A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels. They weren’t. And when a journalist tried to warn the company, it was lawyers who responded. Meanwhile, a paper from Cornell suggests that prompt injection – the…
Tag: website
Global Security News
WP Engine adds bot management to Global Edge Security
The new bot management features, integrated with Cloudflare Inc., allow website teams to create and implement rules for blocking or permitting bot traffic based on factors such as region, category, or behavior.
Global Security News
UK Visa Portal exposes passport and selfie photos of applicants
An anonymous source alerted TechCrunch to a security lapse on the UK Visa Portal website, stating that at least 100,000 documents, including passports and selfies, are exposed.
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, malware
Official JDownloader site served malware to Windows and Linux users between May 6 and May 7
JDownloader website was hacked to distribute malicious Windows and Linux installers carrying a Python RAT between May 6–7, 2026. JDownloader official website was compromised in a supply chain attack that replaced legitimate Windows and Linux installers with malicious files between May 6 and May 7, 2026. JDownloader is a free, open-source download management application designed…
Global Security News
JDownloader site hacked to replace installers with Python RAT malware
The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based remote access trojan. […]
AI, Global Security News
Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware
Researchers have discovered a new malvertising campaign using a fake Claude AI website to plant a new, undocumented backdoor named Beagle on user devices.
AI, Global Security News
Fake Claude AI website delivers new ‘Beagle’ Windows malware
A fake version for the Claude AI website offers a malicious Claude-Pro Relay download that pushes a previously undocumented backdoor for Windows named Beagle. […]
AI, Global Security News, Government & Policy
Anti-ICE Site GTFO ICE Accused of Exposing Data of 17,000+ Activists
An anti-ICE website, GTFO ICE, linked to Miles Taylor, is accused of exposing the personal details of 17,662 activists, sparking concerns that the data may have reached government agencies.
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, Network Security, Risk Management
ClickUp Data Leak Exposes Enterprise Emails for Over a Year
A hardcoded API key embedded in ClickUp’s public website has quietly exposed hundreds of corporate and government email addresses for more than a year. The flaw, first reported in early 2025, remained active as of April 2026 — allowing anyone to access sensitive data with a simple request and no authentication. “I went to http://clickup[.]com,…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy
France’s ANTS ID System website hit by cyberattack, possible data breach
A cyberattack hit France’s ANTS website, possibly exposing personal data from users applying for IDs, passports, and driver’s licenses. A cyberattack targeted France’s ANTS platform, which handles applications for passports, ID cards, residence permits, and driver’s licenses. Authorities detected the incident on April 15 and warned it may have exposed personal data from both individuals…
AI, Global Security News
Seiko USA website defaced as hacker claims customer data theft
The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid. […]
AI, Endpoint, Exploits, Global Security News, malware, Network Security
Fake Claude AI installer abuses DLL sideloading to deploy PlugX
Fake Claude website impersonates Anthropic and delivers PlugX RAT via ZIP download using DLL sideloading. A fake website impersonating Anthropic’s Claude service was found distributing the PlugX remote access trojan, according to Malwarebytes. The rogue site abuses the chatbot’s popularity to trick users into downloading a ZIP archive presented as a “pro version” installer. The…
AI, Global Security News, malware
Hackers hijacked CPUID downloads, served STX RAT to victims
If you tried to download software from CPUID’s website late last week, you might have downloaded malware instead. “Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between April 9 and April 10, causing the main website to randomly display malicious links (our…
AI, china, Data Breaches, Global Security News, malware, Russia
CPUID watering hole attack spreads STX RAT malware
Threat actors compromised the CPUID website and spread STX RAT through fake CPU-Z and HWMonitor downloads. Attackers breached the website CPUID and replaced download links for CPU-Z and HWMonitor with malicious files for several hours. Users who downloaded them got infected with the STX RAT, giving attackers remote access to their systems. The short attack…
