Latest stories — Page 41

Breaches

The Login Page That Demanded a Ransom

ShinyHunters defaced Canvas mid-finals week, taking the learning platform offline and exposing what one researcher calls an eight-month attack arc against Instructure.

3 min
Vulnerabilities

Microsoft Skips a Zero-Day for the First Time in Two Years. Nobody Wants to Talk About Why.

118 fixes shipped, none under active exploit, and a quiet Anthropic project keeps surfacing in vendor briefings. Microsoft, Apple and Oracle declined to discuss it on the record.

3 min
Cloud Security

CISA Contractor Spent Six Months Treating GitHub as a Personal Dropbox

A Nightwing employee's public 'Private-CISA' repo leaked AWS GovCloud admin keys, plaintext passwords and the agency's internal build pipeline — with secret-scanning deliberately switched off.

2 min
Threat Intelligence

Ottawa 23-Year-Old Charged as 'Dort,' Alleged Operator of the 30 Tbps Kimwolf IoT Botnet

Jacob Butler is in OPP custody on a U.S. extradition warrant. Prosecutors say his botnet pushed nearly 30 terabits per second. The questions I sent his lawyer remain unanswered.

3 min
Policy & Regulation

Dutch Investigators Seize 800 Servers, Arrest Two Tied to Stark Industries Successor

FIOD raids in Enschede, Almere, Dronten and Schiphol-Rijk target MIRhosting and WorkTitans BV over alleged sanctions breaches linked to Russian influence operations.

3 min
Cloud Security

CISA Contractor's Public GitHub Repo Spilled GovCloud Keys for Months; Lawmakers Want Answers

An RSA private key tied to the CISA-IT GitHub organization sat in a public 'Private-CISA' repo since November 2025. The agency is still rotating credentials.

3 min
Policy & Regulation

npm Introduces Staged Publishing With Mandatory 2FA Gate for Maintainer Approval

GitHub's package registry now requires a human maintainer to clear a two-factor challenge before a release leaves a staging area, a control aimed at the supply chain attacks that have repeatedly compromised the JavaScript ecosystem.

2 min
Threat Intelligence

Lazarus' RemotePE Lives Entirely in Memory, Targets Crypto Treasuries

A fresh in-memory RAT from DPRK's Lazarus Group is being chained behind two custom loaders to drain finance and crypto orgs. Here is what to check tonight.

3 min
Policy & Regulation

Agentic AI Quietly Rewrites the NDR Pitch, But Procurement Rules Have Not Caught Up

Network detection vendors say autonomous triage is thinning the alert queue. Buyers are now asking what regulators will let those agents actually do.

3 min
Vulnerabilities

A SQL Bug in a Blogging Tool Just Became a ClickFix Delivery Truck

Attackers turned 700+ Ghost CMS sites into watering holes by exploiting CVE-2026-26980, smuggling fake CAPTCHA prompts that trick visitors into running malware on themselves.

2 min
Threat Intelligence

The Week the Backlog Came Due: Linux Holes, Defender Zero-Days, and a Poisoned Dev Tool

A messy seven days for defenders, where forgotten servers and trusted tooling did most of the damage.

3 min
Threat Intelligence

Nimbus Manticore Drops MiniFast and MiniJunk V2 in Aviation Phishing Wave

Iran-linked UNC1549 is back with refreshed loaders, SEO-poisoned lures, and aviation-themed bait aimed at U.S., European, and Gulf targets.

3 min
Policy & Regulation

Twelve Hours, or Else: India's New Patch Clock Starts Ticking

CERT-In tells operators of internet-facing systems to close critical flaws within half a day, citing AI-assisted exploit chains that compress the attacker's runway to minutes.

2 min
Identity & Access

Prompt Bombing Turned Your Second Factor Into a Doorbell Nobody Stops Ringing

Attackers stopped trying to steal push notifications. They just wait for tired users to tap 'approve' at 2 a.m.

2 min
AI Security

Anthropic's Mythos AI Found 23,000 Potential Vulnerabilities Across 1,000 Open-Source Projects — and Counting

The numbers are large. The confirmed critical findings are real. What Anthropic has not yet said publicly is whether any of them were exploited before disclosure.

2 min
Policy & Regulation

Dutch Authorities Arrest Two Bulletproof Hosting Administrators Linked to Russia-Aligned Threat Actors

The two suspects owned Dutch-registered companies that allegedly supplied infrastructure used to support Russia-aligned cybercriminal operations.

2 min
Breaches

Lithuania Probes Foreign Hand in Leak of 600,000-Plus National Register Records

Lithuanian authorities suspect state-linked actors after a data breach exposed more than 600,000 entries from government population and registration databases.

2 min
AI Security

DockSec Promises to End the Scanner Noise Problem for Docker Images

A new OWASP incubator project correlates findings from multiple container security tools and generates plain-English fixes. The question vendors aren't answering: how accurate is the AI when the scanners themselves disagree?

3 min
AI Security

Anthropic Adds 28 Enterprise Security Integrations to Claude, Including CrowdStrike and Okta

The AI company is wiring Claude into the core of enterprise security stacks, from endpoint detection to identity management.

2 min
Threat Intelligence

Threat Detection Summits Are Useful. Whether Anyone Acts on Them Is Another Matter.

A free on-demand security summit covering threat detection and incident response frameworks is now available. The sessions are solid. The gap between watching and doing remains, as ever, wide.

2 min
Threat Intelligence

Laravel Lang Composer packages backdoored via GitHub tag rewrite, dropping infostealer on developer machines

Attackers reused legitimate version tags on the laravel-lang GitHub repository to push malicious Composer payloads to downstream installs, harvesting credentials from build environments.

2 min
© 2026 Threat Vectr