Sandhills Medical Says Ransomware Breach Affects 170,000
South Carolina-based healthcare provider Sandhills Medical Foundation has disclosed a data breach affecting nearly 170,000 individuals. Sandhills Medical said in a data security incident notice on its website that it discovered a ransomware attack on May 8, 2025. It has since been working with law enforcement, cybersecurity experts, and a forensics firm to investigate the intrusion and determine its impact. READ MORE...
Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats
US Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes. The messages, which began arriving on Monday, came signed by the Iran-linked Handala hacking group, that has spent much of 2026 attacking US and Israeli targets. The messages reportedly arrived from a Bahraini phone number registered to a local business - most likely because it had been spoofed or hijacked. READ MORE...
Anti-DDoS Firm Heaped Attacks on Brazilian ISPs
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm's chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company's public image. READ MORE...
Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks
A critical remote code execution vulnerability was recently discovered by researchers in Gemini CLI, an open source AI agent designed to provide lightweight access to Gemini directly from a terminal. The vulnerability, patched by Google in both Gemini CLI and the 'run-gemini-cli' GitHub Action, was identified by researchers at Novee Security. The researchers noticed that "Gemini CLI automatically trusted the current workspace folder, loading any agent configuration it found there." READ MORE...
Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error
The latest variant of an emerging ransomware may be far more destructive than its operators intended, acting as a wiper that deletes many of an organization's captured files instead of encrypting them, as typical ransomware does. This scenario makes recovery impossible for defenders while complicating the possibility of holding files for ransom for the attackers. The Vect 2.0 variant has a flaw that inadvertently and permanently destroys so-called "large files" rather than encrypting them. READ MORE...
Police dismantles 9 crypto scam centers, arrests 276 suspects
A joint international operation involving U.S. and Chinese authorities arrested at least 276 suspects and shut down nine cryptocurrency investment fraud centers. The crackdown was led by Dubai Police under the UAE Ministry of Interior and targeted crime networks running so-called pig-butchering schemes (also known as romance baiting), a form of fraud in which scammers build trust with their targets before luring them to fake cryptocurrency investment platforms that drain their funds. READ MORE...
Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a zero-click Windows flaw that can expose sensitive information on vulnerable systems. While we don't know who is attacking this one, tracked as CVE-2026-32202, we'd suggest betting it all on Putin's goons. The flaw stems from an incomplete fix for an earlier vulnerability found and abused by Russian spies a month before Redmond released a patch. READ MORE...
Reverse Engineering With AI Unearths High-Severity GitHub Bug
GitHub yesterday disclosed CVE-2026-3854, a high severity (8.7 CVSS) vulnerability identified in GitHub Enterprise Server that would grant an attacker with push access to a repository to achieve remote code execution. GitHub said in a blog post that the vulnerability also affected github.com, GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, and GitHub Enterprise Cloud with Enterprise Managed Users. READ MORE...
New Linux 'Copy Fail' flaw gives hackers root on major distros
An exploit has been published for a local privilege escalation vulnerability dubbed "Copy Fail" that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. The vulnerability is tracked as CVE-2026-31431 and was discovered by the offensive security company Theori, using its AI-driven pentesting platform Xint Code after scaning the Linux crypto/ sybsystem for about an hour. READ MORE...
- ...in 1789, George Washington is sworn in as the first U.S. president.
- ...in 1916, mathematician and engineer Claude Shannon, known as "the father of information theory", is born in Petosky, MI.
- ...in 1969, The Beatles record "Let It Be" at Abbey Road Studios.
- ...in 1985, actress Gal Gadot ("Wonder Woman", "Fast & Furious") is born in Petah Tikva, Israel.
