March 10, 2026

Crooks compromise WordPress sites to push infostealers via fake CAPTCHA prompts

Rapid7 says crims broke into more than 250 sites globally, including a US Senate candidate’s campaign page Cyber baddies quietly compromised legitimate WordPress websites, including the campaign site of a US Senate candidate, turning them into launchpads for a global infostealer operation.…

Fake job applications pack malware that kills EDR before stealing data

Russian-speaking attackers lure HR staff into downloading ISO files that disable defenses A Russian-speaking cyber criminal is targeting corporate HR teams with fake CVs that quietly install malware which can disable security tools before stealing data from infected machines.…

Ericsson blames vendor vishing slip-up for breach exposing thousands of records

Crooks used simple phone scam to compromise vendor account, spilling personal and financial data belonging to more than 15,000 people A voice-phishing scam targeting one of Ericsson's service providers has exposed the personal data of more than 15,000 individuals after attackers sweet-talked an employee into handing over access.…

Protecting democracy means democratizing cybersecurity. Bring on the hackers

Digital freedom needs a Kali Linux for the rest of us Opinion The hacker mind is a curious way to be. To have it means to embody endless analytical curiosity, an awareness of any given rule set as just one system among many, and an ability to see…

Polish cops bust alleged teen DDoS kit sellers – youngest just 12

Kids profited from tools used to attack popular websites, say officials Polish police have referred seven suspected juvenile cybercriminals to family court over an alleged scheme to flog DDoS kits online.…