Microsoft Warns of AiTM Phishing Campaign Targeting 35,000 Users
Microsoft says a code of conduct-themed AiTM phishing campaign targeted more than 35,000 users across 13,000 organizations and could bypass non-phishing-resistant MFA by stealing...
Author profile
Emma Davis
Content editor and security writer focused on making malware-removal and scam-prevention guides easier to understand. Emma reviews structure, clarity, and source consistency before articles are published.
1,039 articles
Editorial review
Reader clarity
Security guidance
Published work
Recent articles by Emma Davis
News · May 5, 2026
Instructure Canvas Breach: Data Exposure, Login Defacement, and What Users Should Do
Instructure says Canvas is back online after a security incident involving names, emails, student IDs, and messages. Here is what is confirmed and what...
News · May 5, 2026
Apache HTTP Server 2.4.67 Fixes CVE-2026-23918 HTTP/2 RCE Risk
Apache HTTP Server 2.4.67 fixes CVE-2026-23918, an HTTP/2 double-free in 2.4.66 that can crash workers and may allow RCE in specific conditions.
News · May 5, 2026
DAEMON Tools Installers Carried a Backdoor Since April 8
Official DAEMON Tools installers reportedly carried a backdoor from April 8, 2026. Users who installed it recently should remove it, scan Windows, and wait...
News · May 5, 2026
Grok Wallet Drained After Bankr Prompt Injection Moves 3B DRB
A reported Bankr/Grok prompt-injection incident moved 3B DRB tokens from a labeled Grok wallet on Base after a gifted NFT and a crafted Morse-code...
News · May 5, 2026
Weaver E-cology CVE-2026-22679 RCE Is Being Exploited
CVE-2026-22679 is an unauthenticated RCE in Weaver E-cology 10.0 builds before 20260312. Patch exposed systems and check for post-exploitation activity.
News · May 1, 2026
30,000 Facebook Accounts Hacked in Google AppSheet Phishing Campaign
A Google AppSheet phishing wave dubbed AccountDumpling hijacked roughly 30,000 Facebook accounts, many tied to business pages and ad access.
News · May 1, 2026
Poisoned Ruby Gems and Go Modules Used to Steal CI Secrets
A BufferZoneCorp package cluster in RubyGems and Go targeted developer machines and CI pipelines, stealing secrets, tampering with GitHub Actions, and planting SSH persistence.
News · May 1, 2026
Gemini CLI CVSS 10 Flaw Could Put CI/CD Workflows at Risk
Google and security researchers disclosed a CVSS 10.0 flaw in Gemini CLI this week, with public details landing on April 28, 2026 and wider...
News · May 1, 2026
Critical cPanel & WHM Bug CVE-2026-41940 Is Being Exploited
cPanel disclosed CVE-2026-41940 on April 28, 2026. Two days later, CISA added it to the Known Exploited Vulnerabilities catalog, and on May 1, 2026...
News · May 1, 2026
Copy Fail (CVE-2026-31431): Linux Bug Gives Local Users Root
Copy Fail (CVE-2026-31431) is a Linux kernel LPE in algif_aead affecting many distros since 2017. Patch kernels or disable algif_aead.
News · April 8, 2024
SurveyLama Data Breach Leaks Info of 4.4 Million Users
In February 2024, a popular online survey platform SurveyLama suffered a data breach. The incident leaked the personal information of more than 4.4 million...
