Security Insights

Breaches, ransomware and regulation — analysed the day they break, with the practical lessons your team can act on. Free to read, no account required.

Photorealistic close-up of a developer's hands typing on a mechanical keyboard in a dimly lit office at night, multiple
Threats
5 min read
5 Jun 2026

Two npm Supply-Chain Campaigns Run Simultaneously: A Rust-Based eBPF Stealer and a Self-Spreading Worm

JFrog researchers caught two parallel attacks inside the npm registry — one hiding inside the Linux kernel, the other replicating across 50-plus packages by hijacking maintainer credentials.

Photoreal editorial scene: a dimly lit server room with rows of illuminated rack-mounted servers casting blue and white
Threats
5 min read
5 Jun 2026

PCPJack Hijacks 230 Cloud Servers Across AWS, Azure, and Google Cloud to Build a Stealth SMTP Relay Grid

A threat actor quietly converted compromised business workloads on three major cloud platforms into a verified mail-relay network, refreshing its inventory every five minutes and burning victims' IP reputations in the process.

A wide-angle photoreal editorial scene inside a dimly lit federal government server room: rows of rackmounted servers wi
Regulation
5 min read
5 Jun 2026

IG Report Blames NIST for NVD Backlog — Severity Scores Match Only 12% of the Time

A Commerce Department watchdog formally faulted NIST for strategic failures, duplicated enrichment work, and CVSS scores so inconsistent that independent evaluators agreed with them barely one time in eight.

A photoreal editorial scene of a large open-plan corporate office in a European city at dusk, rows of monitors glowing w
Threats
4 min read
4 Jun 2026

TA4922 Expands Phishing Operations Into Europe and South Africa With ValleyRAT and Atlas RAT

A China-linked threat crew is cycling through commodity and custom malware at an unusually fast clip — and it has started targeting organizations far outside its traditional Asia-Pacific base.

A photoreal aerial view of a generic Southeast Asian city at dusk, digital network node lines faintly overlaid on the ci
Threats
5 min read
4 Jun 2026

DOJ 'Disruption Week' Targets Southeast Asia Pig-Butchering Networks — But the Real Story Is What Platforms Already Knew

A May 18 coordinated takedown froze $3.8 million in crypto and pulled millions of social-media and email accounts linked to Southeast Asian fraud compounds. The dollar figure is almost beside the point.

A photoreal close-up of a developer's hands on a laptop keyboard in a dimly lit office, the screen casting a blue glow s
Vulnerabilities
4 min read
4 Jun 2026

GitHub's Browser Editor Handed Attackers an Unscoped OAuth Token — and a Path to Every Private Repo You Own

A malicious Jupyter notebook, a bypassed publisher trust check, and a single browser tab were all an attacker needed to steal an OAuth token granting access to every repository tied to a GitHub account.

A photoreal editorial scene showing a glowing server rack inside a dark data center, with a single open circuit board in
Vulnerabilities
5 min read
3 Jun 2026

CVE-2026-23479: Redis Sat Vulnerable for Two Years Before an AI Found the Bug

A use-after-free flaw in Redis's blocking-client code went undetected from version 7.2.0 until patches landed on May 5, 2025 — and it took an autonomous AI auditing tool, not a human researcher, to surface it.

A photoreal editorial scene of a teenage boy sitting at a dimly lit gaming desk, staring at a monitor showing a Minecraf
Threats
5 min read
3 Jun 2026

Weedhack MaaS Campaign Has Compromised Over 3,800 Devices by Hijacking Minecraft's Modding Culture

A malware-as-a-service operation active since January 2026 is using YouTube tutorials and fake Minecraft clients to silently hand attackers full remote control of victims' machines — and the infection count keeps climbing.

A photoreal editorial scene of a server room bathed in low blue light, with a single rack of servers visibly older and d
Vulnerabilities
5 min read
3 Jun 2026

CISA Flags Two-Year-Old Oracle WebLogic Flaw as Actively Exploited — Federal Deadline Is Four Days

CVE-2024-21182 earned a CVSS 7.3 score and a July 2024 Oracle patch. Neither was enough to stop threat actors from finding the organizations that never bothered.

A close-up, photoreal editorial photograph of a glowing computer monitor displaying a WordPress admin dashboard with an
Vulnerabilities
5 min read
2 Jun 2026

CVE-2026-8732: Attackers Are Creating Rogue Admin Accounts on WordPress Sites Right Now

A critical unauthenticated privilege-escalation flaw in the WP Maps Pro plugin lets anyone register a full administrator account — no login, no phishing, no waiting. Active exploitation is already underway.

Photoreal editorial scene: a developer's dimly lit workstation at night, multiple monitors showing terminal windows with
Vulnerabilities
4 min read
2 Jun 2026

Miasma Supply Chain Attack Plants Credential-Stealing Worm Inside Red Hat npm Packages

A sophisticated campaign named Miasma has weaponized npm packages tied to the Red Hat ecosystem, silently harvesting developer credentials and burrowing into CI/CD pipelines the moment a compromised package lands on disk.

A photoreal close-up editorial scene of a single physical combination padlock sitting on a dark brushed-metal surface, i
Breaches
5 min read
2 Jun 2026

Dashlane Brute-Force Attack Pulled Encrypted Vaults From Fewer Than 20 Accounts

An unknown actor targeted the 2FA layer on personal-plan accounts on May 31, 2026. The vaults left the server encrypted. Whether they stay that way depends entirely on how strong each user's master password is.

Ready to Reduce Your Human Cyber Risk?

Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.

train2secure analytics dashboard showing training completion stats and user progress