Search: site

OptinMonster WordPress plugin hacked in CDN supply-chain attack

…Trust Pulse, albeit not confirming the impact on PushEngage. “We have since remediated the marketing site, migrated it to a new server, and rotated all credentials, including the CDN API key,” Awesome…

Jun 15, 2026 · Bill Toulas

Instructure reaches 'agreement' with ShinyHunters to stop data leak

…Although the company didn't share further details on the breach and defacements, BleepingComputer has learned that the attacker exploited multiple cross-site scripting (XSS) vulnerabilities. ShinyHunters injected malicious JavaScript to exploit…

May 12, 2026 · Sergiu Gatlan

Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

…It uses a controller to securely route traffic between sites over encrypted connections. The company says it detected threat actors exploiting the flaw in May, but did not share any details regarding…

May 14, 2026 · Lawrence Abrams

Cybercrime service disrupted for abusing Microsoft platform to sign malware

…offline, and blocked access to infrastructure hosting the cybercrime platform. The site now redirects visitors to a Microsoft-operated site that explains that the company seized the domain as part of a…

May 19, 2026 · Lawrence Abrams

Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet

…Watch for these warning signs before connecting your wallet to any crypto site: Wallet connection requested immediately on a crypto/NFT/airdrop site. Unexpected signature or “Approve” requests before receiving anything. Requests…

May 21, 2026

What 2026 DBIR Confirms: Attacks Are Living in the Browser

…In Keep Aware's analysis, 63% of Microsoft-themed phishing sites were not flagged by any VirusTotal vendor at the time of employee exposure, showing a glaring detection gap in intelligence feeds…

Jun 5, 2026

Microsoft warns of Exchange zero-day flaw exploited in attacks

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on…

May 15, 2026 · Sergiu Gatlan

Kodak confirms data breach claimed by ShinyHunters extortion gang

…We will share additional updates as appropriate." While the company has yet to attribute this breach, the ShinyHunters extortion group has claimed responsibility on their dark web leak site. The cybercrime gang…

Jun 17, 2026 · Sergiu Gatlan

Drupal critical update to fix bug with high exploitation risk

…8.9, allowing remediation for those running versions 9.5.11 or 8.9.20. Sites using Drupal Steward are already protected against known attack vectors. An update is still recommended, though…

May 20, 2026 · Bill Toulas

Council of Europe investigates ShinyHunters data breach claims

…In a post published on their dark web leak site over the weekend, the ShinyHunters claimed to have stolen more than 429,000 documents containing HR and payroll data from multiple Council…

Jun 15, 2026 · Sergiu Gatlan

Followed topics

Search