Apple patches older iPhones and iPads against Coruna exploits

Apple has released security updates to patch older iPhones and iPads against a set of vulnerabilities targeted in ...

US charges another ransomware negotiator linked to BlackCat attacks

The U.S. Department of Justice charged another former DigitalMint employee for his involvement in an insider scheme in which ...
Bleeping Computer

Don’t miss a 2-in-1 open-box Chromebook with stylus for just $150

Sometimes you don’t need a powerhouse laptop—you just need something fast, portable, and reliable for everyday tasks. That’s exactly where Chromebooks tend to shine. This open-box ASUS Chromebook CM30 ...
Bleeping Computer

Veeam warns of critical flaws exposing backup servers to RCE attacks

Data protection company Veeam Software has patched multiple flaws in its Backup & Replication solution, including four critical remote code execution (RCE) vulnerabilities. VBR is enterprise data ...

US disrupts SocksEscort proxy network powered by Linux malware

Law enforcement agencies in the U.S. and Europe along with private partners have disrupted the SocksEscort cybercrime proxy network that used only edge devices compromised via the AVRecon malware for ...
Bleeping Computer

Google paid $17.1 million for vulnerability reports in 2025

Google paid over $17 million to 747 security researchers who reported security bugs through its Vulnerability Reward Program (VRP) in 2025. The company says it has awarded over $81.6 million in bug ...

Telus Digital confirms breach after hacker claims 1 petabyte data theft

Canadian business process outsourcing giant Telus Digital has confirmed it suffered a security incident after threat actors claimed to have stolen nearly 1 petabyte of data from the company in a multi ...
Bleeping Computer

Going the Extra Mile: Travel Rewards Turn into Underground Currency.

Airline miles were designed as rewards, however, in cybercrime markets, they are inventory. In many cases, the theft begins with credential compromise and ends with miles quietly converted into ...

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...

Medtech giant Stryker offline after Iran-linked wiper malware attack

Leading medical technology company Stryker has been hit by a wiper malware attack claimed by Handala, an Iranian-linked and pro-Palestinian hacktivist group.

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.

Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws

Today is Microsoft's March 2026 Patch Tuesday with security updates for 79 flaws, including 2 publicly disclosed zero-day ...