1. CISA issued a binding operational directive requiring federal agencies to patch an actively exploited vulnerability in Ivanti Sentry within three days (bleepingcomputer.com).
2. The ShinyHunters extortion group is actively exploiting a critical remote code execution vulnerability in Oracle PeopleSoft tracked as CVE-2026-35273 (thehackernews.com).
3. Researchers identified a critical vulnerability chain in the LangGraph AI framework that allows for remote code execution via SQL injection (thehackernews.com).
4. Europol dismantled the AudiA6 cryptocurrency laundering service which was used by ransomware gangs to process over 336 million euros in illicit profits (thehackernews.com).
5. An international operation led by INTERPOL resulted in the shutdown of the Sniper Dz phishing as a service platform and the arrest of its administrator (thehackernews.com).
6. The French government confirmed a data breach of its Tchap encrypted messaging platform affecting the accounts of over 73000 public sector employees (bleepingcomputer.com).
7. South Korean regulators fined e-commerce giant Coupang 409 million dollars following a massive data breach that impacted more than 37 million customers (bleepingcomputer.com).
8. Kyushu Electric Power Company in Japan reported a physical security incident involving the loss of a drive containing private data of over 10 million customers (bleepingcomputer.com).
9. Security researcher Chaotic Eclipse released details on a new Windows BitLocker bypass vulnerability dubbed GreatXML (thehackernews.com).
10. The Gentlemen ransomware operation has been linked to 478 victims and is known to leverage resources from multiple ransomware as a service schemes (thehackernews.com).
11. OceanLotus was identified as the actor behind a cyber espionage campaign targeting Vietnamese investors and infrastructure entities using the SPECTRALVIPER backdoor (thehackernews.com).
12. Great Marlow School in the United Kingdom was forced to close following a cyberattack that required the assistance of external security professionals (therecord.media).
13. University of Nottingham confirmed a cyber incident with the ShinyHunters group claiming responsibility for the theft of student and alumni data (therecord.media).
14. An unusual misinformation campaign abused the official Maine data breach disclosure portal to publish fraudulent breach notifications (bleepingcomputer.com).
Be First to Comment