11 Jul, 2026

Bluekit phishing kit adopts browser-in-the-middle for login theft

The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week, and by adding browser-in-the-middle (BitM) capabilities for improved data theft. First documented in April by Varonis researchers, Bluekit provides an AI assistant that supports multiple large language models (Llama, GPT-4.1, Claude, Gemini, and DeepSeek) for drafting phishing emails. At […]

3 mins read

DraftKings hacker ‘Snoopy’ sentenced to 18 months in prison

A 21-year-old using the alias “Snoopy” was sentenced to 18 months in prison for his role in hacking DraftKings accounts in the November 2022 cyberattack. In December 2025, the man, Nathan Austad of Minnesota, pleaded guilty to conspiracy to commit computer intrusion, admitting that he and co-conspirators compromised 60,000 DraftKings user accounts. During the attack, the […]

2 mins read

Malicious Edge extension abuses Native Messaging as bridge to malware

A malicious Microsoft Edge extension dubbed ‘Edgecution’ has been used in a ransomware attack to escape the browser sandbox and deploy a Python-based backdoor. Access to the local system is obtained by leveraging the Chrome Native Messaging protocol that allows browser extensions to interact with native desktop applications, such as a password manager communicating with […]

4 mins read

CISA warns of max severity Ubiquiti flaws exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers actively exploiting flaws in Ubiquity UniFi OS and Lantronix serial-to-ethernet servers. According to the BOD 26-04 directive, federal agencies have three days to apply available security updates or vendor-recommended mitigations. The Ubiquiti flaws that CISA added to its catalog of Known Exploited Vulnerabilities are: Ubiquiti released security updates for the […]

2 mins read

Amadey, StealC malware operations disrupted in Operation Endgame action

Microsoft, Europol, and international partners have disrupted infrastructure used by the Amadey and StealC malware operations as part of Operation Endgame, which targets cybercriminal services and ransomware gangs. The law enforcement action involved authorities and private partners from multiple countries, who assisted in identifying and taking down, seizing, blocking, or sinkholing infrastructure tied to the malware […]

3 mins read

Stealthy Mistic backdoor linked to ransomware access broker KongTuke

A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, education, IT, and professional services sectors. The malware is believed to be linked to KongTuke/Woodgnat, an initial access broker active since at least 2024 that specializes in compromising corporate networks and selling that access to ransomware groups, including […]

3 mins read

Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks

A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks. Cisco released security updates for the CVE-2026-20230 flaw on June 3, warning that exploitation could give attackers root privileges on the device. “A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager […]

3 mins read

Tata Electronics confirms cyberattack as hackers leak data

Tata Electronics has confirmed in a statement to GeekFeed that it was the target of a cyberattack that impacted parts of its IT infrastructure. The company emphasizes that its operations continued to run normally and were not affected by the incident. “A few weeks ago, Tata Electronics identified a cybersecurity incident on some of our […]

2 mins read

Windows 11 KB5095093 update rolls out new Point-in-Time restore feature

Microsoft has released the KB5095093 preview cumulative update for Windows 11 24H2 and 25H2, which fixes numerous bugs and begins rolling out new features, including the new Point-in-Time restore feature. The KB5095093 update is part of the company’s optional non-security preview update schedule, which releases updates at the end of each month to test new fixes and features coming in […]

15 mins read

Healthtech firm Xolis suffers data breach impacting 1.4 million people

Healthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave attackers access to its network. Although the company is not aware of any attempted misuse of the exposed information, it is warning affected individuals to stay alert for potential targeted attacks. Xsolis is […]

2 mins read