Security researchers have discovered a new ransomware-as-a-service (RaaS) group which has already victimized organizations in Brazil and South Africa. Dubbed “Vect,” the group is currently onboarding affiliates after launching a recruitment program in December 2025, according to ransomware specialist Halcyon.… Read More "Researchers Warn of New “Vect” RaaS Variant"
One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secure Connections”. This means Chrome will ask for the user’s permission before the first access… Read More "Google Online Security Blog: HTTPS by default"
PayPal’s customer email said the company would “start removing” SMS in March, but how long that process will take is unclear. Logistics is one factor, as these communications are going to a global customer base of roughly 439 million people… Read More "PayPal launches latest struggle to get rid of SMS for MFA"
The UK’s Information Commissioner’s Office (ICO) has launched an investigation into Elon Musk’s social network X (formerly Twitter) in relation to non-consensual sexual imagery generated by Grok, the platform’s AI assistant. In a statement released on February 3, the UK’s… Read More "ICO Launches Investigation into X Over AI Non Consensual Sexual Images"
Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Abuse; Vijay Pareek, Manager, Android Messaging Trust and Safety As Cybersecurity Awareness Month wraps up, we’re focusing on one… Read More "How Android provides the most effective protection to keep you safe from mobile scams"
Ravie LakshmananFeb 20, 2026Insider Threat / Corporate Espionage Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the search giant and other tech firms and transferring the… Read More "Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran"
A US security agency has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability patched by the vendor last week is being actively exploited. The US Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-40551 to its… Read More "SolarWinds Web Help Desk Vulnerability Actively Exploited"
Posted by Jeff Vander Stoep, Android Last year, we wrote about why a memory safety strategy that focuses on vulnerability prevention in new code quickly yields durable and compounding gains. This year we look at how this approach isn’t just… Read More "move fast and fix things"
Um Passwörter hinter sich zu lassen, gibt es bessere Lösungen. Wir zeigen Ihnen zehn. Foto: Raffi Ilham Pratama – shutterstock.com Passwörter sind seit Jahrzehnten der Authentifizierungsstandard für Computersysteme, obwohl sie sich immer wieder aufs Neue als anfällig für diverse Cyberangriffsformen… Read More "10 Passwordless-Optionen für Unternehmen | CSO Online"
Researchers at Pillar Security have found two maximum severity vulnerabilities (CVSS score of 10.0) in n8n, a popular open-source workflow automation platform powering hundreds of thousands of enterprise AI systems worldwide. The flaws are sandbox escape vulnerabilities which, when exploited,… Read More "Two Critical Flaws Found in n8n AI Workflow Automation Platform"
