🔴 BreachHackRead·4d ago
How to Get a Reddit API Key in 2026: Step-by-Step GuideGetting a Reddit API key starts with creating an application through Reddit’s developer portal and understanding how its…
Latest
Suspicious Polyfill login prompts pop up on Toshiba, Muji websitesBleepingComputer · 1h agoFormer cyber executive turned whistleblower accuses IBM of covering up several data breachesTechCrunch Security · 3h agoCISA: Hackers now exploit SolarWinds Serv-U flaw to crash serversBleepingComputer · 4h agoMiasma Malware Hits 32 Red Hat Packages via Compromised GitHub AccountHackRead · 4h agoChinese APT deploys new malware to keep access to hacked networksBleepingComputer · 5h agoIronWorm and New Miasma Worm Variant Hit npm in Supply Chain AttacksThe Hacker News · 5h agoDark web Nemesis Market vendor gets 26 years for selling drugsBleepingComputer · 5h agoAtlas Menu Data Breach Exposes 64,000 GTA V and CS2 Cheat Service UsersHackRead · 6h agoWeekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer EnumRapid7 · 6h agoSecuring CI/CD in an agentic world: Claude Code Github action caseMicrosoft Security · 6h agoGoogle and FBI warn of ransomware group that sends fake IT workers to hack victims in personTechCrunch Security · 7h agoAndroid Spyware Asin Targets Arabic Users via Fake News, PDF and War Map AppsThe Hacker News · 8h agoOver 900 US gas station tank gauge systems exposed to attacksBleepingComputer · 8h agoNSA said to be readying Anthropic’s Mythos for use in cyber operationsTechCrunch Security · 9h agoWhat 2026 DBIR Confirms: Attacks Are Living in the BrowserBleepingComputer · 9h agoSuspicious Polyfill login prompts pop up on Toshiba, Muji websitesBleepingComputer · 1h agoFormer cyber executive turned whistleblower accuses IBM of covering up several data breachesTechCrunch Security · 3h agoCISA: Hackers now exploit SolarWinds Serv-U flaw to crash serversBleepingComputer · 4h agoMiasma Malware Hits 32 Red Hat Packages via Compromised GitHub AccountHackRead · 4h agoChinese APT deploys new malware to keep access to hacked networksBleepingComputer · 5h agoIronWorm and New Miasma Worm Variant Hit npm in Supply Chain AttacksThe Hacker News · 5h agoDark web Nemesis Market vendor gets 26 years for selling drugsBleepingComputer · 5h agoAtlas Menu Data Breach Exposes 64,000 GTA V and CS2 Cheat Service UsersHackRead · 6h agoWeekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer EnumRapid7 · 6h agoSecuring CI/CD in an agentic world: Claude Code Github action caseMicrosoft Security · 6h agoGoogle and FBI warn of ransomware group that sends fake IT workers to hack victims in personTechCrunch Security · 7h agoAndroid Spyware Asin Targets Arabic Users via Fake News, PDF and War Map AppsThe Hacker News · 8h agoOver 900 US gas station tank gauge systems exposed to attacksBleepingComputer · 8h agoNSA said to be readying Anthropic’s Mythos for use in cyber operationsTechCrunch Security · 9h agoWhat 2026 DBIR Confirms: Attacks Are Living in the BrowserBleepingComputer · 9h ago
⚡
Security & IT News
LiveReal-time news from 13+ trusted sources — BleepingComputer, The Hacker News, Krebs on Security, Dark Reading & more.
All⚠ Vulnerability753🩹 Patch172🚀 Release18🔴 Breach448🔬 Analysis58🧪 Research63🦠 Malware247📰 General110
448 results in Breach
🔴 BreachHackRead·4d ago
Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accountspretalx XSS flaw lets attackers hijack conference organizer accounts, steal sessions, auto-accept talks, and demote admins. Patched in v2026.1.0.
