Android 17 introduces two major security updates. The android:usesCleartextTraffic attribute has been deprecated, and apps targeting API level 37 that enable cleartext traffic without a corresponding ...

Separately, a report from MacRumors indicated that iOS 26.4 is expected to enable Stolen Device Protection by default for all iPhone users. The feature requires Face ID or Touch ID authentication for ...

Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with pressure tactics ...

Teleport claimed that static credentials like passwords, API keys, and long-lived tokens are to blame for the over-privileging of AI systems. Incident rates for organizations with a high reliance on ...

Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments ...

Ten years ago, ransom demands cost under $1000. Now ransomware attacks cost millions and are more disruptive than ever.

Security researchers claim to have documented a major shift in the infostealer landscape after witnessing the first live attack targeting an OpenClaw configuration environment. Formerly known as ...

A group of academic security researchers have detailed a set of vulnerabilities in four popular cloud-based password managers that could allow an attacker to view and change the passwords stored in a ...

NCSC’s Richard Horne has warned that cybercriminals do not care about business size and called for SMEs to act now to secure their organizations ...

A multi-stage malware loader known as OysterLoader has continued to evolve into early 2026, refining its command-and-control (C2) infrastructure and obfuscation methods.

SOCRadar dubbed the campaign Operation DoppelBrand and said it focused on Fortune 500 companies, including Wells Fargo and USAA, between December 2025 and January 2026, with infrastructure linked to ...

Google has released a security update to patch a newly discovered zero-day in Chrome and the company warned an exploit exists in the wild. The update, published on February 13, was accompanied by an ...