CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions
Cybercriminals have found a way to bypass security controls by using your work schedule against you, reveals a new report from Fortra Intelligence and Research…
Category: HackRead
China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage
A new wave of cyberattacks has been hitting organisations across Japan and the Asia-Pacific area. These attacks, which began in late September 2025, have been…
How Fintech APIs Are Modernizing Business Cash Flow Management
Business cash flow is often harder to manage than revenue. A company can have strong sales and still feel pressure when money arrives later than…
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
A fake job interview is now being used as bait to steal crypto wallets, browser credentials, and sensitive files from both Windows and macOS users.…
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT, and Terndoor malware across three persistent waves.…
Why Canadian Telecom Providers Are Prime Targets for Cyberattacks
Telecommunications providers have quietly become one of the most targeted sectors in global cybersecurity. While banks, hospitals, and government agencies often dominate headlines after major…
TeamPCP Claims Sale of Mistral AI Repositories Amid Mini Shai-Hulud Attack
Key Points A TeamPCP-linked forum account claims to be selling internal Mistral AI repositories. The post advertises roughly 5GB of files linked to AI training…
Instructure Reaches Deal with ShinyHunters to Prevent Canvas Data Leak
The company behind the Canvas learning platform, Instructure, has reached an agreement with ShinyHunters, who stole 275 million student records this month. The hackers originally…
TeamPCP Used Mini Shai-Hulud Worm to Poison Over 400 npm and PyPI Packages
A hacking group known as TeamPCP launched a massive coordinated supply chain attack using a self-propagating worm. On 11 May 2026, the group poisoned hundreds…
Slovakian Admin of Dark Web Kingdom Market Jailed for 16 Years in US
A Slovakian man accused of helping operate the dark web marketplace Kingdom Market has been sentenced to more than 16 years in federal prison after…
Operation HumanitarianBait Uses Fake Aid Documents to Deploy Python Spyware
A new Python spyware campaign dubbed Operation HumanitarianBait is currently targeting Russian speakers by weaponizing the very documents meant to help them. This discovery, made…
Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days
The world’s most famous hacking contest is facing a crisis it didn’t see coming. For the first time in 19 years, Pwn2Own Berlin 2026 has…