Nicholas Robert - The CyberSignal (Page 4)

A git push arrow entering a server node with lines branching to dozens of repository icons representing cross-tenant access. White line art on electric teal background with red-orange dots.

Trending

GitHub CVE-2026-3854: One git push Was All It Took to Access Millions of Private Repositories

Wiz discovered CVE-2026-3854 — a critical GitHub RCE where a single crafted git push gave attackers cross-tenant code execution and access to millions of private repositories. 88% of GHES instances were still unpatched at public disclosure.

02 May 2026

Scales of justice with a briefcase on one side and a ransomware skull on the other tipping toward the skull, broken handshake below. White line art on dark bronze with red-orange dots.

Trending

Ransomware Negotiators Sentenced: Sygnia and DigitalMint Employees Get 4 Years for Acting as BlackCat Affiliates

Ryan Goldberg (Sygnia) and Kevin Martin (DigitalMint) were sentenced to 4 years in federal prison for acting as BlackCat ransomware affiliates while employed as incident response professionals — attacking the same clients they were hired to help.

01 May 2026

Globe with circuit traces connecting a government building, microphone, and protest sign, overlaid by a shadowed figure. White line art on deep slate with red-orange accent dots.

Trending

Shadow-Earth-053: Trend Micro Confirms China Spy Group Targets Journalists and Activists Alongside Governments and Defense

Trend Micro publishes full technical attribution of Shadow-Earth-053 — confirming the China-linked group targets journalists and civil society activists alongside governments and defense sectors across Asia and one NATO member state.

01 May 2026

A spider web with three red X marks over key nodes, a handcuff icon and gavel below. White line art on a deep indigo background with red-orange accent dots at the broken nodes.

Trending

Scattered Spider Member "Bouquet" Arrested in Finland — Peter Stokes, 19, Charged With Four Intrusions Starting at Age 16

Peter Stokes (alias "Bouquet"), 19, was arrested in Finland on April 10 while boarding a flight to Tokyo — charged with four Scattered Spider intrusions since age 16, including an $8M ransom demand against a luxury retailer.

01 May 2026

Speedometer needle pinned to maximum, surrounded by an AI chip, padlock, and coin icon. White line art on dark olive background with a red-orange accent dot at the needle tip.

Policy & Government

Europol IOCTA 2026: AI, Encryption, and Cybercrime-as-a-Service Are Widening the Velocity Gap Between Criminals and Defenders

Europol's IOCTA 2026 warns that cybercrime has industrialized — AI, encryption, and CaaS are widening the velocity gap between criminal innovation and law enforcement capability, with 120+ ransomware variants and $10.5T in projected 2026 costs.

01 May 2026

Phone handset beside an SSO login screen with a session token streaming to an attacker node, SWAT icon in the corner. White line art on dark magenta with red-orange dots.

Trending

Cordial Spider and Snarky Spider: Two New Com-Affiliated Groups Are Running the Scattered Spider Playbook at Scale

CrowdStrike documents Cordial Spider and Snarky Spider — two new Com-affiliated groups running vishing and SSO phishing campaigns against enterprise SaaS environments with seven-figure extortion demands and no malware deployed.

01 May 2026

Trending

CISA Orders Federal Agencies to Patch Critical cPanel Authentication Bypass CVE-2026-41940 by Sunday

CISA added CVE-2026-41940 in cPanel and WHM to its KEV catalog with a binding 48-hour patch mandate for all federal agencies — a critical authentication bypass already exploited in the wild granting full host takeover.

01 May 2026

PyTorch Lightning versions 2.6.2 and 2.6.3 were backdoored in a supply chain attack that automatically steals SSH keys, cloud credentials, GitHub tokens, and crypto wallets on import.

Trending

PyTorch Lightning Compromised in Supply Chain Attack — Malware Steals Credentials Automatically on Import

Versions 2.6.2 and 2.6.3 of PyTorch Lightning were compromised in a supply chain attack — executing credential-stealing malware automatically on import, targeting SSH keys, cloud credentials, GitHub tokens, and crypto wallets.

01 May 2026

A 15-year-old hacker known as breach3d breached France's ANTS national ID agency exposing 11.7 million accounts containing passport, national ID, and driver's license data.

Trending

France Arrests 15-Year-Old "breach3d" for Hacking ANTS National ID Agency — 11.7 Million Accounts Exposed

A 15-year-old operating as "breach3d" breached France's ANTS national ID agency exposing 11.7 million accounts with passport and driver's license data — and listed 12–19 million records for sale on criminal forums.

01 May 2026

Europol's Operation PowerOFF sent 75,000 warning letters to DDoS-for-hire customers across 21 nations, seized 53 domains, and built a 3-million-account enforcement database.

Policy & Government

Europol Operation PowerOFF Sends 75,000 Warning Letters to DDoS-for-Hire Customers Across 21 Nations

Operation PowerOFF enters its prevention phase — 75,000 warning letters to identified DDoS-for-hire customers, 53 domains seized, 4 arrests, and 3 million criminal accounts as a persistent enforcement asset.

01 May 2026

FBI warns cyber-enabled cargo theft surged to $725M in 2025 — hackers compromise freight broker systems and post fraudulent load board listings to hijack high-value shipments.

Trending

FBI Warns Cyber-Enabled Cargo Theft Surged to $725M in 2025 — Hackers Are Hijacking Freight Before It Leaves the Dock

The FBI warns cybercriminals stole nearly $725M in cargo in 2025 — a 60% surge — by hacking freight broker systems and posting fraudulent load board listings to hijack high-value shipments.

01 May 2026

Krebs investigation reveals Brazilian anti-DDoS firm Huge Networks was enabling a Mirai-based botnet attacking Brazilian ISPs using the CEO's own stolen SSH keys.

Trending

Krebs Investigation: Anti-DDoS Firm Huge Networks Found Enabling Botnet That Attacked Brazilian ISPs

Krebs on Security reveals Huge Networks — a Brazilian DDoS protection firm — was enabling a Mirai-based botnet attacking other Brazilian ISPs, with the CEO's own SSH keys found in the malicious attack archive.

01 May 2026

See all