AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra ...

Check Your iPhone Settings Now: Apple Releases First-Ever ‘Background’ Security Patch

This is the first Background Security Improvement from Apple. Here's how to make sure your iPhone installs it right away.

Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as ...
The Caledonian-Record

H2O.ai H2OVL Mississippi models Shatter Milestone with Over One Million downloads monthly - Launching Momentum into GTC 2026

H2O.ai, a pioneer in sovereign AI and the world’s leading agentic, highly accurate predictive AI company, today announced its ...
Dark Reading

GlassWorm Malware Evolves to Hide in Dependencies

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s ...
Infosecurity Magazine

Crypto Scam "ShieldGuard" Dismantled After Malware Discovery

A cryptocurrency scam known as "ShieldGuard" has been dismantled after researchers identified it as a malicious browser ...
TechJuice

GlassWorm Malware Silently Infects Hundreds of Python Projects

GlassWorm attack uses stolen GitHub tokens to inject malware into Python repositories, exposing developers to supply chain ...
TechJuice

LeakNet Ransomware Tricks Victims Into Infecting Themselves Through Hacked Websites

LeakNet ransomware uses ClickFix attacks on hacked sites to trick users into running malicious commands and stealing data.
The Caledonian-Record

Jozu Launches Agent Guard: AI Security That AI Agents Cannot Disable

Jozu, the AI assurance company behind KitOps, a CNCF project with more than 240,000 downloads, today announced the launch of ...