The [FortiBleed credential-theft campaign](https://www.bleepingcomputer.com/news/security/fortibleed-credential-theft-campaign-linked-to-lynx-ransomware/) has been formally tied to two active ransomwa
Security researchers at Huntress have [documented a massive, automated password spray campaign](https://thehackernews.com/2026/07/azure-cli-password-spray-hits-at-least.html) targeting Microsoft Azure
A maximum-severity vulnerability in SimpleHelp remote support software is being exploited in the wild right now, and the payload is ugly: credential-stealing malware with no patch lag between disclosu
**What Happened**
Polymarket, one of the largest prediction market platforms, [disclosed on June 25](https://techcrunch.com/2026/06/25/polymarket-says-hackers-stole-users-funds/) that hackers stole funds from user acco
A ransomware-as-a-service operation called **Gentlemen** is actively developing and distributing a suite of endpoint detection and response (EDR) killer tools to its affiliates, [according to Bleeping
Three widely-deployed WordPress plugins — **PushEngage**, **OptinMonster**, and **TrustPulse** — had their JavaScript assets silently tampered with by an attacker, turning trusted plugin files into a
A new [Mandiant report covered by BleepingComputer](https://www.bleepingcomputer.com/news/security/silent-ransom-group-targets-law-firms-with-fake-it-support-calls/) documents an ongoing campaign by *
A self-replicating worm called **Miasma** has been confirmed active inside Microsoft's GitHub presence, hitting 73 repositories across four organizations: **Azure**, **Azure-Samples**, **Microsoft**,
A threat actor tracked as **PCPJack** has quietly compromised at least 230 cloud servers across Amazon Web Services, Google Cloud Platform, and Microsoft Azure, repurposing them as a covert SMTP email
A Chinese-speaking threat actor has expanded operations into Europe, deploying a previously undocumented remote access trojan called Atlas alongside an additional backdoor component, according to [Ble
A large-scale malware campaign called **WeedHack** has compromised more than 116,000 systems running Minecraft since January 2026, according to [BleepingComputer](https://www.bleepingcomputer.com/news
On May 31, 2026, Dashlane [disclosed](https://thehackernews.com/2026/06/dashlane-discloses-brute-force-attack.html) that an external threat actor conducted a brute-force attack against its systems and
Dutch authorities — the National Police (*Politie*) and the National Cyber Security Center (NCSC) — have [announced the takedown of a large-scale botnet](https://thehackernews.com/2026/05/dutch-author
Dutch authorities have [taken offline a massive botnet comprising 17 million infected devices](https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infecte
Carnival Corporation — the world's largest cruise line operator, whose brands include Princess Cruises, Holland America, Cunard, and Costa — has [officially confirmed a data breach affecting nearly 6
Charter Communications, the second-largest cable operator in the United States (operating under the Spectrum brand), has [confirmed a data breach](https://www.bleepingcomputer.com/news/security/charte
A critical zero-day vulnerability in the **KnowledgeDeliver** learning management system is being actively exploited in the wild, with attackers using it to deploy the **Godzilla web shell** on compro
This week's most consequential incidents share a structural pattern that should make every security team uncomfortable: the infrastructure defenders rely on to establish trust — code-signing authoriti