Latest stories — Page 41

The Login Page That Demanded a Ransom
ShinyHunters defaced Canvas mid-finals week, taking the learning platform offline and exposing what one researcher calls an eight-month attack arc against Instructure.

Microsoft Skips a Zero-Day for the First Time in Two Years. Nobody Wants to Talk About Why.
118 fixes shipped, none under active exploit, and a quiet Anthropic project keeps surfacing in vendor briefings. Microsoft, Apple and Oracle declined to discuss it on the record.

CISA Contractor Spent Six Months Treating GitHub as a Personal Dropbox
A Nightwing employee's public 'Private-CISA' repo leaked AWS GovCloud admin keys, plaintext passwords and the agency's internal build pipeline — with secret-scanning deliberately switched off.

Ottawa 23-Year-Old Charged as 'Dort,' Alleged Operator of the 30 Tbps Kimwolf IoT Botnet
Jacob Butler is in OPP custody on a U.S. extradition warrant. Prosecutors say his botnet pushed nearly 30 terabits per second. The questions I sent his lawyer remain unanswered.

Dutch Investigators Seize 800 Servers, Arrest Two Tied to Stark Industries Successor
FIOD raids in Enschede, Almere, Dronten and Schiphol-Rijk target MIRhosting and WorkTitans BV over alleged sanctions breaches linked to Russian influence operations.

CISA Contractor's Public GitHub Repo Spilled GovCloud Keys for Months; Lawmakers Want Answers
An RSA private key tied to the CISA-IT GitHub organization sat in a public 'Private-CISA' repo since November 2025. The agency is still rotating credentials.

npm Introduces Staged Publishing With Mandatory 2FA Gate for Maintainer Approval
GitHub's package registry now requires a human maintainer to clear a two-factor challenge before a release leaves a staging area, a control aimed at the supply chain attacks that have repeatedly compromised the JavaScript ecosystem.

Lazarus' RemotePE Lives Entirely in Memory, Targets Crypto Treasuries
A fresh in-memory RAT from DPRK's Lazarus Group is being chained behind two custom loaders to drain finance and crypto orgs. Here is what to check tonight.

Agentic AI Quietly Rewrites the NDR Pitch, But Procurement Rules Have Not Caught Up
Network detection vendors say autonomous triage is thinning the alert queue. Buyers are now asking what regulators will let those agents actually do.

A SQL Bug in a Blogging Tool Just Became a ClickFix Delivery Truck
Attackers turned 700+ Ghost CMS sites into watering holes by exploiting CVE-2026-26980, smuggling fake CAPTCHA prompts that trick visitors into running malware on themselves.

The Week the Backlog Came Due: Linux Holes, Defender Zero-Days, and a Poisoned Dev Tool
A messy seven days for defenders, where forgotten servers and trusted tooling did most of the damage.

Nimbus Manticore Drops MiniFast and MiniJunk V2 in Aviation Phishing Wave
Iran-linked UNC1549 is back with refreshed loaders, SEO-poisoned lures, and aviation-themed bait aimed at U.S., European, and Gulf targets.

Twelve Hours, or Else: India's New Patch Clock Starts Ticking
CERT-In tells operators of internet-facing systems to close critical flaws within half a day, citing AI-assisted exploit chains that compress the attacker's runway to minutes.

Prompt Bombing Turned Your Second Factor Into a Doorbell Nobody Stops Ringing
Attackers stopped trying to steal push notifications. They just wait for tired users to tap 'approve' at 2 a.m.

Anthropic's Mythos AI Found 23,000 Potential Vulnerabilities Across 1,000 Open-Source Projects — and Counting
The numbers are large. The confirmed critical findings are real. What Anthropic has not yet said publicly is whether any of them were exploited before disclosure.

Dutch Authorities Arrest Two Bulletproof Hosting Administrators Linked to Russia-Aligned Threat Actors
The two suspects owned Dutch-registered companies that allegedly supplied infrastructure used to support Russia-aligned cybercriminal operations.

Lithuania Probes Foreign Hand in Leak of 600,000-Plus National Register Records
Lithuanian authorities suspect state-linked actors after a data breach exposed more than 600,000 entries from government population and registration databases.

DockSec Promises to End the Scanner Noise Problem for Docker Images
A new OWASP incubator project correlates findings from multiple container security tools and generates plain-English fixes. The question vendors aren't answering: how accurate is the AI when the scanners themselves disagree?

Anthropic Adds 28 Enterprise Security Integrations to Claude, Including CrowdStrike and Okta
The AI company is wiring Claude into the core of enterprise security stacks, from endpoint detection to identity management.

Threat Detection Summits Are Useful. Whether Anyone Acts on Them Is Another Matter.
A free on-demand security summit covering threat detection and incident response frameworks is now available. The sessions are solid. The gap between watching and doing remains, as ever, wide.

Laravel Lang Composer packages backdoored via GitHub tag rewrite, dropping infostealer on developer machines
Attackers reused legitimate version tags on the laravel-lang GitHub repository to push malicious Composer payloads to downstream installs, harvesting credentials from build environments.