Dreigingen

Discord rolls out end-to-end encryption on voice, video calls

Discord announced that all voice and video calls through the communication platform are now protected by default with end-to-end encryption (E2EE). [...]

FBI: Americans lost over $388 million to scams using crypto ATMs in 2025

The FBI says Americans have lost over $388 million last year to scams using cryptocurrency kiosks, also known as crypto ATMs or Bitcoin ATMs. [...]

Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. [...]

Phishingcampagne gericht op medewerkers van overheidsorganisaties

Er is een phishingcampagne waargenomen die zich richt op overheidsmedewerkers met als doel inloggegevens en MFA-codes te onderscheppen.

Trapdoor Android Ad Fraud Scheme Hit 659 Million Daily Bid Requests Using 455 Apps

Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, per HUMAN's Satori Threat Intelligence and Research Team, encompassed 455 malicious Android apps and 183 threat actor-owned command-and-control (C2) domains, turning the infrastructure into a pipeline for multi-stage fraud. "Users

Microsoft plans to improve Windows 11 driver quality in 2026

Microsoft plans to raise the quality bar of Windows 11 drivers, as drivers "sit at the heart of every Windows experience" and connect the OS to the "silicon, components, and peripherals." [...]

Microsoft blames macOS update for undismissible Teams location prompts

Microsoft has confirmed user reports that the Teams team collaboration app is displaying non-dismissible location prompts on some macOS systems. [...]

TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed eight vulnerabilities in TP-Link, and one each in Adobe Photoshop, OpenVPN, and Gen Digital's Norton VPN. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adherence to Cisco’s third-party vulnerability

Rapid7’s 2026 Global Cybersecurity Summit: Key Takeaways for Security Leaders

Security teams are working in an environment where speed, scale, and complexity are all increasing at the same time. Across the Rapid7 2026 Global Cybersecurity Summit , the focus was not just on how the threat landscape is evolving, but on how teams are adapting their approach to keep up. The sessions brought together perspectives from across detection and response, exposure management, AI, and security operations, with a consistent emphasis on making better decisions earlier and with more confidence. How modern attacks are starting across identity, cloud, and social engineering Several sessi

GitHub-repository lekte AWS-tokens en wachtwoorden cyberagentschap VS

AWS-tokens, wachtwoorden en Entra ID SAML certificaten van het Amerikaanse cyberagentschap CISA zijn via een publieke ...

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE). Dubbed DirtyDecrypt (aka DirtyCBC), the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026, only to be informed by the maintainers that it was a duplicate of a vulnerability that had

CVE-2026-31635

Sites Instituut voor de Nederlandse Taal nog altijd offline na ransomware-aanval

Websites van het Instituut voor de Nederlandse Taal (INT) zijn nog altijd offline vanwege de ransomware-aanval waar de ...