security

The malware steals credentials, installs a malicious browser extension, and can spread via USB drives.
The post New DeepLoad Malware Dropped in ClickFix Attacks appeared first on SecurityWeek.

Ein gemeinsames Gremium von EU und USA soll Strafen gegen Trumps Tech-Bros künftig vorher beraten. Die Erpressung mit Zöllen hat funktioniert. (Deepfake, Politik)

A new service on the cybercrime market provides automated capabilities to create persistent information-stealing social engineering attacks.

Trivy-Linked Cisco Breach & ShinyHunters’ Stolen Data ClaimCisco is facing fresh scrutiny after a breach of its internal development environment was linked to the Trivy supply chain compromise. A ShinyHunters extortion claim has since surfaced, alleging theft of Salesforce data, GitHub repositories, and AWS assets.This post outlines what is currently known, what remains unverified, and where the […]

Google has announced fixes for CVE-2026-5281, a zero-day affecting Chrome’s Dawn component. 
The post Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome appeared first on SecurityWeek.

Modern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber’s upcoming threat report shows how VPN abuse, RMM tools, and social engineering drive most incidents. […]

Die Deutschen wünschen sich mehr Befugnisse für Sicherheitsbehörden ge­gen hybride Angriffe. Zudem werden mehr Transparenz und aktive Ge­gen­schlä­ge gefordert. Öffentlich-rechtliche und priv

The agency has not named the problematic foreign-made applications, but TikTok and Temu come to mind. The post FBI Warns of Data Security Risks From China-Made Mobile Apps appeared first on SecurityWeek.

Jonathan Spalletta exploited smart contract vulnerabilities to steal approximately $55 million in cryptocurrency and cause Uranium to shut down. The post US Charges Uranium Crypto Exchange Hacker appeared first on SecurityWeek.