Privacy | Breaking Cybersecurity News | The Hacker News

The first ThreatsDay Bulletin of 2026 lands on a day that already feels symbolic — new year, new breaches, new tricks. If the past twelve months taught defenders anything, it's that threat actors don't pause for holidays or resolutions. They just evolve faster. This week's round-up shows how subtle shifts in behavior, from code tweaks to job scams, are rewriting what "cybercrime" looks like in practice. Across the landscape, big players are being tested, familiar threats are mutating, and smaller stories are quietly signaling bigger patterns ahead. The trend isn't about one big breach anymore; it's about many small openings that attackers exploit with precision. The pace of exploitation, deception, and persistence hasn't slowed; it's only become more calculated. Each update in this edition highlights how the line between normal operations and compromise is getting thinner by the week. Here's a sharp look at what's moving beneath the surface of the cybersecurity world as 2026 begin...

As web browsers evolve into all-purpose platforms, performance and productivity often suffer.  Feature overload, excessive background processes, and fragmented workflows can slow down browsing sessions and introduce unnecessary friction, especially for users who rely on the browser as a primary work environment. This article explores how adopting a lightweight, task-focused browser, like Adapt Browser , can help users browse faster, reduce distractions, and complete everyday tasks more efficiently, without relying on heavy extensions or complex configurations. The Productivity Problem With Modern Browsing For many professionals, the browser functions as a central hub for research, communication, content consumption, and operational work. However, common challenges persist: High CPU and memory usage caused by background services Excessive tab proliferation leading to loss of context Frequent switching between browser tabs and external applications Reliance on extensions t...

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Tuesday removed three individuals linked to the Intellexa Consortium, the holding company behind a commercial spyware known as Predator , from the specially designated nationals list. The names of the individuals are as follows - Merom Harpaz Andrea Nicola Constantino Hermes Gambazzi Sara Aleksandra Fayssal Hamou Hamou was sanctioned by OFAC in March 2024, and Harpaz and Gambazzi were targeted in September 2024 in connection with developing, operating, and distributing Predator. The Treasury's press release does not give any reason as to why they were removed from the list. However, in a statement shared with Reuters, it said the removal "was done as part of the normal administrative process in response to a petition request for reconsideration." The department added that the individuals had "demonstrated measures to separate themselves from the Intellexa Consortium....

The encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs. The blockchain intelligence firm said evidence points to the involvement of Russian cybercriminal actors in the activity, with one of the Russian exchanges receiving LastPass-linked funds as recently as October. This assessment is "based on the totality of on-chain evidence – including repeated interaction with Russia-associated infrastructure, continuity of control across pre-and post-mix activity, and the consistent use of high-risk Russian exchanges as off-ramps ," it added. LastPass suffered a major hack in 2022 that enabled attackers to access personal information belonging to its customers, including their encrypted password vaults containing credentials, such as cryptocurrency private keys and seed phrases.  ...

Apple has been fined €98.6 million ($116 million) by Italy's antitrust authority after finding that the company's App Tracking Transparency (ATT) privacy framework restricted App Store competition. The Italian Competition Authority (Autorità Garante della Concorrenza e del Mercato, or AGCM) said the company's "absolute dominant position" in app distribution allowed it to "unilaterally impose" the ATT rules on third-party app developers, without consulting with them beforehand. The investigation was launched in May 2023. The AGCM said it's not calling into question Apple's decision to adopt safeguards designed to enhance users' privacy on iOS, but rather it's taking issue with the consent requirements that are excessively burdensome for developers and "disproportionate" to the stated objectives of ATT. Specifically, this requires developers to serve both ATT- and GDPR-related permission prompts in apps for iPhone and iPad ...

As the internet becomes an essential part of daily life, its environmental footprint continues to grow.  Data centers, constant connectivity, and resource-heavy browsing habits all contribute to energy consumption and digital waste. While individual users may not see this impact directly, the collective effect of everyday browsing is significant. Choosing a browser designed with sustainability in mind is one practical way to reduce that impact, without changing how you work online. This article explains what eco-friendly browsing means, why it matters, and how a green browser like Wave Browser pairs a modern, secure browsing experience with a mission to help protect our ocean through verified cleanup efforts. Why Eco-Friendly Browsing Matters Most people think of environmental impact in terms of transportation, food, or physical products. Digital activity is often overlooked. However: Browsers run continuously throughout the day Heavy tabs and background processes incre...

A new campaign named GhostPoster has leveraged logo files associated with 17 Mozilla Firefox browser add-ons to embed malicious JavaScript code designed to hijack affiliate links, inject tracking code, and commit click and ad fraud. The extensions have been collectively downloaded over 50,000 times, according to Koi Security, which discovered the campaign. The add-ons are no longer available. These browser programs were advertised as VPNs, screenshot utilities, ad blockers, and unofficial versions of Google Translate. The oldest add-on, Dark Mode, was published on October 25, 2024, offering the ability to enable a dark theme for all websites. The full list of the browser add-ons is below - Free VPN Screenshot Weather (weather-best-forecast) Mouse Gesture (crxMouse) Cache - Fast site loader Free MP3 Downloader Google Translate (google-translate-right-clicks) Traductor de Google Global VPN - Free Forever Dark Reader Dark Mode Translator - Google Bing Baidu DeepL Weather...

