Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- Perplexity’s “Incognito Mode” is a “sham,” lawsuit says
- Porn, dog poo and social media snaps: the ‘taskers’ scraping the internet for AI firm part-owned by Meta
- Proton Meet isn't what they told you it was
- Microsoft suspends dev accounts for high-profile open source projects
- Justice Department conducts court-authorized disruption of DNS hijacking network controlled by a Russian military intelligence unit
- Drift Protocol exploited for $286 million in suspected DPRK-linked attack
- European Commission cloud breach: a supply-chain compromise
For the more technical
- Annual report from the actions of CERT Polska 2025
- Fake investment scams. The scheme and the criminal infrastructure
- 50,000 WordPress sites affected by arbitrary file upload vulnerability in Ninja Forms
- Fortinet patches actively exploited CVE-2026-35616 in FortiClient EMS
- Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
- EXPMON detected sophisticated zero-day fingerprinting attack targeting Adobe Reader users
- In-memory loader drops ScreenConnect
- This fake Windows support website delivers password-stealing malware
- New 'GeForge' and 'GDDRHammer' attacks can fully infiltrate your system through Nvidia's GPU memory
- GPUBreach: Privilege escalation attacks on GPUs using Rowhammer
- GIGABYTE Control Center vulnerable to arbitrary file write flaw
- BrowserGate: LinkedIn is illegally searching your computer
- AI cybersecurity after Mythos: The jagged frontier
- SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks
- FrostArmada: All thriller, no (malware) filler
- SVG onload tag hides Magecart skimmer on 99 stores
- EvilTokens: an AI-augmented Phishing-as-a-Service for automating BEC fraud
- BPFdoor in telecom networks: Sleeper cells in the backbone
- Stealthy BPFDoor variants are a needle that looks like hay
- Remus: Unmasking the 64-bit variant of the infamous Lumma Stealer
- STX RAT: A new RAT in 2026 with infostealer capabilities
- Obfuscation without effort: Breaking a UAC-0226 GIFTEDCROOK stealer
- Notorious hacker returns with a new Mac stealer targeting $10K+ crypto wallets
- ClickFix technique uses Script Editor instead of Terminal on macOS
- UAT-10608: Inside a large-scale automated credential harvesting operation targeting web applications
- Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations
- DPRK malware modularity: Diversity and functional specialization
- New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
Comments