For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta. [...]

A new Android malware named BeatBanker can hijack devices and tricks users into installing it by posing as a Starlink app on websites masquerading as the official Google Play Store. [...]

A new technique dubbed "Zombie ZIP" helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR) products. [...]

Today is Microsoft's March 2026 Patch Tuesday with security updates for 79 flaws, including 2 publicly disclosed zero-day vulnerabilities. [...]

Hewlett Packard Enterprise (HPE) has patched multiple security vulnerabilities in the Aruba Networking AOS-CX operating system, including several authentication and code execution issues. [...]

Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello. [...]

A newly discovered botnet malware called KadNap is targeting ASUS routers and other edge networking devices to turn them into proxies for malicious traffic. [...]

Malware is evolving to evade sandboxes by pretending to be a real human behind the keyboard. The Picus Red Report 2026 shows 80% of top attacker techniques now focus on evasion and persistence, including geometry-based cursor tests and CPU timing checks. [...]

CISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks. [...]

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations. [...]

Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor. [...]

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days. [...]

If you have recently checked your Windows update history, you probably noticed something about the Secure Boot Allowed Key Exchange Key (KEK) and wondered what it is. In 2011, with Windows 8, Microsoft introduced a feature called Secure Boot. This feature ensures that your computer loads only software signed and verified by trusted authorities, such […]

The post Secure Boot Allowed Key Exchange Key (KEK) Update: What is it? appeared first on TheWindowsClub News.

Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy access to corporate networks.

The post Hackers Pose as IT Staff in Microsoft Teams to Install Malware appeared first on TechRepublic.

Google’s $32 billion Wiz acquisition is nearing completion, marking a record Israeli tech exit and a major bet on cloud security.

The post Google’s $32B Wiz Acquisition Set to Become Israel’s Largest Tech Deal Ever appeared first on TechRepublic.

Dutch intelligence says Russian state hackers are compromising Signal and WhatsApp accounts with phishing and linked-device tricks, underscoring how account security can fail even when encryption holds.

The post Russian Hackers Target Signal and WhatsApp Accounts, Dutch Intelligence Warns appeared first on TechRepublic.

A fake Gemini-style chatbot is pushing a bogus Google Coin presale, using Google branding and scripted AI replies to lure victims into crypto payments.

The post Fake Gemini AI Chatbot Promotes ‘Google Coin’ in New Crypto Scam appeared first on TechRepublic.

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows and macOS systems.

The post Fake Claude Code Spreads Malware to Windows, macOS Users appeared first on TechRepublic.

A court fight over Trump-era tariffs is exposing how hard it is for legacy government trade systems to reverse billions of dollars at scale.

The post US CBP Says Its Systems Aren’t Ready for Massive Tariff Refunds appeared first on TechRepublic.