Sinisa Markovic
Phishing hides in routine Microsoft 365 workflows
Attackers are abusing Outlook Groups and Microsoft 365 collaboration features to make phishing campaigns appear routine, according to Fortra. “The technique shifts …
Free, no-signup World Cup streams serve scams instead of football
Researchers at Malwarebytes identified dozens of websites claiming to offer free access to FIFA World Cup matches. Instead of streaming games, the sites directed visitors …
Hundreds of AI-powered iOS apps found exposing credentials
Mobile app developers are packing AI features into everything from writing assistants to productivity tools and lifestyle apps. New research shows that securing access to …
Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware
A cryptocurrency-stealing malware campaign used inflated GitHub activity, software reviews, YouTube tutorials and favorable VirusTotal comments to make malicious trading and …
Malware attacks strip Roblox developers of entire games
Hackers who once focused on stealing valuable Roblox items are now taking over entire games. Although Roblox operates the service, users can create and publish their own games …
AWS Continuum brings AI models to code vulnerability management
AWS Continuum for code vulnerabilities, a system built to handle a vulnerability across its lifecycle, from discovery through to a fix, is now available in gated preview. It …
Another healthcare firm attacked days after Novo Nordisk breach
Medical technology company iRhythm Holdings disclosed a cyberattack involving certain third-party-hosted business applications that resulted in the theft of patient protected …
Rokarolla Android trojan targets banking and crypto users, enables device takeover
A newly discovered Android banking trojan, dubbed Rokarolla, targets 217 banking and cryptocurrency applications and can execute 137 commands on infected devices, according to …
Apple is bringing Hide My Email and Sign in with Apple under one domain
Apple will unify the email domains used by Sign in with Apple and iCloud+ Hide My Email under a shared domain, private.icloud.com, later this summer. Hide My Email is a …
Cybercriminals mask malicious communications through Microsoft Teams relays
The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion …
Crypto scammers are sending couriers to victims’ homes to collect cash
Scammers behind cryptocurrency investment schemes are dispatching couriers to pick up cash from victims in person, the FBI warns. According to the agency, scammers usually …
Planning a trip? Fake travel sites are multiplying this summer
Cyberattacks against hospitality, travel, and recreation organizations rose 24% year over year, reaching an average of 2,291 incidents per organization each week in May 2026, …
Featured news
Resources
Don't miss
- A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security
- Residential proxy SDKs are hiding in LG and Samsung smart TV apps
- 23 ClawHub plugins squatting official scopes expose AI registry security gaps
- Who pays when you gate cyber-capable AI models?
- Agent Beacon: Open-source telemetry layer for AI agents