VENOM Phishing Campaign Targets Executives, Bypasses MFA
A sophisticated new phishing operation is going after the people at the top. The VENOM phishing campaign, uncovered by researchers at Abnormal AI, has been quietly targeting CEOs, CFOs, and other senior executives since at least November 2025. It uses a purpose-built platform to steal Microsoft 365 credentials and maintain access to corporate accounts — even after victims change their
Bitcoin Depot Data Breach: $3.6M in Bitcoin Stolen
The Bitcoin Depot data breach has put one of North America's largest crypto ATM operators in the spotlight for all the wrong reasons. Hackers broke into the company's internal systems and walked away with approximately 50.9 Bitcoin — worth around $3.665 million — from corporate settlement accounts. The company disclosed the incident via an SEC filing on April 8, 2026,
Drift Protocol Hack: North Korea’s $280M Long Con
The Drift Protocol hack stands as one of the most elaborate cryptocurrency thefts ever recorded. Attackers did not find a bug, write an exploit, and strike overnight. They spent six months building relationships, attending conferences, depositing real money, and embedding themselves inside a live trading platform before making their move. What Is Drift Protocol? Drift Protocol is a decentralized trading
Fake Claude Code Repos on GitHub Are Spreading Malware
Anthropic's accidental leak of the Claude Code source code on March 31 set off a frenzy of downloads across GitHub. Developers, researchers, and the simply curious all rushed to grab the exposed files. Criminals saw that rush and moved fast. Within 24 hours, fake GitHub repositories carrying Claude Code malware were live — and actively appearing in Google search results
NoVoice Malware Hits 2.3 Million Android Devices via Google Play
A new Android rootkit campaign called NoVoice malware has been discovered hiding inside more than 50 apps on Google Play. The apps collected at least 2.3 million downloads before being removed. Researchers warn that millions of devices may still be compromised. What Is NoVoice Malware? NoVoice malware is a rootkit. That means it burrows into the deepest layers of a
CrystalX RAT: The Malware That Spies, Steals, and Trolls You
A new piece of Windows malware is turning heads in the cybersecurity world. CrystalX RAT is a remote access Trojan discovered in early 2026. It combines spyware, credential theft, and cryptocurrency hijacking with "prankware" features. These features flip your screen, scramble your mouse buttons, and lock your keyboard, all while quietly draining your data in the background. What Is CrystalX
CareCloud Data Breach Exposes Patient Health Records
Healthcare IT firm CareCloud has confirmed a data breach that gave attackers unauthorized access to one of its electronic health record systems for roughly eight hours. The New Jersey-based company disclosed the incident to the U.S. Securities and Exchange Commission on March 24, more than a week after the intrusion on March 16. Patient health records were stored in the
Ajax Data Breach Exposes Fans and Ticket Data
Dutch football club AFC Ajax Amsterdam has confirmed an Ajax data breach that exposed fan records and left tens of thousands of season tickets vulnerable to theft. The club learned about the security failure not from its own systems, but from a journalist tipped off by the hacker. The breach has raised serious questions about how sports organizations handle fan
AnimePlay Shutdown: 5 Million Users, 60TB of Stolen Anime
The AnimePlay shutdown is one of the most significant anti-piracy actions to hit the anime streaming world in years. A global entertainment coalition dismantled the app on March 27, 2026, taking offline a platform that had quietly grown into one of the largest illegal anime services in the Asia-Pacific region, with over five million registered users and tens of terabytes
