Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and… Read More "Advancing Protection in Chrome on Android"
Ravie LakshmananFeb 20, 2026Cybercrime / Law Enforcement A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea’s fraudulent information technology (IT) worker scheme. In November 2025, Oleksandr “Alexander”… Read More "Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case"
Some Minecraft mods don’t help build worlds – they break them. Here’s how malware can masquerade as a Minecraft mod. 16 Oct 2025 • , 5 min. read Gaming is one of the defining pastimes of the digital age, and… Read More "When ‘hacking’ your game becomes a security risk"
A self-styled social networking platform built for AI agents contained a misconfigured database which allowed full read and write access to all data, security researchers have revealed. Moltbook was vibe coded by its creator, Matt Schlicht, as a place for… Read More "Vibe-Coded Moltbook Exposes User Data, API Keys and More"
A PDF that Department of Homeland Security officials provided to New Hampshire governor Kelly Ayotte’s office about a new effort to build “mega” detention and processing centers across the United States contains embedded comments and metadata identifying the people who… Read More "Metadata Exposes Authors of ICE’s ‘Mega’ Detention Center Plans"
Today we’re excited to announce OSS Rebuild, a new project to strengthen trust in open source package ecosystems by reproducing upstream artifacts. As supply chain attacks continue to target widely-used dependencies, OSS Rebuild gives security teams powerful data to avoid… Read More "Open Source, Rebuilt to Last"
Key Takeaways Cloud malware avoids files, running in memory and abusing cloud-native services to evade legacy antivirus Attackers exploit misconfigured IAM, APIs, storage, and legitimate management tools for stealthy persistence Fileless execution, living-off-the-land techniques, and encrypted cloud C2 now dominate… Read More "Inside Cloud Malware Analysis: Techniques and Real-World Use Cases"
Ravie LakshmananFeb 20, 2026Vulnerability / Cyber Attack Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying… Read More "BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration"
The attackers have also created signed executables that impersonate installers for widely used software such as Zoom, Microsoft Teams, Adobe Reader, and Google Meet, with matching icons and metadata. Victims are encouraged to download them by clicking on a link… Read More "Don’t trust TrustConnect: This fake remote support tool only helps hackers"
Ransomware rages on and no organization is too small to be targeted by cyber-extortionists. How can your business protect itself against the threat? 20 Oct 2025 According to Verizon’s 2025 Data Breach Investigations Report (DBIR), no less than 44 percent… Read More "Cybersecurity Awareness Month 2025: Building resilience against ransomware"
