Application Security
JDownloader's website was compromised between May 6 and 7, serving Windows installers signed under bogus publisher names that deployed a Python-based RAT. The CMS was the entry point — not the build pipeline. Anyone who installed during the window should reimage.
Trending
Official SAP npm packages were backdoored on April 29 in the latest Mini Shai-Hulud wave — adding browser credential theft across Chrome, Safari, and Edge to the campaign's existing cloud secret harvesting. Over 1,100 victim repositories confirmed.
Trending
Wiz discovered CVE-2026-3854 — a critical GitHub RCE where a single crafted git push gave attackers cross-tenant code execution and access to millions of private repositories. 88% of GHES instances were still unpatched at public disclosure.
Trending
Versions 2.6.2 and 2.6.3 of PyTorch Lightning were compromised in a supply chain attack — executing credential-stealing malware automatically on import, targeting SSH keys, cloud credentials, GitHub tokens, and crypto wallets.
Trending
The FBI warns cybercriminals stole nearly $725M in cargo in 2025 — a 60% surge — by hacking freight broker systems and posting fraudulent load board listings to hijack high-value shipments.
Trending
ShinyHunters claims 9.4 million Amtrak records via Salesforce — 2.1 million accounts independently confirmed on Have I Been Pwned. The latest target in the group's coordinated 2026 campaign that has hit ADT, Udemy, Medtronic, Vimeo, and Cisco.
Threat Intelligence
North Korean threat actors have escalated their developer-targeting campaign by using an AI large language model to insert malicious npm dependencies into legitimate projects — operating through fake U.S.-registered companies and deploying full-featured remote access trojans targeting cryptocurrency wallets and developer infrastructure. GLOBAL — Cybersecurity researchers at ReversingLabs have documented
Data Breaches
A Singapore-linked contractor, Shanghai Tunnel Engineering Co (Singapore), has suffered a cybersecurity incident compromising digital project data for the Jurong Region Line (JRL) and Changi NEWater Factory 3. While operational control systems remain secure, the breach has prompted the Land Transport Authority (LTA) and Public Utilities Board (PUB) to suspend
Data Breaches
Same group behind ADT 10M breach claims 1.4M Udemy users via SaaS vishing. Education sector PII and corporate data at risk. April 27 leak deadline looms. SAN FRANCISCO, CA — Less than a week after the ADT data breach exposed 10 million records, the notorious threat collective ShinyHunters has claimed
Data Breaches
America's largest home security provider confirms breach after vishing attackers claim 10M customer records. Okta SSO → Salesforce attack chain exposes PII and partial SSNs. BOCA RATON, FL — In a stinging blow to the world’s most recognized name in physical security, ADT Inc. (NASDAQ: ADT) has confirmed a
AI Security
Federal adoption hits 82% vs 41% private sector as FedRAMP 20x accelerates unvetted agents into classified networks. WASHINGTON, D.C. — While the commercial world cautiously debates the ROI of agentic AI, the federal government has quietly surged ahead, creating a massive, unmanaged attack surface. According to recent IDC and Salesforce
Spearphishing
Chinese AVIC engineer Song Wu impersonated U.S. researchers for five years to steal export-controlled aerospace software from NASA, the Air Force, Navy, and top universities. Here's how the IP theft pipeline worked — and why it went undetected for so long.