• Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat
• Mirax Android Trojan Turns Devices Into Residential Proxy Nodes
• Hackers hijacked CPUID downloads, served STX RAT to victims
• $12 million frozen, 20,000 victims identified in crypto scam crackdown
• Rockstar Games receives “pay or leak” warning after cyberattack
• Google makes it harder to exploit Pixel 10 modem firmware
• FBI Dismantles $20m Phishing Operation W3LL
• Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)
• Seized VerifTools servers expose 915,655 fake IDs, 8 arrested
• UK Cyber Security Council Launches Associate Cyber Security Professional Title
• Operation Atlantic Seizes $12m in Crypto Losses
• Fixing vulnerability data quality requires fixing the architecture first
• ZeroID: Open-source identity platform for autonomous AI agents
• MITRE releases a shared fraud-cyber framework built from real attack data
• Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
• Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies
• STX RAT Targets Finance Sector With Advanced Stealth Tactics
• Bitcoin Depot Reports $3.6m Crypto Theft After System Breach
• Atomic Stealer MacOS ClickFix Attack Bypasses Apple Security Warnings
• Middle East Hack-for-Hire Operation Traced to South Asian Cyber Espionage Group
• Governance Gaps Emerge as AI Agents Drive 76% Increase in NHIs
• Google Warns of New Threat Group Targeting BPOs and Helpdesks
• Google API Keys Quietly Gain Access to Gemini on Android Devices
• Critical Vulnerability in Ninja Forms Exposes WordPress Sites

Attackers are abusing Microsoft 365 mailbox rules to hide activity, exfiltrate data and retain access after account compromise, researchers warn