Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
Grafana recently suffered a GitHub token breach that allowed attackers to download its codebase and attempt extortion. The company refused to pay the ransom, following FBI guidance, and confirmed that no customer data was compromised.
US officials suspect Iranian hackers are exploiting unprotected automatic tank gauge systems at gas stations to manipulate display readings. These cyber intrusions highlight ongoing vulnerabilities in US critical infrastructure amid an accelerating campaign of opportunistic attacks by Tehran-linked groups.
Huge data breach as major travel site is hacked - here’s what you need to do now
The travel platform Booking.com has confirmed a data breach that exposed customer information, including names, emails, and booking details, to an unauthorized third party. The company has since updated reservation PINs and advises users to install antivirus software to protect against potential phishing threats.
ANC hit by data breach: 2 million private member records exposed – MyBroadband
The ANC hit by data breach article reports that the cybercriminal group Black X exposed 2 million records containing sensitive private member information online. This dataset, which surfaced in August 2025, includes details such as ID numbers, phone numbers, and residential addresses.
Identity security firm SailPoint discloses GitHub repository breach
Identity security firm SailPoint disclosed a GitHub repository breach that occurred on April 20 due to a third-party application vulnerability. The company confirmed that no customer data or production environments were impacted by the incident.
TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack
The cybercrime group TeamPCP compromised the Checkmarx Jenkins AST plugin by exploiting credentials obtained from a previous supply chain attack. Checkmarx has since released a patched version of the plugin to address the malicious code and mitigate the security breach.
China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage
The China-linked group Twill Typhoon conducts espionage by utilizing fake Apple and Yahoo websites and the FDMTP malware framework to maintain long-term access to organizations. These attackers employ DLL sideloading and legitimate Windows tools to bypass security measures and exfiltrate sensitive data.
The Nitrogen ransomware group has claimed responsibility for a cyberattack on Foxconn, asserting they exfiltrated over eight terabytes of data including product schematics and customer information. While Foxconn confirmed the incident affected North American facilities, the company stated that production is resuming as investigations into the breach continue.
The ransomware gang Nitrogen has claimed responsibility for a cyberattack on Foxconn, asserting they stole over 11 million files from the electronics giant. Foxconn confirmed the breach affected its North American facilities and is currently working to resume normal production.
Your Data Was Leaked. Here’s What Hackers Hope You Don’t Do Next | PCMag
Your Data Was Leaked. Here’s What Hackers Hope You Don’t Do Next is a guide on mitigating data breaches and identity theft by using unique, strong passwords managed by dedicated software. To protect yourself, you should proactively freeze your credit, use mobile payment systems, and monitor your accounts for unauthorized activity.
Apple’s iOS 26.5 Update Patches More Than 50 Security Flaws - MacRumors
Apple’s iOS 26.5 and iPadOS 26.5 updates resolve over 50 security vulnerabilities, including issues related to WebKit, kernel performance, and system applications. Users are encouraged to install these patches promptly to protect their devices from potential exploits.
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
Instructure, the parent company of Canvas, has reached an agreement with the ShinyHunters extortion group to prevent the leak of 3.65TB of stolen data, which impacted nearly 9,000 organizations. The company paid a ransom, received the data back, and was assured that its customers would not be separately extorted.
Deadline set by cybercriminal group looms as some institutions regain Canvas access - ABC News
Some Australian universities and education departments are regaining access to the Canvas learning platform after a global outage caused by the ShinyHunters hacking group, who have set a deadline of Tuesday to negotiate a settlement before leaking compromised information. While some institutions like the University of Sydney have restored access, others, including Swinburne University and Queensland University of Technology, are still affected, impacting students' ability to access materials and submit assignments.
Say Hello to the Internet of AI – On my Om
The “Internet of AI” is an emerging network architecture optimized for artificial intelligence, characterized by a shift in traffic patterns within data centers from north-south to east-west, and significant hyperscaler investment in private fiber networks and subsea cables. This new infrastructure prioritizes power and bandwidth for AI workloads, with hyperscalers increasingly controlling the physical network layers, akin to 19th-century railroad barons.
