Axios on MSN

Spyware once used by governments is now spreading to cybercriminals

Cybercriminal groups are now using spyware tools once utilized mainly by spies and law enforcement to hack into iPhones, new ...
GovInfoSecurity

Cryptohack Roundup: AppsFlyer SDK Breach Enabled Theft

This week, the AppsFlyer SDK breach, JPMorgan sued over ties to a Ponzi scheme, the OFAC sanctioned a network tied to North ...

Researchers discover zero-day DarkSword exploit chain in iOS 18

Researchers from Google LLC and two cybersecurity companies have identified a set of zero-day exploits in iOS 18. Google’s ...

CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra ...
PCMag on MSN

Still on iOS 18.4 to 18.7? iPhone hack called 'DarkSword' can hit your device

Since November, shadowy attackers have been using the 'DarkSword' iOS exploit to hack vulnerable iPhones on certain iOS 18 ...

Senegal government alleges corruption over Afcon

The Senegalese government calls for an "independent international investigation" at the Confederation of African Football ...

This severe and international iPhone hack is the best reason to update to iOS 26.3 yet

A sophisticated iPhone hacking technique and surveillance campaign ran rampant internationally for months, prior to a patch ...
Queerty

A masterclass in backfiring: Ric Grenell gets publicly owned by journalist he tried to trash

President Donald Tr*mp took over the running of the Kennedy Center in DC after returning to power last year. He installed his ...
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

AI-driven fitness, 'biohacking' franchise to make Boulder debut

Upgrade Labs, which uses AI-driven technology and biohacking techniques for fitness and wellness, will open its first ...
SecurityWeek

ForceMemo: Python Repositories Compromised in GlassWorm Aftermath

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.