Security researchers are increasingly warning that cyberattacks no longer rely on obvious malware or suspicious downloads. Instead, many modern campaigns succeed by blending into routine, trusted workflows, the everyday actions people perform at work without a second thought. Recent research highlights how effective this approach has become. Across very different attack scenarios, the same strategy

Continue Reading

Have I Been Pwned, a security service website, has added CarGurus to its data breach database, confirming that the automotive marketplace was impacted by a data leak affecting over 12 million accounts. According to Have I Been Pwned (HIBP), the breach occurred in February 2026 and is attributed to the extortion-focused threat actor ShinyHunters. After

Continue Reading

SolarWinds has released Serv-U 15.5.4 with patches for multiple critical vulnerabilities as well as feature parity improvements in File Share amongst other updates. Serv-U is commonly deployed in managed file transfer contexts, which often sit close to sensitive data paths and identity systems. Critical RCE conditions in that posture warrant high urgency—especially for internet-exposed instances.

Continue Reading

Mental health apps are increasingly handling data that looks a lot like medical records mood logs, CBT notes, medication schedules, and in some cases indicators of self-harm. And new research by mobile security firm Oversecured and reported by BleepingComputer suggests parts of this ecosystem still aren’t treating that information with the level of security it

Continue Reading

Security teams have spent the last two years adapting to prompt injection and LLM data leakage. Now there’s a more operational threat emerging with the weaponizing of AI agent ecosystems and using the agent as a trusted intermediary to get malware onto endpoints. Trend Micro reports a new campaign distributing a macOS malware (dubbed Atomic

Continue Reading

Security researchers at Socket‘s Threat Research have uncovered a new supply-chain attack that blends typosquatting, credential theft, and emerging attacks on AI-assisted developer tooling. The campaign, tracked as SANDWORM_MODE, is being described as a worm-like operation capable of spreading across repositories once developer or CI credentials are compromised. The research documents malicious npm packages designed

Continue Reading

Hackers are abusing Facebook’s advertising platform to distribute fake Windows 11 download pages that deliver credential-stealing malware instead of legitimate updates. In a Malwarebytes security report, campaigns were found using paid Facebook ads designed to look like official Microsoft promotions. They were run in multiple campaigns in parallel, each using separate domains and tracking infrastructure

Continue Reading