WWE Star Will Not be Suspended For Lewd Photo Leaks
Despite a lewd photo leak of explicit images and videos shared online without her consent, WWE star Jordynne Grace will not be suspended. The private images were illegally leaked by hackers and were not from her OnlyFans account, leading WWE to not penalize her. Grace is not the only WWE star to fall victim to hacking, with Paige previously experiencing a similar incident.
Hackers Leveraged Hugging Face and ClawHub With 575+ Malicious Skills to Deploy Malware
Hackers are exploiting Hugging Face and ClawHub, popular AI platforms, to distribute malware like trojans, cryptominers, and infostealers by disguising them as legitimate AI tools and agent extensions. This campaign involves over 575 malicious skills published on ClawHub, with threat actors using techniques like indirect prompt injection to execute hidden malicious instructions within AI agents.
Zara Data Breach: 197,000 Customers Exposed in Third-Party Security Incident
A third-party security incident involving a former technology provider exposed the data of nearly 197,000 Zara customers, including emails and purchase history. The ShinyHunters extortion group claimed responsibility for the breach, which exploited compromised Anodot analytics platform tokens.
New ZiChatBot Malware Uses Zulip REST APIs as Command and Control Server
A new malware named ZiChatBot is exploiting Zulip’s REST APIs for its command and control server, making it harder to detect. This malware was distributed through malicious Python packages on PyPI and targets both Windows and Linux systems.
Anthropic’s Claude used in attempted compromise of Mexican water utility | Cybersecurity Dive
An unknown threat group abused Anthropic’s Claude AI to aid in a sophisticated takeover attempt against a Mexican water utility, highlighting how AI tools can empower untrained actors. The incident, part of a larger campaign targeting Mexican government agencies, saw attackers use Claude and OpenAI’s GPT-4.1 AP for reconnaissance, exploit customization, and privilege escalation, though the OT system breach ultimately failed.
Cold Relay is a single-binary Active Directory security assessment tool that collects Windows authentication evidence across various protocols and services to build a deterministic attack graph. It provides findings with validation status, evidence, blockers, and next actions, differentiating between proven facts and theoretical possibilities.
60% of MD5 password hashes are crackable in under an hour
A recent study found that 60% of MD5 password hashes can be cracked in under an hour using a single GPU, with 48% cracked in under a minute, highlighting the vulnerability of passwords protected only by fast hashing algorithms. Experts emphasize that passwords should be part of a broader identity-based security strategy, including multi-factor authentication and zero trust models, rather than relied upon as the sole security measure.
A Canvas hack by ransomware group ShinyHunters has resulted in the theft of billions of messages and the data of over 275 million individuals, including student names, email addresses, and student ID numbers. This incident, described as the biggest student data privacy disaster in history, highlights the risks of centralizing sensitive educational data in a single platform, potentially enabling more targeted phishing attacks and exposing deeply personal student information.
Quacc++ | Open Source Vulnerability Research Tool Powered by Semgrep & Grep.app — Somerset Recon
Quacc++ is an automated bug hunting tool that combines grep.app for searching public GitHub repositories with Semgrep for static code analysis to discover vulnerabilities. It scans repositories for specific patterns, downloads matching code, and uses Semgrep with custom rules to precisely identify security flaws.
NVIDIA confirms GeForce NOW data breach affecting Armenian users
NVIDIA has confirmed a data breach affecting GeForce NOW users, specifically impacting those in Armenia. The breach was caused by a compromise of infrastructure operated by a regional partner, GFN.am, and did not affect NVIDIA’s own networks. Exposed information includes names, email addresses, usernames, and dates of birth, though no account passwords were compromised.
U of T, OCAD among Ontario universities impacted by Canvas cyber breach | CBC News
Thousands of schools, including University of Toronto and OCAD University, were impacted by a cybersecurity incident involving the Canvas learning software. While names, emails, and student numbers may have been affected, Instructure, Canvas’s parent company, stated there was no evidence of passwords or financial information being compromised.