Scattered Spider Suspect Extradited After $8M Jewelry Hack
19-year-old Peter Stokes extradited from Finland to face U.S. charges for alleged role in Scattered Spider operations including an $8 million jewelry retailer breach.
19-year-old Peter Stokes extradited from Finland to face U.S. charges for alleged role in Scattered Spider operations including an $8 million jewelry retailer breach.
Seven CVSS 10.0 vulnerabilities in Adobe ColdFusion and Campaign Classic enable unauthenticated RCE. Adobe shifts to twice-monthly security bulletins citing AI-accelerated discovery.
Attackers exploited deprecated OAuth ROPC flow to bypass MFA, compromising 78 accounts across 64 organizations. Attack originated from Hong Kong and China infrastructure.
Unit 42 finds attackers registering domains that LLMs hallucinate, then hosting phishing kits to intercept AI-directed traffic. Montana Empire kit caught 23 days after prediction.
The Blackfield ransomware gang claims a breach at Nidec Corporation, demanding $2 million to prevent data leakage. This marks Nidec's second ransomware incident in two years.
Attackers compromised Aflac Japan's customer portal between June 15-25, exposing names, addresses, and phone numbers for 4.38 million policyholders. No health data affected.
BabaDeda, Lorem Ipsum, and Potemkin loaders emerge from ClickFix social engineering attacks, deploying infostealers and linking to Rhysida ransomware operations.
Curl 8.21.0 addresses a record 18 CVEs, including CVE-2026-8932—an mTLS authentication bypass introduced in March 2001. AI tools discovered several of the vulnerabilities.
CVE-2026-20182 allows unauthenticated attackers to inject rogue peers into Cisco SD-WAN fabrics. Active exploitation since May; no workaround available—patch immediately.
CVE-2026-13028, a critical use-after-free in Chrome's WebGL component, scores CVSS 9.6 and allows remote code execution with sandbox escape on Android. Update immediately.
Learn about ransomware, phishing, malware, and essential online safety practices.
Curated books, tools, and resources to deepen your cybersecurity knowledge.
Get the latest cybersecurity news delivered to your inbox.