HIGH

From Cookies to Keys: The Threat of Session Hijacking

Huntress • May 26, 2026

HIGH

Fake software on GitHub and SourceForge distribute Deno RAT

Malwarebytes Labs • May 26, 2026

HIGH

Kash Patel's merchandise site hacked to distribute malware

SC Media • May 22, 2026

MEDIUM

Keepnet contributes voice and SMS phishing data to the 2026 Verizon DBIR

Help Net Security • May 22, 2026

MEDIUM

Paved With Intent: ROADtools and Nation-State Tactics in the Cloud

Unit 42 • May 22, 2026

HIGH

WantToCry ransomware evades detection through SMB abuse, remote encryption

SC Media • May 20, 2026

HIGH

New Mini Shai-Hulud attack targets npm ecosystem

SC Media • May 20, 2026

HIGH

GitHub Confirms Breach, 4K Internal Repos Stolen

Dark Reading • May 20, 2026

HIGH

Exposed RDP: The Misconfiguration Attackers Keep Exploiting

Huntress • May 19, 2026

HIGH

OpenAI confirms security breach in TanStack supply chain attack

BleepingComputer • May 14, 2026

MEDIUM

'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine

Dark Reading • May 13, 2026

HIGH

VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure

Reddit r/netsec • May 14, 2026

HIGH

Foxconn Attack Highlights Manufacturing's Cyber Crisis

Dark Reading • May 13, 2026

HIGH

Defending Against CORDIAL SPIDER and SNARKY SPIDER with Falcon Shield

CrowdStrike •

HIGH

Sharing a hands-on lab inspired by the recent Canvas security incident — looking for collaborators

Reddit r/netsec • May 13, 2026

HIGH

US govt seeks Instructure testimony on massive Canvas cyberattack

BleepingComputer • May 12, 2026

HIGH

Poland's intelligence agency thwarts cyberattacks on water treatment plants

SC Media • May 11, 2026

CRITICAL

Hackers Observed Using AI to Develop Zero-Day for the First Time

Infosecurity Magazine • May 11, 2026

CRITICAL

11th May – Threat Intelligence Report

Check Point Research • May 11, 2026

HIGH

Canvas System Is Online After a Cyberattack Disrupted Thousands of Schools

SecurityWeek • May 11, 2026

MEDIUM

Stúdentum greitt högg á ögurstundu

Mbl Innlent • May 08, 2026

MEDIUM

„Mjög streituvaldandi og vond tilfinning“

Mbl Innlent • May 08, 2026

MEDIUM

Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom

SecurityWeek • May 08, 2026

MEDIUM

Hackers ate my homework: Educational SaaS Canvas down after cyberattack

The Register Security • May 08, 2026

HIGH

Svört rigning fellur til jarðar í Rússlandi

RÚV • Apr 30, 2026

HIGH

Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak

SecurityWeek • Apr 28, 2026

MEDIUM

Medtronic says cyberattack did not disrupt its operations

SC Media • Apr 27, 2026

MEDIUM

Energy and Water Management Firm Itron Hacked

SecurityWeek • Apr 27, 2026

LOW

A week in security (April 20 – April 26)

Malwarebytes Labs • Apr 27, 2026

MEDIUM

STARDUST CHOLLIMA Likely Compromises Axios npm Package

CrowdStrike •

HIGH

UNC6692: nuova minaccia Teams colpisce decisori aziendali

Reddit r/netsec • Apr 24, 2026

HIGH

GopherWhisper: China-linked hackers target governments with custom Go toolkit

SC Media • Apr 24, 2026

CRITICAL

Governments on high alert after CISA snuffs out Firestarter backdoor on fed network

The Register Security • Apr 24, 2026

HIGH

Dragos: Despite AI use, new malware targeting water plants is ‘hype’

CyberScoop • Apr 23, 2026

HIGH

Almost 600K reportedly impacted by separate US healthcare breaches

SC Media • Apr 22, 2026

HIGH

Kyber ransomware gang toys with post-quantum encryption on Windows

BleepingComputer • Apr 22, 2026

HIGH

STARDUST CHOLLIMA Likely Compromises Axios npm Package

CrowdStrike •

HIGH

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention

SecurityWeek • Apr 22, 2026

HIGH

Over 400K records allegedly stolen from major Dutch webshop Bol, data leaked

SC Media • Apr 21, 2026

MEDIUM

STARDUST CHOLLIMA Likely Compromises Axios npm Package

CrowdStrike •

HIGH

STARDUST CHOLLIMA Likely Compromises Axios npm Package

CrowdStrike •

MEDIUM

Seiko USA website defaced, customer data breach claimed

SC Media • Apr 21, 2026

HIGH

Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained

Rapid7 Research • Apr 21, 2026

HIGH

STARDUST CHOLLIMA Likely Compromises Axios npm Package

CrowdStrike •

HIGH

STARDUST CHOLLIMA Likely Compromises Axios npm Package

CrowdStrike •

CRITICAL

20th April – Threat Intelligence Report

Check Point Research • Apr 20, 2026

HIGH

Why the Axios attack proves AI is mandatory for supply chain security

CyberScoop • Apr 20, 2026

HIGH

Data breach at edtech giant McGraw Hill affects 13.5 million accounts

BleepingComputer • Apr 16, 2026

HIGH

Automotive Ransomware Attacks Double in a Year

Infosecurity Magazine • Apr 16, 2026

HIGH

Ransomware Hits Automotive Data Expert Autovista

SecurityWeek • Apr 16, 2026

HIGH

New AgingFly malware used in attacks on Ukraine govt, hospitals

BleepingComputer • Apr 15, 2026

HIGH

Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure

SecurityWeek • Apr 15, 2026

MEDIUM

Hacker Compromises a16z-Backed Phone Farm, Tries to Post Memes Calling a16z the ‘Antichrist’

