Cybercrime / Attacks: OpenAI has revoked the code-signing certificate for its macOS applications after a supply chain attack on its GitHub Actions workflow was discovered to have used a malicious library to download a backdoor. OpenAI stated that no user data was compromised, but as a precaution, they are enhancing their security processes for certifying macOS applications. πthehackernews.com
Cybercrime / Exploits: CPUID, the provider of popular hardware monitoring tools like CPU-Z and HWMonitor, has experienced a security breach where hackers replaced legitimate download links with malicious executables containing the STX RAT malware. The compromise, which lasted less than 24 hours, affected users who downloaded the software during that period, though the digitally signed original files remained unaffected. πthehackernews.comπbleepingcomputer.com
Cybercrime / Data Breach: A student loan servicer breach has exposed the personal data of approximately 2.5 million individuals, potentially leading to further issues for those affected. πthreatpost.com
Cybercrime / Phishing: Threat actors are employing a new phishing-as-a-service platform called "VENOM" to target senior executives with sophisticated attacks that steal Microsoft logins by mimicking legitimate login pages and relaying credentials. πbleepingcomputer.comπthehackernews.com
Cybercrime / Malware: The GlassWorm campaign has evolved with a new Zig dropper designed to infect integrated development environments (IDEs), disguised as a popular WakaTime extension, stealthily delivering a known GlassWorm dropper. πthehackernews.com
Cybercrime / Ransomware: German authorities have identified Daniil Maksimovich Shchukin, 31, as the alleged head of the GandCrab and REvil ransomware groups, linking him to at least 130 acts of sabotage and extortion against German victims between 2019 and 2021, extorting nearly $2 million euros. πkrebsonsecurity.com
Cybercrime / Wiper Attack: A new wiper attack targeting Iran has been launched by the TeamPCP cybercrime group, which uses a worm to spread through exposed cloud services and wipe data on systems matching Iran's timezone or language settings. πkrebsonsecurity.com
Cybercrime / Botnets: U.S. authorities, alongside Canadian and German counterparts, have dismantled four major IoT botnetsβAisuru, Kimwolf, JackSkid, and Mossadβresponsible for over three million infected devices and record-breaking DDoS attacks. πkrebsonsecurity.com
Cybercrime / DDoS: The Kimwolf botnet, which rapidly infected millions of IoT devices, has been disrupting the Invisible Internet Project (I2P) network as its operators reportedly attempt to use I2P for fallback communications, causing widespread outages. πkrebsonsecurity.com
Cybercrime / Phishing: The Starkiller phishing service allows attackers to dynamically load real login pages and act as a man-in-the-middle proxy, capturing keystrokes, session tokens, and MFA credentials in real-time. πkrebsonsecurity.com
Cybercrime / APT: Russian military intelligence units, identified as Forest Blizzard (APT28), are reportedly using known vulnerabilities in older SOHO routers to mass harvest authentication tokens from Microsoft Office users without deploying malware, impacting over 18,000 routers. πkrebsonsecurity.comπbleepingcomputer.com
Cybercrime / Data Theft: A hacktivist group named Handala, with alleged ties to Iran's intelligence agencies, claims responsibility for a data-wiping attack against medical technology company Stryker, impacting operations globally and purportedly wiping data from over 200,000 devices. πkrebsonsecurity.com
Vulnerabilities / Exploits: Adobe has issued emergency updates to address CVE-2026-34621, a critical vulnerability in Acrobat Reader that allows arbitrary code execution and is currently being actively exploited in the wild. πthehackernews.comπbleepingcomputer.com
Vulnerabilities / Mobile Security: A flaw in the EngageLab SDK, used by millions of Android applications including over 30 million crypto wallet installs, allowed apps to bypass Android's security sandbox and access private data. πthehackernews.com
Vulnerabilities / RCE: A critical pre-authentication remote code execution flaw (CVE-2026-39987) in the Marimo open-source Python notebook has been actively exploited within 10 hours of its disclosure, impacting versions prior to 0.20.4. πthehackernews.com
Vulnerabilities / Web Security: Hackers compromised the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, distributing a malicious version with backdoors through official channels. πthehackernews.comπbleepingcomputer.com
AI / Cybersecurity: The HumanX conference highlighted Claude as a major topic of discussion, with concerns raised about AI browser extensions being a significant, unguarded threat surface, as they often have vulnerabilities and increased permissions. πtechcrunch.comπthehackernews.com
AI / Security: Google has made Device Bound Session Credentials (DBSC) generally available in Chrome 146 for Windows to combat session theft, a feature designed to block info-stealing malware from accessing session cookies. πbleepingcomputer.comπthehackernews.com
