Cyber Espionage

TanStack considers locking down PRs after Shai-Hulud worm exploited GitHub Actions to poison their shared cache. The nuclear option for open source?

Poland orders officials off Signal, mandates state-built messenger instead. The reason? Social engineering attacks hitting government leadership. Sovereignty or security theater?

Pre-Stuxnet malware exposed: Fast16 deliberately corrupted nuclear weapons simulations years before the world knew about sophisticated cyber sabotage operations.

JDownloader site compromised to distribute Python RAT. New TrickMo variant targets banking apps. Mr_Rot13 exploits CVE for backdoor access. Weekly malware roundup.

Scammers are now sending physical phishing letters to Ledger users. The attack uses QR codes to steal crypto seed phrases. Old-school mail meets new-school scams.

Apple M5 chip exploited for first time: researchers achieve kernel memory corruption on macOS 26.4.1 in just 5 days, bypassing hardware-level protections.

Russian APT Turla transforms Kazuar malware into stealthy P2P botnet for long-term network persistence. Nation-state threat actors evolving tactics.

ALERT: Hackers exploit Funnel Builder flaw to inject skimmers into WooCommerce checkouts, stealing payment data. 600K+ sites at risk. Patch NOW. Severity: High Target: WooCommerce sites

Critical Funnel Builder plugin flaw actively exploited to inject card-stealing malware into WordPress checkout pages. 400K+ sites at risk. Patch immediately.

CISA adds Microsoft Exchange Server XSS vulnerability to KEV Catalog amid active exploitation. Federal agencies have a deadline—but all orgs should patch now.