AI, Global Security News
Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitor
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the popular CPU-Z and HWMonitor tools. […]
Cybersecurity, Global Security News
How To Secure Your Magento Website
Today, we will show you how to secure your Magento website. In a previous article, we answered the question – are Magento websites secure? – and the stats are unfavorable. As the article mentions,“Magento is the most targeted online platform by hackers.”” However, that doesn’t imply that you shouldn’t use Magento. The platform is still…
AI, Global Security News
Weekly Update 495
In the beginning, it was simple. A website, a database and 150M+ email addresses to search. Time has added serverless functions (which run on servers 🤷♂️), code on the edge, new data storage constructs and a completely different mechanism for even just querying a simple email address. HIBP is a continually evolving beast, and barely…
Global Security News, Risk Management
UK: Companies House Web Glitch Exposes Corporate Details to Fraudsters
An issue with the Companies House website has put the personal and corporate information of millions at risk
AI, Compliance, Cybersecurity, Data Breaches, Global Security News, Government & Policy, Network Security, Risk Management
Operator of AI Fake ID Platform Pleads Guilty
An artificial intelligence-powered website that churned out thousands of fake passports and driver’s licenses has landed its alleged operator in federal court. Yurii Nazarenko, a 27-year-old Ukrainian national, pleaded guilty to running OnlyFake, a subscription-based platform that generated more than 10,000 counterfeit identification documents for customers worldwide. “OnlyFake’s manufacture of fraudulent IDs and other documents…
AI, Global Security News
Ukrainian man pleads guilty to running AI-powered fake ID site
A Ukrainian man has pleaded guilty to operating OnlyFake, an AI-powered website that generated and sold more than 10,000 photos of fake identification documents to customers worldwide. […]
Global Security News
Fake Avast Website Targets Users With €499 Phishing Refund Scam
Fraudsters clone Avast’s website to target French users with a €499 phishing scam, using urgency tactics, live chat, and card validation to steal payment data.
AI, Global Security News
Apple’s iOS adoption data shows consistency
Apple has published its official iOS 26 and iPadOS 26 adoption figures on its developer website. While they do show a slightly slower upgrade pace than in past years, it’s far from the dramatic falloff implied by StatCounter earlier this year following a change in how it gathered this information. What are the latest adoption numbers? The company says…
Global Security News, Security
Malicious 7-Zip site distributes installer laced with proxy tool
A fake 7-Zip website is distributing a trojanized installer of the popular archiving tool that turns the user’s computer into a residential proxy node. […]
Black Hat, Cisco Breach Protection, Cisco Live, Cisco Secure Access, Global Security News, Security
Lessons Learned from Securing the World’s Largest Cyber Events
Announcing the launch of the Cisco Event SOCs website and the release of our comprehensive Reference Architecture & Operations Guide.
Black Hat, Cisco Breach Protection, Cisco Live, Cisco Secure Access, Global Security News, Security
Lessons Learned from Securing the World’s Largest Cyber Events
Announcing the launch of the Cisco Event SOCs website and the release of our comprehensive Reference Architecture & Operations Guide.
Black Hat, Cisco Breach Protection, Cisco Live, Cisco Secure Access, Global Security News, Security
Lessons Learned from Securing the World’s Largest Cyber Events
Announcing the launch of the Cisco Event SOCs website and the release of our comprehensive Reference Architecture & Operations Guide.
Black Hat, Cisco Breach Protection, Cisco Live, Cisco Secure Access, Global Security News, Security
Lessons Learned from Securing the World’s Largest Cyber Events
Announcing the launch of the Cisco Event SOCs website and the release of our comprehensive Reference Architecture & Operations Guide.
Black Hat, Cisco Breach Protection, Cisco Live, Cisco Secure Access, Global Security News, Security
Lessons Learned from Securing the World’s Largest Cyber Events
Announcing the launch of the Cisco Event SOCs website and the release of our comprehensive Reference Architecture & Operations Guide.