Cyber Attack

The Texas Parks and Wildlife Department (TPWD) revealed a data leak at its license system provider. This leak exposed private information for over three million people. The Texas Cyber Command found the breach and started looking into how bad it was and what it affected. The state said that Social …

A vast cyber spying operation called “FortiBleed” has quietly compromised more than 73,932 different Fortinet firewall URLs in 194 countries. Originally discovered by security researcher Volodymyr “Bob” Diachenko, with more study from Hudson Rock and cyber expert Kevin Beaumont, this dataset shows a huge, automated scheme. Bad actors managed to …

Attackers are using Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow in a campaign to take control of Microsoft 365 accounts. The attack starts with a fake email that looks like it’s approving a quote from a supplier. The message has two parts: an HTML file that shows an …

Many Instagram users lost access to their accounts because attackers tricked Meta’s AI support tools into thinking they were the real owners. Many users can’t get back in because the platform only uses AI or chatbots for help, without any human support. On Monday, many people with valuable accounts said they …

Hacker drop massive WhatsApp user dataset to sell in popular breach forum. The dataset includes over 3TB of data; millions of phone numbers and logins to WhatsApp accounts for free. Cybernews researchers confirmed that it contains multiple files listing phone numbers by location. Approximately 10 million Russian and 4 million …

The FBI warns about the Kali365 phishing platform (PhaaS). It is used to take over Microsoft 365 accounts by misusing OAuth device code authentication to steal session tokens and get around multi-factor authentication (MFA). Kali365 appeared in April 2026, as per the FBI PSA. It is shared through Telegram channels …

More than 55 different types of malware were found last week, and over 160 malware types are spreading in Bangladesh. Some notable malware groups are Android.BadBox2, Android.Vo1d, Avalanche-Andromeda, and Mirai. This shows that both mobile devices and IoT systems are still being targeted. The malware strains targeted Bangladesh’s cyber landscape …

Trend Micro has fixed a security hole in Apex One that was used in attacks on Windows systems. Tracked as CVE-2026-34926, a directory traversal vulnerability in the Apex One (on-premise) server which could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to …

A big data breach has put the personal information of at least 1.8 million patients at risk. Hackers were in the healthcare network for months from November last year to February. They quietly copied very sensitive files before anyone found out. The stolen data includes medical records, payment info, ID …

GitHub said that about 3,800 internal repositories were hacked because of installing a harmful VS code extension by an employee. “Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response …