CVE-2025-68822 Input: alps – fix use-after-free bugs caused by dev3_register_work
Information published. - Read more
SUCCESS – 253,510 breached accounts
In March 2026, the personal development and achievement media brand SUCCESS suffered a data breach. The incident exposed 250k unique email addresses along with...
A laughing RAT: CrystalX combines spyware, stealer, and prankware features
Introduction
In March 2026, we discovered an active campaign promoting previously unknown malware in private Telegram chats. The Trojan was offered as a MaaS (malware‑as‑a‑service) with...
Industrialization of the Fraud Ecosystem Blog
Payment fraud no longer operates as a collection of discrete schemes run by individual threat actors. It is increasingly sustained by an industrial...
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
Attackers compromised the npm account of the lead maintainer of Axios, a widely used JavaScript HTTP client library, and used...
New compliance guide available: ISO/IEC 27001:2022 on AWS
We’re excited to announce the release of our latest compliance guide, ISO/IEC 27001:2022 on AWS, which provides practical guidance for organizations designing...
Google Drive Expands AI Ransomware Detection, File Recovery to More Users
Google expands Drive ransomware detection and file recovery with its latest AI model, which detects 14 times more infections as the features move beyond...
Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets
Key Points
Check Point Research identified a zero-day vulnerability in the TrueConf client application, tracked as CVE-2026-3502, with a CVSS score of 7.8. The flaw stems...
Hackers Weaponize Legitimate Windows Tools to Disable Antivirus Before Ransomware Attacks
Ransomware attacks have gone far beyond simple malicious code. Today, attackers operate with the precision of a well-planned business, using trusted Windows tools to...
ChatGPT Security Issue Enabled Data Theft via Single Prompt
OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole - Read more
Latest article
Iran Threatens to Attack Apple, Google, and Other US Tech Firms in Middle East
Iran has threatened multiple US tech giants in the Middle East, escalating tensions and raising fears of AI-driven warfare turning physical.
The post Iran Threatens...
New Venom Stealer MaaS Platform Automates Continuous Data Theft
Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration - Read more
What CISOs Should Expect from AI Powered MDR in 2026, According to Rapid7 CEO...
In the latest episode of Rapid7’s Experts on Experts, I’m joined by Rapid7 CEO Corey Thomas for a candid conversation about where AI is...
CVE-2025-68822 Input: alps – fix use-after-free bugs caused by dev3_register_work
Information published. - Read more
