, 2026

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity,…

3 Min Read

March 28, 2026

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy…

3 Min Read

March 28, 2026

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed…

2 Min Read

March 27, 2026

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based…

5 Min Read

March 27, 2026

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by…

2 Min Read

March 27, 2026

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish scanning pipeline to cause the tool to…

2 Min Read

March 27, 2026

AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion

Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign,…

10 Min Read

March 27, 2026

We Are At War

Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized.…

2 Min Read

March 27, 2026

Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in…

2 Min Read

March 27, 2026

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited,…

3 Min Read

March 26, 2026

China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks

A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against…

1 Min Read

March 26, 2026

[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks

Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything…

2 Min Read

March 26, 2026

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension that could have been exploited to…

6 Min Read

March 26, 2026

Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception

Unmasking impostors is something the art world has faced for decades, and there are valuable lessons from the works of Elmyr de Hory that can…

15 Min Read

March 26, 2026

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

Some weeks in security feel loud. This one feels sneaky. Less big dramatic fireworks, more of that slow creeping sense that too many people…

3 Min Read

March 26, 2026

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks

The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version…

3 Min Read

March 26, 2026

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate…

2 Min Read

March 25, 2026

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported…

4 Min Read

March 25, 2026

GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data

Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of…

5 Min Read

March 25, 2026

The Kill Chain Is Obsolete When Your AI Agent Is the Threat

In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage…

2 Min Read

March 25, 2026

Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks

The U.S. Department of Justice (DoJ) said a Russian national has been sentenced to two years in prison for managing a botnet that was used to…

4 Min Read

March 24, 2026

Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials

Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive…

8 Min Read

March 24, 2026

5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents

On February 25, 2026, Gartner published its inaugural Market Guide for Guardian Agents, marking an important milestone for this emerging…

4 Min Read

March 24, 2026

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP,…

4 Min Read

March 24, 2026

The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills

Cybersecurity has changed fast. Roles are more specialized, and tooling is more advanced. On paper, this should make organizations more…

14 Min Read

March 23, 2026

⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing…

5 Min Read

March 23, 2026

We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them

AWS Bedrock is Amazon's platform for building AI-powered applications. It gives developers access to foundation models and the tools to…

5 Min Read

March 23, 2026

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver…

3 Min Read

March 21, 2026

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

Threat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to compromise commercial messaging applications…

1 Min Read

March 21, 2026

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could be…

4 Min Read

March 21, 2026

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that…

3 Min Read

March 21, 2026

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws impacting Apple, Craft CMS, and Laravel…

4 Min Read

March 20, 2026

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to…

4 Min Read

March 20, 2026

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed at…

Explore Trending Topics