Microsoft, Europol lead global takedown of infostealer malware
Microsoft on Wednesday announced a coordinated operation with Europol and other international partners to disrupt Amadey and StealC - tools used as infostealers to conduct ransomware, financial fraud and other digital crimes. Amadey is a specialized tool used by cybercriminals to infect computers, while StealC is used to steal passwords and other sensitive data after the computers are infected. READ MORE...
Minnesota man known as 'Snoopy' sentenced in DraftKings hack
A21-year-old Minnesota man who operated under the online alias "Snoopy" was sentenced Tuesday to 18 months in federal prison for his role in a 2022 credential stuffing attack that compromised roughly 60,000 user accounts on the fantasy sports and betting platform DraftKings, resulting in hundreds of thousands of dollars in losses. Nathan Austad pleaded guilty in December to one count of conspiring to commit computer intrusion in the U.S. District Court for the Southern District of New York. READ MORE...
Russia uses Cellebrite to break into human rights activist's phone, even after cancellation of contract
Russian authorities used Cellebrite phone-cracking technology to break into a device belonging to a prominent domestic human rights activist they arrested and imprisoned, despite the company canceling its contract with the Russian government, according to a report published Thursday. The University of Toronto's Citizen Lab reached its conclusions after analyzing a phone belonging to Andrey Pivovarov and examining court documents he provided confirming the usage of Cellebrite's UFED product. READ MORE...
Chrome 149 Update Resolves 18 Severe Vulnerabilities
Google on Wednesday rolled out a new Chrome 149 update that resolves 18 vulnerabilities, including four critical and 14 high-severity security defects. More than half of the addressed issues, including three critical and seven high-severity, are use-after-free flaws, a type of memory corruption bug that could lead to remote code execution (RCE). In Chrome, use-after-free vulnerabilities can be combined with security holes to escape the sandbox. READ MORE...
Stealthy new backdoor surfaces in attacks on multiple sectors
A relatively new backdoor called Mistic has been deployed in multiple attacks since April 2026 targeting organizations in the insurance, education, IT, and professional services sectors, according to Symantec. The malware appears to be associated with Woodgnat, also known as KongTuke, a financially motivated initial access broker (IAB) active since at least May 2024 that has been connected to ransomware operations including Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta. READ MORE...
More Malicious OpenClaw Skills Threaten AI Supply Chain
Security researchers have identified multiple malicious skills on a marketplace for the OpenClaw ecosystem that can steal credentials, bypass security scans, and conduct other novel malicious activity for an attacker's financial gain. Researchers at Palo Alto Networks' Unit 42 recently identified five malicious skills that appeared legitimate on ClawHub, OpenClaw's dedicated marketplace, demonstrating that such platforms are emerging as a significant AI supply chain attack surface. READ MORE...
Elite network says it was hacked after members' personal data was left exposed
Some organizations exist to be exclusive. They're invite-only, and discreet, the kind of place where the membership directory is the product. Dialog, the exclusive network founded by billionaire Peter Thiel, whose members include a sitting NATO commander, two US senators, and the US Treasury Secretary, is one of those. Last week, information on hundreds of those members was sitting in plaintext on its app distribution site, visible to anyone who knew how to right-click. READ MORE...
Fake domain renewal emails trick website owners into paying scammers
You receive an email warning that your website's domain name is about to expire. Renew now, it says, or your website and email could stop working. The link opens a professional-looking page that already knows your domain name, displays your registrar and expiry date, and starts a countdown timer. The site, branded Renovarix, doesn't renew domains. Instead, it pushes visitors through a series of pages that collect personal information and payment details. READ MORE...
Cisco SD-WAN Zero-Day Exploited Months Before Patching
Google's Mandiant team has detailed the exploitation of a Cisco Catalyst SD-WAN vulnerability that was exploited as a zero-day months prior to its disclosure. The vulnerability, tracked as CVE-2026-20245, is the 7th Cisco SD-WAN product flaw whose exploitation came to light in 2026. CVE-2026-20245 affects the CLI of Cisco Catalyst SD-WAN Manager and allows an authenticated local attacker to execute arbitrary commands with root privileges using specially crafted files. READ MORE...
- ...in 1903, British novelist and journalist George Orwell ("1984", "Animal Farm") is born in Motihari, India.
- ...in 1967, the Beatles record "All You Need Is Love" during the first worldwide, live television broadcast.
- ...in 1981, Microsoft is incorporated as a business in Washington.
- ...in 1984, Prince releases his most successful studio album, "Purple Rain."
