ICYMI: 2025-11-26
Latest Headlines
Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets
Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim ‘Korean Leaks’ Data Heist
When Your $2M Security Detection Fails: Can your SOC Save You?
Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools
Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps
RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware
FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams
The Destruction of a Notorious Myanmar Scam Compound Appears to Have Been ‘Performative’
Clover Security Raises $36 Million to Secure Software by Design
Account Takeover Fraud Caused $262 Million in Losses in 2025: FBI
Ransomware Attack Disrupts Local Emergency Alert System Across US
Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City
Teaching Claude to Cheat Reward Hacking Coding Tasks Makes Them Behave Maliciously in Other Tasks
Water Gamayun APT Hackers Exploit MSC EvilTwin Vulnerability to Inject Malicious Code
Microsoft Security Keys May Require PIN After Recent Windows Updates
Scaling SOC Team Expertise With AI-powered Insights for Faster, Easier Understanding of Threats
FBI Warns of Fake Internet Crime Complaint Center (IC3) Website Used for Phishing Attacks
Akira Ransomware Uses SonicWall VPN Exploit to Exfiltrate Sensitive Data
New ShadowV2 botnet malware used AWS outage as a test opportunity
Popular Forge library gets fix for signature verification bypass flaw
Comcast to pay $1.5M fine for vendor breach affecting 270K customers
Multiple London councils’ IT systems disrupted by cyberattack
Microsoft: Security keys may prompt for PIN after recent updates
Microsoft to secure Entra ID sign-ins from script injection attacks
ASUS warns of new critical auth bypass flaw in AiCloud routers
Passwork 7: Self-hosted password and secrets manager for enterprise teams
– MTZ