30,000 Facebook accounts stolen via Google AppSheet phishing; Vietnamese-linked group sells credentials on dark web storefront. Guardio reports.
Trellix confirms hackers accessed its source code repositories. Experts warn of potential reverse-engineering and zero-day exploits. Investigation ongoing.
CISA adds actively exploited Linux privilege escalation bug CVE-2026-31431 to KEV, urging patch for root access flaw under active attack.
International crackdown arrests 276, shuts 9 crypto scam centers, seizes $701M in coordinated US-China-UAE operation.
Zero-day cPanel exploit targets Southeast Asian government and military networks, also hitting MSPs in 5 countries; critical patching urged.
Silver Fox cyber group launches tax-themed phishing campaign with new ABCDoor malware targeting India and Russia, posing espionage threat.
17-year-old arrested in Osaka for hacking Kaikatsu Club, stealing 7M user data to buy Pokémon cards. Experts warn of systemic security gaps.
Attackers shift from breaches to persistent occupation: AI phishing, Android spyware, Linux exploit, and GitHub RCE mark aggressive new wave.
Progress Software patches critical authentication bypass in MOVEit Automation. CVSS 9.8 flaw allows unauthenticated access. Urgent update recommended to prevent exploitation.
Phishing campaign VENOMOUS#HELPER hits 80+ US orgs using SimpleHelp and ScreenConnect RMM tools for persistent remote access.
90 zero-days in 2025, enterprise exploitation at 48% high, browser exploits low, OS bugs up, state actors target edge devices, CSVs adapt, mobile rebounds, chaining rises, security appliances targeted, BRICKSTORM steals IP.
DarkSword is a full-chain iOS exploit using 6 zero-days, adopted by multiple threat actors targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine. Patch with iOS 26.3.
Seven hardening strategies to protect vSphere from BRICKSTORM malware, focusing on visibility, identity, automation, and network segmentation for Tier-0 assets.
Germany's cyber extortion crisis: 92% leak surge in 2025, AI breaks language barriers, threat actors target Mittelstand. Six key shifts explained.
AI models accelerate vulnerability discovery and exploit development. Enterprises must harden software, update playbooks, use AI defensively, and prepare for mass exploitation. Ten actionable strategies to defend your organization.
UNC6692 used email floods, Teams helpdesk impersonation, AutoHotKey malware, SNOWBELT extension, and persistence via startup/scheduled tasks.
New macOS Apprentice series launches, teaching complete beginners to build native apps using Swift, SwiftUI, and AppKit with step-by-step tutorials and real projects.
Pentagon signs contracts with 7 tech firms including OpenAI and SpaceX to deploy AI on classified systems for warfighter decision-making, raising concerns over ethics and speed.
Instructure discloses data breach: hackers stole names, emails, student IDs, user messages and threaten to leak data. Experts warn of phishing risks.
Over 40,000 servers compromised in ongoing cPanel attacks exploiting zero-day CVE-2026-41940. Urgent patching advised.