Security news.
Today's security news highlights a significant source code breach at cybersecurity firm Trellix and a widespread Facebook phishing campaign. Additionally, there are warnings about new AI-powered phishing kits and ongoing supply chain attacks targeting various software packages.
Trellix Confirms Source Code Breach
Cybersecurity company Trellix announced unauthorized access to a portion of its source code repository and is investigating the incident with forensic experts and law enforcement.
30,000 Facebook Accounts Hacked via Google AppSheet Phishing
A Vietnamese-linked operation, codenamed AccountDumpling, used Google AppSheet as a phishing relay to compromise approximately 30,000 Facebook accounts, which were then sold illicitly.
New Bluekit Phishing Kit Features AI Assistant
A new phishing service, Bluekit, is under development and offers automated domain registration and an AI Assistant to help users craft phishing campaigns.
Malicious Ad for Homebrew Leads to MacSync Stealer
A malicious advertisement for Homebrew has been observed leading to the deployment of the MacSync Stealer on macOS systems.
76% of All Crypto Stolen in 2026 Is Now in North Korea
North Korean threat actors are responsible for a significant majority of cryptocurrency heists in 2026, with AI potentially aiding their operations.
Edu Tech Firm Instructure Discloses Cyber Incident
Instructure, the company behind the Canvas learning platform, has disclosed a recent cybersecurity incident and is investigating its impact.
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Two cybercrime groups, Cordial Spider and Snarky Spider, are conducting rapid, high-impact attacks within SaaS environments, focusing on data theft and extortion with minimal traces.
Sophisticated Deep#Door Backdoor Enables Espionage, Disruption
A stealthy Python-based backdoor framework, Deep#Door, has been identified, designed to deploy a persistent Windows implant for espionage and disruption.