Cordial Spider and Snarky Spider: Two New Com-Affiliated Groups Are Running the Scattered Spider Playbook at Scale

CrowdStrike documents Cordial Spider and Snarky Spider — two new Com-affiliated groups running vishing and SSO phishing campaigns against enterprise SaaS environments with seven-figure extortion demands and no malware deployed.

CISA Orders Federal Agencies to Patch Critical cPanel Authentication Bypass CVE-2026-41940 by Sunday

CISA added CVE-2026-41940 in cPanel and WHM to its KEV catalog with a binding 48-hour patch mandate for all federal agencies — a critical authentication bypass already exploited in the wild granting full host takeover.

PyTorch Lightning Compromised in Supply Chain Attack — Malware Steals Credentials Automatically on Import

Versions 2.6.2 and 2.6.3 of PyTorch Lightning were compromised in a supply chain attack — executing credential-stealing malware automatically on import, targeting SSH keys, cloud credentials, GitHub tokens, and crypto wallets.

France Arrests 15-Year-Old "breach3d" for Hacking ANTS National ID Agency — 11.7 Million Accounts Exposed

A 15-year-old operating as "breach3d" breached France's ANTS national ID agency exposing 11.7 million accounts with passport and driver's license data — and listed 12–19 million records for sale on criminal forums.

Europol Operation PowerOFF Sends 75,000 Warning Letters to DDoS-for-Hire Customers Across 21 Nations

Operation PowerOFF enters its prevention phase — 75,000 warning letters to identified DDoS-for-hire customers, 53 domains seized, 4 arrests, and 3 million criminal accounts as a persistent enforcement asset.

FBI Warns Cyber-Enabled Cargo Theft Surged to $725M in 2025 — Hackers Are Hijacking Freight Before It Leaves the Dock

The FBI warns cybercriminals stole nearly $725M in cargo in 2025 — a 60% surge — by hacking freight broker systems and posting fraudulent load board listings to hijack high-value shipments.

Krebs Investigation: Anti-DDoS Firm Huge Networks Found Enabling Botnet That Attacked Brazilian ISPs

Krebs on Security reveals Huge Networks — a Brazilian DDoS protection firm — was enabling a Mirai-based botnet attacking other Brazilian ISPs, with the CEO's own SSH keys found in the malicious attack archive.

ShinyHunters Claims 9.4M Amtrak Records via Salesforce — 2.1M Accounts Confirmed on Have I Been Pwned

ShinyHunters claims 9.4 million Amtrak records via Salesforce — 2.1 million accounts independently confirmed on Have I Been Pwned. The latest target in the group's coordinated 2026 campaign that has hit ADT, Udemy, Medtronic, Vimeo, and Cisco.

Massachusetts Fines Fidelity $1.25M for IDOR Breach That Exposed 77,000 Customers' SSNs and Financial Records

Massachusetts Secretary Galvin fined Fidelity Brokerage Services $1.25M after a three-day IDOR vulnerability allowed any authenticated user to access other customers' SSNs, credit card numbers, and medical records — plus a secondary failure to notify affected individuals.

Operation Winter SHIELD: The FBI Is Telling You Exactly What to Fix — And Why Most Organizations Still Get Breached

The FBI's Operation Winter SHIELD distills 10 proven defensive controls from real-world investigations — and its central message is blunt: most organizations are breached because they don't implement what they already know works.

NoName057(16): How Russia Gamified DDoS Attacks on Europe with Crypto Rewards

An investigation reveals how NoName057(16) turned DDoS attacks into a cryptocurrency-rewarded 'patriotic game' — with activity increasing after Europol's Operation Eastwood crackdown rather than diminishing.

Silver Fox Uses New ABCDoor Backdoor to Target Organizations in Russia and India via Tax Impersonation

Silver Fox has launched a tax-themed phishing campaign across India, Russia, Indonesia, and Japan — deploying ValleyRAT and the newly documented ABCDoor Python backdoor via fake tax authority notifications.