12 Jul, 2026

New Helix vishing group emerges in SharePoint data theft attacks

A new data-extortion group called Helix is using identity-focused tactics such as voice phishing (vishing), device code phishing, and multi-factor authentication (MFA) abuse to steal data from SharePoint environments. Initial contact is made through vishing. In some cases, the threat actor called employees while impersonating their manager, using either the manager’s name or caller ID […]

2 mins read

Microsoft expects more Windows security updates from AI-discovered flaws

Microsoft says Windows users should expect to see an increase in security updates as the company increasingly relies on artificial intelligence to discover vulnerabilities in its codebase. In a blog post published today, Microsoft said advances in AI have significantly accelerated vulnerability discovery, allowing engineers to identify more security issues before they can be exploited […]

2 mins read

New Forg365 phishing platform uses AI to target Microsoft 365 accounts

A new phishing-as-a-service (PhaaS) operation called Forg365 focuses on stealing Microsoft 365 accounts by combining adversary-in-the-middle (AiTM) and device code methods with AI-assisted lure generation. The platform also provides a browser extension for continued access to the Microsoft services linked to the compromised accounts without the need to re-authenticate. Researchers at ZeroBEC email security company […]

4 mins read

Microsoft to retire the OWA Light client in Exchange Server

Microsoft has announced plans to disable Outlook Web Access (OWA) Light, the lightweight version of the Outlook Web App email client, in a future Exchange Server update. “OWA Light was an important compatibility experience when the web needed it. Today, the full Outlook on the web experience is the right place for us to focus,” the […]

2 mins read

Police arrests 5,800 suspects in global anti-fraud crackdown

Law enforcement agencies have arrested 5,811 suspects and seized $293 million in illicit assets in a global anti-fraud operation spanning 97 countries. Dubbed “Operation First Light 2026,” this joint action has targeted social engineering fraud (including business email compromise, sextortion, impersonation, romance, and investment scams) and money laundering activities between January 15 and April 30. […]

2 mins read

AssuranceAmerica data breach exposes records of 6.9 million drivers

American insurance company AssuranceAmerica has disclosed a data breach impacting nearly 7 million drivers after attackers gained access to its systems earlier this year.  AssuranceAmerica operates through a network of over 9,500 independent agents and provides auto, renters, and commercial auto insurance coverage across 14 U.S. states. While the company has yet to publish a press […]

2 mins read

Microsoft patches RoguePlanet Defender zero-day vulnerability

Microsoft has released a security patch to address a Defender zero-day vulnerability known as “RoguePlanet,” disclosed after the June 2026 Patch Tuesday. The flaw (tracked as CVE-2026-50656) was disclosed by a security researcher using the “Nightmare Eclipse” handle as part of an ongoing dispute with Microsoft over the company’s bug bounty and vulnerability disclosure practices. They […]

2 mins read

Mount Royal University confirms breach as hackers claim attack

Mount Royal University in Calgary says hackers stole and then deleted data from its file storage systems after breaching the university’s network. In an update published on its website, MRU states that it has engaged technical teams and external cybersecurity experts to investigate the incident and to support recovery efforts following a cyberattack on June […]

3 mins read

Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials

Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to developers and users of Paysafe, Skrill, and Neteller payment applications. The threat actor published at least 17 malicious packages simultaneously, each tasked to exfiltrate credentials and access tokens to a command-and-control server hosted on Amazon Web Services (AWS). […]

3 mins read

Hackers exploit Roundcube flaw to spy on academic researchers

A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. The campaign has been observed since May and focuses on physics and engineering departments, administrators and professors, as well as organizations involved in astrophysics, particle physics, or national security-related research. Researchers at cybersecurity company […]

2 mins read