14 Jul, 2026

Aisuru botnet sets new record with 31.4 Tbps DDoS attack

The Aisuru/Kimwolf botnet launched a new massive distributed denial of service (DDoS) attack that peaked at 31.4 Tbps and 200 million requests per second, setting a new record. The attack was part of a campaign targeting multiple companies, most of them in the telecommunications sector, and was detected and mitigated by Cloudflare last year on December 19. […]

2 mins read

France fines unemployment agency €5 million over data breach

The French data protection authority fined the national employment agency €5 million (nearly €6 million) for failing to secure job seekers’ data, which allowed hackers to steal the personal information of 43 million people. France Travail (formerly known as Pôle Emploi) is the country’s public employment service, providing unemployment benefits and helping job seekers find […]

2 mins read

Google rolls out Android theft protection feature updates

​Google has introduced stronger Android authentication safeguards and enhanced recovery tools to make smartphones more challenging targets for thieves. These updated Android theft protection features build on the company’s existing anti-theft defenses introduced in October 2024 to protect users before, during, and after theft attempts. “Phone theft is more than just losing a device; it’s a form […]

2 mins read

Initial access hackers switch to Tsundere Bot for ransomware attacks

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access trojan to gain network access that could lead to ransomware attacks. Proofpoint researchers have been tracking TA584’s activity since 2020 and say that the threat actor has significantly increased its operations recently, introducing a continuous attack chain that undermines static […]

3 mins read

Cyberattack on Polish energy grid impacted around 30 facilities

The coordinated attack on Poland’s power grid in late December targeted multiple distributed energy resource (DER) sites across the country, including combined heat and power (CHP) facilities and wind and solar dispatch systems. Although the attacker compromised operational technology (OT) systems damaging “key equipment beyond repair,” they failed to disrupt power, totalling 1.2 GW or 5% of […]

3 mins read

eScan confirms update server breached to push malicious update

MicroWorld Technologies, the maker of the eScan antivirus product, has confirmed that one of its update servers was breached and used to distribute an unauthorized update later analyzed as malicious to a small subset of customers earlier this month. The file was delivered to customers who downloaded updates from the regional update cluster during a […]

4 mins read

Viral Moltbot AI assistant raises concerns over data security

Security researchers are warning of insecure deployments in enterprise environments of the Moltbot (formerly Clawdbot) AI assistant, which can lead to leaking API keys, OAuth tokens, conversation history, and credentials. Moltbot is an open-source personal AI assistant with deep system integration created by Peter Steinberger that can be hosted locally on user devices and integrated directly with the user’s […]

4 mins read

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host. Identified as CVE-2026-1470 and CVE-2026-0863, the vulnerabilities were discovered and reported by researchers at DevSecOps company JFrog. Despite requiring authentication, CVE-2026-1470 received a critical severity score of 9.9 out of 10. JFrog […]

3 mins read

FBI seizes RAMP cybercrime forum used by ransomware gangs

The FBI has seized the notorious RAMP cybercrime forum, a platform used to advertise a wide range of malware and hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware operations. Both the forum’s Tor site and its clearnet domain, ramp4u[.]io, now display a seizure notice stating, “The Federal […]

4 mins read

Empire cybercrime market owner pleads guilty to drug conspiracy

​A Virginia man who co-created Empire Market, one of the largest dark web marketplaces at the time, pleaded guilty to federal drug conspiracy charges for facilitating $430 million in illegal transactions from 2018 to 2020. The marketplace operated as a hidden service accessible only via TOR browsers and was advertised as an AlphaBay “clone,” modeled […]

2 mins read