News Feed

Black Hat USA

[Virtual Event] Anatomy of a Data Breach: What to Do if it Happens to You

Infosecurity Europe

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

The FBI is warning about the Kali365 phishing-as-a-service platform (PhaaS) that is used to hijack Microsoft 365 accounts by abusing OAuth device code authentication to steal session tokens and bypass multi-factor authentication (MFA). [...]

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. [...]

Laravel Lang packages hijacked to deploy credential-stealing malware

A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated credential-stealing malware campaign after attackers abused GitHub version tags to distribute malicious code through Composer packages. [...]

Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes

Italian authorities have dismantled a piracy ecosystem centered around the CINEMAGOAL app that provided access to various streaming platforms, including Netflix, Disney+, and Spotify. [...]

CISA to allow researchers to report vulnerabilities to exploited bugs catalog

The Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of a nomination form on Thursday that they said enables “researchers, vendors, and industry partners” to report bugs that need to be added to the Known Exploited Vulnerabilities catalog.

FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks

The law enforcement agency published an advisory on Thursday about Kali365 — a Telegram-based service for cybercriminals that allows them to capture legitimate "OAuth" tokens enabling widespread access to Microsoft 365 environments.

Netherlands seizes 800 servers of hosting firm enabling cyberattacks

Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a web hosting company that enabled cyberattacks, interference operations, and disinformation campaigns. [...]

Akamai Joins Growing Chorus of Vendors Betting Big on Secure Enterprise Browsers

When Akamai announced its LayerX acquisition, the company joined a growing list of vendors adding secure enterprise browsers to their product portfolios.

Former US execs plead guilty to aiding tech support scammers

Two former executives of a call-tracking and analytics company pleaded guilty to concealing a years-long tech support fraud scheme that victimized individuals worldwide. [...]

Canadian man arrested, charged for running KimWolf DDos botnet

In court documents unsealed on Thursday, the Justice Department said Jacob Butler ran KimWolf as a DDoS-for-hire service that infected over a million devices worldwide.

Trend Micro warns of Apex One zero-day exploited in the wild

Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. [...]

Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks

Ransomware and vendor breaches persist. The "2026 Data Breach Investigations Report" (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable.

Drupal: Critical SQL injection flaw now targeted in attacks

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. [...]

Why Chargebacks are Just One Piece of the Fraud Puzzle

Fraud losses don't stop at chargebacks. False declines, account takeovers, and abuse also damage revenue and trust. IPQS breaks down why fraud teams need broader visibility into risk and customer impact. [...]

Ubiquiti patches three max severity UniFi OS vulnerabilities

Ubiquiti has released security updates to patch three maximum severity vulnerabilities in UniFi OS that can be exploited by remote attackers without privileges. [...]

US and Canada arrest and charge suspected Kimwolf botnet admin

U.S. and Canadian authorities arrested and charged a Canadian man with operating the KimWolf distributed denial-of-service (DDoS) botnet, which infected nearly two million devices worldwide. [...]

China's Webworm Uses Discord, Microsoft Graphs to Hack EU Governments

The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker.