Security news.
Today's security landscape highlights a surge in sophisticated phishing attacks, with device code phishing increasing dramatically and China-linked groups employing OAuth-based tactics. Several organizations, including the European Commission and German political party Die Linke, have confirmed data breaches, underscoring the persistent threat of supply chain attacks and ransomware.
Device Code Phishing Attacks Surge 37x
Attacks abusing the OAuth 2.0 Device Authorization Grant flow to hijack accounts have increased over 37 times this year due to new kits spreading online.
European Commission Confirms Data Breach
Hackers stole over 300GB of data, including personal information, from the European Commission’s AWS environment in an incident linked to a Trivy supply chain attack.
China-Linked TA416 Targets European Governments
The China-aligned threat actor TA416 has been targeting European government and diplomatic organizations since mid-2025, utilizing PlugX malware and OAuth-based phishing.
TrueConf Zero-Day Exploited in Asian Government Attacks
A Chinese threat actor exploited a zero-day vulnerability in the TrueConf video conferencing platform to perform reconnaissance, escalate privileges, and execute payloads.
CISA Adds TrueConf Vulnerability to KEV Catalog
CISA has added CVE-2026-3502, a TrueConf Client Download of Code Without Integrity Check Vulnerability, to its Known Exploited Vulnerabilities Catalog.
Critical ShareFile Flaws Lead to Unauthenticated RCE
Multiple critical vulnerabilities in ShareFile can be chained to bypass authentication and achieve unauthenticated remote code execution.
Hims & Hers Warns of Data Breach
Telehealth company Hims & Hers Health disclosed a data breach after support tickets were stolen from a third-party customer service platform, Zendesk.
German Political Party Hit by Qilin Ransomware
Die Linke, a German political party, confirmed a data breach and IT systems outage after being targeted by the Qilin ransomware group.