Live Threat IntelLive
Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks(SecurityWeek)Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access(Security Affairs)Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet(The Hacker News)Payouts King ransomware uses QEMU VMs to bypass endpoint security(Bleeping Computer)Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing(Dark Reading)Ransomware attack continues to disrupt healthcare in London nearly two years later(The Record)Four arrested in latest ‘PowerOFF’ DDoS-for-hire takedown(The Record)CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack(The Register)DraftKings hacker sentenced to prison, ordered to pay $1.4 Million(Security Affairs)Operation PowerOFF: 53 DDoS domains seized and 3 Million criminal accounts uncovered(Security Affairs)Oklahoma State Tax Commission Fails To Notice Data Breach for 18 Months(DataBreaches.net)Northern Ireland school IT systems ‘largely restored’ after cyber attack(DataBreaches.net)Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery(Bleeping Computer)In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested(SecurityWeek)DDoS-For-Hire Services Disrupted by International Police Action in ‘Operation PowerOff’(Infosecurity Magazine)Another DraftKings Hacker Sentenced to Prison(SecurityWeek)Recent Apache ActiveMQ Vulnerability Exploited in the Wild(SecurityWeek)Inside ZionSiphon: politically driven malware aims at Israeli water systems(Security Affairs)That data breach alert might be a trap(ESET Research)ZionSiphon Malware Targets ICS in Water Facilities(SecurityWeek)Man gets 30 months for selling thousands of hacked DraftKings accounts(Bleeping Computer)Claude Opus wrote a Chrome exploit for $2,283(The Register)Recently leaked Windows zero-days now exploited in attacks(Bleeping Computer)Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts(The Hacker News)Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation(The Hacker News)Operation PowerOFF identifies 75k DDoS users, takes down 53 domains(Bleeping Computer)ZionSiphon malware designed to sabotage water treatment systems(Bleeping Computer)A Deep Dive Into Attempted Exploitation of CVE-2023-33538(Palo Alto Unit 42)New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges(Bleeping Computer)Cookeville Regional Medical Center hospital data breach impacts 337,917 people(Security Affairs)Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic(The Hacker News)Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face(Bleeping Computer)APK Malformation Found in Thousands of Android Malware Samples(Infosecurity Magazine)Cookeville Medical Center Notifies Patients After July 2025 Ransomware Attack(Infosecurity Magazine)AI platform n8n abused for stealthy phishing and malware delivery(Security Affairs)Textbook titan McGraw Hill on ransomware crew's reading list after 13.5M records exposed(The Register)Automotive Ransomware Attacks Double in a Year(Infosecurity Magazine)6-Year Ransomware Campaign Targets Turkish Homes & SMBs(Dark Reading)Russia Hacked Routers to Steal Microsoft Office Tokens(Krebs on Security)Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure(CISA Advisories)Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks(SecurityWeek)Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access(Security Affairs)Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet(The Hacker News)Payouts King ransomware uses QEMU VMs to bypass endpoint security(Bleeping Computer)Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing(Dark Reading)Ransomware attack continues to disrupt healthcare in London nearly two years later(The Record)Four arrested in latest ‘PowerOFF’ DDoS-for-hire takedown(The Record)CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack(The Register)DraftKings hacker sentenced to prison, ordered to pay $1.4 Million(Security Affairs)Operation PowerOFF: 53 DDoS domains seized and 3 Million criminal accounts uncovered(Security Affairs)Oklahoma State Tax Commission Fails To Notice Data Breach for 18 Months(DataBreaches.net)Northern Ireland school IT systems ‘largely restored’ after cyber attack(DataBreaches.net)Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery(Bleeping Computer)In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested(SecurityWeek)DDoS-For-Hire Services Disrupted by International Police Action in ‘Operation PowerOff’(Infosecurity Magazine)Another DraftKings Hacker Sentenced to Prison(SecurityWeek)Recent Apache ActiveMQ Vulnerability Exploited in the Wild(SecurityWeek)Inside ZionSiphon: politically driven malware aims at Israeli water systems(Security Affairs)That data breach alert might be a trap(ESET Research)ZionSiphon Malware Targets ICS in Water Facilities(SecurityWeek)Man gets 30 months for selling thousands of hacked DraftKings accounts(Bleeping Computer)Claude Opus wrote a Chrome exploit for $2,283(The Register)Recently leaked Windows zero-days now exploited in attacks(Bleeping Computer)Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts(The Hacker News)Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation(The Hacker News)Operation PowerOFF identifies 75k DDoS users, takes down 53 domains(Bleeping Computer)ZionSiphon malware designed to sabotage water treatment systems(Bleeping Computer)A Deep Dive Into Attempted Exploitation of CVE-2023-33538(Palo Alto Unit 42)New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges(Bleeping Computer)Cookeville Regional Medical Center hospital data breach impacts 337,917 people(Security Affairs)Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic(The Hacker News)Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face(Bleeping Computer)APK Malformation Found in Thousands of Android Malware Samples(Infosecurity Magazine)Cookeville Medical Center Notifies Patients After July 2025 Ransomware Attack(Infosecurity Magazine)AI platform n8n abused for stealthy phishing and malware delivery(Security Affairs)Textbook titan McGraw Hill on ransomware crew's reading list after 13.5M records exposed(The Register)Automotive Ransomware Attacks Double in a Year(Infosecurity Magazine)6-Year Ransomware Campaign Targets Turkish Homes & SMBs(Dark Reading)Russia Hacked Routers to Steal Microsoft Office Tokens(Krebs on Security)Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure(CISA Advisories)