The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an off-the-shelf toolkit called W3LL… Read More »FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some… Read More »⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks’ Wendi Whitmorewarned that similar capabilities are… Read More »Your MTTD Looks Great. Your Post-Alert Gap Doesn’t
The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them… Read More »North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious Axios library on March 31, but noted that no user data or internal system was compromised. “Out… Read More »OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a… Read More »Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Unknown threat actors compromised CPUID (“cpuid[.]com”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for… Read More »CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc.… Read More »Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that’s designed to stealthily infect all integrated development environments (IDEs) on a developer’s machine.… Read More »GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is… Read More »Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure