Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installer ...

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...

A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm ...

This week in cybersecurity: 338 new CVEs published including 11 critical severity. 9 vulnerabilities added to CISA KEV catalog. Plus major developments in AI security, supply chain attacks, and ...