OpenSSL has announced critical updates addressing two high-severity vulnerabilities within its cryptographic library. These flaws, identified as CVE-2022-3602 and CVE-2022-3786, pose risks of denial-of-service (DoS) attacks and potential remote code execution (RCE). The vulnerabilities stem from buffer overrun issues that can be exploited during the verification of X.509 certificates, typically…
Recent reports indicate that many individuals—including prominent journalists and cybersecurity professionals—are being targeted by a sophisticated OAuth phishing campaign masquerading as a legitimate Google Docs sharing notification. Upon receiving a seemingly innocuous email claiming that a contact has shared a document, users are advised not to click the link under…
Google Enhances TLS Certificate Security in Response to Quantum Threats In a significant advancement for internet security, Google announced plans to fortify its Transport Layer Security (TLS) certificates by integrating quantum-resistant algorithms. This move comes in the wake of growing concerns over the potential implications of quantum computing, particularly as…
Trust Wallet Suffers Major Cyber Breach: $8.5 Million in Assets Stolen On Tuesday, Trust Wallet disclosed a significant security compromise stemming from the re-emergence of the Shai-Hulud supply chain attack, which occurred in November 2025. This incident has been linked to a breach of Trust Wallet’s Google Chrome extension, resulting…
Artificial Intelligence & Machine Learning, Data Security, Next-Generation Technologies & Secure Development Former Mandiant Executive Bill Robbins Aims to Advance Browser-Based AI Security Michael Novinson (MichaelNovinson) • February 27, 2026 Bill Robbins, CEO, Menlo Security (Image: Menlo Security) Menlo Security has appointed Bill Robbins, a seasoned leader from Mandiant, as…
A message indicating that KT will waive early termination fees displayed on a phone screen, Dec. 31, 2025. Yonhap Two of South Korea’s leading telecommunications firms, KT and LG Uplus, are currently dealing with significant repercussions from recent hacking incidents and data breaches that have led to customer losses and…
Recent research has uncovered multiple critical vulnerabilities within Checkmk, an IT infrastructure monitoring software, which may allow an unauthenticated remote attacker to seize full control of affected systems. These vulnerabilities could potentially be mishandled collectively, posing significant risks to users, especially those utilizing Checkmk version 2.1.0p10 or older. Stefan Schiller,…
A significant cybersecurity incident has culminated in a U.S. federal ruling against three Chinese nationals, who have been ordered to pay a total of $8.8 million for their role in a sophisticated hacking scheme. This case stems from an operation that occurred in December 2016, where the individuals infiltrated email…
Ilya Lichtenstein, previously convicted of money laundering linked to the 2016 hack of the cryptocurrency exchange Bitfinex, has announced his early release from prison. In a recent post on X, Lichtenstein, 38, attributed his release to the First Step Act, a criminal justice reform law enacted during the Trump administration,…