Mozilla Fixed 423 Firefox Security Bugs in April After AI Helped Find Hundreds of Flaws
Mozilla fixed 423 Firefox security bugs across April 2026 releases after using Claude Mythos Preview and other security testing methods to find flaws in the…
NWHStealer Malware Now Uses Bun Loader to Evade Detection and Steal Windows Data
NWHStealer has returned with a more advanced delivery method that uses the Bun JavaScript runtime to infect Windows PCs. Security researchers say attackers are using…
PCPJack cloud worm targets Docker, Kubernetes, Redis, and MongoDB credentials
PCPJack is a newly reported cloud-focused malware framework that targets exposed infrastructure, steals credentials, and spreads across additional systems. SentinelOne says the worm targets Docker,…
Microsoft Will Roll Out Entra Passkeys on Windows Starting in Late April
Microsoft will begin rolling out Entra passkeys on Windows in late April 2026, giving organizations a new phishing-resistant way to sign in to Microsoft Entra-protected…
CrowdStrike warns LogScale flaw lets remote attackers read files without logging in
CrowdStrike has disclosed a critical vulnerability in LogScale that can let a remote attacker read arbitrary files from the server without authentication. The flaw, tracked…
Over 1,370 internet-facing SharePoint servers still appear exposed to actively exploited CVE-2026-32201
More than 1,370 internet-facing Microsoft SharePoint servers still appeared exposed to CVE-2026-32201 in recent Shadowserver tracking, days after Microsoft released fixes and CISA added the…
Torg Grabber evolves into a faster, stealthier stealer with encrypted API-based control
Torg Grabber is a newly tracked Malware-as-a-Service infostealer that has evolved quickly from simple Telegram-based data theft into a more mature operation with encrypted command-and-control…
Fake Google Forms job lures now push PureHVNC malware in multi-stage attack
Attackers have started using fake Google Forms as the front end for a malware campaign that delivers the PureHVNC remote access trojan. Security researchers say…
SEO poisoning campaign impersonates 25+ popular apps to spread AsyncRAT
A long-running SEO poisoning campaign has been pushing fake download pages for more than 25 popular apps and tricking Windows users into installing AsyncRAT. Security…
Fake IT support campaign uses customized Havoc C2 to breach organizations
A new social engineering campaign is using fake IT support calls and spam email to gain remote access, steal credentials, and deploy a customized version…
Hackers Abuse .arpa TLD and IPv6 Tunnels to Bypass Phishing Defenses
Phishing campaigns now exploit .arpa top-level domain and IPv6 tunnels to evade detection. Infoblox Threat Intel uncovered attackers creating A records in infrastructure-only .arpa namespace…
Hackers Weaponize Windows File Explorer WebDAV for RAT Delivery
Cybercriminals bypass browser defenses by abusing Windows File Explorer’s legacy WebDAV support. Attackers deliver RATs through file:// links, .url shortcuts, and LNK files that connect…
How to Download and Install Whoer VPN
Whoer VPN is an online privacy tool designed to help you browse the web securely and anonymously. By masking your IP address and encrypting your…
How to Fix Tea App Not Available in Your Country
The Tea app, designed as a women-only dating safety tool, isn’t available in every country due to privacy, moderation, and regional restrictions. It’s a shame…
How to Fix Virgin TV Go Not Working with VPN
Virgin TV Go is a streaming service for Virgin Media customers in the United Kingdom. If you’re trying to use it abroad with a VPN…