🔴 BreachHackRead·4d ago
How to Get the Most From Your Explainer Video Production ServicesVideo can simplify a hard offer, shorten sales conversations, and improve recall. Those gains depend on disciplined planning…
🔴 BreachThe Hacker News·4d ago
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain AttackCybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting over 29,000 weekly downloads. The package is still available for download from the repository. What
🔴 BreachHackRead·5d ago
27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh TokensA malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeover risks.
🔴 BreachBleepingComputer·7d ago
California AG sues 23andMe over 2023 breach exposing health dataCalifornia Attorney General Rob Bonta filed a lawsuit against 23andMe, now Chrome Holding Co., over the company's failure to protect sensitive customer genetic and personal information. [...]
🔴 BreachTechCrunch Security·7d ago
Final 24 hours to save up to $410 on your TechCrunch Disrupt 2026 ticketYou now have until tonight at 11:59 p.m. PT to lock in Early Bird savings of up to $410 for TechCrunch Disrupt 2026 before prices increase. Join 10,000+ tech leaders in October for one of the most anticipated tech events of the year. Register now.
🔴 BreachInfosecurity Magazine·7d ago
Silent Ransom Group Uses In-Person IT Impersonation to Breach SystemsThreat actors from the Silent Ransom Group, aka Luna Moth, are escalating attacks by impersonating IT staff in phone calls and even showing up in person to gain direct access to victim systems
🔴 BreachThe Hacker News·7d ago
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security StacksShadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing them on the open internet. Without Security or IT in the loop. The artifact moved from a prompt to a product. The risk surface moved with it. In The Shadow Builders report (get it here), a
🔴 BreachHackRead·7d ago
The Deliverability Problem: How New Platforms Are Solving Inbox PlacementEmail still reaches more people than any other digital channel. Getting it to actually land in the inbox…
🔴 BreachInfosecurity Magazine·7d ago
Chinese Hackers Exploit Iran War to Target Maritime and Energy CompaniesESET’s 2026 APT Activity Report suggests China-backed APTs are using instability in the region to target victims, as well as continuing activity against organizations around the globe
🔴 BreachBleepingComputer·7d ago
Charter Communications data breach affects 4.9 million accountsThe ShinyHunters extortion gang stole personal information from 4.9 million accounts after hacking the U.S. telecom giant Charter Communications in early April, according to data breach notification service Have I Been Pwned. [...]
🔴 BreachBleepingComputer·8d ago
GreyVibe hackers use ChatGPT, Gemini to power cyberattacksA likely Russian threat cluster tracked as GreyVibe has been targeting Ukrainian entities with AI-generated lures and a rich set of custom malware tools. [...]
🔴 BreachTechCrunch Security·8d ago
Hackers are trying to steal Signal users’ backups in new wave of phishing attacksA new hacking campaign is trying to trick Signal users to give up their secret recovery key, which can be used to access online backups containing past messages.
🔴 BreachTechCrunch Security·8d ago
A security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licensesPay Tel secured the publicly exposed data after security researchers discovered the leak containing callers' sensitive ID documents and inmate communications.
🔴 BreachHackRead·8d ago
The CISO Whisperer’s Watch List For The Gartner Security & Risk Management Summit 2026New York, USA, 28th May 2026, CyberNewswire
🔴 BreachTechCrunch Security·8d ago
U.S. says troops were targeted with location data, as senator warns ad industry is a ‘national security threat’One leading privacy lawmaker said it was time to "start treating the adtech industry as a national security threat."
🔴 BreachBleepingComputer·8d ago
New Gogs zero-day flaw lets hackers get remote code executionAn unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. [...]
🔴 BreachBleepingComputer·8d ago
Romanian gets 5 years in prison for hacking Oregon govt networkA Romanian national was sentenced this week to 56 months in federal prison for breaking into an Oregon state government computer network and fr cyberattacks targeting dozens of other U.S. victims. [...]
🔴 BreachBleepingComputer·8d ago
Carnival Cruise confirms data breach affecting nearly 6 million peopleCarnival Corporation, the world's largest cruise line operator, has confirmed a data breach affecting nearly 6 million people claimed by the ShinyHunters extortion gang in April 2026. [...]