April 2026

We sent Tess to investigate a classic Nigerian advance-fee scam with a new twist. Sadly, these old scams are still in play because they work.

This DHL-themed email tries to get recipients to install remote access software attackers can use to deploy further malware, including ransomware.

Take control of pesky permission pop-ups and decide exactly which websites can access your camera, microphone, location, and send you notifications.

Apple users: Watch out for “upgrade now or lose your photos” scams that rush you into handing over your payment details.

This trojanized Slack installer looks normal, but quietly gives attackers an invisible desktop to access your accounts and data. We take a deep dive into the attack.

Guest reservation data stolen from the booking giant can be used by scammers to impersonate hotels to steal payment and personal info.

A new AI-driven campaign known as Pushpaganda is using clickbait to turn your browser notifications into a stream of scams and fake alerts.

This convincing copyright scam is targeting YouTube creators. Attackers can take over your channel, plus your entire Google account.

Hiding in imposter sites, GitHub downloads, and YouTube links, this infostealer is designed to hijack accounts and drain cryptocurrency wallets.

This month’s Patch Tuesday addresses 167 vulnerabilities, including two zero-days that could lead to system compromise, data exposure, and privilege escalation.