Security
Headlines
HeadlinesLatestCVEs

Tag

#sap

WhatsApp closes loophole that let researchers collect data on 3.5B accounts

A weak spot in WhatsApp’s API allowed researchers to scrape data linked to 3.5 billion registered accounts, including profile photos and “about” text.

Malwarebytes
Open in Source
#sap
CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert warning of bad actors actively leveraging commercial spyware and remote access trojans (RATs) to target users of mobile messaging applications. "These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim's messaging app,

The hidden costs of illegal streaming and modded Amazon Fire TV Sticks

New research shows that "modded Amazon Fire TV Sticks" and piracy apps often lead to scams, stolen data, and financial loss.

Fake Prettier Extension on VSCode Marketplace Dropped Anivia Stealer

Cybersecurity firm Checkmarx Zero, in collaboration with Microsoft, removed a malicious 'prettier-vscode-plus' extension from the VSCode Marketplace. The fake coding tool was a Brandjacking attempt designed to deploy Anivia Stealer malware and steal Windows user credentials and data.

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More

This week saw a lot of new cyber trouble. Hackers hit Fortinet and Chrome with new 0-day bugs. They also broke into supply chains and SaaS tools. Many hid inside trusted apps, browser alerts, and software updates. Big firms like Microsoft, Salesforce, and Google had to react fast — stopping DDoS attacks, blocking bad links, and fixing live flaws. Reports also showed how fast fake news, AI

US Border Patrol Is Spying on Millions of American Drivers

Plus: The SEC lets SolarWinds off the hook, Microsoft stops a historic DDoS attack, and FBI documents reveal the agency spied on an immigration activist Signal group in New York City.

New Sturnus Android Malware Reads WhatsApp, Telegram, Signal Chats via Accessibility Abuse

Sturnus, an advanced Android banking trojan, has been discovered by ThreatFabric. Learn how this malware bypasses end-to-end encryption on Signal and WhatsApp, steals bank credentials using fake screens, and executes fraudulent transactions.

WhatsApp 'Eternidade' Trojan Self-Propagates Through Brazil

The infostealer specifically targets Brazilian Portuguese speakers and combines malware designed to phish banking credentials and steal data, a worm, and some uniquely Brazilian quirks.

Holiday scams 2025: These common shopping habits make you the easiest target

Holiday deals are flooding your phone, and scammers are too. Watch for fake listings, phishing texts, and offers that seem just a little too good to be true.

New Eternidade Stealer Uses WhatsApp to Steal Banking Data

Trustwave SpiderLabs warns of Eternidade Stealer, a new banking trojan spreading via personalised WhatsApp messages. Find out how this malicious software bypasses security checks and deploys fake login screens for major banks and wallets.