🚨 Important Security Alert! An attachment in an email impersonating DHL about a shipment contains a link to a preconfigured SimpleHelp remote access tool—an ideal starting point for attackers to e...

Copy Fail Vulnerability in Major Linux Distributions 🚨 Copy Fail (CVE-2026-31431) is a logic bug in the Linux kernel’s cryptographic template. It allows an unprivileged local user to trigger a det...

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This o...

Agent’s Claims on WhatsApp Access Spark Security Concerns A US agent claimed that WhatsApp encryption is fake, alleging that Meta accesses all unencrypted messages. This revelation has sparked sig...

Microsoft Won’t Patch PhantomRPC - Feature or Bug? 🚨 A researcher has discovered a weakness called PhantomRPC that Microsoft does not consider a vulnerability it plans to patch. PhantomRPC involve...

Hackers Exploit RCE Flaws in Qinglong Task Scheduler for Cryptomining 🚨 Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy ...

Hackers Arrested for Hijacking and Selling 610,000 Roblox Accounts 🚨 The Ukrainian police have arrested three individuals involved in hacking over 610,000 Roblox gaming accounts and selling them f...

Researchers Built a Chatbot That Only Knows the World Before 1931 Three researchers have created a unique chatbot that hasn’t read anything published after 1930. Talkie is a 13-billion-parameter l...

Polymarket Rejects Data Breach Claims 🚫 A hacker named Xorcat claims to have stolen a massive 300,000 records from Polymarket. The alleged stolen data was posted on a cybercrime forum and Telegram...

Securing RAG Pipelines in Enterprise SaaS Connecting an LLM to your proprietary data via RAG is a massive liability; without document-level access controls, your AI is just one prompt away from ex...

New Android Spyware Morpheus Linked to Italian Surveillance Firm 🚨 Osservatorio Nessuno has uncovered a new spyware named Morpheus that spreads through fake Android apps to steal sensitive data. T...

Italy Extradites Chinese Cyber-Espionage Suspect to US 🚨 Italy has extradited an accused Chinese hacker wanted in the United States for allegedly stealing vaccine research at the height of the COV...

VECT: Ransomware by Design, Wiper by Accident 🚨 Check Point Research has discovered that the VECT 2.0 ransomware permanently destroys large files instead of encrypting them. A critical flaw in the...

Tall Tales: How Chinese Actors Use Impersonation and Stolen Narratives to Perpetuate Digital Transnational Repression In collaboration with the International Consortium of Investigative Journalist...

HTTP Requests with X-Vercel-Set-Bypass-Cookie Header This weekend, we observed several requests to our honeypot that included an X-Vercel-Set-Bypass-Cookie header. Here’s a sample request: GET / ...

DragonBreath: A Critical 0-Day Vulnerability in the Kernel 🚨 This report documents a critical 0-day vulnerability in dragoncore_k.sys, a Windows kernel-mode driver bearing a valid Microsoft WHQL s...

Robinhood Account Creation Flaw Abused to Send Phishing Emails 🚨 Online trading platform Robinhood’s account creation process was exploited by threat actors to inject phishing messages into legiti...

Firefox Bug CVE-2026-6770 Enables Cross-Site Tracking and Tor Fingerprinting A vulnerability, tracked as CVE-2026-6770, allowed attackers to fingerprint Firefox users, even in Private Browsing, an...

Canada Arrests Three for Operating SMS Blaster Device in Toronto 🚨 Canadian authorities have arrested three men for operating an “SMS blaster” device that pretends to be a cellular tower to send p...

American Teenager’s High-Flying Double Life EXPOSED 🚨 A notorious hacker who held companies hostage for millions while mocking the FBI’s efforts to catch him has been unmasked as a teenager. Prose...