Google slows Android sideloading to trip up scammers
Google’s advanced flow for Android changes how apps from unverified developers are installed, adding steps to reduce scam-driven sideloading. The feature is aimed at …
DarkSword: Researchers uncover another iOS exploit kit
A powerful iPhone hacking toolkit dubbed “DarkSword” has been used since November 2025 to compromise devices by exploiting zero-day iOS vulnerabilities, Google …
Google limits Android accessibility API to curb malware abuse
Google is restricting how Android apps can use accessibility features after years of abuse by banking Trojans and mobile malware. The changes, introduced in Android 17.2, …
Big tech companies step in to support the open source security ecosystem
Backed by new funding commitments from major technology players, open source security efforts are moving beyond threat identification toward practical solutions for defenders. …
AI coding agents keep repeating decade-old security mistakes
Coding agents are now writing production features on real development teams, and a new report from DryRun Security shows that those agents introduce security vulnerabilities …
Fake Claude Code install pages highlight rise of “InstallFix” attacks
Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers …
March 2026 Patch Tuesday forecast: Is AI security an oxymoron?
Developers and analysts are using more AI tools to produce code and to test both the performance and security of the finished products. They are also embedding AI …
Google changes Play Store policies after settling Epic Games dispute
Google is making changes to the Play Store after settling its legal fight with Epic Games, focusing on three areas: more billing options, lower fees with new programs for …
Engineering trust: A security blueprint for autonomous AI agents
AI agents have evolved from just chatbots, answering questions to executing actions using various integrated tools, often autonomously, and as such the traditional security …
Google speeds up Chrome updates with new security-focused release cycle
The Chrome browser is moving to a two-week release cycle, a change intended to give developers and users faster access to new features, performance improvements and bug fixes. …
Coruna: Spy-grade iOS exploit kit powering financial crime
A powerful iOS exploit kit has circulated among multiple threat actors over the past year, moving from a commercial surveillance operation to state-linked espionage campaigns …
Android 17 second beta expands privacy controls for contacts, SMS and local networks
Google’s second beta of Android 17 continues updates to platform behavior and introduces new APIs focused on protecting sensitive data. Protecting contact and local network …
Featured news
Resources
Don't miss
- AirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes begin
- Vulnerability reports are arriving faster than GitHub can review them
- JSP webshells being dropped on unpatched PTC Windchill instances
- Mozilla warns of indirect prompt injection risk in AI coding agents
- DarkMoon: Open-source AI pentesting platform