Bubble AI Exploited in Microsoft Credential Phishing
Phishers have found a new way to slip past email security filters, and it involves a tool most people associate with building legitimate apps. Attackers are now abusing Bubble AI, a no-code app-building platform, to create and host malicious web apps designed to steal Microsoft account credentials. The approach is convincing, hard to detect, and security researchers warn it is
Torg Grabber Malware Targets 728 Crypto Wallets
A newly discovered infostealer has sent shockwaves through the cybersecurity community. Torg Grabber malware, identified by researchers at Gen Digital, targets 728 cryptocurrency wallet browser extensions, along with hundreds of password managers, two-factor authentication tools, and note-taking apps. It spreads through social engineering, moves fast, and goes after virtually every digital asset a victim might have. This is not a
Dutch Government Cyberattack Hits Finance Ministry
The Dutch government is under fire again after a cyberattack breached the Ministry of Finance's internal systems. The Ministry of Finance confirmed on March 24 that unauthorized access to its internal systems was detected on March 19. The breach reached systems described as primary processes within the ministry's policy department, though the full extent of the intrusion remains unknown. The
FBI Warns of Russian Signal Phishing Attack Campaign
A major Signal phishing attack campaign is actively targeting journalists, politicians, military personnel, and current and former U.S. government officials. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint public service announcement last Friday, formally linking the operation to Russian intelligence services. Thousands of accounts have already been compromised globally, and the attacks are still ongoing.
Navia Data Breach Hits 2.7 Million People
A benefits administrator most people have never heard of has exposed the sensitive personal data of nearly 2.7 million individuals across the United States. The Navia data breach is one of the largest employee benefits-related incidents in recent memory. And the ripple effects are still expanding. Navia Benefit Solutions, headquartered in Renton, Washington, manages healthcare and spending account benefits on
Perseus Android Malware Targets Your Notes App
Perseus Android malware is a newly discovered threat that goes further than most mobile banking trojans. While typical Android malware focuses on stealing login credentials or intercepting text messages, Perseus actively scans the note-taking apps on your phone, hunting for passwords, crypto wallet recovery phrases, and financial details you may have stored there for safekeeping. What Is Perseus and Where
Stryker Cyberattack Wiped 80,000 Devices in Hours
The Stryker cyberattack did not follow the usual playbook. There was no ransomware, no malicious code, and no encrypted files waiting on a ransom demand. Instead, attackers turned a legitimate Microsoft tool against one of the world's largest medical device companies and wiped approximately 80,000 employee devices in less than three hours. The incident, which began on March 11, 2026,
England Hockey Hit by AiLock Ransomware Attack
England Hockey is investigating a potential data breach after the AiLock ransomware gang listed the organization as a victim on its public leak site. The group claims to have stolen 129GB of data from the national governing body's systems. And is now threatening to publish it unless a ransom is paid. AiLock ransomware is a relatively new but technically capable
Starbucks Data Breach Exposes Employee SSNs and Bank Details
The Starbucks data breach disclosed this week is more serious than a scheduling glitch or a vendor outage. This time, attackers got into the coffee chain's internal HR portal and walked away with some of the most sensitive personal data an employer holds: Social Security numbers, bank account details, and financial routing numbers. Moreover, the breach affected 889 employees and
Zombie ZIP: The Malware Trick Antivirus Tools Can’t See
A newly documented technique called Zombie ZIP allows malware to hide inside a deliberately malformed archive file, bypassing nearly every major antivirus and endpoint detection tool on the market. Security researcher Chris Aziz of Bombadil Systems discovered the technique and tested it against 51 antivirus engines on VirusTotal. It bypassed 50 of them. The CERT Coordination Center has since issued
