Security news.
Today's security landscape is dominated by critical supply chain compromises, major data breaches affecting millions, and unpatched privilege escalation flaws in core Windows and Linux systems. Threat actors continue exploiting legitimate services and development tools while law enforcement scores wins against state-sponsored actors and cybercriminals.
Popular PyPI Package (1.1M Downloads) Compromised to Distribute Infostealer
Attackers pushed a malicious version of the elementary-data package to steal developer credentials and cryptocurrency wallets from a highly-trusted Python repository.
ADT Data Breach Exposes 5.5 Million Records
ShinyHunters extortion group stole personal information from home security giant ADT, affecting millions of customers.
Medtronic Confirms Breach; 9 Million Records Allegedly Stolen
Medical device giant Medtronic disclosed unauthorized access to corporate IT systems with hackers claiming theft of 9 million records.
Unpatched 'PhantomRPC' Windows Flaw Enables Privilege Escalation
Researchers discovered five exploit paths stemming from an architectural weakness in Windows RPC's handling of unavailable services, with no patch currently available.
OpenSSH Flaw Allowing Root Access Lurked for 15 Years
A code reuse vulnerability in OpenSSH certificate handling enabled comma characters to be interpreted as list separators, potentially granting full root shell access.
'Pack2TheRoot' Linux Vulnerability Enables Easy Privilege Escalation
A race condition in PackageKit allows unprivileged users to escalate to root when installing packages.
73 Fake VS Code Extensions Deliver GlassWorm v2 Malware
Researchers identified 73 malicious Visual Studio Code extensions on the Open VSX repository, with six confirmed malicious and others acting as trojanized clones of legitimate tools.
FTC: Americans Lost $2.1 Billion to Social Media Scams in 2025
The Federal Trade Commission reported a massive surge in losses from social media-based fraud schemes since 2020, with 2025 losses exceeding $2.1 billion.