18 Jul, 2026

New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube

A new Android spyware called ClayRat is luring potential victims by posing as popular apps and services like WhatsApp, Google Photos, TikTok, and YouTube. The malware is targeting Russian users through Telegram channels and malicious websites that appear legitimate. It can steal SMS meessages call logs, notifications, take pictures, and even make phone calls. Malware researchers […]

3 mins read

FBI takes down BreachForums portal used for Salesforce extortion

The FBI seized a BreachForums domain used by the ShinyHunters group as a data leak extortion site for the widespread Salesforce attacks, with the threat actor stating that law enforcement also stole database backups for the notorious hacking forum. The domain, Breachforums.hn, was previously used to relaunch the hacking forum this summer, but the site was soon […]

4 mins read

Electronics giant Avnet confirms breach, says stolen data unreadable

Electronic components distributor Avnet confirmed in a statement for GeekFeed that it suffered a data breach but noted that the stolen data is unreadable without proprietary tools. A company spokesperson told us that the incident occurred after unauthorized actors accessed a database hosted on an external service, which stored information used in the EMEA (Europe, Middle […]

2 mins read

Google’s new AI bug bounty program pays up to $30,000 for flaws

This week, Google has launched an AI Vulnerability Reward Program dedicated to security researchers who find and report flaws in the company’s AI systems. The new bug bounty program focuses on the most impactful issues in the highest-profile AI products, including but not limited to Google Search (on google.com), Gemini Apps (Web, Android, and iOS), […]

2 mins read

Red Hat data breach escalates as ShinyHunters joins extortion

Enterprise software giant Red Hat is now being extorted by the ShinyHunters gang, with samples of stolen customer engagement reports (CERs) leaked on their data leak site. News of the Red Hat data breach broke last week when a hacking group known as the Crimson Collective claimed to have stolen nearly 570GB of compressed data across 28,000 internal development […]

4 mins read

Microsoft: Critical GoAnywhere bug exploited in ransomware attacks

A cybercrime group, tracked as Storm-1175, has been actively exploiting a maximum severity GoAnywhere MFT vulnerability in Medusa ransomware attacks for nearly a month. Tracked as CVE-2025-10035, this security flaw impacts Fortra’s web-based secure transfer GoAnywhere MFT tool, caused by a deserialization of untrusted data weakness in the License Servlet. This vulnerability can be exploited remotely in low-complexity […]

2 mins read

Redis warns of critical flaw impacting thousands of instances

The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances. Redis (short for Remote Dictionary Server) is an open-source data structure store used in approximately 75% of cloud environments, functioning like a database, cache, and message broker, and storing […]

3 mins read

Steam and Microsoft warn of Unity flaw exposing gamers to attacks

A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on Windows. Unity is a cross-platform game engine and development platform that provides rendering, physics, animation, and scripting tools for developers to create titles for Windows, macOS, Android, iOS, consoles, and the web. A […]

3 mins read

XWorm malware resurfaces with ransomware module, over 35 plugins

New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, abandoned the project last year. The latest variants, XWorm 6.0, 6.4, and 6.5, appear to be adopted by multiple threat actors and have support for plugins that allow a wide range of malicious activities. Malware operators can use […]

5 mins read

Oracle patches EBS zero-day exploited in Clop data theft attacks

Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. The flaw is within the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration) and has a CVSS base score of 9.8, […]

7 mins read