6-Year Ransomware Campaign Targets Turkish Homes & SMBs
Researchers at Acronis have identified a low‑dollar, high‑volume ransomware operation that has been active in Turkey since at least 2020. The attackers deploy a customized Adwind RAT to deliver the JanaWare ransomware, demanding between $200 and $400 per victim. The campaign relies on simple phishing emails, geofencing to Turkish language settings, and disables security tools to maximize success. Verizon’s 2025 Data Breach Investigations Report shows ransomware appears in 88% of SMB breach incidents, underscoring the significance of these smaller‑scale attacks.
Critical MCP Integration Flaw Puts NGINX at Risk
Researchers at Pluto Security have uncovered a critical vulnerability in the popular nginx‑ui web console, identified as CVE‑2026‑33032 with a CVSS score of 9.8. The flaw resides in the MCP /message endpoint, which performs no authentication and can be exploited to...
Navigating the Unique Security Risks of Asia's Digital Supply Chain
At Black Hat Asia 2026, a panel of security leaders from Bitdefender, ISACA, Varonis and others will dissect the unique third‑party risk landscape of Asia’s hyper‑connected digital supply chain. The discussion highlights how divergent regulations across countries—exemplified by a U.S....
Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests
An independent WebXray audit of 7,634 California‑origin sites found that Google, Meta and Microsoft routinely ignore Global Privacy Control (GPC) opt‑out signals, violating the California Consumer Privacy Act (CCPA). Google showed the highest non‑compliance, failing to honor GPC requests on...
Microsoft, Salesforce Patch AI Agent Data Leak Flaws
Security vendor Capsule Security disclosed two high‑severity prompt‑injection vulnerabilities affecting Salesforce’s Agentforce (“PipeLeak”) and Microsoft’s Copilot (“ShareLeak”). The flaws let attackers inject malicious prompts into public‑facing forms, causing unauthorized extraction of CRM leads and SharePoint data, respectively. Both companies have...
Microsoft Bets $10 Billion to Boost Japan's AI, Cybersecurity
Microsoft announced a $10 billion investment to expand AI infrastructure, cybersecurity services and local data centers in Japan, more than tripling its total spend in the country since 2024. The pledge includes partnerships with Sakura Internet and SoftBank and a commitment...
Privilege Elevation Dominates Massive Microsoft Patch Update
Microsoft’s April 2026 Patch Tuesday addressed a near‑record 165 CVEs, with elevation‑of‑privilege bugs comprising a record 57% of the fixes. Attackers are already exploiting a SharePoint spoofing zero‑day (CVE‑2026‑32201), while another high‑severity flaw (CVE‑2026‑33825) in Defender antimalware remains unexploited but...
EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses
The ecosystem of EDR‑killer tools that exploit bring‑your‑own‑vulnerable‑driver (BYOVD) techniques has expanded dramatically, with researchers cataloguing nearly 90 distinct killers. Although only about 35 vulnerable Windows drivers are actively abused, each can be re‑hashed thousands of times, complicating blocklist defenses....
War Game Exercise Demonstrates How Social Media Manipulation Works
University of New South Wales turned a classroom exercise into a four‑week war‑game called “Capture the Narrative.” Over 270 participants from 18 Australian universities deployed AI‑driven bots on a custom social‑media sandbox, Legit Social, to sway a simulated South‑Pacific island...
Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads
Organizations handling tax filings must test DDoS defenses during peak traffic, not just in low‑load windows. Real incidents in the Netherlands and Poland showed attacks timed with filing deadlines can cripple critical services. Changes to applications, CDNs, and bot‑mitigation can...
Empty Attestations: OT Lacks the Tools for Cryptographic Readiness
Operational technology (OT) environments were built for uninterrupted service, not security, leaving many legacy devices without encryption or the ability to upgrade. Threat actors like Volt Typhoon have already maintained long‑term access, harvesting encrypted traffic and potentially signing keys for...
APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
Chinese state‑linked group APT41 has released a new ELF‑based backdoor that silently infiltrates Linux cloud workloads to steal credentials from AWS, Azure, GCP and Alibaba Cloud. The malware communicates over SMTP port 25, a channel that bypasses typical internet‑exposure scanners and...
Hims Breach Exposes the Most Sensitive Kinds of PHI
Hims & Hers Health disclosed a data breach that compromised customer support tickets accessed through a third‑party platform. The breach, attributed to the ShinyHunters group, exposed names, email addresses and sensitive medical information such as erectile dysfunction and mental‑health conditions. Hackers...
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
FINRA announced the launch of the Financial Intelligence Fusion Center (FIFC), a secure portal that enables member brokerage firms to share real‑time cybersecurity and fraud intelligence. The platform builds on FINRA Forward initiatives and incorporates data from government and private‑sector...
Orange Business Reimagines Enterprise Voice Communications With Trust and AI
Orange Business announced a comprehensive overhaul of its enterprise voice platform, emphasizing trust and artificial intelligence. The rollout introduces branded calling in the U.S. and France, deep‑fake detection, AI‑augmented customer care, and Agentic AI telephony integrated with Microsoft 365 Copilot....
