Trending
Trend Micro publishes full technical attribution of Shadow-Earth-053 — confirming the China-linked group targets journalists and civil society activists alongside governments and defense sectors across Asia and one NATO member state.
Trending
Peter Stokes (alias "Bouquet"), 19, was arrested in Finland on April 10 while boarding a flight to Tokyo — charged with four Scattered Spider intrusions since age 16, including an $8M ransom demand against a luxury retailer.
Policy & Government
Europol's IOCTA 2026 warns that cybercrime has industrialized — AI, encryption, and CaaS are widening the velocity gap between criminal innovation and law enforcement capability, with 120+ ransomware variants and $10.5T in projected 2026 costs.
Trending
CrowdStrike documents Cordial Spider and Snarky Spider — two new Com-affiliated groups running vishing and SSO phishing campaigns against enterprise SaaS environments with seven-figure extortion demands and no malware deployed.
Trending
CISA added CVE-2026-41940 in cPanel and WHM to its KEV catalog with a binding 48-hour patch mandate for all federal agencies — a critical authentication bypass already exploited in the wild granting full host takeover.
Trending
Versions 2.6.2 and 2.6.3 of PyTorch Lightning were compromised in a supply chain attack — executing credential-stealing malware automatically on import, targeting SSH keys, cloud credentials, GitHub tokens, and crypto wallets.
Trending
A 15-year-old operating as "breach3d" breached France's ANTS national ID agency exposing 11.7 million accounts with passport and driver's license data — and listed 12–19 million records for sale on criminal forums.
Policy & Government
Operation PowerOFF enters its prevention phase — 75,000 warning letters to identified DDoS-for-hire customers, 53 domains seized, 4 arrests, and 3 million criminal accounts as a persistent enforcement asset.
Trending
The FBI warns cybercriminals stole nearly $725M in cargo in 2025 — a 60% surge — by hacking freight broker systems and posting fraudulent load board listings to hijack high-value shipments.
Krebs on Security reveals Huge Networks — a Brazilian DDoS protection firm — was enabling a Mirai-based botnet attacking other Brazilian ISPs, with the CEO's own SSH keys found in the malicious attack archive.
ShinyHunters claims 9.4 million Amtrak records via Salesforce — 2.1 million accounts independently confirmed on Have I Been Pwned. The latest target in the group's coordinated 2026 campaign that has hit ADT, Udemy, Medtronic, Vimeo, and Cisco.
Massachusetts Secretary Galvin fined Fidelity Brokerage Services $1.25M after a three-day IDOR vulnerability allowed any authenticated user to access other customers' SSNs, credit card numbers, and medical records — plus a secondary failure to notify affected individuals.
The FBI's Operation Winter SHIELD distills 10 proven defensive controls from real-world investigations — and its central message is blunt: most organizations are breached because they don't implement what they already know works.
An investigation reveals how NoName057(16) turned DDoS attacks into a cryptocurrency-rewarded 'patriotic game' — with activity increasing after Europol's Operation Eastwood crackdown rather than diminishing.
Silver Fox has launched a tax-themed phishing campaign across India, Russia, Indonesia, and Japan — deploying ValleyRAT and the newly documented ABCDoor Python backdoor via fake tax authority notifications.
Sandhills Medical Foundation discloses a ransomware breach by Inc Ransom affecting 169,017 patients — nearly 12 months after the attack was detected and 10 months after stolen data was published publicly.
A previously undocumented China-linked threat group tracked as Shadow-Earth-053 has infiltrated 12+ critical networks across Poland and Asian nations — targeting defense contractors, government agencies, and transport infrastructure.
Iran-linked Handala published the names and phone numbers of 2,379 US Marines and sent direct WhatsApp threats warning of drone and missile strikes — a hybrid psychological operation attributed to Iran's MOIS.
Ukrainian police have arrested three individuals who systematically used stolen session cookies to access and sell more than 610,000 Roblox accounts, targeting profiles with accumulated in-game currency and rare items and reselling them through Russian criminal platforms for cryptocurrency. KYIV, UKRAINE — Ukrainian law enforcement has detained three suspects in
Vimeo has confirmed a data breach affecting portions of its user database following a compromise at Anodot, a third-party analytics vendor. The breach has been attributed to ShinyHunters, which exploited trusted API connections between Anodot and its enterprise clients to access Vimeo's environment without directly targeting Vimeo'
An attacker purchased a portfolio of 31 trusted WordPress plugins on a public marketplace, embedded a PHP backdoor in a routine-looking update, and left it dormant for eight months before activating it to distribute hidden SEO spam to thousands of websites — with the malware resolving its command-and-control server through an
