Windows Defender Zero-Days Actively Exploited, Global DDoS Takedown, and Major Data Breaches at McGraw Hill & Amtrak

McGraw Hill Data Breach Exposes 13.5 Million Accounts After Salesforce Misconfiguration

Educational publishing giant McGraw Hill has confirmed a significant data breach exposing the personal information of 13.5 million unique email accounts. The incident was caused by a misconfigured webpage hosted on the Salesforce platform. The cybercrime group...

New 'NBLOCK' Ransomware Emerges, Using AES-256 Encryption and Tor for Anonymous Extortion

Security researchers at CYFIRMA have identified a new ransomware family named 'NBLOCK.' The malware encrypts victim files using AES-256, appends a '.NBLock' extension, and drops a ransom note named 'README_NBLOCK.txt'. Unlike some modern ransomware that focuse...

Stealthy 'PowMix' Botnet Targets Czech Workforce with Evasive C2 Communications

Researchers at Cisco Talos have uncovered a new botnet named 'PowMix,' which has been targeting the workforce in the Czech Republic since at least December 2025. The malware is delivered via phishing emails containing malicious LNK files and uses PowerShell fo...

Mozambique Passes Sweeping Cybersecurity and Cybercrime Laws to Combat Rising Digital Threats

Mozambique's Parliament, the Assembly of the Republic, has approved two landmark laws to establish a national cybersecurity framework and combat cybercrime. The legislation comes in response to a sharp increase in cyberattacks, with over 173,000 incidents reco...

Phishing Campaign Abuses Legitimate SimpleHelp RMM Tool via Fake DHL 'Shipment Arrived' Emails

A new phishing campaign is targeting businesses with convincing emails impersonating the shipping company DHL. The emails, with subject lines like 'Your shipment has arrived,' trick recipients into opening a malicious PDF attachment. Clicking a button within t...

Two U.S. Senior Care Providers Disclose Data Breaches by Sinobi and Worldleaks Ransomware Gangs

Two providers of senior care services, Windward Life Care in California and Legend Senior Living in Kansas, have disclosed data breaches resulting from ransomware attacks that occurred in 2025. The ransomware groups Sinobi and Worldleaks have claimed responsib...

Critical 'NomShub' Vulnerability in Cursor AI Editor Allows for Complete Developer Machine Hijacking

A critical set of vulnerabilities in the Cursor AI coding editor, collectively named 'NomShub' by researchers at Straiker, could allow an attacker to gain full remote shell access to a developer's machine. The attack requires no user interaction beyond the vic...

Researcher Leaks 'BlueHammer' Windows Zero-Day Exploit on GitHub After Dispute with Microsoft

Update:The original 'BlueHammer' zero-day has been patched by Microsoft as CVE-2026-33825. However, the same researcher has disclosed two new unpatched zero-days: 'RedSun', a local privilege escalation (LPE) to SYSTEM, and 'UnDefend', which disables Microsoft Defende...

ShinyHunters Claims Amtrak Breach, Threatens to Leak 9.4M Records

Update:ShinyHunters has publicly leaked over 2.1 million Amtrak customer records on April 17, 2026, confirming the previously threatened breach. The leaked dataset includes unique email addresses, names, and physical addresses, and has been ingested by services like...