Tyler Robert Buchanan, known by his online moniker 'Tylerb' and a prominent member of the notorious cybercrime collective Scattered Spider, has pleaded guilty to charges related to an $8 million cryptocurrency theft. This admission stems from a sophisticated campaign of SMS phishing and SIM-swapping attacks orchestrated by Buchanan in 2022, which successfully breached multiple major technology firms and marks a significant victory for law enforcement against one of the most prolific English-speaking cybercrime groups. Buchanan, a 24-year-old British national, now faces over two decades in prison for his role in these high-profile cyber heists.

A new report from Forescout Research Vedere Labs, codenamed "BRIDGE:BREAK," has uncovered 22 critical vulnerabilities in widely used serial-to-IP converters from Lantronix and Silex. These flaws expose nearly 20,000 devices globally, enabling potential remote code execution, device takeover, and critical system control for attackers. This discovery highlights significant risks to industrial control systems and legacy applications that rely on these bridging devices for network connectivity.

A critical, unpatched vulnerability (CVE-2026-5752, CVSS 9.3) has been discovered in Cohere AI's Terrarium sandbox, enabling root code execution and container escape. This severe flaw, stemming from a JavaScript prototype chain traversal, poses a significant threat to environments designed to safely execute untrusted user or large language model (LLM)-generated code within its Docker-deployed container.

Chinese advanced persistent threat (APT) group Mustang Panda has reportedly expanded its cyber espionage operations, deploying an evolved variant of its LOTUSLITE malware against India's banking sector. This marks a significant geographical and sectoral shift for the group, previously known for targeting U.S. government and policy entities. The updated malware also continues to target South Korean and U.S. policy circles, indicating a persistent and broadened intelligence collection mandate.

A high-profile case has unveiled a shocking insider threat within the cybersecurity incident response community, as a ransomware negotiator pleaded guilty to direct involvement in a BlackCat/ALPHV cybercriminal scheme. This development not only exposes the critical vulnerabilities present in third-party incident response processes but also underscores the complex ethical and security challenges faced by organizations under cyberattack. The confession serves as a stark reminder of the potential for betrayal within trusted partnerships, compelling a reevaluation of current best practices.

A critical prompt injection vulnerability has been discovered and patched in Google's agentic Antigravity IDE, which could have allowed attackers to achieve arbitrary code execution. The flaw leveraged permitted file creation alongside inadequate input sanitization in the `find_by_name` tool, enabling a bypass of the IDE's stringent Strict Mode security configuration. Attackers could inject shell script execution commands, turning a seemingly benign search function into a vector for remote code execution.

While the cybersecurity industry has heavily invested in defending against complex threats like zero-days and sophisticated AI-generated exploits, the most persistent and effective initial access vector for attackers remains alarmingly simple: stolen credentials. These identity-based attacks, which bypass traditional defenses by leveraging valid login information, are now being dramatically accelerated by advancements in artificial intelligence. This escalation means that attackers can scale operations, create custom tools, and craft highly realistic phishing campaigns at unprecedented rates.

A new NGate Android malware campaign is actively targeting users in Brazil, weaponizing the legitimate HandyPay application to steal NFC payment card data and PINs. This sophisticated attack enables threat actors to execute contactless ATM cash-outs and unauthorized transactions, marking a dangerous escalation in mobile financial fraud. Notably, researchers suggest the malicious code itself may have been AI-generated, pointing to a worrying new frontier in cybercriminal capabilities.

New research from Check Point reveals a staggering scale of compromise linked to The Gentlemen ransomware-as-a-service (RaaS) operation, uncovering over 1,570 victims through an exposed SystemBC command-and-control server. This discovery far exceeds the public victim count on the group's data leak site, underscoring the true reach of ransomware operations often hidden beneath the surface. Threat actors associated with The Gentlemen RaaS have been actively deploying SystemBC proxy malware to establish SOCKS5 tunnels, facilitating remote access and further payload delivery.

U.S. Southern Command (SOUTHCOM) is establishing a new Autonomous Warfare Command (SAWC), a significant move mandated by Commander Gen. Francis L. Donovan to bolster the command's operational dominance. This new element is designed to integrate autonomous and unmanned systems into tactical missions, specifically targeting threats like narcoterrorism across its expansive Area of Responsibility (AOR) in Latin America and the Caribbean. The initiative aims to connect short-term operational successes with long-term strategic outcomes, leveraging advanced technology to support U.S. national security objectives.

The U.S. Navy is exploring a radical shift in its shipbuilding strategy, considering overseas manufacturing partnerships to overcome domestic labor shortages and accelerate fleet expansion. Navy Secretary John Phelan announced a study into the concept, citing successful maintenance and repair collaborations with allies like South Korea and Japan as potential models. This initiative comes as the Navy faces mounting pressure to meet ambitious fleet growth targets amid strained domestic industrial capacity.

The Pentagon is proposing a colossal nearly $55 billion investment in its new Defense Autonomous Warfare Group (DAWG) for fiscal year 2027, replacing the Biden-era Replicator initiative with a dramatic escalation in ambition. This massive funding push aims to supercharge rapid innovation, research, development, and integration of cutting-edge autonomous systems and drone technologies for future warfare, particularly in the Indo-Pacific. However, a significant portion of this funding, $53.6 billion, is placed in a flexible future reconciliation pot, creating a high-stakes gamble for its approval amidst an increasingly challenging political landscape.