Latest News The ROI Problem in Attack Surface Management: Why Security Investments Aren’t Delivering Expected Results January 4, 2026 Eagl3Sec In the evolving world of cybersecurity, Attack Surface Management (ASM) has emerged as a core discipline for modern security programs. But despite growing adoption, many organizations today are struggling to…
Latest News Cybercriminals Abuse Google Cloud Email Relay to Launch Phishing Attacks – Security Experts of New Scam Wave January 4, 2026 Eagl3Sec A growing threat wave has emerged in early 2026, as cybercriminals increasingly leverage Google Cloud’s email relay services to send large volumes of phishing emails that closely mimic legitimate corporate…
CVE CVE Program Report for Q3 2025: Vulnerability Trends, Metrics, and What Security Leaders Need to Know January 2, 2026 Eagl3Sec The CVE Program, the globally recognized standard for tracking publicly disclosed cybersecurity vulnerabilities, published its Quarter 3 (Q3) Calendar Year 2025 Report, revealing record levels of vulnerability identification and key…
Latest News CSA Warns of Critical SmarterMail Vulnerability Allowing Remote Code Execution — Urgent Patch Recommended January 2, 2026 Eagl3Sec The Cyber Security Agency of Singapore (CSA) issued a high-priority bulletin after identifying a critical zero-authentication vulnerability in SmarterTools’ SmarterMail email server software that could allow attackers to execute arbitrary…
Latest News U.S. Treasury Lifts Sanctions on Three Spyware-Linked Individuals — Reversal Sparks Debate Over Security and Policy January 2, 2026 Eagl3Sec The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) officially removed three individuals from its sanctions list who were previously tied to the Intellexa Consortium, the commercial…
Latest News Modified Shai-Hulud Worm Variant Spotted on npm Registry — New Malware Strain Under Testing January 2, 2026 Eagl3Sec Cybersecurity researchers have identified a modified strain of the notorious Shai-Hulud malware on the npm JavaScript package registry, marking the latest evolution in a series of high-impact software supply chain…
Latest News Critical IBM API Connect Vulnerability Exposes Authentication Bypass Risk – Urgent Patch Released January 1, 2026 Eagl3Sec IBM has issued an urgent security advisory for a critical bug in its API Connect platform that could allow remote attackers to bypass authentication and gain unauthorized access to protected…
Latest News The Breach You Didn’t Expect: Why Your AppSec Stack Could Leave You Exposed in 2026 January 1, 2026 Eagl3Sec A new warning from JFrog highlights a critical shortcoming in how many organizations structure their application security (AppSec) tooling: relying on a patchwork of traditional point solutions rather than a…
Latest News DarkSpectre Browser Extension Campaigns Exposed – 8.8 Million Users Hit by Long-Running Malware Operation January 1, 2026 Eagl3Sec Security researchers have uncovered a massive, sophisticated browser extension malware campaign that has infected 8.8 million users worldwide across multiple web browsers. The operation — attributed to a China-linked threat…
Latest News Trust Wallet Chrome Extension Hack Drains Millions in Crypto – Sophisticated Supply Chain Attack Exposed January 1, 2026 Eagl3Sec A severe security breach struck users of the Trust Wallet Chrome browser extension, resulting in the theft of millions of dollars worth of cryptocurrency after a malicious version of the…
