<br/> Fake Incident Report Used in Phishing Campaign<br/> <a href="https://isc.sans.edu/diary/Fake%20Incident%20Report%20Used%20in%20Phishing%20Campaign/32722">https://isc.sans.edu/diary/Fake%20Incident%20Report%20Used%20in%20Phishing%20Campaign/32722</a><br/> Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets <a href="https://securelist.com/keenadu-android-backdoor/118913/">https://securelist.com/keenadu-android-backdoor/118913/</a><br/> CVE-2026-25903: Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates <a href="https://seclists.org/oss-sec/2026/q1/166">https://seclists.org/oss-sec/2026/q1/166</a><br/> The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time<br/> <a href="https://unit42.paloaltonetworks.com/real-time-malicious-javascript-through-llms/">https://unit42.paloaltonetworks.com/real-time-malicious-javascript-through-llms/</a> <br/> Encrypted RCS in iOS/iPadOS<br/> <a href="https://developer.apple.com/documentation/ios-ipados-release-notes/ios-ipados-26_4-release-notes">https://developer.apple.com/documentation/ios-ipados-release-notes/ios-ipados-26_4-release-notes</a><br/>