Cybernews

Threat actors linked to Russia target Ukrainian entities with new backdoor

The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear, a group tracked by Microsoft as Void Blizzard.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

'A human-chosen password doesn't stand a chance': OpenClaw has yet another major security flaw — here's what we know about "ClawJacked"

OpenClaw, the vastly popular open source AI agent platform, was vulnerable to a high-severity flaw which allowed threat actors to steal sensitive data from target computers with relative ease, experts ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
PC World

Your password manager isn’t as safe as you think

PCWorld reports that Swiss researchers discovered significant vulnerabilities in popular password managers including Bitwarden, LastPass, and Dashlane due to outdated 1990s cryptographic technology.
The Hacker News

Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

A new study has found that multiple cloud-based password managers, including Bitwarden, Dashlane, and LastPass, are susceptible to password recovery attacks under certain conditions. "The attacks ...