← Latest brief

Security news.

·Morning Brief

Today's security news highlights a significant source code breach at cybersecurity firm Trellix and a widespread Facebook phishing campaign. Additionally, there are warnings about new AI-powered phishing kits and ongoing supply chain attacks targeting various software packages.

THNBREACH
May 2READ

Trellix Confirms Source Code Breach

Cybersecurity company Trellix announced unauthorized access to a portion of its source code repository and is investigating the incident with forensic experts and law enforcement.

THNPHISHING
May 1READ

30,000 Facebook Accounts Hacked via Google AppSheet Phishing

A Vietnamese-linked operation, codenamed AccountDumpling, used Google AppSheet as a phishing relay to compromise approximately 30,000 Facebook accounts, which were then sold illicitly.

SECURITYWEEKPHISHING
May 2READ

New Bluekit Phishing Kit Features AI Assistant

A new phishing service, Bluekit, is under development and offers automated domain registration and an AI Assistant to help users craft phishing campaigns.

SANS INTERNET STORM CENTERMALWARE
May 1READ

Malicious Ad for Homebrew Leads to MacSync Stealer

A malicious advertisement for Homebrew has been observed leading to the deployment of the MacSync Stealer on macOS systems.

DARK READINGBREACH
May 1READ

76% of All Crypto Stolen in 2026 Is Now in North Korea

North Korean threat actors are responsible for a significant majority of cryptocurrency heists in 2026, with AI potentially aiding their operations.

BLEEPING
May 1READ

Edu Tech Firm Instructure Discloses Cyber Incident

Instructure, the company behind the Canvas learning platform, has disclosed a recent cybersecurity incident and is investigating its impact.

THN
May 1READ

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

Two cybercrime groups, Cordial Spider and Snarky Spider, are conducting rapid, high-impact attacks within SaaS environments, focusing on data theft and extortion with minimal traces.

SECURITYWEEKNATION-STATE
May 1READ

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

A stealthy Python-based backdoor framework, Deep#Door, has been identified, designed to deploy a persistent Windows implant for espionage and disruption.

Generated twice daily from public security RSS feeds. Informational only.