AI / Threat Intelligence: Anthropic's advanced AI model, Claude Mythos, has reportedly discovered thousands of zero-day vulnerabilities across major systems, prompting discussions about its potential impact on cybersecurity. πthehackernews.com
Browsers / Security: Google is implementing new protections in Chrome 146 for Windows to prevent session theft by blocking info-stealing malware from accessing session cookies. πthehackernews.com
Cloud Security / Exploits: Unknown attackers compromised CPUID's website, distributing trojanized versions of CPU-Z and HWMonitor that deployed the STX RAT malware. πbleepingcomputer.com
Data Protection / Privacy: Google is rolling out end-to-end encryption (E2EE) for Gmail on mobile devices, enhancing privacy for enterprise users by allowing secure email composition and reading without additional tools. πbleepingcomputer.com
Enterprise Security / Cloud: The annual Cloud Threats Report indicates that basic security oversights still lead to most cloud breaches, exacerbated by AI's acceleration of attack speed. πthehackernews.uk
Government / Cybersecurity: France is planning to transition its government systems from Windows to Linux to reduce its reliance on U.S. technology and enhance its cybersecurity posture. πtechcrunch.com
IoT / Botnets: The Kimwolf botnet's operators have been using the I2P anonymity network for fallback communications, inadvertently causing widespread disruptions to the network by overwhelming it with infected devices. πkrebsonsecurity.com
Linux / Security: The Linux Kernel Organization has updated its policies to allow AI-generated code submissions, provided they meet strict guidelines for licensing, attribution, and developer accountability for any errors or vulnerabilities. πxda-developers.comπtechcrunch.com
Malware / Windows Security: Threat actors are using a new malware called LucidRook, delivered via spear-phishing campaigns targeting Taiwanese NGOs and universities, which employs a Lua interpreter and Rust-compiled libraries for sophisticated payload delivery. πthehackernews.com
Microsoft / Security: Microsoft has released security updates to fix 77 vulnerabilities across its products, including critical remote code execution flaws in SQL Server and Microsoft Office that can be triggered via the Preview Pane. πkrebsonsecurity.com
Mobile Security / Exploits: A vulnerability in the EngageLab SDK, utilized by millions of Android apps including over 30 million crypto wallet installs, could allow malicious apps to bypass security sandboxes and access sensitive user data. πthehackernews.com
OpenAI / Security: OpenAI is strengthening its macOS app security after a supply chain attack on its GitHub Actions workflow was found to have used a malicious library to download a backdoor, though no user data was compromised. πthehackernews.com
Privacy / Surveillance: Citizen Lab reports indicate that law enforcement agencies in the U.S., El Salvador, and Hungary have used a surveillance tool called Webloc, developed by Cobwebs Technologies, to track an estimated 500 million devices via advertising data. πthehackernews.com
Startups / AI: Nvidia-backed SiFive has achieved a $3.65 billion valuation for its open AI chip designs, indicating significant investor interest in the burgeoning field of AI hardware. πtechcrunch.com
Startups / E-commerce: Walmart-owned Flipkart and Amazon are intensifying competition in India's quick commerce market, putting pressure on smaller startups in the sector. πtechcrunch.com
Startups / Venture Capital: Collide Capital has raised a $95 million fund to invest in fintech and future-of-work startups, signaling continued investor confidence in these sectors. πtechcrunch.com
Tech Policy / AI: U.S. officials are reportedly encouraging banks to test Anthropic's powerful "Mythos" AI model, raising questions about the government's role in promoting potentially risky AI technologies. πtechcrunch.com
Tech Policy / Regulation: Kalshi has secured a temporary pause on a criminal case brought against it in Arizona, where state prosecutors alleged it was running an illegal gambling operation, following a federal judge's order. πtechcrunch.com
Technology / Hardware: Apple is reportedly testing four different designs for its upcoming smart glasses, including various frame styles and a unique vertical oval camera system, aiming to compete with offerings from Meta. πtechcrunch.com
Technology / AI: The largest orbital compute cluster is now operational, marking a significant development in providing computing power from space. πtechcrunch.com
Technology / AI: A simple guide to common AI terms like LLMs and hallucinations has been released to help demystify the technology for a wider audience. πtechcrunch.com
Technology / Social Media: X (formerly Twitter) has announced plans to reduce payments made to accounts that primarily post clickbait content, aiming to improve the quality of information on the platform. πtechcrunch.com
Technology / Transportation: TechCrunch Mobility highlights a trend of talent poaching within the self-driving vehicle industry, as companies aggressively recruit experienced professionals. πtechcrunch.com
Web Security / Exploits: A critical vulnerability (CVE-2026-34040) in Docker allows attackers to bypass authorization and gain host access, posing a significant risk to containerized environments. πthehackernews.com