In this case, it wasn’t the technology that was at fault, but a user: The intruder gained access to the system by taking over their account, according to DINUM, the French government’s interministerial digital directorate. DINUM said it has blocked… Read More "French government’s secure messaging system breached"
In 2024, ESET researchers noticed previously undocumented malware in the network of a Southeast Asian governmental entity. This led us to uncover even more new malware on the same system, none of which had substantial ties to any previously tracked… Read More "LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan"
A previously undocumented information stealer has been distributed through fake Claude Code installation pages, hijacking Chromium browsers to bypass App-Bound Encryption and exfiltrate cookies, passwords and payment data from developer workstations. The campaign was detailed on 11 May by Ontinue’s… Read More "Fake Claude Code Page Pushes PowerShell Stealer at Devs"
SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy… Read More "In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine"
This has significance for CISOs because they need to be aware of how communication between the US and other countries is being monitored. The Act permits US intelligence agencies to collect texts and emails sent to and from foreigners living… Read More "Warrantless wiretaps cut off for a week following US Congress vote"
As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this year 29 Dec 2025 As we close out 2025, it’s time for ESET Chief Security… Read More "This month in security with Tony Anscombe – December 2025 edition"
NPM has announced new version (v12) of the npm package manager in a bid to prevent software supply chain attacks. In a blog post published on June 9, The team of npm developers at Microsoft-owned GitHub announced three security-focused breaking… Read More "GitHub to Update npm to Thwart Software Supply Chain Attacks"
Google on Thursday rolled out a Chrome 149 update that resolves 28 critical and high-severity vulnerabilities. The update patches five critical-severity bugs: use-after-free issues in Core, DigitalCredentials, and WebMIDI, an insufficient validation of untrusted input flaw in Accessibility, and a… Read More "Chrome 149 Update Patches 28 Vulnerabilities"
Ravie LakshmananJun 12, 2026Cybercrime / Phishing An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday. The effort, codenamed Operation Ramz, took place between October 2025 and February 2026, and… Read More "INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator"
If your data is on the dark web, it’s probably only a matter of time before it’s abused for fraud or account hijacking. Here’s what to do. 13 Jan 2026 • , 6 min. read Contrary to popular belief, much… Read More "Your information is on the dark web. What happens next?"
