Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign
TrendAI™ Research monitoring found weekly campaigns since April 8, with each week introducing new pages, keyword, and geographic targeting. Wave...
Vendor News
Category Added in a WPeMatico Campaign
105K Chrome Installs Linked to Adware and Fake Google Traffic
Security researchers have uncovered a network of 152 Google Chrome extensions posing as live wallpaper and new-tab customization tools that...
Ozempic Maker Novo Nordisk Confirms Security Incident After $25M Hacker Demand
A claimed breach at Novo Nordisk is putting more than patient privacy under the microscope. Hackers from FulcrumSec say they...
Google Adds New Android Controls for WhatsApp Backups, Password Transfers
Google’s June Android updates give users more control over WhatsApp backups, app checks, and saved passwords without requiring a full...
Suspected North Korean actors use fake ‘coding assignments’ to steal crypto
Suspected North Korean threat actors are targeting developers with fake job offers and “coding assignments” that lead to the deployment...
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
Ravie LakshmananJun 04, 2026Malware / Cybercrime A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to...
Infinite Campus: Salesforce Breach Exposed 137,000 Staff Records
A data breach affecting education technology provider Infinite Campus has exposed the personal information of more than 137,000 school staff...
Best Prime Day Tech Deals: Apple, Bose, Garmin, and More
Prime Day is almost here, and some of the best tech deals are already live. Amazon Prime Day 2026 will...
ShinyHunters Claims Council of Europe HR Data, Threatens Leak
ShinyHunters has put the Council of Europe on the clock, claiming it stole 297GB of sensitive data and threatening to...
Nintendo Alleged Data Breach: Threat Actor Demands $2M Ransom
Nintendo is facing a potential incident after a threat actor claimed to have stolen nearly a decade’s worth of internal...
Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited
A critical Oracle PeopleSoft flaw is already being exploited, putting more than 100 organizations on alert. Oracle issued an emergency...
AI in the underground: Curiosity, claims, and concerns
Counter Threat Unit™ (CTU) researchers have observed artificial intelligence (AI) emerging into a prominent topic in underground communities, with threat...
A needle in a stack of needles: Hunting infostealers with AI
At the NorthSec Conference 2026, Sophos Principal Data Scientist François Labrèche presented a talk titled ‘A Needle in a Haystack:...
Sophos recognized for endpoint leadership in SE Labs Awards 2026
Simon Edwards (L), SE Labs Founder and CEO, presents awards to Richard Cohen (R), Sophos Threat Research DirectorWe’re proud to...
June Patch Tuesday smashes past 500-CVE mark
Critical severityCVE-2026-33828Windows Device Health Attestation (DHA) Elevation of Privilege VulnerabilityCVE-2026-42985Remote Desktop Client Remote Code Execution VulnerabilityCVE-2026-42987Windows Deployment Services (WDS) Remote...
