https://badcyber.com/Recent content on Zaufana Trzecia StronaHugoen-USFri, 12 Jun 2026 23:30:00 +0200https://badcyber.com/it-security-weekend-catch-up-june-12-2026/Fri, 12 Jun 2026 23:30:00 +0200https://badcyber.com/it-security-weekend-catch-up-june-12-2026/

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

1. [PL] Polish government approves National Digitalization Strategy
2. [PL] Is transparency a threat to national security?
3. [PL][VIDEO] Secret Department No. 4: What Russian intelligence agents study?
4. [PL] Expert warns there’s no such thing as a risk-free investment. A “safe” profit offer online could be a scam
5. [PL] The World Cup “guaranteed win” that drains your account: An analysis of a deepfake campaign ahead of the FIFA World Cup
6. [PL] Mandatory age checks for porn sites
7. [PL][AUDIO] Meta and Google in court. Will the verdicts change the internet?
8. [PL] Americans united in opposition to AI data centers
9. [PL] AI enables coordinated disinformation campaigns
10. [PL] Poland’s data protection chief appeals the closure of an investigation into AI-generated nude images of a student
11. Aviva detects record £230m in bogus insurance claims as use of AI rises
12. Pokémon Go data trained AI that could assist military drones in war zones
13. [VIDEO] Something is jamming GPS over Europe. Here's what we found
14. French govt messaging service breached in account hijacking attack
15. Spyware firm targeted WhatsApp users in defiance of US court order, Meta says

For the more technical

1. [PL][VIDEO] MCP – the hot topic in the world of app security
2. [PL] Signal rolls out new anti-phishing features
3. UNC1151/Ghostwriter phishing campaign targeting Gmail accounts
4. Active exploitation of Check Point VPN authentication bypass (CVE-2026-50751)
5. Inside the cross-platform propagation of a new Gafgyt variant C0XMO
6. June 2026 Patch Tuesday: Microsoft patches 206 vulnerabilities including three publicly disclosed zero-days
7. When "moderate" means "sometimes"
8. Google patches new Chrome zero-day flaw exploited in the wild
9. [VIDEO] The only Open Redirect that scares me
10. Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
11. Off by !: Exploiting a use-after-free in the Linux kernel
12. FSB’s matryoshka – Gamaredon’s gifts that keeps unpacking – GammaPhish and GammaWorm
13. FSB’s matryoshka #2/3 – Gamaredon’s gifts that keeps unpacking – GammaLoad
14. FSB’s matryoshka #3/3 – Gamaredon’s gifts that keeps unpacking – GammaSteel
15. Threat actors weaponize AI hype to deliver AsyncRAT
16. IronWorm: Shai-Hulud's rustier cousin
17. Miasma npm supply chain attack: Self-spreading worm via Phantom Gyp
18. Inside the Miasma software supply chain attack toolkit
19. The blight reaches Microsoft: 73 repos disabled in 105 seconds
20. You do surprise me.exe: An unexpected executable in Hola Browser
21. AI brands as bait: How threat actors are using the AI hype in social engineering
22. Don't fear the repo: UNK_DeadDrop phishing campaign targets developers to steal cryptocurrency
23. GoFlateLoader: A widespread Golang loader delivering multiple infostealers
24. Blinding the watchmen: Abusing cloud logging services for defense evasion and visibility
25. Technical analysis of MLTBackdoor
26. From fiscal lures to remote access, a previously undocumented NinjaOne RMM abuse chain
27. OceanLotus: From external espionage to domestic targeting
28. VerdantBamboo: Just another BRICKSTORM in the firewall
29. APT28, an evolution of tradecraft
30. Old WinRAR flaw fuels attacks on Ukraine: How unmanaged software keeps the door open
31. Seeking counsel: Ongoing targeted campaign against US law firms
32. Behind Khmer Shadow: Targeted espionage against Cambodian government entities

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

]]>https://badcyber.com/it-security-weekend-catch-up-june-7-2026/Sun, 07 Jun 2026 22:30:00 +0200https://badcyber.com/it-security-weekend-catch-up-june-7-2026/

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

1. Hackers used Meta’s AI support bot to seize Instagram accounts
2. Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code
3. 'Dumbass' criminal breaks the 'first rule of ransomware club'
4. Can’t make sense of Dashlane’s vault theft notification? You’re not alone
5. GTA cheat service Atlas Menu hacked as attacker alleges screenshot spying

