Vulnerabilities Expose Private Data in Indian Government Systems
An independent security researcher identified 14 vulnerabilities affecting Indian government IT systems, which put an array of citizen data at risk. Two of the issues qualified as critical severity, and four as high severity. They affected major national platforms, including education and civil service portals used by millions of students and job aspirants, exposing highly sensitive personally identifying information (PII) like birthdays, addresses, and bank account numbers. READ MORE...
Insurance giant Aflac discloses data breach after subsidiary hack
American insurance giant Aflac has disclosed a new data breach after attackers breached its Japan subsidiary's systems and stole personal and bank account information. Aflac is a Fortune 500 company and the largest supplemental insurance provider in the United States, serving millions of customers in the U.S. and Japan. In a filing with the U.S. SEC on Monday, the company revealed that threat actors gained access to Aflac Japan's systems earlier this month. READ MORE...
Insurance body confirms hackers posted Oracle PeopleSoft breach data
The National Association of Insurance Commissioners (NAIC) said some credit ratings agencies are pausing data feeds after its systems were compromised in connection with a zero-day vulnerability earlier this month at Oracle PeopleSoft. NAIC confirmed the threat actors posted exfiltrated data on a leak site. The information includes financial and ratings information linked to insurer investments. READ MORE...
Four years into Ukraine invasion, Russia turns influence-ops back to US and Europe
Four years into the Kremlin's illegal invasion of its neighboring country, Russian influence operations have moved beyond their near-exclusive focus on Ukraine to their former favorite targets: the US and Europe, and especially covert cyber-ops intended to undermine political stability within these countries and the unity between them, according to Google Threat Intelligence. "This shift is significant because it likely signals increased focus outside of Ukraine," Google threat hunters said. READ MORE...
Update time: Apple releases security patches for iOS, MacOS Tahoe, Safari
Apple has released security updates for more than two dozen security vulnerabilities across iPhone, iPad, and Mac. The updates for iOS/iPadOS, MacOS Tahoe, and Safari were issued after testing on iOS 26.6 and iPadOS 26.6 betas. What stands out in the update is that a lot of the vulnerabilities were found in WebKit, the browser engine that powers Safari as well as every browser on iPhone, including Chrome, Firefox, and Edge. READ MORE...
USB drives carrying China-linked malware infected Japanese military networks for nearly a year
Leaked internal documents have revealed that for nearly a year Japan's Ground Self-Defense Force (JGSDF) used counterfeit USB flash drives infected with malware on computers connected to sensitive military networks. The USB drives have been linked to Chinese hacking operations, according to an investigation by Nikkei Asia. Nikkei Asia reports that the poisoned flash drives were delivered to the JGSDF in March 2024, during disaster relief operations following an earthquake in central Japan. READ MORE...
BlueHammer Vulnerability Exploited in Ransomware Attacks
A Microsoft Defender vulnerability tracked as BlueHammer and CVE-2026-33825 is being exploited in ransomware attacks, according to the cybersecurity agency CISA. BlueHammer is one of the several exploits disclosed in recent months by a disgruntled researcher known as Chaotic Eclipse and Nightmare Eclipse. The researcher is unhappy with Microsoft's handling of vulnerability reports, which is why several exploits were made public before the tech giant had a chance to release fixes. READ MORE...
119 Edge extensions promised useful tools, instead downloaded malware
Microsoft has removed 119 extensions from the Edge add-on store which were all tied to one adware campaign. In a paper titled "Inside StegoAd: How We Disrupted a Massive Malicious Extension Campaign," Microsoft researchers detail how they uncovered and dismantled a sophisticated malware campaign that abused browser extensions to infect users. According to Microsoft, the campaign involved 119 malicious browser extensions which were downloaded by 2.6 million users. READ MORE...
AI-Generated Workflows Are a Silent Security Disaster
A security analyst at a large enterprise recently found sensitive HR documents being copied into a Microsoft Teams channel that hundreds of employees could access. It was not caused by a malicious insider, a compromised admin account, or a sophisticated attacker. It was caused by a Power Automate workflow. The workflow had been created by a developer who wanted to automate document approvals between SharePoint and Teams. READ MORE...
New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking
Critical and high-severity vulnerabilities in some Daktronics controllers could allow hackers to tamper with highway signs and billboards, according to the cybersecurity researcher who discovered the flaws. Daktronics is an American company that designs, manufactures, and services large-scale LED video displays, electronic scoreboards, digital billboards, and dynamic audio systems. Its displays can be seen worldwide, spanning everything from sports arenas to highways, airports, and billboards. READ MORE...
Critical SimpleHelp flaw exploited to deploy new stealer malware
Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Windows, macOS, and Linux. The SimpleHelp platform is primarily used by managed service providers (MSPs), IT departments, helpdesks, and system administrators for remote monitoring and management (RMM). READ MORE...
- ...in 1908, a meteor air burst above eastern Siberia flattens thousands of miles of forest, in what is known as the "Tunguska event."
- ...in 1917, actress, singer, and civil rights activist Lena Horne is born in New York.
- ...in 1953, the first Chevrolet Corvette rolls off the assembly line in Flint, MI.
- ...in 1997, the United Kingdom transfers sovereignty over Hong Kong to the Chinese government.
