Cybersecurity vendor Trellix published a terse statement last Friday, disclosing that a threat actor recently gained unauthorized access to "a portion of our source code repository." Trellix did not reveal what portion was compromised and provided few details about the breach. Trellix said it immediately began working with "leading forensic experts" to investigate the breach and also notified law enforcement. READ MORE...
The Iran-linked APT actor MuddyWater has been observed performing an intrusion masquerading as a ransomware attack, Rapid7 reports. As part of the intrusion observed in early 2026, the attackers relied on social engineering for initial access and performed operations typically associated with espionage campaigns, including reconnaissance, credential harvesting, and data theft, but did not deploy file-encrypting ransomware. READ MORE...
The hacker behind a breach at education technology giant Instructure claims to have stolen 280 million records tied to students and staff from 8,809 colleges, school districts, and online education platforms. Instructure is a cloud-based education technology company best known for its Canvas learning management system, which schools and universities use to manage coursework, assignments, grading, and communication. READ MORE...