There's a lot that doesn't add up in a security advisory password manager Dashlane published Monday, warning that attackers managed to obtain 20 encrypted user vaults. "Starting on Sunday, May 31, 2026, an external party launched a brute force attack against certain Dashlane user accounts," the company said. "The goal of the attack was to brute-force two-factor authentication (2FA) protections to allow the attacker to register new devices on existing user accounts." READ MORE...
The Cybersecurity and Infrastructure Security Agency, FBI and other federal authorities warned Tuesday that hackers have targeted automatic tank gauge systems in threat activity across multiple industry sectors. Tank gauge, or ATG, systems are used to measure temperature, check fuel or other liquid levels and detect leaks, according to guidance released by the agencies. Hackers have targeted internet-exposed devices and used command execution to disable alerts. READ MORE...
A new batch of fake payment invoices is being staged right now, and we caught the campaign while it was still being put together. The emails impersonate PayPal, Amazon, and Geek Squad, and others, and they all share one goal: to scare you into calling a phone number where a fake "support agent" is waiting. What makes this wave unusual is that some of the templates we recovered still contained blank fields where the phone number and price should have been. READ MORE...
A Malware-as-a-Service (MaaS) operation named WeedHack is targeting Minecraft users and allows threat actors to gain remote access to victims' screens, webcams, and files through a web-based dashboard, McAfee researchers found. Minecraft, developed by Mojang Studios and released in 2011, is one of the best-selling video games of all time, with more than 350 million copies sold worldwide. Since January 2026, the campaign has infected more than 116,000 systems. READ MORE...
There's a lot of fear surrounding the bug-finding capabilities of super-advanced AI models like Anthropic's Mythos and OpenAI's GPT 5.5-Cyber. But attackers are already using free, publicly available LLMs to hijack networks and worm through software supply chains at a much lower cost - to them at least. University of Toronto researchers used an unnamed, publicly available open-weight model released in 2025 to develop a computer worm that they claim spread through an enterprise test network. READ MORE...
Installing an app from the Google Workspace Marketplace or GitHub Marketplace can grant a third party access to company email, files, calendars, code repositories, CI workflows, organization settings, and secrets. Marketplace presence gives these apps the appearance of approval. The OAuth grants behind them often reach into business systems beyond the listed function. An audit by OhAuth, the OAuth research project from identity security company Offroad, covered 2,890 public OAuth app listings. READ MORE...
Law enforcement agencies and tech companies disrupted over 1.4 million accounts and underlying infrastructure used by scam networks across Southeast Asia. The joint effort, named Disruption Week, involved the US Department of Justice's Scam Center Strike Force, the Royal Thai Police, global law enforcement, and companies such as Apple, Coinbase, Google, Meta, Microsoft, Silent Push, SpaceX, TRM Labs, and Zenlayer. READ MORE...
SafeBreach researchers uncovered a critical vulnerability in Google's Gemini voice assistant that could have allowed attackers to hijack the AI using indirect prompt injections delivered through ordinary messaging notifications. The cybersecurity firm previously discovered a calendar invite attack targeting Gemini and Google Workspace that an attacker could have used to conduct spam and phishing, delete calendar events, learn the victim's location, remotely control home appliances, etc. READ MORE...
A coding mistake in several Microsoft 365 Android applications resulted in the exposure of user accounts to compromise at massive scale, demonstrating once again how dropping the ball on securing authentication tokens can undermine an entire trust model. Researchers at Enclave discovered a vulnerability in a debug setting that was mistakenly left enabled in production releases of multiple Microsoft Android apps, including Excel, Word, PowerPoint, OneNote, Loop, and Microsoft 365 Copilot. READ MORE...