Zendesk Spam Wave Returns With Fake Account Activation Emails
A renewed Zendesk spam wave is flooding inboxes worldwide with unsolicited “Activate your account” emails that appear to come from trusted companies. Many recipients never signed up for any service, yet the messages look authentic and often bypass spam filters. The scale and persistence of the campaign have raised concerns among security teams, especially as the emails originate from legitimate
Signal Account Hijacking Targets Senior German Officials
German authorities have issued a warning after uncovering a targeted Signal account hijacking campaign aimed at senior political, military, and media figures. The attacks do not exploit vulnerabilities in Signal’s encryption or infrastructure. Instead, threat actors rely on social engineering techniques that trick victims into granting account access themselves. Security officials describe the campaign as highly targeted and methodical. The
European Commission Data Breach Hits Staff Systems
A European Commission data breach has exposed internal staff contact information after attackers accessed a system used to manage official mobile devices. Investigators found no evidence that employee phones were directly compromised. However, the incident highlights how backend infrastructure can still become a valuable target. Even limited personal data exposure can create meaningful security risks when attackers use it to
FanDuel Identity Fraud Scheme Leads to Federal Charges
Federal authorities have charged two men accused of running an extensive betting fraud operation that targeted FanDuel and several other regulated gambling platforms. The FanDuel identity fraud case sheds light on how stolen personal information can be scaled into a sustained criminal enterprise when combined with promotional abuse and weak identity verification controls. Investigators say the operation relied on thousands
Panera Bread Data Breach Impacts 5.1 Million Accounts
Panera Bread has confirmed a security incident after stolen customer data surfaced online, prompting confusion over how many people were actually affected. Early reports suggested that as many as 14 million customers had their information exposed, but further analysis shows the real number is significantly lower. The Panera Bread data breach ultimately impacted around 5.1 million unique accounts, not 14
Match Group Data Breach Affects Tinder, Hinge, and OkCupid
Concerns around online privacy resurfaced after news of the Match Group data breach revealed that user information from several major dating platforms had been exposed. The incident affected services used by millions worldwide and raised questions about how attackers gained access and what data may have been taken. Match Group has since confirmed the breach and launched an internal investigation
Operation Switch Off Targets Industrial-Scale Pirate TV Services
Operation Switch Off marks one of the most coordinated international crackdowns on illegal TV and sports streaming in recent years. Law enforcement agencies across multiple countries worked together to dismantle large-scale pirate IPTV services that reached millions of users worldwide. The operation highlights how digital piracy has evolved into a highly organized, cross-border industry with professional infrastructure and significant financial
Ex-Google Engineer Convicted in AI Trade Secrets Theft Case
A U.S. federal jury has convicted a former Google engineer for stealing confidential artificial intelligence technology and transferring it to parties connected to China. The case marks one of the most significant prosecutions to date involving AI infrastructure and highlights how sensitive machine learning systems have become a matter of national concern. Prosecutors argued that the engineer abused his access
VoidLink Cloud Malware and the Rise of AI-Built Threats
The discovery of VoidLink cloud malware offers a rare and uncomfortable look at how artificial intelligence is beginning to reshape advanced cybercrime. The framework stands out not simply because it targets Linux or cloud environments, but because researchers uncovered strong evidence that AI played a central role in its planning and construction. Security analysts believe a single developer used AI-assisted
ACF Plugin Vulnerability Allows Admin Access Without Login
A newly disclosed ACF plugin vulnerability has exposed more than 50,000 WordPress sites to potential administrative takeover. The flaw affects a widely used extension designed to enhance Advanced Custom Fields workflows, especially on sites that rely on frontend forms for user registration and profile management. Because these forms often remain publicly accessible, the vulnerability creates a direct path to full