404 Media • Apr 13, 2026

HIGH

Gym giant Basic-Fit confirms data on a million members stolen in cyberattack

The Register Security • Apr 13, 2026

HIGH

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

SecurityWeek • Apr 10, 2026

HIGH

HUGE AI-powered Microsoft Account phishing campaign

John Hammond • Apr 09, 2026

HIGH

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

The Hacker News • Apr 09, 2026

CRITICAL

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

The Hacker News • Apr 08, 2026

CRITICAL

Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

The Hacker News • Apr 06, 2026

HIGH

Ísraelar hafa lagt jarðefnaframleiðslu Írana í rúst

Viðskiptablaðið • Apr 06, 2026

CRITICAL

6th April – Threat Intelligence Report

Check Point Research • Apr 06, 2026

CRITICAL

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

The Hacker News • Apr 06, 2026

MEDIUM

Axios Future of Cybersecurity: Russians suspected of using iPhone spyware

Proofpoint • Mar 31, 2026

HIGH

Evolution of Ransomware: Multi-Extortion Ransomware Attacks

BleepingComputer • Apr 03, 2026

MEDIUM

Not Toying Around: Hasbro Attack May Take 'Weeks' to Remediate

Dark Reading • Apr 02, 2026

HIGH

Medtech giant Stryker fully operational after data-wiping attack

BleepingComputer • Apr 02, 2026

MEDIUM

Cybercriminals take aim at Hasbro, weeks of recovery ahead

Help Net Security • Apr 01, 2026

INFO

Toy Giant Hasbro Hit by Cyberattack

SecurityWeek • Apr 01, 2026

CRITICAL

Axios npm package compromised in supply chain attack. Downloads malware dropper package

Reddit r/netsec • Mar 31, 2026

HIGH

Dutch Finance Ministry takes treasury banking portal offline after breach

BleepingComputer • Mar 31, 2026

HIGH

AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection

Dark Reading • Mar 30, 2026

MEDIUM

Incident responders, s'il vous plait: Invites lead to odd malware events

Sophos News • Mar 30, 2026

HIGH

Healthcare IT Platform CareCloud Probing Potential Data Breach

SecurityWeek • Mar 30, 2026

CRITICAL

⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More

The Hacker News • Mar 30, 2026

HIGH

FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers

SecurityWeek • Mar 30, 2026

HIGH

FBI confirms hack of Director Patel's personal email inbox

BleepingComputer • Mar 29, 2026

MEDIUM

NICKEL ALLEY strategy: Fake it ‘til you make it

Malpedia •

HIGH

DarkSword’s GitHub leak threatens to turn elite iPhone hacking into a tool for the masses

CyberScoop • Mar 24, 2026

MEDIUM

GitHub-hosted malware campaign uses split payload to evade detection

Help Net Security • Mar 24, 2026

MEDIUM

Mazda Says Employee, Partner Information Stolen in Cyberattack

SecurityWeek • Mar 24, 2026

HIGH

TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials

The Hacker News • Mar 24, 2026

HIGH

Handala Group Tied to Iranian Hack‑and‑Leak Operations, FBI Reveals

Infosecurity Magazine • Mar 24, 2026

HIGH

Stryker Says Malicious File Found During Probe Into Iran-Linked Attack

SecurityWeek • Mar 24, 2026

HIGH

CanisterWorm Gets Teeth: TeamPCP's Kubernetes Wiper Targets Iran

Reddit r/netsec • Mar 22, 2026

HIGH

Cyberattack on a Car Breathalyzer Firm Leaves Drivers Stuck

Wired Security • Mar 21, 2026

MEDIUM

Feds keep eyes peeled for Iran cyberattacks, respond to Stryker breach

CyberScoop • Mar 19, 2026

HIGH

Lock down Microsoft Intune, feds warn after Stryker attack

The Register Security • Mar 19, 2026

HIGH

FBI seizes Handala data leak site after Stryker cyberattack

BleepingComputer • Mar 19, 2026

CRITICAL

Russian hackers exploit Zimbra flaw in Ukrainian govt attacks

BleepingComputer • Mar 19, 2026

CRITICAL

A DarkSword hangs over unpatched iPhones

Malwarebytes Labs • Mar 19, 2026

HIGH

Secure endpoint management systems immediately, CISA urges

Help Net Security • Mar 19, 2026

HIGH

Iran's cyberattack against med tech firm is 'just the beginning'

The Register Security • Mar 18, 2026

HIGH

Risky Business #829 -- Sneaky lobsters: Why AI is the new insider threat

Risky Business • Mar 18, 2026

MEDIUM

The one BIG mistake you are making with DNS security today

David Bombal • Mar 17, 2026

MEDIUM

Free parking in Russia after Distributed Denial-of-Service attack knocks city’s parking system offline

Graham Cluley • Mar 16, 2026

HIGH

Stryker attack wiped tens of thousands of devices, no malware needed

BleepingComputer • Mar 16, 2026

CRITICAL

16th March – Threat Intelligence Report

Check Point Research • Mar 16, 2026

LOW

Hackers tried to breach Poland’s nuclear research centre

Help Net Security • Mar 16, 2026

HIGH

Hacking Attempt Reported at Poland’s Nuclear Research Center

SecurityWeek • Mar 16, 2026

HIGH

Pro-Iran hackers claim cyberattack on major US medical device maker

Proofpoint • Mar 11, 2026