Xsolis Data Breach Affects 1.4 Million Individuals
Healthcare technology company Xsolis, Inc. has disclosed a data breach affecting nearly 1.4 million individuals. Tennessee-based Xsolis provides utilization management and revenue cycle solutions for hospitals, health systems, and payers. The company published a data security notice in early June, revealing that unauthorized activity was detected on its systems on January 22. The intrusion resulted from a targeted phishing attack carried out two days earlier. READ MORE...
Hackers steal passport and driver's license data of 3 million Texans
You can change a password and cancel a card. But replacing a passport or driver's license number every time someone leaves yours unsecured in a vendor database isn't so easy. More than three million Texans are facing that problem after a data breach involving a vendor used by the Texas Parks and Wildlife Department (TPWD) to process hunting and fishing licenses. In an announcement confirming the breach, TPWD says the hackers gained access through the third-party vendor's systems. READ MORE...
LastPass confirms data breach in Klue supply chain attack
LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in the Klue supply chain attack earlier this month. The password management platform says its products, services, and infrastructure were not affected by the incident and that customer vaults remained secure. The investigation into the incident did not reveal any evidence that the attacker accessed Gong-related data, which typically includes customer calls and emails. READ MORE...
FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist
The threat actors behind the global "FortiBleed" credential harvesting campaign engineered a sniffer tool to compromise hundreds of thousands of FortiGate routers and turn them into passive stealers in a wave of attacks that's now known to be much broader than initially thought. Researchers from SOCRadar have unpacked the attack chain behind the ongoing threat campaign, which they believe is targeting more than 430,000 FortiGate firewalls globally. READ MORE...
FFmpeg fixes PixelSmash flaw in widely used video decoder
A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under certain conditions, and can also trigger a denial-of-service condition in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio. The vulnerability is tracked as CVE-2026-8461 and is a heap out-of-bounds write in the MagicYUV decoder. It received a high-severity score of 8.8 and can be leveraged via a malicious video file in AVI, MKV, or MOV format. READ MORE...
Thousands of D-Link routers under control of AryStinger botnet
Researchers have found that the recently discovered AryStinger botnet has quietly hijacked thousands of end-of-life D-Link routers and some network-attached storage (NAS) devices, turning them into a distributed scanning and proxy network that attackers can use to hide their activity and launch attacks against other targets. Having your devices under control of a botnet is not just a problem for the people being targeted. It can also put your own privacy and security at risk. READ MORE...
SocGholish Takedown Highlights Malicious TDS Threats
An international law enforcement operation disrupted a key cog in the cybercrime ecosystem and put a spotlight on the risks to enterprises posed by traffic distribution systems (TDSs). In the latest installment of the ongoing Operation Endgame, authorities seized 106 servers and many domains tied to SocGholish, a notorious malware framework that has plagued the Internet for nearly a decade as an initial-access broker for ransomware and other threats. READ MORE...
GTA 6 early access offers are taking gamers' crypto
Scam websites are circulating across the internet with a pitch aimed at millions of gamers: a way to play Grand Theft Auto VI before its release. The pages promise early access for a few hundred dollars in cryptocurrency, ask buyers to enter a payment code, and claim the game will then unlock. These offers deliver nothing. "Any site claiming to sell GTA 6 early access is not authorized by Rockstar Games and should be treated as fraudulent unless Rockstar announces it through official channels. READ MORE...
Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks
Researchers found an eight-year old high severity vulnerability affecting nearly all Samsung devices from the Galaxy S9 to S25 living within the KNOX kernel. The flaw (CVE-2026-20971, CVSS 7.8) could be exploited through the interaction between PROCA and FIVE. PROCA, the process authenticator, is a proprietary subsystem in the kernel of the Samsung devices designed to prevent unauthorized processes from executing. READ MORE...
Using Reddit to manipulate AI search results is surprisingly easy
A Reddit comment that takes only a few seconds to write can end up influencing the answers generated by AI research tools. A Cornell Tech study found that a short snippet of user-generated text, sometimes as little as 13 words, was enough to affect the output of deep-research agents, AI systems that search the web, gather information from multiple sources, and generate reports with citations. The risks of relying on community-generated content are already familiar to many internet users. READ MORE...
- ...in 1868, inventor Christopher Latham Sholes receives a patent for a revolutionary labor-saving (and labor-creating) device: The typewriter.
- ...in 1955, punk and heavy metal singer Glenn Danzig is born in Lodi, NJ.
- ...in 1969, Warren E. Burger is sworn in as Chief Justice of the US Supreme Court by retiring Chief Justice Earl Warren.
- ...in 2013, daredevil Nik Wallenda becomes the first person to successfully walk across the Grand Canyon on a tightrope.
