Infostealer malware found stealing OpenClaw secrets for first time

With the massive adoption of the OpenClaw agentic AI assistant, information-stealing malware has been spotted stealing files ...

CISA gives feds 3 days to patch actively exploited BeyondTrust flaw

CISA ordered U.S. government agencies on Friday to secure their BeyondTrust Remote Support instances against an actively ...

Google patches first Chrome zero-day exploited in attacks this year

Google has released emergency updates to fix a high-severity Chrome vulnerability exploited in zero-day attacks, marking the ...

Washington Hotel in Japan discloses ransomware infection incident

The Washington Hotel brand in Japan has announced that that its servers were compromised in a ransomware attack, exposing ...

Eurail says stolen traveler data now up for sale on dark web

Eurail B.V., the operator that provides access to 250,000 kilometers of European railways, confirmed that data stolen in a breach earlier this year is being offered for sale on the dark web.

Canada Goose investigating as hackers leak 600K customer records

ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records ...

Man arrested for demanding reward after accidental police data leak

Dutch authorities arrested a 40-year-old man after he downloaded confidential documents that had been mistakenly shared by the police and refused to delete them unless he received "something in return ...

Passwords to passkeys: Staying ISO 27001 compliant in a passwordless era

Password-based authentication is increasingly risky as organizations adopt passkeys to strengthen security and meet ISO/IEC 27001 requirements. Passwork explains how to align passwordless adoption ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

One threat actor responsible for 83% of recent Ivanti RCE attacks

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two ...

Snail mail letters target Trezor and Ledger users in crypto-theft attacks

Threat actors are sending physical letters pretending to be from Trezor and Ledger, makers of cryptocurrency hardware wallets ...

Microsoft February 2026 Patch Tuesday fixes 6 zero-days, 58 flaws

Today is Microsoft' 2026 Patch Tuesday with security updates for 58 flaws, including 6 actively exploited and three publicly ...