New macOS feature seeks to avert ClickFix compromise
Apple has released a new mechanism for macOS Tahoe 26.4 that stops the execution of potentially harmful commands in Terminal and warns the user about related...
SC Media
20 articles
CareCloud confirms EHR environment breach
Healthcare software firm CareCloud has disclosed the potential compromise of individuals' health records following the eight-hour breach of one of its EHR re...
Allegedly stolen Lockheed Martin data being peddled for almost $600M
Leading U.S.
New critical Telegram zero-click issue threatens total device compromise
Cybernews reports that Telegram for Android and Telegram Desktop for Linux have been affected by a critical zero-click vulnerability that could enable remote...
Critical Fortinet FortiClient EMS vulnerability under attack
Intrusions harnessing a critical SQL injection flaw in Fortinet FortiClient EMS, tracked as CVE-2026-21643, were reported by Defused researchers to have been...
New Ukrainian CERT-spoofing phishing campaign delivers RAT
Ukrainian government entities, healthcare providers, financial providers, security firms, educational institutions, and software development companies have b...
Illicit LNK files deploy Russian CTRL toolkit
Illicit LNK files deploy Russian CTRL toolkit The Hacker News reports that malicious Windows LNK files masquerading as private key folders have been tapped t...
Sophisticated CrySome RAT examined
Windows environments are at risk of significant compromise with the new, advanced CrySome remote access trojan, which integrates antivirus-killing and hidden...
AI powers clandestine DeepLoad credential-stealing campaign
Enterprise business IT environments have been subjected to the DeepLoad credential-stealing malware campaign that ensured stealth via AI abuse and ClickFix a...
US bounty on Iranian hackers reissued
Multiple U.S.
Citrix NetScaler ADC bug added to CISA list of known exploits
Security agency gives federal agencies until April 2, 2026, to make the patch.
RoadK1ll malware enables stealthy network pivoting
RoadK1ll functions as a lightweight reverse tunneling implant, designed to blend into normal network traffic and transform an infected machine into a relay p...
ChatGPT data leakage vulnerability discovered and patched
Researchers at Check Point discovered that a single malicious prompt could exploit a hidden outbound channel within ChatGPT's code execution runtime.
China-linked groups conduct sophisticated cyber espionage against Southeast Asian government
Security Affairs reports that multiple China-linked threat groups executed a complex cyber campaign against a Southeast Asian government in 2025, employing a...
LiteLLM ditches Delve after malware attack
The incident occurred shortly after LiteLLM had obtained two security compliance certifications from Delve.
Dutch Ministry of Finance portal offline after cyberattack
The cyberattack, detected after a third-party alert, led to unauthorized access to internal systems within the policy department.
F5 BIG-IP APM systems vulnerable to critical remote code execution flaw
The vulnerability, identified as CVE-2025-53521, allows attackers to gain complete control of affected servers through malicious traffic, enabling remote cod...
AtlasCross RAT campaign targets Chinese users via typosquatted domains
The campaign, attributed to the Chinese cybercrime group Silver Fox, encompasses a wide range of applications including VPN clients, encrypted messengers, vi...
Maryland man charged in $53 million Uranium Finance crypto heist
Spalletta is accused of exploiting vulnerabilities in Uranium Finance's smart contracts on two separate occasions in April 2021.
From cyber risk to business impact: A conversation with IBM and CyberSaint
IBM's Mark Hughes and Fabio Campos discuss how organizations are rethinking cyber risk through automation, real-time data, and AI-driven insights.