12 Jul, 2026

Mazda discloses security breach exposing employee and partner data

Mazda Motor Corporation (Mazda) announced that information belonging to its employees and business partners had been exposed in a security incident detected last December. Mazda is one of Japan’s largest automotive manufacturers, with an annual production of 1.2 million vehicles and revenue of nearly $24 billion. The company said the attackers exploited a vulnerability in […]

2 mins read

Tycoon2FA phishing platform returns after recent police disruption

The Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels. Microsoft led the technical disruption, which involved seizing 330 domains part of Tycoon2FA’s backbone infrastructure that included control panels and phishing pages used in attacks. However, the disruption caused by the law enforcement was short-lived, as […]

2 mins read

TeamPCP deploys Iran-targeted wiper in Kubernetes attacks

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran. The threat actor is responsible for the recent supply-chain attack on the Trivy vulnerability scanner, and also an NPM-based campaign dubbed ‘CanisterWorm,’ which started on March 20. Selective destruction payload Researchers at application security […]

3 mins read

Crunchyroll probes breach after hacker claims to steal 6.8M users’ data

Popular anime streaming platform Crunchyroll is investigating a breach after hackers claimed to have stolen personal information for approximately 6.8 million people. “We are aware of recent claims and are currently working closely with leading cyber security experts to investigate the matter,” Crunchyroll initially told GeekFeed. “Our investigation is ongoing, and we continue to work with leading […]

4 mins read

Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company’s GitHub organization to tamper with dozens of repositories. This follows the threat actor compromising the GitHub build pipeline for Trivy, Aqua Security’s scanner, to deliver infostealing malware in a supply-chain attack that extended to Docker Hub over the […]

4 mins read

Microsoft Exchange Online service change causes email access issues

Microsoft is working to address an ongoing service issue that has intermittently prevented some users from accessing their cloud-based Exchange Online mailboxes via Outlook mobile and Mac desktop clients since Thursday. After investigating the incident (tracked under EX1256020), Microsoft found that the root cause was a newly introduced virtual account. On Saturday, began working to revert […]

2 mins read

FBI warns of Handala hackers using Telegram in malware attacks

The U.S. Federal Bureau of Investigation (FBI) warned network defenders that Iranian hackers linked to the country’s Ministry of Intelligence and Security (MOIS) are using Telegram in malware attacks. In a flash alert issued on Friday, the FBI says Telegram is being used as command-and-control (C2) infrastructure by malware targeting journalists criticizing the Iranian government, […]

2 mins read

CISA orders feds to patch DarkSword iOS flaws exploited attacks

CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit. As Google Threat Intelligence Group (GTIG) and iVerify researchers revealed last week, the DarkSword delivery framework abuses a chain of six vulnerabilities tracked as CVE-2025-31277, CVE-2025-43529, CVE-2026-20700, CVE-2025-14174, CVE-2025-43510, and CVE-2025-43520. These flaws enable […]

2 mins read

VoidStealer malware steals Chrome master key via debugger trick

An information stealer called VoidStealer uses a new approach to bypass Chrome’s Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser. The novel method is stealthier and relies on hardware breakpoints to extract the v20_master_key,  used for both encryption and decryption, directly from the browser’s memory, without requiring […]

3 mins read

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-stealing malware through official releases and GitHub Actions. Trivy is a popular security scanner that helps identify vulnerabilities, misconfigurations, and exposed secrets across containers, Kubernetes environments, code repositories, and cloud infrastructure. Because developers and security teams commonly […]

6 mins read