CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra ...
Cryptopolitan on MSN

GhostClaw targets developers to extract crypto wallet access

A new malware dubbed GhostClaw is targeting crypto wallets on macOS machines. The fake OpenClaw installer captures private ...
Biometric Update

Aura breach and AI companion app flaws sharpen privacy fears

A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.
Security Boulevard

Fake Pudgy World site steals your crypto passwords

The phishing site it is not affiliated with Igloo Inc or Pudgy Penguins, but is designed to lure fans and steal their crypto ...
LGBTQ Nation on MSN

Is Donald Trump bringing conversion therapy back?

Is Trump bringing conversion therapy back? Not exactly, but he is empowering people who want to.
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
Defense Mirror

Russian Lawmaker Proposes Freezing War with Ukraine to Aid Iran

A Russian lawmaker has proposed freezing the war in Ukraine in order to redirect Moscow’s focus toward supporting Iran.
The Hacker News

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Microsoft warns tax-season phishing hit 29,000 users via IRS lures, enabling credential theft and RMM-based access.
The Hacker News

ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More

ThreatsDay roundup covering stealthy attacks, phishing trends, exploit chains, and rising security risks across the threat ...

DarkSword iOS exploit chain adopted by multiple threat actors: Report

Lookout Threat Labs, and iVerify published coordinated research in March 2026 on DarkSword, a JavaScript-based full-chain ...