Massive Supply Chain Attacks Rock GitHub & Laravel; CISA Contractor Leaks GovCloud Keys

Trump Mobile API Flaw Exposes Personal Data of 27,000 Smartphone Pre-Order Customers

Trump Mobile is investigating a significant data exposure incident affecting approximately 27,000 customers who pre-ordered the company's T1 smartphone. A security researcher discovered an unprotected API endpoint that allowed public access to customer records...

CISA Contractor Leaks AWS GovCloud Keys and Internal System Credentials on Public GitHub Repo

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is under congressional investigation after a contractor exposed highly sensitive credentials on a public GitHub repository. The repository, named 'Private-CISA,' contained plaintext credentials f...

‘Megalodon’ Campaign Hits 5,500+ GitHub Repos in Automated CI/CD Supply Chain Attack

A massive, automated supply chain attack dubbed 'Megalodon' has compromised over 5,500 public GitHub repositories in just six hours. The attackers pushed thousands of malicious commits that altered CI/CD workflow files, backdooring the build processes of the a...

TeamPCP Threat Actor Breaches TanStack in 'Mini Shai-Hulud' Supply Chain Campaign

The financially motivated threat group 'TeamPCP' has been identified as the actor behind the 'Mini Shai-Hulud' supply chain campaign, which recently compromised the popular TanStack open-source library. The attack, which also targeted the npm and PyPI ecosyste...

Akamai Report: Financial Sector Under Siege from AI-Powered Botnets and Escalating DDoS Attacks

According to a new 'State of the Internet' report from Akamai, the financial services sector is facing a growing threat from increasingly sophisticated cyberattacks. The report highlights the use of AI-empowered botnets that operate with greater speed and auto...

'Trapdoor' Android Ad Fraud Campaign Used 455 Malicious Apps to Hijack Millions of Devices

A sophisticated and large-scale Android ad fraud operation named 'Trapdoor' has been uncovered by security researchers. The campaign involved a network of 455 malicious apps, downloaded over 24 million times from the Google Play Store, that worked together to...

Critical 18-Year-Old 'NGINX Rift' Vulnerability (CVE-2026-42945) Under Active Attack

Update:The NGINX Rift vulnerability (CVE-2026-42945) continues to be actively exploited, with new analysis emphasizing its critical impact on NGINX instances used as API gateways. Additional detection methods include vulnerability scanning and deploying WAF/IPS with...

TanStack Details Sophisticated Supply Chain Attack That Compromised 42 npm Packages

Update:Grafana Labs confirmed theft of source code and internal data by 'CoinbaseCartel' extortion group. This breach was a direct consequence of the TanStack supply chain attack. Attackers exploited a single workflow token, stolen via the malicious TanStack npm pack...

NYC Health + Hospitals Breach May Affect 1.8 Million Patients and Employees

Update:New details reveal the NYC Health + Hospitals data breach, affecting 1.8 million individuals, stemmed from a compromise at an unnamed third-party vendor. Attackers maintained network access from November 2025 to February 2026, indicating a significant dwell ti...

Chinese APT 'Webworm' Uses Discord and MS Graph API for C2 in New Backdoor Attacks

Update:New research from ESET confirms Webworm's expanded targeting to specific government entities in Belgium, Italy, Poland, Spain, and South Africa. The GraphWorm backdoor is now detailed to leverage OneDrive as a dead-drop for C2 and exfiltration, with compromise...

New 'Underminr' Flaw in CDNs Puts 88 Million Domains at Risk of Evasive Attacks

Update:This update provides a more detailed technical analysis of the 'Underminr' vulnerability, outlining the reconnaissance, setup, exploitation, and bypass steps. It maps the technique to several MITRE ATT&CK techniques, including T1071.001, T1090.002, T1573.002,...