BREACH WATCH

Even savvy people can be victims of tax scams. Here are five ways to protect yourself before it's too late.

Researchers at Zenity Labs uncover PleaseFix flaws in Perplexity’s Comet browser. See how zero-click calendar invites allow AI agents to steal 1Password credentials and personal files.

Organizations can borrow secure-by-design processes to manage non-technical challenges like governance or the inevitable human error.

Fideo Intelligence announced an expansion of its dark web monitoring and threat intelligence capabilities to help financial institutions, fintech companies, payment service providers (PSPs), and merchants detect fraud earlier and reduce payment risk. As payment credentials, identity data, and fraud tactics spread across hidden forums and encrypted channels, organizations face rising pressure to detect compromise before it reaches a transaction. Fideo’s expanded dark web monitoring and fraud intelligence surfaces early signs of synthetic identities, account … More → The post Fideo Intelligence enhances dark web monitoring capabilities to reduce payment fraud appeared first on Help Net Security .

Codenotary has announced Codenotary Trust, a unified SaaS platform that uses AI to instantly detect, prioritize, and autonomously fix security, configuration, and performance issues, while also providing rollback capabilities. Importantly, the product is designed with the talent shortage in mind so that expert-level security management is made accessible to junior and mid-level administrators. Codenotary helps close the training gap reported by The Linux Foundation with 65% of organizations understaffed in cybersecurity and compliance. Codenotary Trust … More → The post Codenotary Trust delivers autonomous AI security for Linux and Kubernetes appeared first on Help Net Security .

Push Security has announced new malicious browser extension detection and blocking capabilities within its browser-based security platform. The feature enables organizations to automatically block known-bad extensions from running in employee browsers. Attackers are increasingly turning to malicious browser extensions as a preferred method of compromise. Recent campaigns such as ShadyPanda, ZoomStealer, and GhostPoster, along with breaches impacting vendors including Cyberhaven and Trust Wallet, highlight the growing risk posed by compromised extensions. “Browser extensions represent one … More → The post Push Security adds malicious browser extension detection to block threats in employee browsers appeared first on Help Net Security .

Much of Central and South America struggles with cybersecurity maturity, and hackers are taking advantage.

Cisco has confirmed that two Catalyst SD-WAN Manager vulnerabilities (CVE-2026-20128 and CVE-2026-20122) patched in late February 2025 are being exploited by attackers. The exploited vulnerabilities (CVE-2026-20128, CVE-2026-20122) CVE-2026-20128 is a bug in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager, which could allow an authenticated, local attacker to gain DCA user privileges on an affected system. “To exploit this vulnerability, the attacker must have valid vmanage credentials on the affected system,” Cisco … More → The post Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities appeared first on Help Net Security .

Europol seizes LeakBase cybercrime and hacker forum used to trade stolen data, disrupting a global platform with over 140,000 members.

Europol and partners dismantle Tycoon 2FA phishing service used to bypass MFA, disrupting a global phishing-as-a-service operation targeting organisations.

Malware increasingly travels through the infrastructure that delivers online advertising. The Media Trust’s Global Report on Digital Trust, Ad Integrity, and the Protection of People describes a digital ad ecosystem where scam campaigns, malicious redirects, and malware delivery appear alongside marketing traffic. The financial impact of these threats continues to grow. Estimated consumer and business losses in the United States tied to malware, scams, and ad-borne fraud exceeded $12.5 billion in 2025. Exposure also remains … More → The post That attractive online ad might be a malware trap appeared first on Help Net Security .

A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country's Ministry of Foreign Affairs to deliver a set of never-before-seen malware. Zscaler ThreatLabz, which observed the activity in January 2026, is tracking the cluster under the name Dust Specter. The attacks, which manifest in the form of two different

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

This activity began in early February and has continued in recent days. What organizations should expect next from Iran-aligned groups and the steps they should take to guard against cyberattacks.

A newly discovered vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout could allow attackers to take over vulnerable servers by sending a specially crafted email to a FreeScout mailbox. CVE-2026-28289 exploitation FreeScout is a free, open-source help desk and shared inbox system used by businesses or teams to manage customer support conversations in one place. It is built with PHP (Laravel) and MySQL, and it’s designed to be self-hosted – either on-premises, on a … More → The post FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289) appeared first on Help Net Security .

Google is making changes to the Play Store after settling its legal fight with Epic Games, focusing on three areas: more billing options, lower fees with new programs for developers, and a program for registered app stores. The rollout begins in the European Economic Area, the United Kingdom and the United States by June 30, 2026. Australia follows in September, while Japan and South Korea receive the changes by the end of 2026. The rest … More → The post Google changes Play Store policies after settling Epic Games dispute appeared first on Help Net Security .

Cisco Talos is disclosing UAT-9244, who we assess with high confidence is a China-nexus advanced persistent threat (APT) actor closely associated with Famous Sparrow.

The Taipei District Prosecutors Office initiated its investigation in October after Chen Zhi, the founder of the Prince Group, was indicted by U.S. prosecutors on money laundering charges.

​Cisco has flagged two more Catalyst SD-WAN Manager security flaws as actively exploited in the wild, urging administrators to upgrade vulnerable devices. [...]

Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow. "The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, an initial HTA file displays a lure document written in Ukrainian concerning border crossing appeals

A Russian national pleaded guilty to a wire fraud conspiracy charge related to his role in administering the Phobos ransomware operation, which breached hundreds of victims worldwide. [...]