British telco Brsk has confirmed a data breach involving unauthorized access to its customer database, affecting over 230,000 records. The stolen data includes customer names, email and home addresses, phone numbers, and installation details.

PostHog experienced a major security incident involving the Shai-Hulud 2.0 npm worm, which compromised its JavaScript SDKs: posthog-node, posthog-js, and posthog-react-native.

Emerging malicious LLMs such as WormGPT 4 and KawaiiGPT are being sold and distributed through underground platforms like Telegram and Darknet forums. These AI-based tools are capable of generating highly functional malware scripts.

A large-scale supply chain attack has flooded the npm open-source registry with over 150,000 malicious packages in a campaign exploiting the tea.xyz platform to harvest cryptocurrency rewards.

North Korea-linked threat actor KONNI has been observed abusing Google's Find My Device feature to remotely factory reset Android smartphones and tablets belonging to South Korean targets.

The operation, known as Operation Ironside, was orchestrated by the FBI and Australian Federal Police (AFP) to infiltrate and dismantle organized criminal networks globally. The AN0M operation began in 2018 following the takedown of Phantom Secure.

Two high-severity vulnerabilities have been identified in Docker Compose and Docker Desktop for Windows, potentially allowing attackers to write arbitrary files to host systems or escalate privileges via DLL hijacking.

Hacktivists have targeted Canadian critical infrastructure systems, including water treatment facilities, energy providers, and agricultural operations. These intrusions exploited internet-accessible ICS to manipulate operational parameters

A UK-based sole trader has been fined £200,000 for orchestrating a large-scale SMS spam campaign that targeted financially vulnerable individuals. The ICO found that nearly one million unsolicited messages were sent without valid consent.

This vulnerability poses a significant risk to users of the Atlas browser, as it allows attackers to execute commands with elevated trust by bypassing standard input validation.