1+ hour, 37+ min ago  (636+ words) Hackers bypass Sonic Wall VPN MFA due to incomplete patching Flipper One project needs community help to build open Linux platform US and Canada arrest and charge suspected Kimwolf botnet admin Own this Luminar Neo editing bundle for $65 (reg. $682) through…...

21+ hour, 28+ min ago  (629+ words) Discord rolls out end-to-end encryption on voice, video calls Cybercrime service disrupted for abusing Microsoft platform to sign malware FBI: Americans lost over $388 million to scams using crypto ATMs in 2025 Police seize "First VPN" service used in ransomware, data theft…...

1+ day, 13+ hour ago  (617+ words) Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on Sonic Wall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. During the intrusions, the hacker took between 30 and 60 minutes to log in, do network reconnaissance, test credential reuse…...

4+ day, 19+ hour ago  (661+ words) The Tycoon2 FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts. Despite an international law enforcement operation disrupting the Tycoon2 FA phishing platform in March, the malicious operation was rebuilt on new infrastructure and…...

6+ day, 18+ hour ago  (560+ words) Shai Hulud attack ships signed malicious Tan Stack, Mistral npm packages Windows 11 KB5089549 & KB5087420 cumulative updates released Instructure reaches 'agreement' with Shiny Hunters to stop data leak Funnel Builder Word Press plugin bug exploited to steal credit cards Microsoft Exchange, Windows 11 hacked…...

1+ week, 13+ hour ago  (475+ words) Hackers are leveraging a critical authentication bypass vulnerability in the Word Press plugin Burst Statistics to obtain admin-level access to websites. Burst Statistics is a privacy-focused analytics plugin active on 200, 000 Word Press sites and marketed as a lightweight alternative to…...

1+ week, 1+ day ago  (604+ words) Shai Hulud attack ships signed malicious Tan Stack, Mistral npm packages Windows 11 KB5089549 & KB5087420 cumulative updates released Instructure reaches 'agreement' with Shiny Hunters to stop data leak New critical Exim mailer flaw allows remote code execution This CISSP prep bundle is $20 for…...

1+ week, 2+ day ago  (282+ words) Signal has introduced new in-app confirmations and warning messages as additional safeguards against phishing and social engineering attempts that could lead to various forms of fraud. The purpose is to introduce enough friction that users get the time to evaluate…...

2+ week, 1+ day ago  (514+ words) Canvas login portals hacked in mass Shiny Hunters extortion campaign Ivanti warns of new EPMM flaw exploited in zero-day attacks Student hacked Taiwan high-speed rail to trigger emergency brakes New Cisco Do S flaw requires manual reboot to revive devices…...

2+ week, 1+ day ago  (573+ words) Student hacked Taiwan high-speed rail to trigger emergency brakes Instructure hacker claims data theft from 8, 800 schools, universities DAEMON Tools devs confirm breach, release malware-free version Hackers abuse Google ads for Go Daddy Manage WP login phishing Critical vm2 sandbox bug lets…...