LinkedIn secretly scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed extensions and collect device data.

I’d come running back to EU again: TA416 resumes European government espionage campaigns | Proofpoint US

Key findings From mid-2025 onwards, the China-aligned threat actor TA416 resumed observed targeting of European government and diplomatic organizations following a period of reduced EU-

vSphere and BRICKSTORM Malware: A Defender's Guide | Google Cloud Blog

A detailed guide for hardening vSphere Virtual Center with a focus on the BRICKSTORM backdoor and associated malware activity.

Yurei Double Extortion Ransomware: Operator Toolkit and Analysis

Analyze the Yurei double extortion ransomware campaign, including its toolkit, attack lifecycle, and key tactics used by operators.

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

WhatsApp alerted 200 users in Italy to spyware iOS app, highlighting Europe’s expanding surveillance crisis.

Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices

Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets - Check Point Research

Key Points Introduction At the beginning of 2026, Check Point Research observed a series of targeted attacks against government entities in Southeast Asia carried out via a legitimate TrueConf software installed in the targets’ environment. The investigation led to the discovery of a zero-day vulnerability in the TrueConf client, tracked as CVE-2026-3502 with a CVSS score of 7.8. […]

You’re Not Supposed To ShareFile With Everyone (Progress ShareFile Pre-Auth RCE Chain CVE-2026-2699 & CVE-2026-2701)

If you squint and look at the CISA KEV list, you might think it's made up exclusively of vulnerabilities in file transfer solutions. While this would be wrong (and you shouldn’t squint, it’s bad for your eyes), file transfer solutions do play a decent role in the CISA

STARDUST CHOLLIMA Likely Compromises Axios npm Package

STARDUST CHOLLIMA has likely compromised Axios Note Package Manager (npm) Package with stolen manager credentials. Learn more.