Cybersecurity

Over 70 new malicious extensions, clones of popular tools, have been identified on the Open VSX marketplace, signaling a significant resurgence of the GlassWorm malware. These sleeper extensions are designed to eventually deploy payloads, stealing critical credentials and sensitive information, posing an acute supply chain threat.

A critical flaw in the VECT 2.0 ransomware's encryption process has transformed it into an indiscriminate data wiper for files exceeding 128KB, making data irrecoverable even for the attackers. This significant vulnerability means that victims of the ransomware, which recently partnered with the prolific TeamPCP threat group known for supply-chain attacks, face permanent data loss rather than a ransom demand.

A Chinese national accused of extensive state-sponsored cyber espionage has been successfully extradited from Italy to the United States to face charges. Xu Zewei, linked to the notorious Silk Typhoon APT group, is charged with hacking US universities and COVID-19 researchers on behalf of China's Ministry of State Security. This marks a significant development in the ongoing efforts to counter nation-state cyber threats.

Cybercriminals successfully exploited a vulnerability in Robinhood's account creation process to launch a highly convincing phishing campaign. This sophisticated attack leveraged specific platform mechanics to send legitimate-looking emails directly from Robinhood's systems, bypassing standard email authentication checks and eroding user trust.

Anthropic's Claude Mythos Preview demonstrated an alarming capability to identify and exploit software vulnerabilities autonomously, leading the company to deem it too dangerous for public release. This incident has spotlighted the rapid emergence of advanced agentic AI systems that can plan, decide, and execute cyberattacks without human intervention. To counter this escalating threat, security professionals are now facing the imperative to develop and deploy equally autonomous agentic AI defensive countermeasures.

New analysis of cyber insurance claims offers CISOs a powerful tool to secure budget allocations, directly translating technical risks into the financial terms boards and CFOs understand. Proprietary data from Resilience highlights how specific security failures, such as MFA misconfigurations and unpatched vulnerabilities, drive significant monetary losses. This insight enables security leaders to demonstrate the tangible ROI of robust cybersecurity measures.

Microsoft Outlook.com recently suffered a widespread global outage, prompting users to experience intermittent sign-in issues for over 10 hours. Following service restoration, Microsoft has instructed iPhone users to manually re-enter their credentials to access Outlook and Hotmail accounts via the native Mail app. This incident, attributed to a 'recently introduced change,' underscores the fragility of critical cloud services.

Microsoft is set to enforce a significant security upgrade for Exchange Online, announcing that it will block legacy TLS 1.0 and TLS 1.1 connections for POP and IMAP email clients starting in July 2026. This move aligns with broader industry efforts to phase out outdated cryptographic protocols, bolstering the security posture of cloud-based email communications against modern threats. The change will mandate the use of TLS 1.2 or higher, pushing organizations towards more secure encryption standards.

A Brazilian cybercrime group, LofyGang, has resurfaced after more than three years, launching a new LofyStealer (aka GrabBot) campaign specifically targeting Minecraft players. The malware, disguised as a 'Slinky' game hack, exploits the trust of young users to exfiltrate a wide array of sensitive data, including credentials and financial information. This marks a significant pivot for the group, previously known for JavaScript supply chain attacks, now embracing a Malware-as-a-Service (MaaS) model and leveraging platforms like GitHub for distribution.

Cybersecurity researchers have unveiled details of a critical remote code execution (RCE) flaw impacting GitHub.com and GitHub Enterprise Server, allowing an authenticated user to achieve RCE with a single 'git push' command. Tracked as CVE-2026-3854, this command injection vulnerability leverages improperly sanitized push option values to potentially expose millions of repositories through cross-tenant access. Google-owned cloud security firm Wiz discovered the flaw, prompting GitHub to swiftly deploy a fix to its public platform.

A Chinese national accused of leading state-sponsored cyberattacks, including the theft of COVID-19 vaccine research and exploitation of Microsoft Exchange zero-days, has been extradited from Italy to the United States. Xu Zewei, allegedly linked to the notorious Silk Typhoon (Hafnium) hacking group, faces charges for operations directed by China's Ministry of State Security against American organizations and government agencies. This marks a significant development in international efforts to hold state-backed cybercriminals accountable.

The exploit window for cybersecurity vulnerabilities is rapidly closing, as advanced AI models like Anthropic's Claude Mythos can now discover critical flaws in minutes, a task that once took human experts weeks. This dramatic acceleration has prompted urgent discussions among top financial leaders, highlighting how AI capabilities are fundamentally reshaping organizational risk profiles across all industries. Consequently, the traditional "patch faster" security model is now obsolete, necessitating a strategic pivot towards an assume-breach posture focused on rapid detection and containment.