Hoodline

Fake CAPTCHA Scam Tricks Windows Users Into Installing Password-Snatching Malware

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.
Cybernews

Researchers find hundreds of exposed API keys providing access to AWS, GitHub, Stripe, and OpenAI

The exposed keys belonged to major service providers such as AWS, Stripe, and GitHub, and the potential damage ranged from ...

Microsoft 365 Under Siege: Phishing Campaign Bypasses MFA Across 5 Countries

A global phishing campaign targeting Microsoft 365 bypasses security codes using a legitimate login feature, impacting ...
TidBITS

DarkSword Exploit Threatens iPhones Still Running iOS 18

Security researchers have discovered DarkSword, a sophisticated exploit chain targeting iOS 18.4 through 18.7.2. Unlike past spyware aimed at high-profile targets, DarkSword is being surreptitiously ...

DarkSword iOS exploit chain adopted by multiple threat actors: Report

Google Threat Intelligence Group (GTIG), Lookout Threat Labs, and iVerify published coordinated research in March 2026 on ...
Bleeping Computer

Why Password Audits Miss the Accounts Attackers Actually Want

Password audits are a standard part of most security programs. They help organizations demonstrate compliance, reduce obvious risk, and confirm that basic controls are in place. However, in many cases ...
Digital Trends

This fake Google Security check can steal your passwords. Here’s how to stay safe

A new phishing campaign is using a fake Google security check to steal passwords and other sensitive data from unsuspecting users. Researchers at Malwarebytes warn that the scam impersonates Google’s ...
Gizmodo

AI-Generated Passwords Are Apparently Quite Easy to Crack

The era of AI has not been particularly great for cybersecurity. We know that vibe-coded websites and apps have been a hotbed of security flaws that leave the platforms vulnerable to attacks. It turns ...
Newsweek

149 Million Gmail, Facebook Passwords Stolen: Has Yours Been Leaked?

More than 100 million passwords have been stolen in a data leak. A database that contained 149 million account usernames and passwords has been removed after a researcher reported to the hosting ...
Android Police

Google extends Identity Check to your banking apps and password managers

Karandeep Singh Oberoi is a Durham College Journalism and Mass Media graduate who joined the Android Police team in April 2024, after serving as a full-time News Writer at Canadian publication ...
WeLiveSecurity

Old habits die hard: 2025’s most common passwords were as predictable as ever

‘123456’ continues to reign supreme as the most commonly-used password among people across the world, according to two reports, from NordPass and Comparitech, respectively. A full 25 percent of the ...
Yahoo

Instagram password reset attacks — What you need to check right now

Instagram users worldwide are receiving unexpected password reset emails, and they should be cautious before clicking or responding, as cybercriminals may be exploiting the platform’s user base ...