In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries. The targets of the platform received a message asking…
Windows’ built-in network protection is like a front door that is locked from the outside, but through which any resident can carry valuables outside without being checked. By default, Microsoft allows almost any program to…
Summary created by Smart Answers AI In summary: Macworld analyzes Apple’s iPhone Air, the thinnest iPhone ever at 5.64mm, which has sold only 700,000 units despite impressive design. Priced at $999 with limited features like…
Ravie LakshmananMay 19, 2026Vulnerability / Website Security Drupal has issued an alert stating that it intends to release a “core security release” for all supported branches on May 20, 2026, from 5-9 p.m. UTC. “The…
The Macalope has an idea for a new reality TV series: “AI Makeover”. No, it’s not using AI to give our nation’s millions of ugly teenagers much-needed makeovers. It is instead a panel of PR…
Ravie LakshmananMay 19, 2026Vulnerability / Email Security Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an…
TL;DR: Drime Advanced gives teams 6TB of secure, compliance-ready cloud storage for $187.49 (MSRP $599), replacing scattered drives and recurring storage bills with a single lifetime workspace built for control and scale. Digital clutter doesn’t just slow devices…
Ravie LakshmananMay 19, 2026Supply Chain Attack / Developer Security Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension…
Ravie LakshmananMay 19, 2026Software Security / Malware In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them…
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave. “The attack affects packages…