Cybersecurity Articles

187/69 Thursday, April 2, 2026 Google has started rolling out a long-awaited feature that allows users to change their primary email address—specifically the part before “@gmail.com.” Previously, this portion of a Gmail address was permanently fixed, and users could only create aliases or secondary email addresses. The feature has initially been spotted among users in […]

186/69 Wednesday, April 1, 2026 CareCloud, Inc., a healthcare company based in New Jersey, disclosed in a filing with the U.S. Securities and Exchange Commission (SEC) that it detected a system intrusion on March 16, 2026. The incident caused a temporary disruption to CareCloud Health services for approximately eight hours. It impacted one of the […]

185/69 Wednesday, April 1, 2026 Researchers from BeyondTrust Phantom Labs have disclosed a critical vulnerability in OpenAI Codex that could be exploited to steal GitHub OAuth tokens. The flaw is a command injection vulnerability caused by insufficient input sanitization, allowing attackers to embed malicious commands within GitHub branch names. Notably, the attack leverages special Unicode […]

184/69 Wednesday, April 1, 2026 Cybersecurity researchers from Blackpoint Cyber have identified a new malware strain called RoadK1ll, a Node.js-based implant designed to act as a relay point for lateral movement within compromised networks. The malware operates stealthily by blending in with normal network traffic, transforming infected machines into controlled pivot points that attackers can […]

183/69 Tuesday, March 31, 2026 Apple has begun sending “Critical Software” alerts directly to the lock screens of iPhone and iPad users running outdated versions of iOS and iPadOS. The notifications warn of web-based attacks targeting older, unpatched software versions. The alerts have appeared on a wide range of devices, including those running iOS 17.0, […]

182/69 Tuesday, March 31, 2026 A security vulnerability has been discovered in the widely used Smart Slider 3 plugin for WordPress, which is installed on more than 800,000 websites. The flaw, tracked as CVE-2026-3098, allows low-privileged users such as Subscribers to access sensitive files on the server, including wp-config.php, which contains critical information such as […]

181/69 Tuesday, March 31, 2026 The hacking group Handala, reportedly linked to Iran’s Ministry of Intelligence (MOIS), has claimed responsibility for breaching the personal Gmail account of Kash Patel, the current Director of the Federal Bureau of Investigation, on March 27, 2026. The group published personal photos, documents, and email correspondence from before Patel assumed […]

180/69 Monday, March 30, 2026 Security researchers at Malwarebytes have reported a new ClickFix campaign targeting macOS users by impersonating Cloudflare verification pages to distribute a Python-based information-stealing malware. The attack begins by luring victims to a fake CAPTCHA page that closely mimics legitimate Cloudflare verification. It then uses social engineering techniques to trick users […]

179/69 Monday, March 30, 2026 The cybercrime group ShinyHunters has claimed responsibility for breaching the European Commission and exfiltrating more than 350GB of data. The stolen data was reportedly published on the group’s Tor-based leak site and is believed to include email system data, databases, internal documents, and contractual records. However, the exact scope and […]

178/69 Monday, March 30, 2026 There are reports of threat actors actively scanning for a newly disclosed critical vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway (CVE-2026-3055), which carries a high severity score of 9.3 (Critical). The vulnerability stems from insufficient input validation, leading to an out-of-bounds read issue. This flaw allows unauthenticated remote […]