For the more technical

1. Android Security Bulletin—June 2026
2. CVE-2026-28910: Breaking macOS App Sandbox data containers, TCC, and hijacking apps using Archive Utility
3. CIFSwitch: a non-universal Linux local root vulnerability
4. Critical Windows Netlogon RCE flaw now exploited in attacks
5. 1-click GitHub token stealing via a VSCode bug
6. HTTP/2 Bomb: AI-discovered DoS hits every major web server
7. ChatGPhish: The page is the payload
8. 15,000 WordPress sites affected by administrator account creation vulnerability in WP Maps Pro WordPress plugin
9. Malicious NuGet package impersonates Sicoob SDK to exfiltrate banking certificates and passwords
10. Typosquatted npm packages used to steal cloud and CI/CD secrets
11. Red Hat npm packages compromised to spread a credential-stealing worm
12. Mini Shai-Hulud campaign hits Red Hat Cloud Services npm packages
13. New Shai-Hulud hits npm: @redhat-cloud-services compromised
14. Malware targeting WordPress abuses Steam community profiles for command & control operations
15. Game Over: WeedHack – The rise of Minecraft malware-as-a-service campaign
16. NightSpire ransomware attack chain, tools and tactics
17. GREYVIBE: A Russia-nexus group leveraging AI across state-aligned operations
18. Sanctioned, seized, still scanning: Inside a Russian bulletproof hosting network targeting the EU

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

]]>https://badcyber.com/it-security-weekend-catch-up-may-30-2026/Sat, 30 May 2026 22:00:00 +0200https://badcyber.com/it-security-weekend-catch-up-may-30-2026/

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

1. [PL] Age verification means internet filtering
2. [PL][VIDEO] Another VPN mishap? Not quite
3. [PL] Paid disinformation takes a new turn as AI enters the game
4. [PL] AI transparency in public administration must be the standard
5. [PL] CRA: good practices for managing software security
6. [PL] Identifying someone by their phone number under GDPR
7. [PL] Arrests over false alerts about threats to life and health
8. [PL] Alarm at the president’s family home. An expert debunks myths about scam tactics
9. [PL] Otomoto: posting a listing can expose your data to scammers
10. [PL] The bank employee scam: a call transcript and analysis
11. [PL] Scammers’ “corporations”: inside the cybercrime market
12. [PL] A trap for domain owners: how phishing targeting home.pl works
13. [PL] Scammers working for Russia: how they impersonate well-known organizations
14. Silent Ransom Group impersonating IT personnel through social engineering
15. Cybercriminal VPN used by ransomware actors dismantled in global crackdown
16. How we got a CISA GitHub leak taken down in under a day
17. Lithuania investigates theft of 600,000 state registry records by foreign actor
18. Canadian man arrested by international authorities, charged with administrating KimWolf DDoS botnet
19. 2026 World Cup: Discussing the world’s biggest game’s attack surface
20. US law enforcement warns of “anti-tech extremism” as AI hatred grows

For the more technical

1. [PL] How to set up a home flight tracking radar
2. Microsoft Defender can now automatically isolate hacked endpoints
3. Authenticated RCE via argument injection in Gogs
4. FROST: Fingerprinting Remotely using OPFS-based SSD Timing
5. FortiClient EMS exploited via CVE-2026-35616 to deliver EKZ infostealer disguised as a Fortinet patch
6. From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence
7. Heap buffer write overflow in 7-Zip
8. Mini Shai-Hulud: Compromised @antv npm packages enable CI/CD credential theft
9. Mini Shai-Hulud strikes again: TanStack + more npm packages compromised
10. Megalodon: New CI/CD malware spreads across GitHub, infecting ~5,000+ repositories
11. Staged publishing and new install-time controls for npm
12. Malware-slop: New malicious npm package leaks its own GitHub private token
13. Laravel-Lang supply chain attack: Every tag across multiple composer packages rewritten to steal CI secrets
14. Ghost CMS mass compromised via CVE-2026-26980, now fueling ClickFix attacks
15. Detecting Tycoon 2FA AiTM attacks across Entra ID and Google Workspace
16. RatPressto phish kit
17. SHub Reaper: macOS stealer spoofs Apple, Google, and Microsoft in a single attack chain
18. From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities
19. Disrupting Glassworm: Inside CrowdStrike’s takedown of a developer-targeting botnet
20. The Gentlemen ransomware group is scaling faster than any other group on record

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

]]>https://badcyber.com/it-security-weekend-catch-up-may-23-2026/Sat, 23 May 2026 23:30:00 +0200https://badcyber.com/it-security-weekend-catch-up-may-23-2026/

