Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- [PL][VIDEO] GPS interference in Europe. The trail leads to a Russian satellite
- [PL] How the Social Design Agency works on Russia's behalf
- [PL][AUDIO] Fifth episode of the Informatyk Zakładowy Retro-podcast
- [PL][VIDEO] Digital Hydra: does the individual stand a chance?
- [PL] Unpaid parking fee? Watch out for scammers
- [PL][VIDEO] Why everyone falls for online scams
- [PL][VIDEO] They're trying to steal your Gmail credentials on LinkedIn
- [PL] Polish cyber police identify 17-year-old behind attacks on mobile subscribers
- [PL] How the FBI trains investigators in a realistic cyber range
- [PL] Illegally processed personal data as evidence in court
- [PL] "Children online 2026" report: algorithms and AI are already harming preschoolers
- [PL] Eustella, a secure European alternative to ChatGPT and Gemini
- Hate “the algorithm?” RSS is one of the tools you’ve been looking for
- Espionage against the European Parliament. Member of committee investigating spyware hacked with Pegasus
- Global cyber strike disrupts SocGholish, Amadey, and StealC malware networks
- United States seizes hundreds of Internet domains used to illegally stream World Cup matches
- Google’s continued disruption of malicious residential proxy networks
- Alleged member of criminal cyber hacking group “Scattered Spider” arrested in Finland and extradited to the United States
For the more technical
- [PL][VIDEO] An overview of interesting web application vulnerabilities
- [PL][VIDEO] FortiBleed isn't a new flaw, it's a credentials issue
- [PL][VIDEO] Railway cyber resilience: from vulnerabilities to compliance and security
- [PL] Deepfakes and a spoofed gov.pl site backed a fake investment platform
- Cybercrime breaches Klue: Salesforce data impacted for many victims
- Kali Linux 2026.2 release (GNOME 50, KDE 6.6, Helper Scripts, APT Formats & VM Boot Tweaking)
- WinPE as a stateless harness for Windows driver testing and fuzzing
- Dissecting and exploiting Linux LPE variant: DirtyClone (CVE-2026-43503)
- 282 iOS AI apps leak API keys and open AI proxy access in network traffic study
- Indirect prompt injection in web content targets AI agents
- Silent Swap: A crypto clipper extension campaign
- Chromium extension uses AI‑related branding to redirect browser search
- Clone this repo and I own your machine
- BioShocking AI: “Gaming” the AI browser and escaping its guardrails
- ARToken: Inside an EvilTokens affiliate panel targeting Microsoft 365
- AsyncRAT reloaded: Using Python and TryCloudflare for malware delivery again
- An analysis of ValleyRAT infection campaigns from fake installers, Japanese malicious emails
- TONResolver RAT abuses TON blockchain to target Japan's hotel industry
- From Bing search to ransomware: Bumblebee and AdaptixC2 deliver Akira
- Veil#Drop: Blogspot-hosted PowerShell loader delivers PureLog stealer through XOR-encoded in-memory .NET payloads
- PamStealer: a Rust-based macOS infostealer that validates credentials through PAM
- RustDuck: An in-depth analysis of a two-stage botnet
- Miasma Mini Shai-Hulud hits LeoPlatform npm packages and GitHub Actions, expands to the Go ecosystem
- [VIDEO] Signals & Stories: The evolution of attribution in cyber threat intelligence
- Mustang Panda targets India's government and energy sectors with Zohomurk and Minirecon
- Operation DragonReturn: China-nexus cyber espionage campaign targeting Govt. of India/MoF tax infrastructure via multi-stage DcRAT deployment
- UNC1151 phishing email targeting Belarusian politician points to multi-national campaign
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
Comments