Exploited Google Chrome zero-days added to US must-patch list

Two new serious vulnerabilities in the world's most popular web browser, Google Chrome, are under attack at the moment and should be patched as soon as possible, the United States Cybersecurity and ...
The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...
The Hacker News

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Google patches two Chrome zero-days exploited in the wild, urging updates to version 146.0.7680.75/76 to prevent attacks.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Google rushes Chrome update fixing two zero-days already under attack

CVE-2026-3909 is an out-of-bounds write flaw in Skia, the graphics library Chrome uses to render web content and parts of its user interface. Memory corruption bugs like this can sometimes be abused ...
GovInfoSecurity

Breach Roundup: Russian State Actors Target Signal, WhatsApp

This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress sites, Microsoft patched 80 bugs, a ...
SecurityWeek

ClickFix Attack Uses Windows Terminal to Evade Detection

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

What Is ActiveX? How It Works and Ensures Computer Security

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...
Tribal Football

Super sub Sesko scores as Man Utd edge Everton to extend unbeaten run

Manchester United continued their unbeaten start (W5, D1) under interim manager Michael Carrick, as Benjamin Sesko’s second-half strike secured a crucial 1-0 Premier League (PL) triumph over Everton ...
InfoWorld

WinterTC: Write once, run anywhere (for real this time)

The unified JavaScript runtime standard is an idea whose time has come. Here’s an inside look at the movement for server-side JavaScript interoperability. The WinterCG community group was recently ...
Windows Central

Microsoft Edge just got two new AI features — and they’re actually useful

The latest update to Microsoft Edge introduces "Summarize" and "Explain" tools for PDFs alongside a much-needed speed boost for Read Aloud. When you purchase through links on our site, we may earn an ...