Trending
Yesterday, Nextend confirmed that its update servers were compromised, leading to the distribution of backdoored versions of Smart Slider 3 Pro. With nearly a million sites affected across WordPress and Joomla, this is one of the most significant supply chain attacks of the year. BUDAPEST, HUNGARY — Security researchers at Patchstack
Cyber-Warfare
Yesterday, we reported on the unprecedented scale of the National Supercomputing Center (NSCC) breach. Today, the focus shifts from how much was taken to exactly what — and the implications for global stability. CHENGDU, CHINA — New intelligence regarding the 10-petabyte data theft from China’s National Supercomputing Center suggests the breach
Data Breaches
What began as a security "anomaly" in late 2025 has escalated into a major privacy crisis, as hackers begin offloading sensitive passport and contact information belonging to Interrail and Eurail customers. UTRECHT, NETHERLANDS — Eurail B.V., the organization behind the popular Interrail and Eurail passes, has confirmed that
A newly identified threat actor, UNC6783, is bypassing the "front door" of major corporations by targeting Business Process Outsourcing (BPO) firms. By leveraging fake Okta portals and hijacked Zendesk tickets, the group has successfully extorted dozens of high-value targets, exposing a critical failure in the Managed Perimeter. MOUNTAIN
Yesterday, Nextend confirmed that its update servers were compromised, leading to the distribution of backdoored versions of Smart Slider 3 Pro. With nearly a million sites affected across WordPress and Joomla, this is one of the most significant supply chain attacks of the year. BUDAPEST, HUNGARY — Security researchers at Patchstack
Yesterday, we reported on the unprecedented scale of the National Supercomputing Center (NSCC) breach. Today, the focus shifts from how much was taken to exactly what — and the implications for global stability. CHENGDU, CHINA — New intelligence regarding the 10-petabyte data theft from China’s National Supercomputing Center suggests the breach
What began as a security "anomaly" in late 2025 has escalated into a major privacy crisis, as hackers begin offloading sensitive passport and contact information belonging to Interrail and Eurail customers. UTRECHT, NETHERLANDS — Eurail B.V., the organization behind the popular Interrail and Eurail passes, has confirmed that
The oil and gas recovery specialist has launched an investigation into a sophisticated cyberattack that successfully redirected a major project payment to an unauthorized third-party account. LONDON — Zephyr Energy, a technology-led energy company focused on responsible resource development, has disclosed a significant cyberattack that resulted in the diversion of approximately
Researchers have uncovered a sophisticated spearphishing operation aimed at journalists and human rights defenders, leveraging custom spyware to exfiltrate private iCloud backups and Android device data. CAIRO — A new wave of targeted cyberattacks has been identified across the Middle East and North Africa (MENA), specifically focusing on members of the
The oil and gas recovery specialist has launched an investigation into a sophisticated cyberattack that successfully redirected a major project payment to an unauthorized third-party account. LONDON — Zephyr Energy, a technology-led energy company focused on responsible resource development, has disclosed a significant cyberattack that resulted in the diversion of approximately
Researchers have uncovered a sophisticated spearphishing operation aimed at journalists and human rights defenders, leveraging custom spyware to exfiltrate private iCloud backups and Android device data. CAIRO — A new wave of targeted cyberattacks has been identified across the Middle East and North Africa (MENA), specifically focusing on members of the
The world’s largest cryptocurrency ATM operator has confirmed a security incident involving its corporate hot wallets, leading to the unauthorized transfer of 50.9 Bitcoin. ATLANTA — Bitcoin Depot, the leading provider of cryptocurrency ATMs globally, has disclosed a significant security breach that occurred earlier this week. According to corporate
A sweeping new federal mandate blocks the authorization and import of networking equipment from high-risk foreign adversaries, targeting vulnerabilities used in state-sponsored botnets. WASHINGTON — The Federal Communications Commission (FCC) has issued an unprecedented order banning the import and sale of new consumer and enterprise routers manufactured in several foreign nations,
A major vulnerability in a prominent companion AI platform has led to the public exposure of sensitive prompts and account identifiers, highlighting the privacy risks of generative AI data retention. SAN FRANCISCO — Security researchers have confirmed a significant data breach at MyLovely.ai, a popular "AI companion" platform.
A novel Phishing-as-a-Service platform is leveraging Microsoft's device code flow to bypass multi-factor authentication and automate business email compromise at scale. REDMOND — Security researchers have identified a surge in high-velocity phishing campaigns powered by a new service called "EvilTokens." The platform specifically targets Microsoft 365 environments
The suspension of digital systems at a major Massachusetts healthcare provider has forced a transition to manual workflows and the redirection of emergency medical services. BROCKTON — Signature Healthcare, the parent organization of Brockton Hospital, confirmed on April 7, 2026, that a cybersecurity incident has disrupted its clinical and administrative operations.
The launch of "Mythos" and Project Glasswing raises legitimate questions about autonomous defense — and the risks that come with it. SAN FRANCISCO — Anthropic has unveiled "Mythos," its most capable AI model to date, alongside Project Glasswing — a dedicated cybersecurity initiative designed to use Mythos to identify
AMSTERDAM — A massive ransomware attack on ChipSoft, the Netherlands’ primary provider of Electronic Patient Record (EPD) software, has disrupted operations at dozens of hospitals and specialist clinics across the country. The breach has forced several high-profile medical institutions, including the Prinses Máxima Center, to implement emergency protocols as access to
WINONA, MN — Governor Tim Walz has signed an executive order authorizing the Minnesota National Guard to provide emergency cyber assistance to Winona County as the municipality struggles to recover from a persistent ransomware attack. The activation marks a significant escalation in the state’s tactical response to a localized breach,
LOS ANGELES — The City of Los Angeles is investigating a sprawling data breach that has resulted in the online leak of thousands of sensitive documents belonging to the Los Angeles Police Department (LAPD) and the City Attorney’s office. According to reports from TechCrunch and The Record, the breach appears
The City of Syracuse has begun mailing notification letters to individuals potentially impacted by a security breach within the Syracuse Police Department (SPD) network. The city confirmed that the incident, which initially forced a shutdown of department computer systems to contain the intrusion, has cost taxpayers approximately $250,000 in