← Latest brief

Security news.

·Afternoon Brief

Today's security landscape is dominated by destructive malware, sophisticated phishing campaigns, and critical vulnerabilities across major platforms. A new GigaWiper backdoor bundles multiple destructive capabilities, while attackers are increasingly leveraging AI and social engineering to compromise enterprise environments and cloud infrastructure.

BLEEPINGPHISHING
5h agoREAD

Helix vishing group targets SharePoint with voice phishing and MFA abuse

A new data-extortion group called Helix is using identity-focused tactics including voice phishing, device code phishing, and MFA abuse to steal data from SharePoint environments.

THNRANSOMWARE
4h agoREAD

GigaWiper Windows backdoor combines disk wiping, fake ransomware, and spyware

Microsoft has identified a destructive Windows backdoor that bundles three older destructive programs into one, allowing operators to wipe disks, overwrite drives, or run fake ransomware with scrambled files.

PHISHING
READ

Forg365 phishing-as-a-service uses AI to target Microsoft 365 accounts

A new PhaaS operation called Forg365 combines adversary-in-the-middle and device code methods with AI-assisted lure generation to steal Microsoft 365 credentials.

SECURITYWEEKZERO-DAY
10h agoREAD

KDDI data breach impacts 12 million via zero-day in third-party system

Japanese telco KDDI disclosed a breach affecting 12 million people after hackers exploited a zero-day vulnerability in a third-party system to access email systems for ISPs.

THNRANSOMWARE
12h agoREAD

GodDamn ransomware uses PoisonX kernel driver to disable endpoint defenses

A new ransomware family called GodDamn employs the PoisonX kernel driver to neutralize security software; assessed as a rebrand of Beast ransomware first spotted in May 2026.

SECURITYWEEKPATCH
11h agoREAD

GhostLock: 15-year-old Linux privilege escalation vulnerability patched

A Linux kernel vulnerability affecting every major distribution since 2011 allows attackers to gain root access; researchers earned $92,000 from Google's bug bounty program.

CISAKEV
2d agoREAD

CISA adds three actively exploited vulnerabilities to KEV catalog

CISA added CVE-2026-48908 (JoomShaper SP Page Builder), CVE-2026-55255 (Langflow Authorization Bypass), and CVE-2026-56290 (Joomlack Page Builder) to its Known Exploited Vulnerabilities catalog.

BLEEPINGPOLICY
13h agoREAD

Global anti-fraud operation arrests 5,800 suspects, seizes $293 million

Law enforcement agencies across 97 countries arrested 5,811 suspects and seized $293 million in illicit assets in a coordinated anti-fraud crackdown.

Generated twice daily from public security RSS feeds. Informational only.