GitHub cross-tenant RCE via git push, SAP npm backdoored in Mini Shai-Hulud, 276 pig-butchering arrests, 30K Facebook accounts phished via Google, and LiteLLM exploited in 36 hours.
May 3, 2026
Two IR pros jailed for BlackCat. Scattered Spider arrested in Finland. Cordial/Snarky Spider target SaaS. CISA's 48-hour cPanel mandate. Europol's velocity gap warning.
May 2, 2026
Iran doxxed Marines. ShinyHunters claimed 9.4M Amtrak records. A 15-year-old breached France's ID agency. $725M in cargo theft. PyTorch Lightning backdoored.
May 1, 2026
BlueNoroff hid a 66-day fileless implant behind AI Zoom deepfakes. WordPress plugins backdoored for 8 months via blockchain C2. APT28 patch was incomplete — zero-click flaw now actively exploited.
Apr 30, 2026
8.3M anonymous crime tips exposed — 38 years of data. Silk Typhoon hacker extradited from Italy. Microsoft patches critical Entra ID takeover flaw. Mustang Panda targets India banks and Korea diplomacy.
Apr 29, 2026
