• Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users
• Mini Shai-Hulud Hits Hundreds of npm Packages in AntV Ecosystem
• Webworm APT targets European government organizations with new backdoors
• Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
• China-Linked Webworm APT Evolves Tactics, Expands to European Targets
• FBI: $388 million lost in crypto ATM scams in 2026
• GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
• TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
• Researchers Warn CypherLoc Scareware Has Targeted Millions of Users
• Verizon DBIR: Vulnerability Exploits Overtake Credentials as Top Access Vector
• Microsoft Takes Down Fox Tempest for Providing Ransomware-Enabling Signing Tool
• AI Raises the Bar on Vulnerability Awareness and Secure-by-Design Software
• Agentic AI Accelerates Software Builds and Mobile App Attacks
• Grafana Labs Confirms Hackers Stole Source Code
• Hackers Bypass Security Tools to Target Users Directly
• Interpol Launches Sweeping Cybercrime Crackdown in MENA Region
• The Infosecurity Europe Cyber Startup Competition: Meet the Finalists
• NCSC Publishes Guidance on Securing Agentic AI Use
• Security Researchers Find 47 Zero-Days at Pwn2Own Berlin

Premium Deception campaign uses 250 Android apps to silently sign victims up to paid services