Weekly threat intelligence roundup covering major breaches at 7-Eleven (600K+ Salesforce records stolen by ShinyHunters), GitHub (3,800 internal repos exfiltrated via malicious VS Code extension), and Grafana Labs (compromised GitHub token). Key vulnerabilities include actively exploited Windows Defender zero-days, a Trend Micro Apex One directory traversal flaw, and a critical Drupal SQL injection (CVE-2026-9082) under active attack. AI threat highlights include routine criminal use of AI for automated government agency compromises, prompt injection attacks evading email filters, and a Russian-linked AI-driven influence campaign. Additional intelligence covers IRGC-linked Nimbus Manticore campaigns, a 124% ransomware/hacktivism surge in DACH countries, a new Linux malware family targeting telecoms, and a supply chain attack on Laravel Lang Composer packages.
Sort: