Ravie LakshmananApr 10, 2026Malware / Browser Security Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of […]
Category: Security
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
Ravie LakshmananApr 10, 2026Vulnerability / Threat Intelligence A critical security vulnerability in Marimo, an open-source Python notebook for data science and […]
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Ravie LakshmananApr 10, 2026Malware / Website Security Unknown threat actors have hijacked the update system for the Smart Slider 3 […]
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
Ravie LakshmananApr 09, 2026Vulnerability / Mobile Security Details have emerged about a now-patched security vulnerability in a widely used third-party […]
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
Ravie LakshmananApr 09, 2026Malware / Windows Security A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting […]
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
Thursday. Another week, another batch of things that probably should’ve been caught sooner but weren’t. This one’s got some range — old […]
The Hidden Security Risks of Shadow AI in Enterprises
As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may […]
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
Ravie LakshmananApr 09, 2026Vulnerability / Threat Intelligence Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader […]
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and […]
Iran-linked hackers disrupt operations at US critical infrastructure sites
Hackers working on behalf of the Iranian government are disrupting operations at multiple US critical infrastructure sites, likely in response […]