Talos reports that UAT-8302, a China-nexus APT, has deployed NetDraft, CloudSorcerer, VSHELL, SNOWRUST, SNOWLIGHT, SNAPPYBEE/DeedRAT, and ZingDoor across global government targets, enabling long-term access and extensive reconnaissance. blog.talosintelligence.com/uat-8302/

This is how foreign intelligence protects Americans at home. NSA spots a threat overseas, FBI acts here, and a subway attack never happens. Quiet coordination saves lives before most people know danger was close. #NSA #FBI #NationalSecurity reuters.com/article/techno…

A sophisticated, state-sponsored intrusion observed in early 2026 appeared to be a standard Chaos ransomware attack. Forensic analysis has since unmasked it as a false flag attempt, linking the incident to the Iranian APT #MuddyWater. More in a new blog: r-7.co/4tiWod0

Let me tell you something As someone who lived in Philly Abbott Elementary and Always Sunny in Philadelphia are basically documentaries because people from Philly are naturally the funniest people on Earth lmao

🔎🇷🇺Inside Russia's elite Bauman University, a secret department trains the GRU's next-gen hackers, saboteurs & spies. Now, 2,000+ leaked docs expose how its graduates feed the units behind Russia's cyberattacks, election interference, and NATO sabotage. vsquare.org/welcome-to-the…

Our new Investigation: Inside Spy School - how Russia trains and recruits GRU staff for its hybrid war against the West at Moscow State University Bauman (gift link) spiegel.de/ausland/hybrid…

3 intel officials told me Russia is ramping up & expanding attempts to kill its opponents across Europe. At least 6 attempted killings + 1 death since the invasion of Ukraine. These are among 191 attacks & other incidents linked to Russia, tracked by The Associated Press apnews.com/article/russia…

The Police Security Service (PST) has arrested a Chinese citizen on a charge of aggravated intelligence activities. A Norwegian registered company has been used as a front by a Chinese state actor for attempted SIGINT collection on polar orbit sats. nrk.no/norge/pst_-kin…

When it launched the full-scale invasion of Ukraine, the Russian regime broke its previous arrangement with society and replaced it with a new trade-off: most of you may live as if the war does not exist, but you may not oppose it. For those who accepted this unspoken bargain,

Americans sentenced for running 'laptop farms' for North Korea bleepingcomputer.com/news/security/…

HewMesmer32 NBC10 Philadelphia Yes Storytelling masters

This is wild: Leaked audio recordings implicates former Honduran President Juan Orlando Hernández, Javier Milei, and Donald Trump in an attempt to create a media outlet to disseminate fake news regarding the administrations of Claudia Sheinbaum and Gustavo Petro.

Lessons for all of us from antisemitism in Belgium. A must-read piece by ADL National Commissioner Yohan Benizri about the need to strengthen our institutions to protect Jewish communities. thejc.com/opinion/the-in…

"Canvas" is a "learning managment system" used by around 8000 universities around the world but mostly in the United States. A million students and teachers likely saw this ransomware message when they tried to login today. This makes it a newsworthy event. This happened right

🚨 BREAKING: ShinyHunters defaced Canvas login portals for hundreds of colleges and universities today, replacing them with extortion demands tied to the recent Instructure breach. Sources tell BleepingComputer that the hackers exploited another unpatched vulnerability in

💥SCOOP: A Russian spy who spent years infiltrating think-tanks, academic institutions close to the Orbán government was quietly expelled from Budapest—but only after Orbán’s defeat removed the political obstacle that had shielded the operative for months. vsquare.org/the-think-tank…

The self-conscious cartoonishness has evolved into a bizarrely earnest elder statesmanship. And then he turns into a Smurf at the end. 10/10, no notes.

#Oceanlotus malware ZiChatBot, leverages Zulip’s public team chat REST APIs as its command and control server. [email protected] ref: Last year, OceanLotus suspected of using PyPI to deliver ZiChatBot malware securelist.com/oceanlotus-sus… No related Malware was found in

We uncovered a new Brazilian banking trojan campaign: TCLBANKER. What makes TCLBANKER notable isn’t just the malware itself, but how it spreads. The campaign uses compromised WhatsApp and Outlook accounts to propagate through trusted user relationships, deploys targeted banking

TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms thehackernews.com/2026/05/tclban…