threats

We break down a new scam that leverages Telegram Mini Apps, and explain how to avoid taking the bait.

From karaoke rooms to gynecology clinics — these are just some of the tens of thousands of locations where compromised IP cameras were discovered in South Korea. Here’s how to avoid unwittingly starring in steamy videos you didn’t authorize.

How automation turns legitimate tools into a channel for malware delivery.

A new wave of ClickFix attacks spreading a macOS infostealer are posting malicious user guides on the official ChatGPT website by piggybacking the chatbot’s chat-sharing feature.

The Whisper Leak attack allows its perpetrator to guess the topic of your conversation with an AI assistant — without decrypting the traffic. We explore how this is possible, and what you can do to protect your AI chats.

Millions of websites based on React and Next.js contain an easy-to-exploit vulnerability that can lead to complete server takeover. How to check if your server is vulnerable, and protect corporate web assets?

Here’s how to mitigate the risks of targeted attacks on your organization’s mail servers.

How attackers use AI-generated fake websites to distribute trojanized builds of the legitimate Syncro remote access tool (RAT).

Systematic measures and tools that organizations can use to defend against malicious browser extensions.

How malicious extensions can spoof AI sidebars in the Comet and Atlas browsers, intercept user queries, and manipulate model responses.

We examine how popular Canon printers could become a foothold for attackers within an organization’s network.

Pixnapping is an Android vulnerability discovered by researchers that allows apps to steal passwords, one-time codes, and other confidential information from the screen without any special permissions from the operating system. How does it work, and what can you do to protect yourself?

You’ve received a threatening email. What’s your next move?

Researchers have discovered that 50% of data transmitted via satellites is unencrypted. This includes your mobile calls and texts, along with banking, military, government, and other sensitive information. How did this happen, and what can we do about it?

Which social networks mostly just display your posts to your friends, and which ones use them for AI training and ad targeting? We explore the 2025 privacy rankings for popular social media platforms.

Which messaging apps leak the least amount of your data, and provide the most control over your privacy? Today we discuss the latest rankings of popular communication platforms.

Attackers are abusing legitimate websites to host hidden SEO links. We break down their tactics, and what you can do about it.

Can hackers really hijack your car in 2025?

Any game based on the popular Unity engine made in the last eight years can allow attackers to get into your computer or smartphone. Here’s what to do about it.

Artificial intelligence has given scammers a new set of tools for deception — from generating deepfakes, to instantly setting up phishing websites or fraudulent email campaigns. Let’s discuss the latest AI trends in phishing and scams — and how to stay safe.

A new large-scale attack on a popular JavaScript code registry has hit around 150 packages. The automatic propagation of the threat makes it especially dangerous — developers need to react ASAP.