…E-commerce security company Sansec detected the malicious activity and noticed that the payload (analytics-reports[.]com/wss/jquery-lib.js) is disguised as a fake Google Tag Manager/Google Analytics script…
…In March, the hacker group also compromised Aqua Security's Trivy vulnerability scanner , which is believed to have led to cascading compromises affecting Aqua Security Docker images and the Checkmarx KICS project…
Android 17 to expand banking scam call and privacy protections By Bill Toulas May 12, 2026 01:00 PM Android 17, expected to roll out next month, will introduce several security and…
…No opt-in required.” - Discord DAVE was first introduced in September 2024 , developed with assistance and auditing from Trail of Bits, to secure audio and video calls, group chats, voice channels, and…
…The company has since removed the unnamed trojanized extension from the VS Code marketplace and has secured the compromised device. "Yesterday we detected and contained a compromise of an employee device involving…
SHub macOS infostealer variant spoofs Apple security updates By Bill Toulas May 18, 2026 05:42 PM A new variant of the ‘SHub’ macOS infostealer uses AppleScript to show a fake security…
…The other security issue received the identifier CVE-2026-4798 and is an SQL injection that can be leveraged without authentication. However, exploitation is possible only if the WooCommerce e-commerce plugin…
…Identified as CVE-2026-45185 , the security issue impacts some Exim versions before 4.99.3 that use the default GNU Transport Layer Security (GnuTLS) library for secure communication. It is a…
…The authentication check is only performed after that step, bypassing security. “The authentication is not missing, [it’s] just in the wrong place,” explains HiddenLayer . “By the time it fires, the model…
…Earlier this month, Abnormal Security confirmed that Tycoon2FA had rebounded to normal operations and even added new obfuscation layers to strengthen its resilience against new disruption attempts. In late April, Tycoon2FA was…