SecurityWeek

GlassWorm Botnet Disrupted

The four C&C channels used by GlassWorm, the botnet targeting open source software developers, have been disrupted.

Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them

A new infostealer variant targets macOS users by spoofing Apple, Microsoft, and Google and then then gets to work searching ...
CSO Online

Google leaks details for Chromium bug that can turn browsers into bots

Reported over three years ago and allegedly still not properly fixed, the vulnerability enables attacks to execute JavaScript ...
The Hacker News

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

Ghostwriter’s March 2026 Ukraine attacks use PDF lures and geofencing to deploy Cobalt Strike on government targets.
CSO Online

Expired domain leads to supply chain attack on node-ipc npm package

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...

Google accidentally published a four-year-old Chromium security bug, then tried to hide it again

Google recently published – and then quickly hid – a potentially dangerous bug found in the Chromium web browser. The ...
Bleeping Computer

What Happens in the First 24 Hours After a New Asset Goes Live

The moment a new asset gets a public IP address, a clock starts. Not a slow one. A relentless, automated one. The gap between “this just went live” and “this is being actively probed” is minutes, not ...

Major Canadian online privacy company plans to leave country if lawful access bill passes

A Canadian company providing online privacy and security tools says it would leave the country over a federal bill that could ...

How To Stress-Test A Staging Environment To Surface Risks Pre-Launch – Ask An SEO

Bad deployments can take weeks to recover from in search. Test your staging site the right way before pushing large scale ...
Dark Reading

'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine

A known Belarussian cyber-espionage group is back with a threat campaign against targets in Eastern Europe that uses spear-phishing to deliver malicious payloads to Eastern European government and ...

Belarus-aligned FrostyNeighbor attacks Ukrainian government, again — ESET Research discovers

FrostyNeighbor, a long-running cyberespionage actor apparently aligned with the interests of Belarus, has been active recently in campaigns ...