Infinite Campus Data Breach Exposes 137,000 School Staff Records
Infinite Campus has disclosed a data breach affecting about 137,000 school staff accounts after attackers accessed data tied to the company’s Salesforce environment. The exposed…
News
Here you can find the latest news and developments in the VPN world. Read about new breakthroughs, bypassing online censorship, and much more!
PRC-Nexus UNC6508 Hackers Backdoored REDCap Servers to Spy on Medical and Defense Research
Google’s Threat Intelligence Group has linked a long-running cyber-espionage campaign to UNC6508, a People’s Republic of China-nexus threat actor that targeted North American medical, academic,…
Microsoft Teams Adds Wi-Fi Workplace Check-In for Office Presence
Microsoft Teams is adding a workplace check-in feature that can update a user’s work location when their device connects to a configured corporate Wi-Fi network.…
Russian and Chinese Influence Networks Use AI to Look More Human Online
Pro-Russia and pro-China influence networks are changing how they operate on X. Instead of flooding the platform with large volumes of low-quality posts, researchers say…
Novo Nordisk Confirms Cyberattack Exposed Clinical Trial Patient Data
Novo Nordisk has confirmed a cybersecurity incident involving unauthorized access to a limited number of internal IT systems. The company said certain non-public data, including…
Interlock and Rhysida Ransomware Groups Linked by Shared Supper Backdoor
Interlock and Rhysida ransomware operations appear to share more technical overlap than previously known, according to new research from IBM X-Force. The strongest link is…
DragonForce Ransomware Attack Abuses Microsoft Teams Relays to Hide Malicious Traffic
DragonForce ransomware attackers used Microsoft Teams relay infrastructure to hide command-and-control traffic during an attack on a major U.S. services company. The technique made malicious…
Microsoft 365 Device Code Phishing Campaign Uses Real Login Flow to Take Over Accounts
A Microsoft 365 phishing campaign is using device code authentication to take over accounts without directly stealing passwords. Instead of sending users to a fake…
India Temporarily Blocks Telegram Until June 22 Over NEET Exam Fraud Concerns
India has temporarily restricted access to Telegram until June 22, 2026, ahead of the NEET UG 2026 re-examination scheduled for June 21. The National Testing…
Critical Fortinet FortiSandbox Bugs Are Being Targeted After Recent Patches
Attackers are targeting three recently patched Fortinet FortiSandbox vulnerabilities, including two critical flaws disclosed in April and a third critical command injection bug disclosed in…
Agentjacking Attack Can Trick AI Coding Agents Into Running Hacker-Controlled Code
A new attack called Agentjacking shows how AI coding agents can be tricked into running attacker-controlled code after reading a fake Sentry error report. The…
152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Faked Google Search Traffic
A network of 152 Chrome live wallpaper extensions used misleading privacy disclosures while funneling users to ad-monetized websites, according to the Socket Threat Research Team.…
Maine Takes Data Breach Portal Offline After Fake VRChat and Discord Filings
The Office of the Maine Attorney General has taken its public data breach database offline after fake breach notices impersonated VRChat and Discord. In a…
Anthropic Blocks Fable 5 and Mythos 5 Access After US Government Directive
Anthropic has disabled access to Claude Fable 5 and Claude Mythos 5 for all customers after receiving a US government export control directive. In an…
Splunk Enterprise Flaw Exposes Pre-Auth RCE Chain Through PostgreSQL Sidecar Service
Splunk has patched a critical Splunk Enterprise vulnerability that can let unauthenticated attackers create or truncate files through a PostgreSQL sidecar service endpoint. The flaw…