Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. "This new public…
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
Every AI tool, workflow automation, and productivity app your employees connected to Google or Microsoft this year left something behind: a…
We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is
While the software industry has made genuine strides over the past few decades to deliver products securely, the furious pace of AI adoption…
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
A coordinated international operation involving U.S. and Chinese authorities has arrested at least 276 suspects and shut down nine scam…
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux…
Trellix Confirms Source Code Breach With Unauthorized Repository Access
Cybersecurity company Trellix has announced that it suffered a breach that enabled unauthorized access to a "portion" of its source code. It…
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
A newly discovered Vietnamese-linked operation has been observed using a Google AppSheet as a "phishing relay" to distribute phishing emails…
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Cybersecurity researchers are warning of two cybercrime groups that are carrying out "rapid, high-impact attacks" operating almost within the…
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across…
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some…
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities…
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the…
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with…
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that…
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players…
Notepad++ Vulnerability Allows Attackers to Crash Application, Leak Memory Data
A security vulnerability has been identified in Notepad++, one of the most widely used open-source text editors among developers and IT…
Home security giant ADT data breach affects 5.5 million people
The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant…
⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More
Everything is dumb again. This week feels broken in a very familiar way. Old tricks are back. New tools are doing shady crap. Supply chains…
Money launderer linked to $230M crypto heist gets 70 months in prison
22-year-old Evan Tangeman of Newport Beach, California, was sentenced to 70 months in prison for laundering funds stolen in a massive…
UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware
A data theft campaign by a relatively new hacking group, UNC6692, has been discovered, in which hackers use social engineering and a custom…
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side
Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a…
Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files
New research from the Lat61 Threat Intelligence Team at Point Wild reveals that hackers are now hiding malicious code inside everyday files…
Attackers Can Backdoor CODESYS Applications by Chaining Vulnerabilities
Multiple vulnerabilities in the CODESYS Control runtime, one of the world’s most widely adopted software-based programmable logic…
CISA Warns of Multiple SimpleHelp Vulnerabilities Exploited in Attack
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding two actively exploited vulnerabilities in…
Threat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named “Snow,” which includes a…
Fake CAPTCHA Scam Abuses Verification Clicks to Send Costly International Texts
Network security firm Infoblox has disclosed details on a long-running fraud operation that has been quietly draining bank accounts since at…
Hackers Exploiting Cisco Firepower Devices’ Using n-day Vulnerabilities to Gain Unauthorized Access
State-sponsored threat actors are actively targeting Cisco Firepower devices by chaining known vulnerabilities to deploy a highly customized…
ADT confirms data breach after ShinyHunters leak threat
Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is…
New ClickFix attack Hides in Native Windows Tools to Reduce Detection Risk
A new ClickFix attack campaign uses fake CAPTCHA pages to trick users into running malicious commands. Learn how hackers use cmdkey and…
AI Rush is Reviving Old Cybersecurity Mistakes, Mandiant VP Warns
The rush to adopt AI in enterprise environments is not only creating new security vulnerabilities, but is also reviving old security failures,…
26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in an…
Xiongmai IP Camera Vulnerability Let Attackers Bypass Authentication and have Remote Access
Security cameras are designed to keep commercial facilities safe. However, a newly disclosed critical vulnerability in Hangzhou Xiongmai…
Python Vulnerability Allows Out-of-Bounds Write on Windows Systems
A security vulnerability has been discovered in Python’s Windows asyncio implementation, allowing attackers to trigger out-of-bounds…
Hackers Can Exploit Ollama Model Uploads to Leak Sensitive Server Data
A critical, unpatched vulnerability has been discovered in Ollama, a widely used open-source platform for running Large Language Models…
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams…
Google Favors General-Purpose Gemini Models Over Cybersecurity‑Specific AI
Google Cloud’s operations chief said the tech giant does not plan to release a separate, cyber‑focused frontier model like…
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small…
Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform
Google is betting big on agentic AI and wants professionals to track their AI agents on its new hub Gemini Enterprise Agent Platform.…
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the…
NCSC Backs Passkeys, Hailing a New Era of Sign-in
The UK’s National Cyber Security Centre (NSCS) has fully backed passkeys, stating that it should be “should now be…
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security…
Discord-Linked Group Accessed Anthropic’s Claude Mythos AI in Vendor Breach
Two weeks after Anthropic announced Claude Mythos Preview (aka Claude Mythos and Mythos AI) as part of its Project Glasswing initiative, the…