Apple and Google roll out end-to-end encrypted RCS messaging
The E2EE RCS messaging feature is now available to iPhone users running iOS 26.5 with supported carriers and Android users on the latest Google Messages vers...
SC Media
20 articles
New GhostLock tool abuses Windows API to block file access
The GhostLock tool abuses the dwShareMode parameter within the Windows CreateFileW API.
Frame Security launches with $50 million to combat AI-driven social engineering
Frame Security's platform leverages AI to create realistic attack simulations and provide tailored, on-the-spot guidance to employees.
Linux maintainer proposes runtime killswitch for vulnerabilities
Linux kernel co-maintainer Sasha Levin has proposed a runtime killswitch mechanism, accessible via securityfs, to temporarily disable vulnerable kernel funct...
Threat actor Mr_Rot13 exploits critical cPanel flaw to deploy Filemanager backdoor
The exploitation of CVE-2026-41940, which affects cPanel and WebHost Manager, has been observed shortly after its public disclosure.
Google reports first known AI-assisted zero-day exploit in the wild
Attackers used AI to create an exploit script for a 2FA bypass flaw in an open-source project.
Why Basic Security Practices Still Work - Rob Allen - ASW #382
SailPoint GitHub repo hit by third-party cyberattack
SailPoint says GitHub repo breach exposed no customer data or production systems.
IAM for MSSPs: The Hidden Risk of Blind Trust - Dustin Sachs - CSP #224
Why we need a ‘zero-trust for code’ behavioral approach to secure software
AI has broken down the old model for classifying code – here’s how a behavioral approach makes more sense today.
German authorities shut down relaunched Crimenetwork marketplace, arrest operator
The original Crimenetwork, a significant platform for illicit goods and services, was taken down in December 2024.
Smartphone users increasingly forgo paid antivirus protection
A recent survey by Cybernews indicates that only 18% of mobile phone users in America pay for third-party antivirus software, with many trusting the built-in...
JDownloader website compromised to distribute malicious installers
The supply chain attack involved attackers modifying the website's download links to point to malicious third-party payloads.
AI can profile users from ad patterns alone, study finds
A study by UNSW Sydney and QUT involving over 435,000 Facebook ads from 891 Australians revealed that large language models can infer a user's gender, age, e...
Virginia man found guilty of destroying government databases after being fired
The incident occurred on February 18, 2025, shortly after Sohaib Akhter and his twin brother, Muneeb Akhter, were fired by their employer, a company that ser...
New PamDOORa Linux backdoor sold on cybercrime forum
PamDOORa functions as a post-exploitation toolkit, enabling attackers to gain persistent access to Linux systems (x86_64) through a "magic password" and a sp...
Google removes 28 fraudulent apps from Play Store
Security researchers at ESET uncovered the malicious campaign, dubbed CallPhantom, which primarily targeted users in India, indicated by the preselected +91 ...
NVIDIA confirms GeForce NOW user data exposed in Armenian partner breach
A threat actor claimed to have breached GeForce NOW and stolen millions of user records, including full names, email addresses, usernames, dates of birth, an...
Poland's intelligence agency thwarts cyberattacks on water treatment plants
Poland's Internal Security Agency reported thwarting multiple sabotage attempts, potentially linked to Russian intelligence services, against military facili...
Most passwords can be cracked in under a minute, Kaspersky finds
Kaspersky researchers analyzed a dataset of 231 million unique passwords leaked on the dark web between 2023 and 2026.