A single harmful notification from apps like WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could trick Google’s Gemini voice assistant on Android into following fake instructions. This could lead it to send false messages, open apps, join video calls like Zoom, control smart home devices, or even save wrong information in its memory. The attack does not need any malicious app installed—only Gemini’s ability to read notifications and treat them as trusted input. Security researcher...

A new phishing operation called EvilTokens has compromised more than 340 Microsoft 365 organizations across five countries just weeks after launching in February 2026, raising concerns over a new style of cyberattack that can bypass traditional security measures.

Unlike common phishing scams that steal passwords, the attack tricks users into approving access themselves. Victims received messages asking them to enter a code on Microsoft’s legitimate login page and...

Google has introduced a new Android feature called Intrusion Logging to help detect advanced spyware attacks. The feature is part of Advanced Protection Mode and records device activities such as app usage, network connections, USB transfers, and device lock activity. It was developed with Amnesty International and Reporters Without Borders to support people at higher risk of surveillance, like journalists and activists.

The logs are encrypted and securely stored on Google servers,...

Microsoft has disclosed a large-scale phishing campaign that targeted more than 35,000 users across 13,000 organizations in 26 countries between April 14–16, 2026. Around 92% of the victims were based in the U.S., with healthcare, finance, professional services, and technology sectors heavily affected.

The attackers used convincing “code of conduct” themed phishing emails sent through legitimate email delivery services. The messages included PDF attachments and urgent subject lines...

Microsoft updated its warning about a serious Windows security flaw called CVE-2026-32202, which affects the Windows Shell and has already been used in real attacks. Although the issue has now been fixed, it could allow attackers to trick users into opening a malicious file and gain access to some private information. Microsoft explained that the flaw involves a failure in protection against spoofing attacks. If exploited, an attacker could view certain sensitive data but would not be able...

Even as cyberattacks become more advanced, most successful breaches still start the same way: stolen usernames and passwords.

Attackers don’t always need complex hacking tools. In many cases, they simply use leaked credentials from past data breaches, guess weak passwords, or trick people into handing them over through phishing messages. Once they log in with valid details, they often appear like normal users—making the intrusion hard to detect.

From there, attackers can...

Cybersecurity researchers discovered a large attack involving 108 Google Chrome extensions that were secretly connected to the same control system. These extensions were designed to steal user data and abuse the browser by injecting ads, running hidden scripts, and tracking activity on every website visited. Although they looked like normal tools, games, or browser helpers, they were all controlled by one operator and shared the same backend server.

The extensions came from five...

Cybersecurity experts are warning of a widespread email scam targeting Microsoft 365 accounts across more than 340 organizations in the U.S., Canada, Australia, New Zealand, and Germany. First spotted on February 19, 2026, the campaign has been rapidly spreading.

How it works:

• Attackers send convincing fake emails to trick users.
• Victims are directed to pages that appear to be official Microsoft login screens,...

  ---

  March 25, 2026 23:37 (on 3/26/26) |  0 | 2 minutes read

Researchers have found three ClickFix campaigns spreading MacSync, a macOS malware that steals passwords, files, keychains, and cryptocurrency wallets. Instead of taking advantage of software flaws, these attacks trick users into running Terminal commands.

The campaigns used fake Google ads, ChatGPT conversations, and malicious pages to install MacSync, with the latest variant hiding in memory to avoid detection. Malware is often disguised as...

Tech company Meta has removed more than 150,000 accounts linked to online scam operations in Southeast Asia, as part of a joint effort with authorities from several countries including the Philippines, Thailand, United States, United Kingdom, and Singapore.

The company said the operation also led to 21 arrests by the Royal Thai Police. It follows a previous crackdown in December 2025 that removed around 59,000 accounts, pages, and...