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

1. [PL] E-vaccination card sparks controversy. Is it "coercion infrastructure"?
2. [PL] Pegasus report before summer break. Services block declassification of data
3. [PL] [VIDEO] ABW report: Are we safe?
4. [PL] Who uses AI, for what, and how in public institutions?
5. [PL] Military bets on artificial intelligence. Creates its own language model
6. [PL] Warsaw will host NASK cybersecurity center
7. [PL] Scams are most often run by cybercriminal corporations
8. [PL] Estonian financial inspectorate suspends Zondacrypto license
9. [PL] Cinkciarz.pl site CEO arrested. Lived a comfortable life in the USA
10. Grafana says stolen GitHub token let hackers steal codebase
11. GitHub confirms breach of 3,800 repos via malicious VSCode extension
12. Google publishes exploit code threatening millions of Chromium users
13. Mozilla ’ s response to the UK Department of Science, Innovation and Technology’s consultation “Growing up in the online world”
14. Independent review confirms critical Telegram vulnerability
15. Every voice and video call on Discord is now end-to-end encrypted

For the more technical

1. [PL] CERT Poland releases April 2026 monthly threat report
2. [PL] FlyHack ad offers cheap flights but delivers malicious Android app
3. [PL] New vulnerabilities Fragnesia (CVE-2026-46300) and DirtyDecrypt (CVE-2026-31635) disclosed
4. Open WebUI - stored XSS via file upload that leads to RCE with 1-click
5. New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
6. DirtyCBC — Linux RxGK chosen-plaintext page-cache poisoning to root shell
7. Claw Chain: Cyera research unveil four chainable vulnerabilities in OpenClaw
8. Second time, same sandbox: Another Anthropic Claude Code network sandbox bypass enables data exfiltration
9. Exposing Fox Tempest: A malware-signing service operation
10. Hunting down the Google-sent phishing wave compromising 30,000+ Facebook accounts
11. Tracking TamperedChef clusters via certificate and code reuse
12. SEO poisoning campaign leverages Gemini and Claude Code impersonation to deliver infostealer
13. Premium Deception: Uncovering a global Android carrier billing fraud campaign
14. Mini Shai-Hulud hits @antv ecosystem, 639 compromised npm package versions
15. Gremlin Stealer's evolved tactics: Hiding in plain sight with resource files
16. Fake Microsoft Teams campaign delivers ValleyRAT via NSIS installer and DLL sideloading
17. Inside SHADOW-WATER-063’s Banana RAT: From build server to banking fraud
18. WantToCry ransomware remotely encrypts files
19. CypherLoc, an advanced browser-locking scareware targeting millions
20. Webworm: New burrowing techniques
21. From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
22. Operation Dragon Whistle: UNG0002 targets Chinese academia via weaponized institutional lure
23. Analyzing TAX#TRIDENT: Fake Indian tax lures pivot across ZIP, VBS, stego and PHP-wrapped VBS delivery
24. How Storm-2949 turned a compromised identity into a cloud-wide breach
25. UAC-0184: From HTA to a signed network stack

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

]]>https://badcyber.com/it-security-weekend-catch-up-may-15-2026/Sat, 16 May 2026 23:30:00 +0200https://badcyber.com/it-security-weekend-catch-up-may-15-2026/

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

1. Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
2. Experts confirm the Fast16 malware was sabotaging nuclear weapons tests, likely in Iran
3. ‘Hondurasgate,’ the alleged US and Israeli interference plot to destabilize Mexico and other progressive governments
4. Instructure confirms data breach, ShinyHunters claims attack

For the more technical

1. May 2026 Patch Tuesday: 30 critical vulnerabilities among 130 CVEs
2. YellowKey Bitlocker bypass vulnerability
3. GreenPlasma Windows CTFMON arbitrary section creation elevation of privileges vulnerability
4. Fragnesia (CVE-2026-46300), a universal Linux local privilege escalation exploit
5. NGINX Rift: Achieving NGINX remote code execution via an 18-year-old vulnerability
6. Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim
7. CursorJacking: Every Cursor user is vulnerable to API key theft by rogue extensions
8. Why 0.1 + 0.2 is not 0.3, or about floating-point numbers
9. Pwn2Own Berlin 2026 - Day One Results
10. Pwn2Own Berlin 2026 - Day Two Results
11. Pwn2Own Berlin 2026: Day Three Results and Master of Pwn
12. Yarbo - NAT in my back yard
13. StealTok: 130k users compromised by data stealing TikTok video “downloaders”
14. Malware found in trending Hugging Face repository "Open-OSS/privacy-filter"
15. DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026
16. Shai-Hulud goes open source: Malware creators leak their own code to GitHub
17. PCPJack: Cloud worm evicts TeamPCP and steals credentials at scale
18. Adversaries leverage AI for vulnerability exploitation, augmented operations, and initial access
19. When IT support calls: Dissecting a ModeloRAT campaign from Teams to domain compromise
20. FrostyNeighbor: Fresh mischief and digital shenanigans

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

]]>