A single threat actor is responsible for the majority of exploitation activities targeting two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), identified as CVE-2026-21962 and CVE-2026-24061.

Hackers are targeting Trezor and Ledger users with physical phishing letters, urging them to scan QR codes leading to malicious sites. These letters claim that users must complete an "Authentication Check" or "Transaction Check" by specific dates.

Figure Technology Solutions, a US-based fintech firm known for its blockchain-based HELOCs and other lending products, has disclosed a data breach following a phishing attack on an employee.

A novel ClickFix-style attack has been identified, utilizing JavaScript to hijack cryptocurrency swaps on Swapzone.io. This is one of the first known instances where JavaScript is used to alter webpage functionality for malicious purposes.

The Lazarus Group, a North Korean APT, has launched a sophisticated campaign using malicious npm and PyPI packages. This operation, known as 'graphalgo', targets developers through fake recruitment schemes.

Canada Goose is investigating a data leak involving over 600,000 customer records, allegedly stolen by the data extortion group ShinyHunters. The company has stated that there is no evidence of a breach in their systems.

A malicious campaign involving 30 Chrome extensions, known as AiFrame, has been identified, affecting over 300,000 users. These extensions masquerade as AI assistants to steal credentials, email content, and browsing information.

The Muddled Libra group, also known as Scattered Spider, executed a sophisticated attack using a rogue virtual machine within a VMware vSphere environment. This attack exposed critical tactics, techniques, and procedures (TTPs) used by the group.

World Leaks, a notorious cyber-criminal group, has enhanced its attack arsenal with a new malware named 'RustyRocket'. This sophisticated toolset is a critical component of World Leaks' operations.

Odido, a major telecommunications provider in the Netherlands, has experienced a significant data breach affecting 6.2 million customers. The breach exposed various personal data.