DOJ confirms FBI Director Kash Patel's personal email was hacked
Iran-linked hackers successfully broke into FBI Director Kash Patel's personal email, the Department of Justice confirmed to Reuters on Friday. Reuters could not authenticate the leaked emails themselves but noted that the Gmail address matched an email account "linked to Patel in previous data breaches ?preserved by the dark web intelligence firm District 4 Labs." The DOJ suggested the emails appeared to be authentic. READ MORE...
Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs
macOS users are targeted in a fresh ClickFix campaign that uses a Cloudflare-themed verification page to deliver a Python-based information stealer, Malwarebytes reports. The attack starts with a fake CAPTCHA page that serves a legitimate-looking Cloudflare human verification page asking visitors to paste and execute a command in Terminal. Referred to as ClickFix, the technique relies on social engineering to trick users into executing malicious commands on their devices. READ MORE...
Criminals are renting virtual phones to bypass bank security
Researchers at Group-IB warn about criminals using virtual Android devices to bypass modern security solutions. Cloud phones are virtual Android devices that can fully mimic real device fingerprints (model, hardware, IP, timezone, sensor data, behavior). This allows them to undermine banks' device-based fraud detection. Originally, phone farms were made up of physical devices and were set up for testing. They grew in number when companies found out they could rent virtual phones. READ MORE...
TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware
TeamPCP continues its supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. Telnyx is a widely used software development kit (SDK) for the Telnyx AI Voice Agent service. According to Endor Labs researchers, attackers backdoored the legitimate SDK code and published versions 4.87.1 and 4.87.2 of the package on the Python Package Index (PyPI), one shortly after the other. READ MORE...
Coruna, DarkSword & Democratizing Nation-State Exploit Kits
Coruna, a high-grade mobile exploit kit armed with zero-day vulnerabilities for high-level espionage efforts, turns out to have links to 2023's Operation Triangulation spyware campaign, researchers say. And it has now, along with a similar toolkit, DarkSword, fallen into the hands of cybercriminals and a mysterious Russian state actor called UNC6353 (aka Star Blizzard). To make matters worse, DarkSword has also been leaked to GitHub this week. READ MORE...
How OpenClaw's agent skills become an attack surface
AI agent gateways like OpenClaw feel like a portal to a future that, even a few months ago, felt impossibly distant. That future is genuinely transformative, but it's also scary in some very specific ways. OpenClaw works due to a kind of Faustian bargain. It is compelling precisely because it has real access to your local machine, your apps, your browser sessions, your files, and often long-term memory. READ MORE...
Wartime Usage of Compromised IP Cameras Highlight Their Danger
Compromised Internet-connected cameras - once the fodder of botnet operators and online voyeurs - have become an important military asset in recent conflicts, with Russian and Ukrainian forces hacking cameras to gather intelligence on the other side, Iran using compromised devices for targeted strikes, and a joint US-Israeli mission reportedly relying on connected cameras for the successful strike on Iran's leader. READ MORE...
Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now
?Cybersecurity firm F5 Networks has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on unpatched devices. BIG-IP APM (short for Access Policy Manager) is a centralized access management proxy solution that enables admins to secure and manage user access to their organizations' networks, cloud, applications, and application programming interfaces (APIs). READ MORE...
Exploitation of Fresh Citrix NetScaler Vulnerability Begins
In-the-wild exploitation of a fresh critical-severity Citrix NetScaler vulnerability has started less than a week after public disclosure, attack surface management firm WatchTowr warns. Last Monday, Citrix rolled out fixes for the flaw, tracked as CVE-2026-3055 (CVSS score 9.3), which it described as an out-of-bounds read issue and said it had identified internally. Immediately after Citrix disclosed the security defect, WatchTowr warned that threat actors would likely start exploiting it. READ MORE...
- ...in 1867, U.S. Secretary of State William H. Seward signs a treaty with Russia for the purchase of Alaska for $7.2 million.
- ...in 1930, actor John Astin, best known as Gomez Addams on "The Addams Family", is born in Baltimore, MD.
- ...in 1962, rapper MC Hammer ("U Can't Touch This", "2 Legit 2 Quit") is born Stanley Kirk Burrell in Oakland, CA.
- ...in 1964, the game show Jeopardy! debuts on NBC, hosted by Art Fleming.
