ChatGPhish AI Summary Phish
ChatGPhish shows how a web page summarized by ChatGPT can surface phishing links, fake alerts, and QR codes inside a trusted AI answer.
News desk
Security incidents, exploited vulnerabilities, breach reports, malware campaigns, and urgent patch notes arranged for fast daily scanning.
July 14, 2026
ChatGPhish shows how a web page summarized by ChatGPT can surface phishing links, fake alerts, and QR codes inside a trusted AI answer.
Downloaded CPU-Z or HWMonitor during the CPUID compromise? Check the April 9-10 window, CRYPTBASE.dll, browser passwords, and clean up safely.
TrapDoor spreads malicious packages through npm, PyPI and Crates.io, steals developer secrets, and hides instructions in CLAUDE.md and .cursorrules.
Megalodon injected malicious GitHub Actions workflows into 5,561 repositories. Here is what maintainers should audit before rotating secrets and publishing packages.
Malwarebytes found fake GitHub and SourceForge downloads impersonating ChatGPT, Claude, AutoTune, and other tools to deliver DinDoor and a Deno-based RAT.
CVE-2026-48095 is a 7-Zip NTFS handler heap overflow fixed in 7-Zip 26.01. Update from official sources and treat unexpected archives or renamed files cautiously.
Ubiquiti patched five UniFi OS vulnerabilities, including three CVSS 10 critical flaws. Check affected UniFi devices, fixed versions, and post-update steps.
Attackers are exploiting Ghost CMS CVE-2026-26980 to inject ClickFix loaders into trusted sites. Patch Ghost, rotate API keys, and treat fake verification prompts as…
npm CLI 11.15.0 adds staged publishing and new install-source controls. Here is what maintainers should enable, what CI should change, and what to check…