-
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on developers' servers.
- April 29, 2026
- 04:50 PM
0
-
Hackers arrested for hijacking and selling 610,000 Roblox accounts
The Ukrainian police have arrested three individuals who hacked more than 610,000 Roblox gaming accounts and sold them for a profit of $225,000.
- April 29, 2026
- 02:32 PM
1
-
New report: How browser-based attacks are bypassing your security controls
Browser-based attacks, from AITM phishing and ClickFix to malicious OAuth apps and session hijacking, are driving today's biggest breaches.
A new report from Push Security breaks down the techniques attackers are using, real-world case studies, and the detection gaps leaving security teams exposed.
-
If you’re worried about privacy, try this $75 cybersecurity pack
Paying separately for a VPN, breach alerts, and privacy tools can turn into a mess of monthly subscriptions. Surfshark One+ with Incogni puts all those protections into one 1-year plan, covering your connection, your devices, and your personal data, and it's only $74.99 for a one-year subscription (reg. $250.20).
- April 29, 2026
- 02:06 PM
- 0
-
cPanel, WHM emergency update fixes critical auth bypass bug
A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be exploited to obtain access to the control panel without authentication.
- April 29, 2026
- 11:51 AM
- 0
-
European police dismantles €50 million crypto investment fraud ring
Austrian and Albanian authorities dismantled a criminal ring accused of running a large-scale cryptocurrency investment fraud operation that caused estimated losses of over €50 million ($58.5 million) to victims worldwide.
- April 29, 2026
- 10:27 AM
- 0
-
Learning from the Vercel breach: Shadow AI & OAuth sprawl
A single third-party OAuth integration can become a direct path into your environment. Push explains how the Vercel breach shows a compromised OAuth app can lead to widespread impact across downstream customers.
- April 29, 2026
- 09:05 AM
- 0
-
GitHub fixes RCE flaw that gave access to millions of private repos
In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed attackers to access millions of private repositories.
- April 29, 2026
- 08:41 AM
- 0
-
Sam’s Club Plus memberships were $110, but now they’re only $60
Between groceries, gas, and so many other little expenses, maintaining a budget isn't easy, but there's another way to shop. Sam's Club Plus Memberships come with a few key extras that could make shopping and budgeting a bit easier, and instead of paying $110, you can get your 1-Year Sam's Club Plus Membership for only $60.
- April 29, 2026
- 07:09 AM
- 0
-
CISA orders feds to patch Windows flaw exploited as zero-day
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their Windows systems against a vulnerability exploited in zero-day attacks.
- April 29, 2026
- 06:29 AM
- 0
-
Microsoft says backend change broke Teams Free chat and calls
Microsoft is working to resolve a known issue that prevents some Microsoft Teams Free users from chatting and calling others.
- April 29, 2026
- 04:38 AM
- 1
-
Broken VECT 2.0 ransomware acts as a data wiper for large files
Researchers are warning that the VECT 2.0 ransomware has a problem in the way it handles encryption nonces that leads to permanently destroying larger files rather than encrypt them.
- April 28, 2026
- 05:25 PM
- 0
-
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208.
- April 28, 2026
- 05:07 PM
- 0
-
Video service Vimeo confirms Anodot breach exposed user data
Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot data anomaly detection company.
- April 28, 2026
- 03:04 PM
- 0
-
This open-box 2-in-1 Chromebook is now on sale for $145
In the market for a simple, portable device that can handle everyday tasks without overcomplicating things? This 2-in-1 ASUS Chromebook CM30 should be a contender, considering it's on sale for just $144.97 (MSRP $389.99) through May 10.
- April 28, 2026
- 02:11 PM
- 0
-
US reportedly charges Scattered Spider hacker arrested in Finland
A 19-year-old dual United States and Estonian citizen arrested in Finland earlier this month faces federal charges in the U.S. alleging he was a prolific member of the notorious Scattered Spider hacking collective.
- April 28, 2026
- 11:39 AM
- 0
-
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository.
- April 28, 2026
- 10:50 AM
- 0
-
Microsoft to deprecate legacy TLS in Exchange Online starting July
Microsoft says it will start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026.
- April 28, 2026
- 09:18 AM
- 1
-
Inside an OPSEC Playbook: How Threat Actors Evade Detection
Threat actors are now publishing structured OPSEC playbooks to stay undetected. Flare reveals how these guides outline layered infrastructure, identity separation, and long-term evasion strategies.
- April 28, 2026
- 08:50 AM
- 0
-
This full CISSP training bundle is only $20 (was $424)
The CISSP is one of the most respected certifications in information security, but preparing for your exam isn't easy. If you want a little help on a budget, right now, you can get a full breakdown of all eight CISSP domains in the CISSP Security and Risk Management Training Bundle, and it's on sale for $19.99 (reg. $424).
- April 28, 2026
- 07:11 AM
- 0
-
Microsoft: New Remote Desktop warnings may display incorrectly
Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files.
- April 28, 2026
- 05:51 AM
- 0
-
New webinar: Join John Hammond, Troy Hunt, and Matt Johansen for the State of Browser Attacks
-
Want access to threat actors’ playbooks? Get them for free with Flare.
-
Overdue a password health-check? Audit your Active Directory for free
-
Is your credential vault DORA-ready? Audit access controls with Passwork.
-
Think you can't be deepfaked? Make one of yourself for free and see
