Other noteworthy stories that might have slipped under the radar: US gov targets 72-hour patch cycles, malware uses Windows Phone Link to steal OTPs, spy operation targets Eurasian drone industry.
The post In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner appeared first on SecurityWeek.
SecurityWeek – Read More
The hardest part of cybersecurity isn’t the technology, it’s the people.
Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one “Patient Zero” infection.
In 2026, hackers are using AI to make these “first clicks” nearly impossible to spot. If a single laptop gets compromised on your watch, do you have a plan to stop it from taking down
The Hacker News – Read More
A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers’ systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and network tunneling.
“QLNX targets developers and DevOps credentials across the software supply chain,”
The Hacker News – Read More
The hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply.
The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers accessed one of the company’s AWS accounts and compromised AI provider secrets stored in Braintrust.
The post AI Firm Braintrust Prompts API Key Rotation After Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investigating more than 25 million security alerts, including informational and low-severity, across live enterprise environments.
The dataset behind these findings includes 10 million monitored
The Hacker News – Read More
Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that’s being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called “darkworm.”
The backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination.
The Hacker News – Read More
A system that thousands of schools and universities use went offline due to a cyberattack, creating chaos as students tried to study for finals.
The post Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom appeared first on SecurityWeek.
SecurityWeek – Read More
RansomHouse has published several screenshots to demonstrate access to internal Trellix services.
The post Ransomware Group Takes Credit for Trellix Hack appeared first on SecurityWeek.
SecurityWeek – Read More
The malware framework targets web applications and cloud environments, including AWS, Docker, Kubernetes, and more.
The post ‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials appeared first on SecurityWeek.
SecurityWeek – Read More