The UK’s Companies House has been forced to suspend access to its WebFiling dashboard after being notified of a serious flaw which may have exposed countless businesses to fraud. The government agency, which is in charge of incorporating and dissolving… Read More "Companies House Web Glitch Exposes Corporate Details to Fraudsters"
A recently discovered malware family capable of stealing credentials and of intercepting browser interactions has been distributed using the ClickFix technique, ReliaQuest reports. Dubbed DeepLoad, the malware first emerged on a dark web cybercrime forum in early February, when ZeroFox… Read More "New DeepLoad Malware Dropped in ClickFix Attacks"
Ravie LakshmananApr 01, 2026Email Security / Artificial Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a new phishing campaign in which the cybersecurity agency itself was impersonated to distribute a remote administration tool known as… Read More "CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails"
“Opening a file in GNU Emacs can trigger arbitrary code execution through version control (git), most requiring zero user interaction beyond the file open itself. The most severe finding requires no file-local variables at all — simply opening any file… Read More "Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both"
ESET researchers have identified new MuddyWater activity primarily targeting organizations in Israel, with one confirmed target in Egypt. MuddyWater, also referred to as Mango Sandstorm or TA450, is an Iran-aligned cyberespionage group known for its persistent targeting of government and… Read More "MuddyWater: Snakes by the riverbank"
The FBI is asking gamers who unwittingly downloaded malware from the popular Steam platform to help with its investigation. FBI’s Seattle Division issued a notice in mid-March as it continued in its search for the threat actor responsible for the… Read More "FBI Calls for Help to Track Steam Malware Campaign"
Software security startup Depthfirst has raised $80 million in Series B funding, bringing the total raised to $120 million in less than three months after closing its Series A funding round in mid-January. The investment was led by Meritech Capital,… Read More "Depthfirst Raises $80 Million in Series B Funding"
Ravie LakshmananApr 01, 2026Malware / Windows Security A multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America and Europe to deliver Windows banking trojans like Casbaneiro (aka Metamorfo) via another malware called Horabot. The activity has been… Read More "Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures"
Identity is effectively the new network boundary. It must be protected at all costs. 04 Dec 2025 • , 4 min. read What do M&S and Co-op Group have in common? Aside from being among the UK’s most recognizable high… Read More "Why identity is critical to improving cybersecurity posture"
A method for exfiltrating sensitive data from AI-powered code execution environments using domain name system (DNS) queries has been demonstrated by security researchers, highlighting potential risks in cloud-based AI tooling. The Phantom Labs Research report, published on March 16, focuses… Read More "Security Flaw in AWS Bedrock Code Interpreter Raises Alarms"
