A security flaw at DavaIndia Pharmacy exposed customer data and gave outsiders full admin control of its systems. DavaIndia is a large Indian pharmacy retail chain focused on selling... Read more »

ShinyHunters leaked 600,000+ Canada Goose customer records, though the company insists its systems were not breached. Data extortion group ShinyHunters has published over 600,000 Canada Goose customer records on... Read more »

Microsoft warns of a new ClickFix variant that tricks users into running DNS commands to fetch malware via nslookup. Microsoft has revealed a new ClickFix variant that deceives users... Read more »

Google patched Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw actively exploited in the wild. Google has released urgent security updates to address a high-severity zero-day vulnerability, tracked as... Read more »

Sex toy maker Tenga says a hacker accessed an employee’s email account, potentially exposing customer names, emails, and order details. TENGA Co., Ltd. is a Tokyo-based Japanese sexual wellness... Read more »

Researchers found malicious npm and PyPI packages tied to a fake recruitment campaign linked to North Korea’s Lazarus Group. ReversingLabs researcher uncovered new malicious packages on npm and PyPI... Read more »

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Stan Ghouls targeting Russia and Uzbekistan with NetSupport... Read more »

Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an employee and steal a limited number of files. Blockchain-based lending firm Figure confirmed a... Read more »