ZeroSecurity

Hackers Exploit Maximum-Severity Cisco Zero-Day Bug Since 2023 (CVE-2026-20127) zerosecurity.org/hackers-exploi…

How Hackers Still Manage to Compromise Multi-factor authentication (MFA) zerosecurity.org/how-hackers-st…

Anthropic Unveils Claude Code Security to Detect and Fix Critical Vulnerabilities zerosecurity.org/anthropic-unve…

Panera Hacked – Exposes 5.1 Million Customer Records zerosecurity.org/panera-hacked-…

Chinese Hackers Hijack Notepad++ Updates in 6-Month Supply Chain Campaign zerosecurity.org/chinese-hacker…

Malicious Chrome Extensions Steal AI Data and Hijack Revenue in DarkSpectre Campaign zerosecurity.org/malicious-chro…

#KPMG Netherlands Listed as Victim by Nova Ransomware Group zerosecurity.org/kpmg-netherlan…

#RansomHouse Claims Breach of Key Apple Assembler Luxshare zerosecurity.org/ransomhouse-cl…

#Copilot Hacked – Researchers Reveal “Reprompt” Attack zerosecurity.org/copilot-hacked…

Dutch Police Arrest Alleged AVCheck Operator in ‘Operation Endgame’ Breakthrough zerosecurity.org/dutch-police-a…

Bigfork Man Sentenced to 46 Months After FBI Traces 1,100 IP Addresses in Cyberstalking Case zerosecurity.org/bigfork-man-se…

#BreachForums Database Leak Exposes Over 320,000 Users zerosecurity.org/breachforums-d…

Europol Dismantles Black Axe Cell in Spain, Arrests 34 for €5.9M Fraud zerosecurity.org/europol-disman…

Betterment Investment Users Targeted by “Triple #Crypto” Scam Notification zerosecurity.org/betterment-inv…

Bypasses paywalls: - github.com/inulute/medium… #infosec #cybersec

Rainbow Six Siege Hacked: Players Gifted Billions of Credits as Ubisoft Forces Servers Offline zerosecurity.org/rainbow-six-si…

MongoBleed (CVE-2025-14847) is basically Heartbleed for MongoDB - unauthenticated memory disclosure - public POC, trivial to exploit - leaks creds, tokens, cloud keys straight from RAM - huge exposed surface on the internet Good writeups and technical details here: doublepulsar.com/merry-christma… ox.security/blog/attackers… blog.ecapuano.com/p/hunting-mong… Patch fast, rotate secrets, and assume exposed instances were scanned(!)

Gravy Analytics Breached: A Massive Data Leak Exposes Millions of Location Traces zerosecurity.org/gravy-analytic…

Hackers claim to have breached Gravy Analytics, a US location data broker selling to government agencies. They shared 3 samples on a Russian forum, exposing millions of location points across the US, Russia, and Europe. It's OSINT time! 👇

#Phishing 2.0: How #AI is Turning Cyber Attacks into a Science zerosecurity.org/phishing-2-0-h…