A new AI-powered penetration testing tool named Villager has garnered nearly 11,000 downloads on PyPI. Villager’s AI-driven architecture enables large-scale, parallelized exploitation.

A recent investigation has revealed how the Model Context Protocol (MCP), an open standard for integrating AI assistants with external tools, can be exploited as a supply chain attack vector.

A significant data breach at Fairmont Federal Credit Union has compromised the sensitive personal, financial, and medical information of over 187,000 individuals. The compromised information includes: Full names and dates of birth, SSNs, and more.

A record-breaking Layer 7 (L7) Distributed Denial of Service (DDoS) attack was successfully mitigated after being launched by a massive botnet comprising 5.76 million compromised devices.

A massive 600 GB data leak allegedly tied to the Great Firewall of China has surfaced online, exposing a trove of internal documents, source code, and operational data. The leaked data is attributed to the hacktivist group Enlace Hacktivista.

The FBI has issued a FLASH alert warning organizations of ongoing malicious campaigns by cybercriminal groups UNC6040 and UNC6395. These groups are actively targeting Salesforce platforms to conduct data theft and extortion operations.

A critical vulnerability (CVE-2025-5086) in DELMIA Apriso factory software is being actively exploited in the wild. The flaw, a deserialization of untrusted data issue, enables remote code execution and affects versions from 2020 through 2025.

In Vietnam, the CIC was breached, with attackers claiming to have stolen 160 million records. In Panama, the Ministry of Economy and Finance (MEF) was targeted by the INC ransomware group, which claims to have exfiltrated 1.5 TB of data.

A new phishing-as-a-service platform, VoidProxy, has emerged as a significant threat by enabling attackers to bypass multifactor authentication (MFA) and compromise high-value accounts.

HybridPetya mimics Petya/NotPetya and introduces the ability to bypass UEFI Secure Boot using CVE-2024-7344. Although not yet seen in the wild, it demonstrates a significant evolution in ransomware capabilities by targeting UEFI-based systems.