A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email content, and browsing information. […]
ApolloMD Data Breach Impacts 626,000 Individuals
The company says hackers stole the personal information of patients of affiliated physicians and practices.
The post ApolloMD Data Breach Impacts 626,000 Individuals appeared first on SecurityWeek.
ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories
Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new exploits, many operations are built around quiet misuse of trusted tools, familiar workflows, and overlooked exposures that sit in plain sight.
Another shift is how access is gained versus how it’s used. Initial entry points are getting simpler, while post-compromise
Another shift is how access is gained versus how it’s used. Initial entry points are getting simpler, while post-compromise
Microsoft to Enable ‘Windows Baseline Security’ With New Runtime Integrity Safeguards
Windows will have runtime safeguards enabled by default, ensuring that only properly signed software runs.
The post Microsoft to Enable ‘Windows Baseline Security’ With New Runtime Integrity Safeguards appeared first on SecurityWeek.
Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns
Threat actors from Russia, China, North Korea and Iran have been observed launching attacks.
The post Hacktivists, State Actors, Cybercriminals Target Global Defense Industry, Google Warns appeared first on SecurityWeek.
The CTEM Divide: Why 84% of Security Programs Are Falling Behind
A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a stark divide forming between organizations – one that has nothing to do with budget size or industry and everything to do with a single framework decision. Organizations implementing Continuous Threat Exposure Management (CTEM) demonstrate 50% better attack surface visibility, 23-point
Nucleus Raises $20 Million for Exposure Management
The company will use the investment to scale operations and deepen intelligence and automation.
The post Nucleus Raises $20 Million for Exposure Management appeared first on SecurityWeek.
Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’
Impacting the ‘dyld’ system component, the memory corruption issue can be exploited for arbitrary code execution.
The post Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’ appeared first on SecurityWeek.
83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure
A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO.
Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and 9, 2026. An estimated 346
Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and 9, 2026. An estimated 346
Google says hackers are abusing Gemini AI for all attacks stages
Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to systematically probe models and replicate their logic and reasoning. […]