1+ hour, 5+ min ago  (518+ words) As vehicles become increasingly connected and reliant on technology, cybersecurity concerns have evolved. One area often overlooked in the context of vehicle data privacy is the Tire Pressure Monitoring System (TPMS). Originally designed for tire safety, TPMS systems have inadvertently…...

1+ hour, 5+ min ago  (369+ words) A malicious Go module, discovered by Socket's Threat Research Team, has been exploiting the Go ecosystem by impersonating a legitimate cryptography library. The threat actor behind this attack is leveraging supply-chain compromise techniques to infect users, steal passwords, and execute…...

2+ hour, 5+ min ago  (270+ words) A newly disclosed critical flaw in ModelScope's MS-Agent framework could let attackers execute arbitrary commands and gain full control of systems running the AI agent. The MS-Agent framework, widely used for autonomous AI workflow automation and tool invocation, includes a…...

2+ hour, 10+ min ago  (517+ words) A sophisticated phishing campaign, named GTFire, has been discovered exploiting legitimate Google services like Firebase and Google Translate to bypass security defenses and harvest user credentials. The GTFire scheme uses Google-owned infrastructure to host fake login pages and disguise malicious…...

2+ hour, 18+ min ago  (366+ words) Google Chrome's Secure Web and Networking Team has announced a major step toward building a quantum-safe internet. The browser will adopt a new cryptographic mechanism called Merkle Tree Certificates (MTCs), a project grounded in the Internet Engineering Task Force's (IETF)…...

2+ hour, 43+ min ago  (358+ words) Between February 22 and February 25, 2026, GreyNoise observed a significant wave of reconnaissance activity targeting SonicWall firewalls. A total of 84,142 scanning sessions were conducted, originating from over 4,000 unique IP addresses across 20 autonomous systems. The activity, which primarily focused on SSL VPN enumeration,…...

2+ hour, 46+ min ago  (509+ words) CYJAX recently uncovered a sophisticated phishing campaign, OCRFix, that leverages the popular ClickFix attack technique to evade detection and deploy multi-stage malware. The campaign initially masqueraded as a legitimate Tesseract OCR tool site, using a typosquatted domain to trick users…...

4+ hour, 53+ min ago  (270+ words) The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about the RESURGE malware targeting Ivanti Connect Secure devices. The agency's Malware Analysis Report (MAR) identifies malware exploiting a known vulnerability in Ivanti's product line, including Ivanti Connect Secure,…...

4+ hour, 55+ min ago  (269+ words) A serious security hole in Angular, a top web framework used by millions of developers, exposes apps to attacks. Attackers who tamper with translation files can inject and run harmful JavaScript in users" browsers, risking data theft and app sabotage....

5+ hour, 32+ min ago  (218+ words) Google released its March 2026 Android Security Bulletin, patching 129 vulnerabilities across the Android ecosystem. This update sets a record for the highest number of fixes in a single month. It splits into two patch levels: 2026-03-01 for core Android flaws and 2026-03-05 for…...