Follow on Google News
Microsoft details how to mitigate the Axios npm supply chain compromise
Microsoft says developers and organizations that installed the compromised Axios releases should assume exposure and act fast. In its April 1 guidance, Microsoft Threat Intelligence…
NoVoice malware hid in 50+ Google Play apps and reached at least 2.3 million downloads
A newly detailed Android malware campaign called Operation NoVoice hid inside more than 50 apps on Google Play and reached at least 2.3 million downloads…
CISA warns of actively exploited Chrome zero-day as Google ships fix
CISA has added a newly exploited Chrome vulnerability, CVE-2026-5281, to its Known Exploited Vulnerabilities catalog and ordered federal agencies to address it by April 15,…
Hackers abuse DOCX, RTF, JavaScript, and Python in Boeing-themed RFQ malware campaign
A new phishing campaign is using fake Boeing request-for-quotation emails to infect procurement and sales targets with a multi-stage malware chain that ends in in-memory…
OpenSSH 10.3 fixes shell injection issue and tightens certificate handling
OpenSSH 10.3 and 10.3p1 are now out, and the release includes a fix for a shell injection issue in the ssh client plus several security-related…
Qilin ransomware uses malicious DLL to disable EDR before encryption
Qilin ransomware operators are using a malicious DLL called msimg32.dll to launch a multi-stage attack that disables endpoint detection and response tools before the ransomware…
New Akira lookalike ransomware campaign targets Windows users in South America
A new ransomware campaign is targeting Windows users in South America by imitating the Akira ransomware brand while relying on a different code base underneath.…
Hackers clone CERT-UA site to push Go-based RAT in phishing campaign
Hackers recently cloned Ukraine’s CERT-UA website and used it in a phishing operation to trick targets into installing a remote access trojan called AGEWHEEZE. CERT-UA…
How elite SOCs cut escalation rates by giving Tier 1 better threat intelligence
Security teams cut unnecessary escalations when Tier 1 analysts get faster access to context, not just more alerts. The goal is simple: help frontline analysts…
CareCloud says hackers accessed one EHR environment and may have exposed patient data
CareCloud has disclosed a cybersecurity incident that gave an unauthorized actor access to one of its electronic health record environments, raising the possibility that patient…
November 21, 2025
1 comment 
