The News.
Daily intel.

Daily breach reporting, CVE disclosures, malware analyses, and threat campaigns. Yesterday's incidents, this morning's coverage — written by practitioners for the analysts and defenders who need it first.

148

Articles

143

Updated this month

14k+

Monthly readers

Showing 91–99 of 148 articles 143 updated this month

Beginner 2.0k

News 5 min read

Hacking Polymarket: Weather Sensor Tampering, Insider Trading, and the Oracle Problem

Polymarket bettors physically tampered with a Météo France sensor to win $34K on weather bets. Separately, a trader allegedly used insider knowledge to win $1M on military actions. Both expose prediction markets' fu…

Beginner 4.4k

News 4 min read

Pro-Russia Hacktivists Target Water, Food, and Energy OT Systems via Exposed VNC

CISA, FBI, NSA and global partners warn that pro-Russia hacktivist groups CARR, NoName057(16), and Z-Pentest are exploiting internet-facing VNC to attack OT systems in water, food, and energy sectors.

Intermediate 2.9k

News 10 min read

DigiCert Support Portal Hacked: Stolen EV Certificates Used to Sign Zhong Stealer Malware

DigiCert revoked 60 EV code signing certificates after attackers breached its support portal via a malicious screensaver file. Eleven certs signed Zhong Stealer.

Beginner 2.6k

News 4 min read

CVE-2024-57727: SimpleHelp RMM Path Traversal Fuels Ransomware Double-Extortion

CVE-2024-57727 is a CVSS 7.5 path traversal in SimpleHelp RMM exploited since January 2025 by ransomware actors. Patch to 5.5.8 immediately or treat as compromised.

Beginner 4.1k

News 4 min read

276 Arrested, 9 Crypto Scam Compounds Shut, $701M Seized in FBI-Dubai-China Operation

A US-UAE-China joint operation arrested 276 suspects and dismantled 9 crypto pig-butchering scam centers. FBI's Operation Level Up saved victims an estimated $562M.

Beginner 3.3k

News 4 min read

Microsoft April 2026 Update Intentionally Blocks psmounterex.sys — Backup Apps Break

Microsoft's April 14, 2026 Windows update deliberately blocks psmounterex.sys due to CVE-2025-11983 and CVE-2025-14276. Acronis, Veeam, Macrium, AOMEI, and EaseUS users are affected.

Beginner 1.4k

News 5 min read

AI Agent Security: Why Agentic AI Keeps Destroying Production Environments

A Cursor-Claude Opus agent wiped PocketOS's production database in 9 seconds. Security experts explain the real failure point: AI agent access control, not model reasoning.

Beginner 4.9k

News 4 min read

CVE-2026-4670: Critical MOVEit Automation Authentication Bypass Exposes MFT Servers

CVE-2026-4670 is a CVSS 9.8 authentication bypass in MOVEit Automation affecting versions ≤2025.1.4, ≤2025.0.8, and ≤2024.1.7. Patch to 2025.1.5, 2025.0.9, or 2024.1.8 immediately.

Beginner 3.2k

News 5 min read

CISA and FBI Warn of Interlock Ransomware Using ClickFix to Hit Critical Infrastructure

CISA and FBI advisory AA25-203A: Interlock ransomware targets critical infrastructure via ClickFix social engineering, fake browser updates, and double extortion with AzCopy exfiltration.