1. A supply chain attack compromised Red Hat npm packages to distribute the Miasma credential stealing worm (thehackernews.com).
2. A critical Windows Netlogon remote code execution vulnerability is being actively exploited in the wild (bleepingcomputer.com).
3. Nearly 2000 WordPress sites were infected with malware using Steam profiles as command and control infrastructure (bleepingcomputer.com).
4. The Pakistan linked SideCopy group is targeting the Afghanistan Ministry of Finance with Xeno RAT via spear phishing (thehackernews.com).
5. A China aligned group named Dragon Weave is conducting espionage against Czech and Taiwanese officials using the AdaptixC2 agent (thehackernews.com).
6. Carnival Corporation confirmed a data breach affecting 6 million people after a social engineering attack on an employee (research.checkpoint.com).
7. Dashlane disclosed a brute force attack that resulted in the unauthorized download of encrypted vaults for fewer than 20 users (thehackernews.com).
8. A malicious npm package named codexui-android is stealing OpenAI Codex authentication tokens from developers (thehackernews.com).
9. Threat actors are using ClickFix and FakeUpdate techniques to hijack thousands of websites for malware distribution (bleepingcomputer.com).
10. A 19 year old Linux kernel vulnerability has been identified that exposes systems to root access (reddit.com).
11. Spanish police arrested an individual for leaking sensitive data belonging to government employees and the National Cybersecurity Institute (bleepingcomputer.com).
12. Hackers are reportedly leveraging Meta AI bots to hijack high profile Instagram accounts (reddit.com).
13. A Linux privilege escalation vulnerability tracked as CVE 2026 31431 is affecting shared build hosts (reddit.com).
14. A gaming cheat service for Grand Theft Auto V was breached resulting in the exposure of thousands of users (reddit.com).
Be First to Comment