JDownloader Malware Attack Replaced Official Installers
A serious JDownloader malware attack exposed users to malicious installers distributed through the software’s official website. Attackers reportedly compromised download links connected to the popular download manager and replaced legitimate files with malware-laced payloads designed to infect Windows and Linux systems. Security researchers warned that the incident highlights the growing danger of software supply chain attacks. Instead of targeting victims
NVIDIA GeForce NOW Data Breach Exposes Armenian User Data
A GeForce NOW data breach has been confirmed by NVIDIA, exposing personal information belonging to users of the cloud gaming service in Armenia. The incident did not touch NVIDIA's own global infrastructure, but it has put a spotlight on the security risks that come with the company's regional partner model. What Happened The breach originated at GFN.am, a third-party company
New Beagle Malware Hides Inside Fake Claude AI Installer
A convincing fake website impersonating Anthropic's Claude AI has been caught distributing a previously unknown Windows backdoor. Cybersecurity researchers have named the threat Beagle malware, and it arrives disguised as a legitimate tool aimed squarely at developers. A Fake Site Built to Fool Developers The site in question sits at the domain claude-pro[.]com. It mimics the look of Anthropic's real
MuddyWater False Flag Attack Hid Behind Chaos Ransomware
What looked like a ransomware attack earlier this year turned out to be something far more calculated. Security researchers have linked a sophisticated intrusion to MuddyWater, an Iranian state-sponsored hacking group, in what has been assessed as a deliberate false flag attack designed to look like the work of a criminal ransomware gang. The Chaos Ransomware Cover Story Chaos is
DAEMON Tools Supply Chain Attack Hits Thousands Worldwide
A popular Windows utility has become the delivery vehicle for a serious and still-active backdoor campaign. Since April 8, 2026, users who downloaded DAEMON Tools from the software's official website received trojanized installers designed to silently compromise their machines. The DAEMON Tools supply chain attack has already reached thousands of systems across more than 100 countries, and security researchers say
North Korea’s BirdCall Android Malware Targets Defectors Focus
A North Korean hacking group has hidden spyware inside the apps of a small regional gaming platform — and the targets are people who fled the regime. Researchers have linked the campaign to ScarCruft, a state-backed group with a long history of surveilling defectors. The discovery of BirdCall Android malware embedded in legitimate game downloads marks a troubling evolution in
Sorry Ransomware Exploits Critical cPanel Vulnerability
A critical cPanel security vulnerability is being mass-exploited by ransomware operators, and tens of thousands of web servers are already compromised. Tracked as CVE-2026-41940, the flaw carries a severity score of 9.8 out of 10. It lets attackers bypass authentication entirely and seize full control of a server without a valid password. An emergency patch now exists, but exploitation began
BlackFile Extortion Gang Targets Retail and Hospitality
A new extortion group is making its mark on the retail and hospitality sectors, and it does not need a single piece of malware to do serious damage. BlackFile extortion attacks have been hitting organizations since February 2026, using nothing more than a phone call, a fake login page, and a well-rehearsed script to extract millions from victims. Palo Alto
ADT Data Breach: 5.5 Million Customers Hit After ShinyHunters Extortion Attack
Home security company ADT has confirmed an ADT data breach that exposed the personal information of millions of customers across the United States. The attack started with a phone call. It ended with an 11GB archive of stolen data published on the dark web. What Happened at ADT ADT detected unauthorized access to its systems on April 20, 2026. The
GlassWorm Malware Returns With 73 Sleeper Extensions
Developers who use VS Code-compatible editors have a new threat to watch out for. GlassWorm malware has resurfaced in a fresh wave of attacks, this time through 73 fake extensions planted inside the OpenVSX marketplace. The extensions looked completely clean at upload. Then, after collecting installs, they received silent updates that activated hidden malware. It is a calculated tactic —
