AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
Computer Weekly

Iran war a melting pot for other cyber threats

State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts.
Security Boulevard

What Is an Exposure Assessment Platform — And Why Your Website Is the Blind Spot

In November 2025, Gartner formalized a new security category — Exposure Assessment Platforms — evaluating 20 vendors on their ...
TechJuice

Hackers Exploit npm Supply Chain to Gain AWS Admin Access

Hackers exploited a compromised npm package to breach cloud systems and gain full AWS administrator access within 72 hours.
Security Boulevard

When Proxies Become Attack Vectors Through Header Injection

This assumption breaks down because HTTP RFC flexibility allows different servers to interpret the same header field in fundamentally different ways, creating exploitable gaps that attackers are ...

How the Iran war exposed cracks in Trump's Republican coalition

The president's most dedicated supporters are on his side - but significant numbers of Republicans have serious doubts.
HealthcareInfoSecurity

Breach Roundup: Russian State Actors Target Signal, WhatsApp

This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress ...

Tolls could be coming to I-70. Here’s how much state wants to charge

State says federal approval needed to widen the full highway to 6 lanes ...
The Indiana Lawyer

Indiana AG pushes back against court effort to halt student ID voting ban before 2026 election

State attorneys are urging a federal judge to reject a request to block Indiana’s ban on using college identification cards to vote, arguing in new court filings that the law does not target young ...
The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
The Indiana Lawyer

More than 500 advocates gather to push elected officials on homelessness, immigration

The pressure placed on the third-term Democratic mayor demonstrated what Live Free USA Indiana organizer Josh Riddick describes as “people power.” ...