New Scientist

Security credentials inadvertently leaked on thousands of websites

Researchers identified nearly 10,000 websites where API keys could be found, exposing details that could let attackers access ...
Cybernews

Threat actors linked to Russia target Ukrainian entities with new backdoor

The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted by Laundry Bear, a ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
PC World

Microsoft Edge starts phasing out key password manager feature

PCWorld reports that Microsoft Edge update 145 removes the ability to create new master passwords for the browser’s password manager feature. Existing master passwords will continue functioning until ...