Loading press release...
Live Threat IntelLive
FBI Warns of Surge in Hacker-Enabled Cargo Theft(SecurityWeek)US ransomware negotiators get 4 years in prison over BlackCat attacks(Bleeping Computer)1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom(SecurityWeek)Two Americans Sentenced to Prison for Using BlackCat Ransomware to Attack Multiple Entities(DataBreaches.net)TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack(Dark Reading)Bot her emails: most modern phishing campaigns are AI-enabled(The Register)FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'(The Register)New Bluekit phishing service includes an AI assistant, 40 templates(Bleeping Computer)AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours(SecurityWeek)15-year-old arrested in massive French Government data leak(DataBreaches.net)French prosecutors link 15-year-old to mega-breach at state’s secure document agency(The Register)Three Arrested for Hacking Over 610,000 Roblox Accounts(Infosecurity Magazine)Deep#Door Python Backdoor Evades Detection On Windows(Infosecurity Magazine)Anti-DDoS Firm Heaped Attacks on Brazilian ISPs(Krebs on Security)New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials(The Hacker News)EnOcean SmartServer Flaws Expose Buildings to Remote Hacking(SecurityWeek)Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)(Help Net Security)Critical cPanel and WHM bug exploited as a zero-day, PoC now available(Bleeping Computer)Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months(SecurityWeek)Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day(The Register)Large-scale Roblox hacking operation shut down by Ukrainian authorities(Security Affairs)Official SAP npm packages compromised to steal credentials(Bleeping Computer)Popular WordPress redirect plugin hid dormant backdoor for years(Bleeping Computer)Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining(Bleeping Computer)CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure(Security Affairs)SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack(The Hacker News)VECT Ransomware is a Wiper, Not Ransomware — Don’t Bother Paying, Says Check Point Research(DataBreaches.net)Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error(Dark Reading)New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs(The Hacker News)Over 200 Japanese firms have paid ransomware attackers; 60% fail to recover data(DataBreaches.net)AR: Pine Bluff School District loses $3.2 million in business email compromise attack(DataBreaches.net)Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities(Dark Reading)Researchers Track 2.9 Billion Compromised Credentials(Infosecurity Magazine)Critical Flaw Turns Vect Ransomware into Data Destroying Wiper(Infosecurity Magazine)Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately(The Hacker News)ShinyHunters exploit Anodot incident to target Vimeo(Security Affairs)BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures(Dark Reading)CVE-2026-3854 GitHub flaw enables remote code execution(Security Affairs)Feuding Ransomware Groups Leak Each Other's Data(Dark Reading)Medtronic Confirms Data Breach After ShinyHunters Claims(Infosecurity Magazine)FBI Warns of Surge in Hacker-Enabled Cargo Theft(SecurityWeek)US ransomware negotiators get 4 years in prison over BlackCat attacks(Bleeping Computer)1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom(SecurityWeek)Two Americans Sentenced to Prison for Using BlackCat Ransomware to Attack Multiple Entities(DataBreaches.net)TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack(Dark Reading)Bot her emails: most modern phishing campaigns are AI-enabled(The Register)FBI cyber boss: China's hacker-for-hire ecosystem 'out of control'(The Register)New Bluekit phishing service includes an AI assistant, 40 templates(Bleeping Computer)AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours(SecurityWeek)15-year-old arrested in massive French Government data leak(DataBreaches.net)French prosecutors link 15-year-old to mega-breach at state’s secure document agency(The Register)Three Arrested for Hacking Over 610,000 Roblox Accounts(Infosecurity Magazine)Deep#Door Python Backdoor Evades Detection On Windows(Infosecurity Magazine)Anti-DDoS Firm Heaped Attacks on Brazilian ISPs(Krebs on Security)New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials(The Hacker News)EnOcean SmartServer Flaws Expose Buildings to Remote Hacking(SecurityWeek)Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)(Help Net Security)Critical cPanel and WHM bug exploited as a zero-day, PoC now available(Bleeping Computer)Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months(SecurityWeek)Bug of the year (so far): Nasty cPanel vulnerability probably exploited as a 0-day(The Register)Large-scale Roblox hacking operation shut down by Ukrainian authorities(Security Affairs)Official SAP npm packages compromised to steal credentials(Bleeping Computer)Popular WordPress redirect plugin hid dormant backdoor for years(Bleeping Computer)Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining(Bleeping Computer)CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure(Security Affairs)SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack(The Hacker News)VECT Ransomware is a Wiper, Not Ransomware — Don’t Bother Paying, Says Check Point Research(DataBreaches.net)Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error(Dark Reading)New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs(The Hacker News)Over 200 Japanese firms have paid ransomware attackers; 60% fail to recover data(DataBreaches.net)AR: Pine Bluff School District loses $3.2 million in business email compromise attack(DataBreaches.net)Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities(Dark Reading)Researchers Track 2.9 Billion Compromised Credentials(Infosecurity Magazine)Critical Flaw Turns Vect Ransomware into Data Destroying Wiper(Infosecurity Magazine)Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately(The Hacker News)ShinyHunters exploit Anodot incident to target Vimeo(Security Affairs)BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures(Dark Reading)CVE-2026-3854 GitHub flaw enables remote code execution(Security Affairs)Feuding Ransomware Groups Leak Each Other's Data(Dark Reading)Medtronic Confirms Data Breach After ShinyHunters Claims(Infosecurity Magazine)