Search: Community sharing

KongTuke hackers now use Microsoft Teams for corporate breaches

…The malicious PowerShell command shared via Teams downloads a ZIP archive from Dropbox that contains a portable WinPython environment, which eventually launches the Python-based malware, ModeloRAT (Pmanager.py). The malware collects…

May 14, 2026 · Bill Toulas

Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days

…CVE-2026-40365 - Microsoft SharePoint Server Remote Code Execution Vulnerability: An authenticated attacker can perform a network-based attack that remotely executes code on a SharePoint server. CVE-2026-41096 - Windows DNS…

May 12, 2026 · Lawrence Abrams

Google patches new Chrome zero-day flaw exploited in the wild

…While Google said it was aware of CVE-2024-0519 zero-day exploits used in attacks, the company has not yet shared further details about these incidents. "Access to bug details and…

Jun 9, 2026 · Sergiu Gatlan

Fake OpenAI repository on Hugging Face pushes infostealer malware

…The Hugging Face platform lets developers and researchers share AI models, datasets, and machine learning (ML) tools. Models are pre-trained AI systems hosted on the platform comprising weight files, configuration, and…

May 9, 2026 · Bill Toulas

GM agrees to $12.75M California settlement over sale of drivers’ data

…The investigation into this activity began in 2024, following media reports about automakers, including GM, sharing driver behavior with insurers. The data was allegedly collected through GM’s OnStar subsidiary and its…

May 11, 2026 · Bill Toulas

Microsoft warns of new Defender zero-days exploited in attacks

…cybersecurity agency warned. "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable." On Tuesday, also shared mitigations…

May 21, 2026 · Sergiu Gatlan

Nottingham University data breach affects over 450,000 students

…While the university has yet to attribute the attack, the ShinyHunters extortion gang claimed responsibility on Tuesday and shared an archive of allegedly stolen documents as proof. In a post on their…

Jun 11, 2026 · Sergiu Gatlan

Over 116,000 Mincraft systems infected in WeedHack malware campaign

…Ukraine identifies infostealer operator tied to 28,000 stolen accounts Australia warns of ClickFix attacks pushing Vidar Stealer malware ChatGPT share links abused to host fake outage pages to deliver malware BTMOB…

Jun 2, 2026 · Bill Toulas

Over 116,000 Minecraft systems infected in WeedHack malware campaign