ThreatsDay roundup covering stealthy attacks, phishing trends, exploit chains, and rising security risks across the threat landscape.

How can an extension change hands with no oversight?

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS).

A new security report on AI companion apps is drawing attention because it arrives as an identity protection company is dealing with a data exposure incident.

The city must commit its remaining federal pandemic relief funds by the end of the year or risk returning the money to Washington.

Is Trump bringing conversion therapy back? Not exactly, but he is empowering people who want to.

Lookout Threat Labs, and iVerify published coordinated research in March 2026 on DarkSword, a JavaScript-based full-chain exploit that compromises iOS devices running versions 18.4 through 18.7 (some ...

The phishing site it is not affiliated with Igloo Inc or Pudgy Penguins, but is designed to lure fans and steal their crypto passwords.