Cybersecurity

A researcher bypassed Google’s security updates for its Gemini voice assistant on Android using a technique called Fake Context Alignment.The exploit allowed a single...

A critical vulnerability in Microsoft Visual Studio Code's GitHub.dev web editor allows attackers to steal a user's full-access GitHub token with a single click.The...

An unpatched vulnerability in the Windows search URI handler can leak a user's sensitive NTLMv2 authentication hash.The flaw allows attackers to capture hashes via...

Google has patched a critical Android flaw under active exploitation, identified as CVE-2025-48595.The vulnerability allows local privilege escalation without user interaction and impacts Android...

The Pakistan-aligned SideCopy group deployed a sophisticated spear-phishing campaign codenamed Operation XENOFISCAL against Afghanistan's Ministry of Finance.The attackers used a malicious ZIP archive containing...

Dashlane disclosed a brute-force attack where encrypted vaults for fewer than 20 personal plan users were downloaded.The attack, launched on May 31, 2026, aimed...

A new supply chain attack campaign called Miasma has compromised multiple official @redhat-cloud-services npm packages.The malware steals credentials and secrets from developer machines to...

A China-aligned cyber espionage campaign, Operation Dragon Weave, has targeted officials and citizens in the Czech Republic and Taiwan.The attackers used spear-phishing emails to...