Bill Toulas
Author Bio
Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.
-
New CrystalRAT malware adds RAT, stealer and prankware features
A new malware-as-a-service called CrystalRAT is being promoted on Telegram, offering remote access, data theft, keylogging, and clipboard hijacking capabilities.
- April 01, 2026
- 07:17 PM
-
0
-
Hackers exploit TrueConf zero-day to push malicious software updates
Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on all connected endpoints.
- April 01, 2026
- 05:35 PM
-
0
-
New EvilTokens service fuels Microsoft device code phishing attacks
A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide advanced features for business email compromise attacks.
- April 01, 2026
- 03:42 PM
-
1
-
'NoVoice' Android malware on Google Play infected 2.3 million devices
A new Android malware named NoVoice was found on Google Play, hidden in more than 50 apps that were downloaded at least 2.3 million times.
- April 01, 2026
- 02:07 PM
-
0
-
Proton launches new "Meet" privacy-focused conferencing platform
Proton has announced a new video conferencing service named Meet and positioned it as a privacy-focused alternative to mainstream services like Google Meet, Zoom, and Microsoft Teams.
- March 31, 2026
- 06:42 PM
-
0
-
GIGABYTE Control Center vulnerable to arbitrary file write flaw
The GIGABYTE Control Center is vulnerable to an arbitrary file-write flaw that could allow a remote, unauthenticated attacker to access files on vulnerable hosts.
- March 31, 2026
- 06:28 PM
-
0
-
Claude AI finds Vim, Emacs RCE bugs that trigger on file open
Vulnerabilities in the Vim and GNU Emacs text editors, discovered using simple prompts with the Claude assistant, allow remote code execution simply by opening a file.
- March 31, 2026
- 05:45 PM
-
0
-
Hackers compromise Axios npm package to drop cross-platform malware
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver remote access trojans to Linux, Windows, and macOS systems.
- March 31, 2026
- 09:53 AM
-
0
-
Healthcare tech firm CareCloud says hackers stole patient data
Healthcare IT firm CareCloud has disclosed a data breach incident that exposed sensitive data and caused a network disruption lasting approximately eight hours.
- March 30, 2026
- 05:44 PM
-
0
-
New RoadK1ll WebSocket implant used to pivot on breached networks
A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to other systems on the network.
- March 30, 2026
- 04:49 PM
-
0
-
Critical Citrix NetScaler memory flaw actively exploited in attacks
Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler Gateway appliances to obtain sensitive data.
- March 30, 2026
- 02:28 PM
-
0
-
Apple adds macOS Terminal warning to block ClickFix attacks
Apple has introduced a security feature in macOS Tahoe 26.4 that blocks pasting and executing potentially harmful commands in Terminal and alerts users to possible risks.
- March 30, 2026
- 10:32 AM
-
0
-
File read flaw in Smart Slider plugin impacts 500K WordPress sites
A vulnerability in the Smart Slider 3 WordPress plugin, active on more than 800,000 websites, can be exploited to allow subscriber-level users access to arbitrary files on the server.
- March 29, 2026
- 10:38 AM
-
0
-
New Infinity Stealer malware grabs macOS data via ClickFix lures
A new info-stealing malware named Infinity Stealer is targeting macOS systems with a Python payload packaged as an executable using the open-source Nuitka compiler.
- March 28, 2026
- 10:35 AM
-
1
-
Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file.
- March 27, 2026
- 05:13 PM
-
0
0
