Chinese hackers breached North American research institutions via REDCap servers
A China-linked cyber espionage operation targeted North American medical research institutions through compromised REDCap servers, using custom malware to gain persistent access and collect sensitive information, Google's Threat Intelligence Group (GTIG) researchers found. GTIG attributed the campaign to UNC6508, a threat actor linked to the People's Republic of China that remained undetected in victim environments for more than a year. READ MORE...
Cardiac monitor maker's security skips a beat as data thieves go for the jugular
Heart monitoring biz iRhythm says thieves made off with patient health information and tried to turn it into a payday. The California-based cardiac monitoring specialist offers customers a wearable device that collects data, then analyzes it to create reports about heart health. The company said it detected unauthorized activity on June 8 and launched an investigation with the help of third-party cybersecurity experts. READ MORE...
Cybercrime Group Claims Novo Nordisk Hack
The hack-and-leak group FulcrumSec has claimed responsibility for hacking the Danish pharmaceutical giant Novo Nordisk. The incident was disclosed late last week, when the company warned patients that hackers had accessed its internal IT systems and exfiltrated certain data associated with clinical trials. According to the pharma giant, the stolen information was pseudonymized and could not be directly linked to patients by name or identifiers. READ MORE...
Inside a malicious infrastructure delivering EtherRAT, phishing pages, and malicious software
During our recent threat hunting activities, we found EtherRAT malware being distributed by a website with a strange homepage. This homepage allowed us to discover a vast malicious infrastructure distributing malware, malicious documents, remote desktop software, and phishing pages. EtherRAT is a RAT developed in Node.js which allows an attacker to gain complete control over the machine and execute arbitrary code returned by the Command and Control (C2) server. READ MORE...
Windows version of SprySOCKS Linux malware used to attack govt orgs
Windows variants for the SprySOCKS Linux malware have been used in attacks targeting government organizations in at least four countries. SprySOCKS has been linked to the Chinese threat group 'Earth Lusca,' which deployed it in attacks against government entities focused on foreign affairs, technology, and telecommunications. Now, ESET researchers discovered Windows variants of the same malware family that were used in attacks on government orgs in Taiwan, Thailand, Pakistan, and Honduras. READ MORE...
AI and Cybersecurity - Everything You Wanted to Know, But Were Afraid to Ask
To better understand the current state of artificial intelligence (AI) in cybersecurity, SecurityWeek spoke with dozens of security practitioners, researchers, vendors, analysts, and AI experts. The result is a comprehensive snapshot of how AI is being used across the security landscape today. Organized into five key topic areas, this report examines the role of AI through multiple lenses. These perspectives provide a practical assessment of AI's opportunities and risks in cybersecurity. READ MORE...
The Beginning of the End of Social Engineering
Over the past month, the world's largest technology companies have quietly converged on the same idea. In May, Google positioned Gemini as an increasingly integrated part of Android. This week, Apple expanded Apple Intelligence across the iPhone, iPad, and Mac. While much of the attention has focused on productivity and convenience, a more significant shift may be underway. For the first time, operating systems are beginning to move beyond simply executing commands and displaying information. READ MORE...
Critical Copilot vulnerability allowed hackers to steal 2FA code from users
Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the researchers who discovered the vulnerability and reported it to Microsoft revealed how their proof-of-concept exploit could retrieve 2FA codes and other sensitive data from emails accessible to Copilot. Microsoft and other LLM providers have been unable to prevent their products from complying with malicious requests to reveal data. READ MORE...
Critical Fortinet FortiSandbox flaws now exploited in attacks
Attackers are now exploiting several critical vulnerabilities in Fortinet's FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. Fortinet released security updates for these three critical-severity security flaws (tracked as CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089) on April 14. These flaws allow unauthenticated threat actors to escalate privileges and execute unauthorized code remotely. READ MORE...
- ...in 1858, Abraham Lincoln delivers his House Divided speech in Springfield, Illinois.
- ...in 1884, Coney Island opens the "Switchback Railway", the first true roller coaster, designed by inventor LaMarcus Adna Thompson.
- ...in 1911, IBM is founded as the Computing-Tabulating-Recording Company in Endicott, NY.
- ...in 1916, President Woodrow Wilson signs a bill incorporating the Boy Scouts of America.
