1. Trellix confirmed a security breach involving unauthorized access to a portion of its internal source code repository (thehackernews.com).
2. A Vietnamese-linked operation named AccountDumpling compromised 30,000 Facebook accounts using Google AppSheet as a phishing relay (thehackernews.com).
3. China-linked threat group SHADOW-EARTH-053 is conducting an espionage campaign targeting government and defense sectors across Asia and a NATO member state (thehackernews.com).
4. Cybercrime groups Cordial Spider and Snarky Spider are executing rapid SaaS extortion attacks using vishing and SSO abuse (thehackernews.com).
5. Two cybersecurity professionals were sentenced to four years in prison for facilitating BlackCat ransomware attacks in 2023 (thehackernews.com).
6. A 15-year-old was detained in France for allegedly selling data stolen from the France Titres government agency (bleepingcomputer.com).
7. Educational technology firm Instructure disclosed a cybersecurity incident and is currently investigating the impact on its systems (bleepingcomputer.com).
8. CVE-2026-31431, known as Copy Fail, allows for Linux root privilege escalation across cloud environments (reddit.com).
9. Researchers observed ongoing supply chain attacks targeting SAP packages within the npm ecosystem (reddit.com).
10. A ransomware negotiator pleaded guilty to secretly working for a ransomware gang while representing victim clients (schneier.com).
11. A phishing campaign is actively using fake Tailscale websites via Google Ads to trick users into executing malware (reddit.com).
12. A vulnerability researcher accused Deribit of selectively triaging bug reports while ignoring a critical finding for over 76 days (reddit.com).
Be First to Comment