Iranian government-linked hackers sabotaged the computer infrastructure of Los Angeles's transit system by using access to a virtual machine to delete critical operating-system data, the Israeli cybersecurity firm Gambit Security said in a report published on Tuesday. The same threat actor also conducted data-wiping attacks on the South Florida Regional Transportation Authority, the connected-vehicle technology firm Agnik and a Saudi Arabian construction company. READ MORE...
U.S. telecommunications giant Charter Communications has confirmed it suffered a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. Charter Communications is one of the largest broadband providers in the United States, serving tens of millions of residential and business customers through its Spectrum brand. In a statement shared this weekend, the company said it is alerting authorities about the incident. READ MORE...
The infamous extortion gang Silent Ransom Group (SRG) has been impersonating IT support in a fresh campaign targeting law firms, the FBI warns. Active since at least 2022, SRG has been targeting law firms in the US since at least 2023, mainly through callback phishing emails and social engineering calls, claiming to aid victims in canceling subscription fees. In a May 2025 alert, the FBI warned of SRG's phishing emails containing links to remote access software. READ MORE...
So, you've enabled multi-factor authentication. You've taught your staff never to type their passwords into dodgy-looking login pages. Surely your Microsoft 365 accounts are safe now? Well, think again. The FBI has issued an advisory warning about a phishing-as-a-service platform that has recently emerged, which can hijack Microsoft 365 accounts without ever stealing a password. And it has no difficulty waltzing past MFA while it's at it. READ MORE...
Attackers are hosting counterfeit installers and plugins on GitHub and SourceForge that pose as widely used software, including ChatGPT, Claude, AutoTune, Kontakt, Ableton Live, and ZENOLOGY. The downloads deliver a backdoor called DinDoor, which then loads a remote access Trojan built on the Deno JavaScript runtime, according to Malwarebytes. Compromised YouTube channels push victims toward the malicious repositories. READ MORE...
CrowdStrike has dismantled the Glassworm botnet in an operation aided by Google and Shadowserver, stripping the operators' access to infrastructure that helped threat actors infect hundreds of pieces of open-source software with malware since early 2025, the company said Tuesday. The coordinated effort involved the simultaneous takedown of four attacker-controlled servers that were designed to obscure the botnet's operations and remain resilient against disruptions. READ MORE...
Thousands of GitHub repositories were poisoned with credential-stealing malware in the latest threat campaign to rock the beleaguered software supply chain. In a May 21 blog post, cybersecurity startup SafeDep flagged an automated malware campaign, codenamed "Megalodon," that unfolded on May 18 in a six-hour window. In that brief amount of time, Megalodon managed to push 5,718 malicious commits to 5,561 GitHub repositories. READ MORE...
India's Computer Emergency Response Team (CERT-In) says defenders should endevor to patch or mitigate exploited n-day vulnerabilities within 12 hours as the cybercrime landscape continues its AI-ification. The organization's recommended half-day window applies only to bugs that affect internet-facing or "crown jewel" systems and are known to be exploited. In these cases, CERT-In told defenders to "patch, mitigate, or remove exposure within 12 hours where feasible." READ MORE...
Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to breach the servers running them and make off with sensitive data and credentials to third-party accounts, a security researcher is warning. The vulnerability is present in Starlette, an open source framework that its developer says receives 325 million downloads per week. Thousands of other open source projects are also vulnerable because they require Starlette to work. READ MORE...