Android devices are being targeted by a new malware-as-a-service (MaaS) platform, SuperCard X. The malware uses NFC relay attacks to conduct fraudulent point-of-sale and ATM transactions. Thought to be linked to Chinese-speaking hackers, the platform was discovered by mobile security firm Cleafy through attacks in Italy. It’s promoted on Telegram channels which also provide ‘customer’ support. Financial institutions are tricked by the software into thinking transactions are legitimate, making them difficult to identify and reverse.

Two new high severity WordPress vulnerabilities, patch immediately!
The 7.0.2 WordPress security release addresses one critical and one high severity security issue. The vulnerabilities reported to the WordPress security team include: CVE-2026-60137 –


