Romanian citizen Gavril Sandu was extradited to the U.S. nearly 17 years after a hacking scheme. He was indicted in 2017 and arrested in 2026. Romanian national Gavril Sandu,... Read more »

Iran-linked APT MuddyWater used ransomware-style tactics to mask espionage, combining phishing, credential theft, data exfiltration, and extortion without encryption. A newly discovered cyber intrusion attributed to the Iran-linked APT... Read more »

Apache fixed several flaws in HTTP Server, including CVE-2026-23918 (CVSS score of 8.8), a double-free bug in HTTP/2 that could allow remote code execution. The Apache Software Foundation has... Read more »

Palo Alto Networks warns of a critical PAN-OS flaw (CVE-2026-0300) that is under active attack, allowing unauthenticated remote code execution. Palo Alto Networks has warned that a critical PAN-OS... Read more »

A malicious PyTorch Lightning update (v2.6.3) on PyPI spread briefly, stealing credentials and raising major concerns about AI supply chain security. A malicious update of the PyTorch Lightning library... Read more »

Deniss Zolotarjovs was sentenced to 8.5 years in the U.S. after pleading guilty to money laundering and fraud tied to ransomware. Deniss Zolotarjovs, a Latvian national linked to the... Read more »

Hackers stole data of 119,000 Vimeo users in April. The breach, linked to a third‑party vendor, exposed personal details. Vimeo confirmed a data breach after the ShinyHunters gang stole... Read more »

Google patched a critical Android flaw (CVE‑2026‑0073) that lets attackers run code remotely without user action. Google released a security update for Android to address a critical remote code... Read more »

Microsoft revealed a phishing campaign hitting 35,000 users in 26 countries, stealing login tokens via fake code-of-conduct emails and legit services. Microsoft disclosed a major phishing campaign that targeted... Read more »