MyCyberWay

MyCyberWay https://validator.w3.org/feed/docs/rss2.html Aggregator Traffic violation scams switch to QR codes in new phishing texts New FortiClient EMS flaw exploited in attacks, emergency patch released $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91 Hackers exploit React2Shell in automated credential theft campaign Researchers didn’t want to glamorize cybercrims. So they roasted them Image or Malware? Read until the end and answer in comments :) Security Affairs newsletter Round 571 by Pierluigi Paganini – INTERNATIONAL EDITION 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants Anthropic sure has a mess on its hands thanks to that Claude Code source leak Home Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS Axios npm hack used fake Teams error fix to hijack maintainer account Qilin ransomware group claims the hack of German political party Die Linke U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog Device code phishing attacks surge 37x as new kits spread online European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack European Commission breach exposed data of 30 EU entities, CERT-EU says Trump wants to take a battle axe to CISA again and slash $707M from budget Inconsistent Privacy Labels Don’t Tell Users What They Are Getting LinkedIn secretely scans for 6,000+ Chrome extensions, collects data LinkedIn secretly scans for 6,000+ Chrome extensions, collects data Hims & Hers warns of data breach after Zendesk support ticket breach China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing Apple Breaks Precedent, Patches DarkSword for iOS 18 Die Linke German political party confirms data stolen by Qilin ransomware Hybrid work, expanded risk: what needs to change Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting Evolution of Ransomware: Multi-Extortion Ransomware Attacks Sophos Gartner Peer Insights MDR North Korea–linked hackers drain $285M from Drift in sophisticated attack Picking Up ‘Skull Vibrations’? Could Be XR Headset Authentication CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access Claude Source Code Leak Highlights Big Supply Chain Missteps Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain TrueConf Zero-Day Exploited in Asian Government Attacks In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware Critical ShareFile Flaws Lead to Unauthenticated RCE CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry Microsoft still working to fix Exchange Online mailbox access issues UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack Why Third-Party Risk Is the Biggest Gap in Your Clients’ Security Posture Mobile Attack Surface Expands as Enterprises Lose Control React2Shell Exploited in Large-Scale Credential Harvesting Campaign T-Mobile Sets the Record Straight on Latest Data Breach Filing North Korean Hackers Drain $285 Million From Drift in 10 Seconds New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images Man admits to locking thousands of Windows devices in extortion plot