June 22, 2026

Prinz Eugen Ransomware Targets Your Newest Files

A new ransomware strain called Prinz Eugen is drawing attention from security researchers, and its approach sets it apart from most threats in this space. Rather than encrypting files in a random or alphabetical order, Prinz Eugen targets the most recently modified files first. The goal is to lock down the data that matters most before defenders have a chance

Prinz Eugen ransomware
June 19, 2026

ShapedPlugin Hit by Supply Chain Attack on WordPress Updates

A trusted update button just became a liability for thousands of WordPress site owners. ShapedPlugin, a vendor known for popular front-end and content display tools, confirmed that its official update system delivered backdoored software directly to paying customers. The company's free plugins alone power more than 400,000 active websites. Which gives a sense of how wide ShapedPlugin's reach extends across

ShapedPlugin
June 18, 2026

FortiBleed Leak Hits Thousands of Fortinet VPN Devices

A new security incident known as FortiBleed has exposed Fortinet VPN credentials for tens of thousands of organizations worldwide. Researchers found a database containing login credentials for more than 73,000 Fortinet and FortiGate firewall devices. The data includes usernames, email addresses, and plaintext passwords. The list names household brands like Chevron, Samsung, Foxconn, Comcast, AT&T, Mercedes-Benz, and Toyota. Security researcher

FortiBleed Fortinet VPN
June 17, 2026

New Rokarolla Android Malware Hits 217 Banking Apps

A fake Chrome download could hand a stranger full control of your phone. So could a bogus TikTok app. Security researchers at Zimperium just uncovered a new Android banking trojan that does exactly that. The newly identified Rokarolla Android malware targets 217 banking and cryptocurrency apps, backed by 137 remote commands. This isn't a typical credential stealer. Rokarolla locks onto

Rokarolla Android Malware
June 16, 2026

Infinite Campus Data Breach Exposes 137K School Staff

A new wave of school cybersecurity trouble landed in March. Attackers broke into the Salesforce systems behind Infinite Campus, a student information platform used by school districts nationwide. The Infinite Campus data breach didn't touch student records directly. Instead, it exposed personal details for more than 137,000 school staff members across the country. The incident adds another entry to a

Infinite Campus Data Breach
June 12, 2026

ServiceNow Data Breach Exposes Customer Records

ServiceNow has confirmed a security incident after a misconfigured API endpoint exposed enterprise customer data to unauthorized access. The ServiceNow data breach became public on June 9, 2026, when the company began notifying affected customers through a gated support bulletin and direct support cases. ServiceNow had already pushed a patch to hosted instances on June 5. But questions about how

ServiceNow data breach
June 11, 2026

Oracle PeopleSoft Data Breach Hits 100+ Organizations

A major Oracle PeopleSoft data breach is now confirmed, with the ShinyHunters extortion gang claiming responsibility for attacks on more than 100 organizations worldwide. The group says it has compromised 300 separate instances and is actively sending extortion demands to victims. One university has already acknowledged the incident publicly, and stolen data has appeared on ShinyHunters' leak site. What Is

Oracle PeopleSoft data breach
June 9, 2026

NFCShare Android Malware Spreads via Fake Bank Apps

A strain of Android malware called NFCShare is spreading through fake banking app updates, and it has a particularly deceptive trick up its sleeve. Rather than stealing card details through a data breach or a keylogger, it uses your phone's own near-field communication chip against you. The NFCShare Android malware campaign has expanded significantly since mid-May 2026, now targeting customers

NFCShare Android malware
June 8, 2026

C0XMO Botnet Exploits DD-WRT Routers to Launch DDoS Attacks

A newly discovered botnet called C0XMO is targeting home and business routers running DD-WRT firmware, using a years-old vulnerability to break in, dig deep, and attack anything in its path. Researchers who analysed the C0XMO botnet found a piece of malware that goes well beyond what most IoT threats are capable of, from killing rival malware to launching DDoS floods

C0XMO Botnet
June 4, 2026

Chinese Hackers Deploy Atlas RAT Malware in Europe

A Chinese-speaking cybercrime group has shifted its sights to Europe, deploying a newly discovered remote access trojan called Atlas RAT malware alongside several custom-built tools. The campaign is targeting organizations in Germany, Italy, the United Kingdom, and South Africa. This is a sharp departure from the group's previous focus on East Asia. Researchers tracking the activity have labeled the group

Atlas RAT malware