The News.
Daily intel.

Daily breach reporting, CVE disclosures, malware analyses, and threat campaigns. Yesterday's incidents, this morning's coverage — written by practitioners for the analysts and defenders who need it first.

148

Articles

143

Updated this month

14k+

Monthly readers

Showing 100–108 of 148 articles 143 updated this month

Intermediate 2.8k

News 7 min read

FEMITBOT: Telegram Mini Apps Used for Crypto Scams and Android Malware Delivery

CTM360 uncovers FEMITBOT — a large-scale Telegram Mini App campaign impersonating Apple, Disney, and NVIDIA to run crypto advance-fee scams and distribute malicious Android APKs.

Beginner 941

News 5 min read

Vercel Breach Shows How Shadow AI and OAuth Sprawl Bypass Every Perimeter Control

The Vercel April 2026 breach, traced to a Context.ai OAuth compromise, exposes how shadow AI integrations silently hand attackers keys to enterprise environments.

Beginner 843

News 6 min read

ADT Data Breach Exposes 5.5 Million Customers After ShinyHunters Okta Vishing Attack

ShinyHunters breached ADT via an Okta SSO vishing attack and stole data on 5.5 million customers. ADT refused to pay; 11GB of data leaked to the dark web.

Beginner 768

News 5 min read

Lotus Wiper Destroys Venezuelan Energy Systems in Politically-Timed Attack

New Lotus Wiper malware used LotL techniques to irreversibly destroy disk sectors at Venezuelan energy and utility firms. No CVE — purely destructive.

Beginner 3.0k

News 6 min read

Hundreds of Internet-Facing VNC Servers Expose ICS/OT Systems, Forescout Finds

Forescout's 2026 report identifies tens of thousands of exposed RDP and VNC servers directly mapped to ICS/OT environments across critical industries.

Beginner 4.7k

News 6 min read

Medtronic Confirms Data Breach as ShinyHunters Claims 9 Million Records Stolen

Medtronic confirmed unauthorized access to corporate IT systems after ShinyHunters claimed 9M records stolen. Patient safety and medical devices unaffected.

Intermediate 970

News 7 min read

CISA AA26-097A: CyberAv3ngers Target 5,219 Exposed Rockwell Allen-Bradley PLCs

CISA advisory AA26-097A: Iranian IRGC-linked CyberAv3ngers exploit internet-exposed Rockwell Allen-Bradley PLCs using legitimate Studio 5000 software. 5,219 devices at risk.

Beginner 628

News 6 min read

Iran-Linked Handala Group Sends Threatening WhatsApp Messages to US Troops, Leaks 2,379 Marines' Data

Iran-linked Handala hacker group targeted US service members in Bahrain via WhatsApp threats, claiming to have leaked personal data of over 2,379 Marines.

Beginner 4.1k

News 2 min read

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stea...