FIFA World Cup expected to face extensive criminal, hacktivist cyber threats
The 2026 FIFA World Cup, which officially kicks off today, is expected to face a wave of cyber threat activity from actors seeking credentials and financial gain, while state-linked adversaries will pose a serious risk to disrupt the tournament. The 39-day tournament is considered the largest sporting event in history, with a record 48 teams playing in 104 matches in 16 cities across the U.S., Mexico and Canada, marking the first time the games are being jointly hosted by three countries. READ MORE...
Maine breach portal abused to publish fake data breach disclosures
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine's official breach portal and publicly posted before their legitimacy could be verified, prompting companies to deny the claims. A notice allegedly filed by multiplayer social virtual reality platform VRChat is the most recent entry in the state Attorney General's breach disclosure database. However, a company representative told BleepingComputer that the breach notification is fake. READ MORE...
Pharma giant Novo Nordisk discloses breach of clinical trials data
Danish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. Founded in 1923, Novo Nordisk now employs around 67,900 people across 80 offices worldwide and is the maker of viral GLP-1 receptor agonist drugs Wegovy and Ozempic. The company revealed on Thursday that attackers gained access to its internal IT systems and data related to patients participating in some clinical trials. READ MORE...
Iranian Cyber Group Handala Claims Cal Water Hack
The Iran-linked threat actor Handala this week boasted to have hacked California Water Service (Cal Water), and published 5 gigabytes of data allegedly stolen from the US water utility. In a post on their blog, the hacking group said the intrusion was retaliation for recent US actions in Iran and claimed they had the ability to disrupt water access but chose not to. Cal Water is one of the largest investor-owned water utilities in the US, with roughly two million customers in California. READ MORE...
Russian national charged in connection with Void Blizzard espionage campaign
Federal prosecutors have charged a Russian national with conspiracy to commit unauthorized computer access in connection with a sprawling cyber-espionage campaign linked to the Russia-aligned threat group Void Blizzard, according to a criminal complaint filed in federal court this week. Denis Nikolayevich Obrezko, a Russian citizen, is accused of breaking into systems owned by companies in the United States and elsewhere, according to an FBI affidavit unsealed Tuesday. READ MORE...
Chrome 149 Update Patches 28 Vulnerabilities
Google on Thursday rolled out a Chrome 149 update that resolves 28 critical and high-severity vulnerabilities. The update patches five critical-severity bugs: use-after-free issues in Core, DigitalCredentials, and WebMIDI, an insufficient validation of untrusted input flaw in Accessibility, and a heap buffer overflow defect in GPU. The remaining 23 vulnerabilities are high-severity flaws. A dozen of them, including three critical and nine high-severity defects, are use-after-free issues. READ MORE...
The assembly line behind 1.5 million malicious domains
Attackers registered roughly 1.5 million malicious domains during the first five months of 2026. The registration patterns resemble industrial output. Most of the domains were created by attackers, put to use within weeks, and concentrated among a small set of registrars, top-level domains, and hosting providers. New research examined more than 1.5 million unique domains flagged on VirusTotal between January and May 2026. READ MORE...
Pokémon Go players unwittingly contributed to tech with military drone uses
A decade after the global craze for Pokémon Go peaked, an AI company has been using billions of real-world images captured by millions of players to develop navigation technologies for delivery robots and possibly military drones. That represents an intriguing but potentially discomfiting legacy for an augmented reality mobile game that has incentivized gamers to capture short smartphone videos of physical neighborhoods and landmarks. READ MORE...
Fake verification pages are stealing Steam accounts from players
Online gamers should watch out for a convincing scam that aims to steal your Steam account. The scam uses fake FACEIT verification pages that look legitimate, complete with official branding, working links, and what appears to be a real Steam login window. By the time it asks for your password, many victims are convinced they're interacting with a genuine service. The goal is to steal your Steam account. READ MORE...
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Threat actors pounced on a critical Ivanti Sentry vulnerability within 24 hours of its disclosure, using a public proof-of-concept (PoC) exploit in attacks. Ivanti disclosed Tuesday CVE-2026-10520, an OS command injection vulnerability that affects the company's Sentry mobile gateway product prior to versions R10.5.2, R10.6.2 and R10.7.1. The vulnerability, which received a maximum severity CVSS score of 10, enables an unauthenticated attacker to remotely execute code with root privileges. READ MORE...
Microsoft has mostly repaired a flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet
For the past 90 days, Microsoft has been quietly patching a firmware flaw in Surface devices that allowed the hardware to be bricked with a single packet, though only for those who have disabled Secure Core and Secure Boot. And the company's Copilot AI software inadvertently helped identify the faulty firmware. According to a security researcher based in Australia, his instance of Microsoft Copilot stumbled across the bug after being asked to adjust the screen backlighting on a Surface device. READ MORE...
- ...in 1948, comic book writer Len Wein, the co-creator of Marvel Comics' Wolverine and DC Comics' Swamp Thing, is born in New York City.
- ...in 1965, the Supremes song "Back in My Arms Again" becomes their 5th consecutive single to reach #1.
- ...in 1987, President Ronald Reagan publicly challenges Mikhail Gorbachev to tear down the Berlin Wall, in a speech at the Brandenburg Gate.
- ...in 2011, Corvette wins both GT classes in the 24 Hours of Le Mans on Chevrolet's 100th birthday.
