Author: PulauWin

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

May 25, 2026 add comment
Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is... Read more »
The Hacker News

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps

May 25, 2026 add comment
Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, per HUMAN’s Satori Threat Intelligence and Research Team,... Read more »

The New Phishing Click: How OAuth Consent Bypasses MFA

May 25, 2026 add comment
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries.  The targets of... Read more »
Internet Security

Zero-Click WhatsApp Account Takeover Hits iPhone Users Running iOS 16. No Linked Devices, No Warning

May 25, 2026 add comment
A zero-click attack targeting iPhones on iOS 16 hijacked WhatsApp accounts without linked devices, warnings, or user interaction. There is a particular kind of security incident that is harder... Read more »
Internet Security

Dutch authorities dismantle hosting network allegedly used for cyberattacks and disinformation

May 25, 2026 add comment
Dutch authorities arrested two suspects and seized 800 servers tied to Stark Industries, a hosting firm linked to cyberattacks and disinformation. Dutch financial crime investigators arrested two men and... Read more »
Internet Security

FBI director Kash Patel’s brand website taken offline after malware reports

May 25, 2026 add comment
FBI director site went offline after a hack used a fake Cloudflare page to trick users into running a ClickFix attack that installed malware. The merchandise website of FBI... Read more »

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

May 25, 2026 add comment
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance... Read more »
Internet Security

Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION

May 24, 2026 add comment
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »
Internet Security

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98

May 24, 2026 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Popular node-ipc npm Package Infected with Credential Stealer ... Read more »

How to Reduce Phishing Exposure Before It Turns into Business Disruption

May 24, 2026 add comment
What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs... Read more »
Subscribe to our Newsletter