Google has announced that it's discontinuing its dark web report tool in February 2026, less than two years after it was launched as a way for users to monitor if their personal information is found on the dark web. To that end, scans for new dark web breaches will be stopped on January 15, 2026, and the feature will cease to exist effective February 16, 2026. "While the report offered general information, feedback showed that it didn't provide helpful next steps," Google said in a support document. "We're making this change to instead focus on tools that give you more clear, actionable steps to protect your information online." The tech giant said it will delete all data related to dark web report once the feature is retired in February, but noted that users have an option to delete their monitoring profile ahead of time by following the steps below - Go to the Dark Web report Under "Results with your info," click Edit monitoring prof...

Google on Monday announced a set of new security features in Chrome, following the company's addition of agentic artificial intelligence (AI) capabilities to the web browser. To that end, the tech giant said it has implemented layered defenses to make it harder for bad actors to exploit indirect prompt injections that arise as a result of exposure to untrusted web content and inflict harm. Chief among the features is a User Alignment Critic, which uses a second model to independently evaluate the agent's actions in a manner that's isolated from malicious prompts. This approach complements Google's existing techniques, like spotlighting , which instruct the model to stick to user and system instructions rather than abiding by what's embedded in a web page. "The User Alignment Critic runs after the planning is complete to double-check each proposed action," Google said . "Its primary focus is task alignment: determining whether the proposed action s...

A human rights lawyer from Pakistan's Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa's Predator spyware, Amnesty International said in a report. The link, the non-profit organization said, is a "Predator attack attempt based on the technical behaviour of the infection server, and on specific characteristics of the one-time infection link which were consistent with previously observed Predator 1-click links." Pakistan has dismissed the allegations, stating "there is not an iota of truth in it." The findings come from a new joint investigation published in collaboration with Israeli newspaper Haaretz, Greek news site Inside Story, and Swiss tech site Inside IT. It's based on documents and other materials leaked from the company, including internal documents, sales and marketing material, and training videos. Intellexa is the mak...

This week has been crazy in the world of hacking and online security. From Thailand to London to the US, we've seen arrests, spies at work, and big power moves online. Hackers are getting caught. Spies are getting better at their jobs. Even simple things like browser add-ons and smart home gadgets are being used to attack people. Every day, there's a new story that shows how quickly things are changing in the fight over the internet. Governments are cracking down harder on cybercriminals. Big tech companies are rushing to fix their security. Researchers keep finding weak spots in apps and devices we use every day. We saw fake job recruiters on LinkedIn spying on people, huge crypto money-laundering cases, and brand-new malware made just to beat Apple's Mac protections. All these stories remind us: the same tech that makes life better can very easily be turned into a weapon. Here's a simple look at the biggest cybersecurity news happening right now — from the hidde...

Behind every click, there's a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us. But security teams are fighting back. They're building faster defenses, better ways to spot attacks, and stronger systems to keep people safe. It's a constant race — every move by attackers sparks a new response from defenders. In this week's ThreatsDay Bulletin, we look at the latest moves in that race — from new malware and data leaks to AI tools, government actions, and major security updates shaping the digital world right now. U.K. moves to tighten cyber rules for key sectors U.K. Debuts Cyber Security and Resilience Bill The U.K. government has proposed a new Cyber Security and Resilience Bill that aims to strengthen national security and secure public services like healthcare, drinking wat...

Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud. The company said it has built Private AI Compute to "unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private to you and is not accessible to anyone else, not even Google." Private AI Compute has been described as a "secure, fortified space" for processing sensitive user data in a manner that's analogous to on-device processing but with extended AI capabilities. It's powered by Trillium Tensor Processing Units (TPUs) and Titanium Intelligence Enclaves (TIE), allowing the company to use its frontier models without sacrificing on security and privacy. In other words, the privacy infrastructure is designed to take advantage of the computational speed and power of the cloud while retaining the security and privacy assuran...

Cybercrime has stopped being a problem of just the internet — it's becoming a problem of the real world. Online scams now fund organized crime, hackers rent violence like a service, and even trusted apps or social platforms are turning into attack vectors. The result is a global system where every digital weakness can be turned into physical harm, economic loss, or political leverage. Understanding these links is no longer optional — it's survival. For a full look at the most important security news stories of the week, keep reading. Hidden flaws resurface in Windows core Security Flaws in Windows GDI Details have emerged about three now-patched security vulnerabilities in Windows Graphics Device Interface (GDI) that could enable remote code execution and information disclosure. These issues – CVE-2025-30388 , CVE-2025-53766 , and CVE-2025-47984 – involve out-of-bounds memory access triggered through malformed e...

The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering. This week's findings show how that shrinking margin of safety is redrawing the threat landscape. Here's what's making headlines. Hijack Loader expands its reach in Latin America LATAM Targeted by PureHVNC Phishing emails containing SVG file attachments targeting Colombian, Spanish-speaking individuals with themes relating to the Attorney General's office of Colombia have been used to deliver PureHVNC RAT . "The emails entice the user to download an 'official document' from the judicial information system, which starts the infection chain of executing a Hijack Loader executable that leads to the PureHVNC Remote Access Trojan (RAT)," IBM X-Force said . The activity w...