North Korean PolinRider Campaign Publishes 108 Malicious Packages Across Registries
North Korea's Contagious Interview campaign has published 108 malicious packages across npm, Packagist, Go, and Chrome in an active supply chain operation calle
North Korea's Contagious Interview campaign has published 108 malicious packages across npm, Packagist, Go, and Chrome in an active supply chain operation calle
A German court ruled Google liable for AI search summaries, reigniting the carrier-vs-publisher debate and raising urgent questions about corporate accountabili
Tata Electronics confirmed a cyberattack on parts of its IT infrastructure. The World Leaks group leaked alleged Apple manufacturing data stolen in the incident
Chinese APT group UNC5221 used Brickstorm, Plenet, and AgentPSD to maintain access across a victim network and its MSP for over 18 months.
Free apps embed Bright Data's SDK to route web-scraping traffic through home IPs, including always-on smart TVs, with consent screens that don't match actual da
CISA added CVE-2026-28318, a DoS flaw in SolarWinds Serv-U, to its KEV catalog with a federal patch deadline of June 19, 2026.
An AI agent found 21 FFmpeg zero-days for ~$1,000. That same week, Chrome 149 patched a record 429 bugs.
Over 900 ATG systems in the US sit exposed on the open internet, vulnerable to command execution attacks that could disable fuel leak detection.
PCPJack compromised 230 AWS, Azure, and Google Cloud servers to build a covert SMTP relay network, leaving tools exposed on an open C2 directory.
A Cisco UCM flaw with a CVSS 8.6 score, FSB spyware claims, and $7.7B in sanctioned Iranian crypto volume define this week's threat landscape.
The 2026 Verizon DBIR confirms what browser telemetry has shown for months: the browser is the primary attack surface most enterprises aren't watching.
BTMOB is an Android RAT evolved from SpySolr, sold as a MaaS kit with phishing tools and full device takeover capabilities targeting users across Latin America.