2 US Cybersecurity Experts Jailed for Aiding ALPHV (BlackCat) Ransomware
Two US cybersecurity experts jailed for aiding BlackCat ransomware group, extorting victims worldwide and exploiting insider access for profit.
45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation
SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks.
Hackers Use Jenkins Access to Deploy DDoS Botnet Against Gaming Servers
A new campaign shows misconfigured Jenkins servers abused to deploy a DDoS botnet targeting gaming systems, with Valve Corporation infrastructure in focus.
Critical cPanel Vulnerability Lets Attackers Bypass Login, Gain Root Access
A critical cPanel vulnerability lets attackers bypass login and gain root access, with active exploitation reported before patches were released.
Private Chats, Photos of Celebs Exposed in Suspected Stalkerware Leak
Private chats and photos of celebrities and influencers were exposed after a suspected stalkerware setup left a database open, revealing sensitive messages and files.
Misconfigured Server Run by Hackers Leaks 345,000 Stolen Credit Cards
A misconfigured server linked to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an AI coding error caused a major security flaw.
9-Year-Old Linux Kernel Vulnerability “Copy Fail” Enables Full Root Access
Linux Kernel Vulnerability “Copy Fail” lets attackers gain root access via memory flaw. Patch now or disable algif_aead to stay secure.
Cursor AI Agent Wipes PocketOS Database and Backups in 9 Seconds
PocketOS founder says Cursor AI agent deleted its production database in 9 seconds after misusing a root API token, exposing major Railway security flaws.
New AI-Powered Bluekit Phishing Kit Targets Major Platforms with MFA Bypass Attacks
Bluekit Phishing Kit is a new PhaaS tool that targets major platforms, using AiTM techniques to steal session data and bypass MFA protections.
Polymarket Rejects Data Breach Claims as Hacker Alleges 300K Records Stolen
A hacker using the alias "Xorcat" claims to have breached Polymarket using API flaws, but research suggests the leak could be just data scraping incident.