Identity & Access

Deleted Google API keys remain active for up to 23 minutes due to eventual consistency delays.

SonicWall Gen6 SSL-VPN devices remain vulnerable to MFA bypass despite patching without manual LDAP reconfiguration.

Uruguay DNIC citizen database with 5.8M records allegedly leaked on underground forum

CISA administrator accidentally exposed AWS GovCloud credentials on GitHub.

Grafana Labs' GitHub environment breached via stolen token; source code stolen by CoinbaseCartel extortion gang.

Tycoon2FA phishing kit adds device-code attacks to hijack Microsoft 365 accounts via Trustifi URLs.

Scammers mail fake Ledger phishing letters with QR codes to steal crypto wallet seed phrases from Italian users.

Four critical vulnerabilities in OpenClaw AI servers enable data theft, backdoors, and admin-level compromise.

Industry develops verification standards for autonomous AI agents operating in enterprise systems.

REMUS infostealer malware evolves into MaaS platform targeting session tokens and password managers.

Brazilian identity verification provider Nuvidio allegedly breached; 40K files with KYC, biometrics, private keys

Guatemalan Ministry of Finance allegedly breached; 130K RGAE registrations and 235K PDFs exposed via IDOR.

Cyber-enabled cargo crime uses phishing and stolen credentials to redirect freight shipments to criminal warehouses.

mutreasury payment gateway breach exposes admin credentials, API keys, and student data from 28+ Egyptian universities;

Ghostwriter targets Ukrainian government with geofenced PDF phishing delivering Cobalt Strike.

KongTuke IAB now exploits Microsoft Teams for social engineering, delivering ModeloRAT in under five minutes.

Siemens Opcenter RDnL affected by missing authentication in ActiveMQ Artemis (CVE-2026-27446)

AI hallucinations pose critical security risks in infrastructure decision-making through confident but inaccurate

Underground ecosystem sells iPhone unlocking tools and phishing kits to criminals targeting stolen devices.

Iran-linked MuddyWater targets South Korean electronics maker and 8+ orgs in espionage campaign.

Composer vulnerability exposed GitHub Actions tokens in CI logs due to token format validation regex mismatch.

Microsoft patches critical zero-click Outlook RCE vulnerability CVE-2026-40361 affecting enterprises.

Fortinet patches critical RCE flaws in FortiSandbox and FortiAuthenticator.

FutureShop Egypt breached via unauthenticated API exposure, leaking 3,893 customer profiles and 5,181 orders.

Fake Claude Code installer malware targets developers to steal browser credentials and encryption keys.

Android 17 introduces banking scam call detection, device theft protection, and expanded threat detection features.

Microsoft incident response reveals stealthy third-party compromise exploiting trusted HPE operations agent.

Responder tool exploits NetBIOS election mechanism to intercept network traffic.

German appeals court partially upholds GDPR data subject rights against social media company tracking via third-party

ABB WebPro SNMP Card PowerValue contains three critical vulnerabilities enabling authentication bypass and DoS attacks.

CB Financial Services discloses material breach exposing customer names, SSNs, birthdates via unauthorized AI app.

BLS International breach exposes 29M records, source code, SSH keys from Indian visa services provider

Google discloses first known zero-day 2FA bypass likely developed using AI by unknown threat actors.

Password resets alone don't remove attackers from AD; cached credentials and Kerberos tickets enable persistence.

Google identifies first AI-generated zero-day exploit designed to bypass 2FA on web administration tool.

Hackers abuse Vercel GenAI to mass-produce convincing phishing sites mimicking Microsoft, Adidas, Nike.

Operation HookedWing phishing campaign steals 2,000+ credentials from 500+ organizations over four years.

DigiCert revokes 60 code signing certificates after attackers breach support systems to issue malware signatures.

Threat actor selling 9,542 passport and ID card scans from France, Turkey, and other nations.

Phishing campaign pivots to OAuth device code attacks using runtime-fetched landing pages.

Ransomware negotiator sentenced for $56M attacks; DPRK IT fraud disrupted; PCPJack targets cloud credentials; Palo Alto

Threat actor claims to be selling full admin access to 1,169 Australian websites.

Instructure Canvas LMS suffers unauthorized access via Free-For-Teacher account vulnerability; personal data of

Community Choice Credit Union allegedly breached; 1M+ premium client records with full card numbers exposed.

Community Choice Credit Union allegedly breached, exposing 1M+ premium client records.

Former federal contractor convicted for destroying 96 government databases after termination.

ShinyHunters breach Canvas infrastructure via vishing social engineering attack.

ClaudeBleed vulnerability in Claude Chrome extension allows attackers to hijack AI agent via prompt injection.

Instructure Canvas suffers confirmed security breach; names, emails, student IDs, and messages compromised.

ShinyHunters defaced Canvas login portals for 330 schools in extortion campaign.