General cybersecurity industry news, market trends, and analysis
A 21-year-old man suspected of conducting approximately 100 data breaches since late 2025 - including a hack of the French Ministry of National Education that exposed records on almost a quarter of a million employees — has been arrested at his home in western France.
The threat detection startup will invest in accelerating its engineering and go-to-market efforts.
Chinese hacker extradited after 2020–2021 Exchange zero-day attacks on U.S. vaccine research, intensifying DOJ crackdown.
Agent ID Administrator enabled service principal takeover before April 9, 2026 patch, exposing privilege escalation risk in Entra ID tenants.
The ShinyHunters cybercrime group claimed to have stolen 9 million records containing personal information from Medtronic.
CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.
A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged campaign.
A researcher discovered five different exploit paths that stem from an architectural weakness in how Windows' Remote Procedure Call (RPC) mechanism handles connections to unavailable services.
Checkmarx data surfaced after March 23, 2026 supply chain attack, prompting repository lockdown and investigation, raising exposure concerns.
This week’s ThreatsDay covers supply chain attacks, fake help desks, wiper malware, AI prompt traps, RMM abuse, phishing kits, and more.
Researchers have uncovered a malware framework dubbed "fast16" that predates Stuxnet by 5 years.
The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries.
