345/69 Thursday, June 25, 2026 Security researchers have revealed that the Initial Access Broker (IAB) group tracked as Woodgnat, also known as KongTuke, is using a new Remote Access Trojan (RAT) called Mistic RAT to compromise organizations across multiple industries. The group has been linked to providing network access to several ransomware operations, including Qilin, […]
344/69 Thursday, June 25, 2026 Tata Electronics has confirmed that it was the target of a cyberattack that affected portions of its internal IT infrastructure. The company stated that it detected the incident several weeks ago and immediately initiated its incident response procedures. Tata Electronics emphasized that the attack has not affected its business operations, […]
343/69 Thursday, June 25, 2026 LastPass has confirmed a customer data exposure involving its Customer Relationship Management (CRM) system hosted within its Salesforce environment. The incident resulted from a supply chain attack targeting Klue, a third-party competitive intelligence platform. According to the company, the threat actor known as Icarus compromised Klue’s infrastructure and stole OAuth […]
333/69 Friday, June 19, 2026 Security researchers have disclosed a supply chain attack affecting ShapedPlugin’s premium WordPress plugins. Attackers were able to inject malicious code into plugin packages distributed through the vendor’s official update infrastructure, meaning website administrators who installed or updated affected plugins through legitimate channels may have unknowingly received compromised files. According to […]
332/69 Friday, June 19, 2026 Kodak has confirmed that it is working with external cybersecurity experts to investigate a data breach after attackers gained unauthorized access to a portion of the company’s data. Kodak, formally known as Eastman Kodak Company, was founded in 1880 and is headquartered in Rochester, New York. The company operates in […]
331/69 Friday, June 19, 2026 Cybersecurity researchers have uncovered a new cybercrime campaign targeting cryptocurrency holders and digital asset investors seeking quick profits. The attackers use sophisticated trust-building techniques to trick victims into downloading and installing malware on their devices. What makes this campaign particularly noteworthy is that the threat actors do not rely solely […]
330/69 Thursday, June 18, 2026 Security researchers have uncovered a malware campaign leveraging Steam Workshop as a distribution channel for malicious files through wallpapers created for Wallpaper Engine. The attackers abuse the platform’s application wallpapers feature, a wallpaper type that allows Windows applications to run as wallpapers. As a result, seemingly harmless wallpaper files can […]
329/69 Thursday, June 18, 2026 Reports indicate that the hack-and-leak cybercriminal group FulcrumSec has claimed responsibility for breaching and stealing approximately 1.3 terabytes of data from Novo Nordisk, the Danish pharmaceutical giant behind major diabetes and weight-management medications such as Ozempic, Wegovy, Rybelsus, Victoza, and Saxenda, as well as several insulin products. The group’s claim […]
328/69 Thursday, June 18, 2026 Researchers have identified a new Android malware strain named Rokarolla, which has been specifically developed to target more than 217 financial and cryptocurrency applications. The malware is distributed through fraudulent websites masquerading as legitimate download sources for popular applications such as Google Chrome and TikTok. Once installed, Rokarolla can obtain […]
321/69 Monday, June 15, 2026 Researchers have disclosed details of Operation Highland, a long-running cyber espionage campaign linked to the Velvet Ant threat group. The attackers were able to infiltrate and maintain access within target organizations’ networks-including critical infrastructure environments that were isolated from direct Internet connectivity-for up to 10 years. The intrusion reportedly began […]
