Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on...

Relax, the data's been recovered. Continue with your vibe coding

A pro-Iran hacking group claimed responsibility for an eBay outage that began Sunday and said it will “continue to rapid fire assaults and destroy their backends” if the group’s demands went...

In April 2026, the hacking collective ShinyHunters claimed to have obtained data from Pitney Bowes as part of a broader extortion campaign that also named several other organisations. After...

M3rx is a new ransomware name with a leak site, a Tox contact, and a Windows encryptor that is already doing real work. . It carries an embedded config, writes RECOVERY_NOTES.TXT, renames...

Itron, Medtronic disclose breaches in Friday filings

Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web....

Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had...

The suspected shooter at Saturday night's White House Correspondents' Dinner faces three felony charges. He currently remains in custody following Monday's hearing.

Spring security advisory (AV26-397)

Everything is dumb again. This week feels broken in a very familiar way. Old tricks are back. New tools are doing shady crap. Supply chains got hit. Fake help desks worked. Weird research showed...

Itron, Medtronic disclose breaches in Friday filings Digital intruders recently broke into two major tech suppliers - utility-technology firm Itron and medical-device maker Medtronic - according...

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update. [...]

Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a powerful cybersecurity-focused AI system capable of identifying...

A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in Russia since September 2025. That's...

Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository that are linked to a persistent information-stealing campaign dubbed...

Canadian authorities have arrested three men for operating an "SMS blaster" device that pretends to be a cellular tower to send phishing texts to nearby phones. [...]

A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to the United States to face criminal charges. [...]

The operation, identified by the Digital Forensic Research Lab (DFRLab), was part of Spamouflage, a long-running influence network linked to Beijing.

Notepad++ security advisory (AV26-395)

Microsoft Edge security advisory (AV26-396)

Broadcom VMware security advisory (AV26-394)

Red Hat security advisory (AV26-392)

[Control Systems] Moxa security advisory (AV26-393)

Ubuntu security advisory (AV26-390)

[Control systems] CISA ICS security advisories (AV26–391)

Global recruitment giant says 71% of human firewalls saw wages stagnate last year as threats and responsibilities grew

Some attackers, which researchers link to The Com, have swatted company executives to increase leverage and pressure victims to pay their ransom demands. The post BlackFile actively extorting...

Dell security advisory (AV26-389)

IBM security advisory (AV26-388)