Key TakeawaysDatadog GitHub API enumeration campaigns: Coordinated attackers mapped GitHub organizations using ghost accounts, automated tools, and compromised access tokens.Private repository access: Researchers observed limited…
Key TakeawaysRegulatory action: Italy's Garante fined Character Technologies, the owner of Character.AI for data protection violations.Privacy concerns: The regulator cited insufficient user transparency, inadequate safeguards…
Key TakeawaysSentinelLABS Pakistan Police cyberespionage report: China- and India-linked espionage groups targeted Pakistani police systems holding sensitive operational and citizen data.Compromised complaint portal: Attackers planted…
Key TakeawaysCoordinated operation: Norway's Kripos arrested 28 men across seven countries in a dark web CSAM crackdown.Monero link: Suspects allegedly used Monero to buy access…
Key TakeawaysVote Result: A motion attempting to block the Chat Control extension proposal failed, allowing the proposal to continue through the legislative process. The vote…
Key TakeawaysInfoblox report: Researchers linked a long-running campaign using fake installers and VPNs to build residential proxy networks.Operation uncovered: Over 230 lookalike domains supported malware…
Key TakeawaysListing Surfaces: A forum actor claims to be selling a "complete database" tied to Universidad de Monterrey.Data Scope: The alleged archive covers student, faculty,…
Key TakeawaysThreat actor: Okta tracks the group as O-UNC-066, also known as "Pink" by Palo Alto Networks Unit 42, behind the campaign.Attack vector: Vishing lures…
Key TakeawaysFriendly Fire exploit: AI coding agents executed malicious code during third-party security reviews via prompt injection attacks.Verified research: AI Now Institute demonstrated remote code…
Key TakeawaysBreach confirmed: AssuranceAmerica confirmed a data breach exposing the personal information and driver's license numbers of roughly 7 million people.Discovery timeline: Hackers were discovered…
Key TakeawaysNordVPN Message Protection launched: New Android feature warns about suspicious SMS scams; works without an active VPN connection.Privacy details limited: NordVPN says messages aren't…
Key TakeawaysBackdoor Warning: China's National Vulnerability Database flagged an alleged "backdoor" in Claude Code versions 2.1.91 through 2.1.196.Data Transmission: The mechanism was said to send…
Key TakeawaysAI coding agents: Sophos found coding assistants trigger endpoint detection rules by performing attacker-like but mostly legitimate actions.Behavioral telemetry: Credential access, PowerShell commands, downloads,…
Key TakeawaysAccenture security breach confirmed: Company confirms an isolated breach after hacker claimed to sell alleged 35GB of stolen data.Claims remain unverified: Accenture did not…
Key TakeawaysCampaign Uncovered: Socket detected 17 malicious npm and PyPI packages typosquatting PaySafe, Skrill, and Neteller SDKs.Rapid Detection: Each npm package shipped versions 1.0.0–1.0.3 and…
Key TakeawaysNew Threat: Cloud AI Infrastructure Attack Framework is a centralized botnet worm targeting cloud-native developer tools.Malware Rivalry: Reports say it kills competitor processes TeamPCP…
Key TakeawaysCISA action: CISA added four actively exploited vulnerabilities to its KEV catalog – CVE-2026-48282, CVE-2026-55255, CVE-2026-48908, and CVE-2026-56290.Products affected: The flaws impact Adobe ColdFusion,…
Key TakeawaysOutage Confirmed: Telstra is investigating a nationwide outage that cut phone services, disrupted wireless payments, and impacted trains.Triple-zero Impacted: Communications Minister confirmed some calls…
Key TakeawaysNordVPN Q2 2026 roundup: Introduces next-gen antivirus, global scam call protection, AI voice detection, and VR VPN support.Verified updates: Official NordVPN announcement confirms new…




























