CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept noise to real ransomware attacks in the wild, the US CISA confirms. BlueHammer allows attackers to escalate privileges locally in Microsoft Defender. The vulnerability, along with two other zero-days dubbed […]
Police arrested the alleged admin of XSS.is, a major cybercrime forum whose trusted escrow service helped power the underground economy. On 22 July 2025, French and Ukrainian police arrested a 38-year-old man in Kyiv and shut down XSS.is, the most influential Russian-language cybercrime forum of the past decade. Europol, which coordinated the operation under the […]
Hackers stole data from 4.38 million Aflac Japan customers after accessing its systems for 10 days before the breach was detected. Aflac Japan disclosed that hackers stole the personal information of 4.38 million customers and agents after gaining access to its systems between June 15 and June 25. Attackers stole data from the company policyholder […]
KDDI Corporation disclosed a breach affecting up to 14.2 million email accounts after attackers exploited a vulnerability in third-party software. KDDI Corporation disclosed a data breach that exposed up to 14.2 million email accounts across six Japanese internet service providers. KDDI Corporation is one of Japan’s largest telecommunications companies. It employs more than 60,000 people […]
Polymarket confirmed hackers stole funds from some users after attackers injected malicious code through a compromised third-party vendor. Polymarket confirmed that a security breach at a third-party vendor allowed attackers to inject malicious code into its website, leading to the theft of funds from an undisclosed number of users. The company said it has contained […]
Tata Electronics confirmed a data breach after hackers claimed to steal 630GB of data, including alleged Apple supplier and Tesla documents. Tata Electronics, a major supplier to Apple and Tesla, has confirmed a cybersecurity breach weeks after stolen data was advertised on a hacker forum. Tata Electronics confirmed a cyberattack affected parts of its IT […]
Mistic is a stealthy backdoor used by KongTuke-linked actors to keep long-term access in ransomware-targeted networks. Mistic is the kind of backdoor that tells you the operator wants time, not noise. Symantec security researchers say it has shown up in financially motivated attacks against insurance, education, IT, and professional services firms, and they link it […]
Third DraftKings hacker gets 18 months in prison for a 2022 credential-stuffing attack that compromised 1,600 accounts and stole $600,000. Nathan Austad, the third person sentenced over the 2022 DraftKings credential-stuffing attack, received 18 months in prison. The group used usernames and passwords stolen from other breaches to access about 1,600 accounts and steal roughly […]
Operation Endgame disrupted malware services like StealC and Amadey that enable ransomware, fraud, and attacks on critical infrastructure. Between June 15 and 19, 2026, Europol coordinated a two-week law enforcement operation involving agencies from Canada, Denmark, Germany, the Netherlands, the UK, and the US, alongside private firms like Microsoft, Bitdefender, IBM X-Force, Proofpoint, Infoblox, Shadowserver, […]
FortiBleed exposed valid credentials for 73,000+ Fortinet firewalls, revealing a large-scale access-brokering operation targeting organizations worldwide. In mid-June 2026, researcher Volodymyr “Bob” Diachenko found a live, exposed server containing working login credentials for tens of thousands of Fortinet firewalls, a data leak code-named FortiBleed. The headline number, valid remote-access logins for 73,932 devices across 21,632 […]