Cybersecurity

LastPass Confirms Customer Data Breach After Klue OAuth Token Theft

3 minute read

Data Breaches

LastPass Confirms Customer Data Breach After Klue OAuth Token Theft

LastPass has confirmed it was affected by the Klue supply chain incident, saying an unauthorised actor used stolen…

byWaqas

June 23, 2026

‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking

2 minute read

Security

‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking

Novee Security reveals Cordyceps, a CI/CD vulnerability in GitHub Actions workflows that let anonymous users poison builds and expose tokens across major projects today.

byDeeba Ahmed

June 23, 2026

3 minute read

New CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto

Microsoft researchers warn of a new dual-action cryptocurrency clipper (CryptoBandits Malware) spreading through USB devices to alter wallet addresses and steal crypto assets.

byDeeba Ahmed

June 23, 2026

5 minute read

The Evolution of iGaming Fraud: What Security Teams Should Expect in 2027

Learn how AI, deepfakes, synthetic identities and fraud-as-a-service may reshape iGaming risk, and what security teams can do to detect future threats in 2027.

byOwais Sultan

June 23, 2026

Two UK Hackers Plead Guilty to £39 Million Cyberattack on Transport for London

3 minute read

2 Scattered Spider-Linked Hackers Plead Guilty Over £39M TfL Cyberattack

Two teenagers face sentencing after admitting to a massive Scattered Spider cyberattack that hit Transport for London (TfL) and US healthcare networks.

byDeeba Ahmed

June 23, 2026

2 minute read

Beats Studio Buds Flaw Could Let Nearby Attackers Eavesdrop on Users

Apple has released a security update to patch a Beats Studio Buds flaw that let nearby hackers listen to conversations through the microphone.

byDeeba Ahmed

June 22, 2026

2 minute read

Texas Parks and Wildlife Data Breach Affects Over 3M License Customers

Around 3 million Texas licence holders face a data breach after hackers targeted a third-party vendor, exposing driver's licences and passport numbers.

byDeeba Ahmed

June 22, 2026

Threat Hunting Beyond Alerts: Finding the Activity Detection Misses

4 minute read

Security

Threat Hunting Beyond Alerts: Finding the Activity Detection Misses

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

byOwais Sultan

June 22, 2026

3 minute read

Scammers Use Fake GitHub Stars, VirusTotal Reviews to Spread Crypto Clipper

A multi-platform malware campaign abuses fake trust signals to infect Windows and Mac users with a crypto clipper packed with 15,500 attacker wallets.

byDeeba Ahmed

June 22, 2026

3 minute read

Salesforce Disables Klue Integration After OAuth Token Theft Hits Customer Data

Icarus extortion group used a legacy Klue Battlecards credential to bypass security and steal bulk Salesforce records from affected companies.

byDeeba Ahmed

June 22, 2026

The Latest

Internet Society Foundation Opens Global Call for Common Good Cyber Fund to Strengthen Cybersecurity

LastPass Confirms Customer Data Breach After Klue OAuth Token Theft

‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking

The Rise of AI-Powered Academic Fraud: Beyond Traditional Plagiarism

Cybersecurity

LastPass Confirms Customer Data Breach After Klue OAuth Token Theft

‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking

New CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto

The Evolution of iGaming Fraud: What Security Teams Should Expect in 2027

2 Scattered Spider-Linked Hackers Plead Guilty Over £39M TfL Cyberattack

Beats Studio Buds Flaw Could Let Nearby Attackers Eavesdrop on Users

Texas Parks and Wildlife Data Breach Affects Over 3M License Customers

Threat Hunting Beyond Alerts: Finding the Activity Detection Misses

Scammers Use Fake GitHub Stars, VirusTotal Reviews to Spread Crypto Clipper

Salesforce Disables Klue Integration After OAuth Token Theft Hits Customer Data

Internet Society Foundation Opens Global Call for Common Good Cyber Fund to Strengthen Cybersecurity

Gcore Helps Ucom Safeguard Public Live Broadcast Infrastructure During Armenia’s Parliamentary Elections

eFAQ Publishes Investigation Into Alleged Scam Activity and Coordinated Reputation Attacks

SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies

Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It