Flipper Zero Maker Overhauls Firmware Contribution Rules After Community Backlash
Flipper Devices has rolled out new firmware contribution rules, including GitHub Discussions-based feature voting and mandatory integration testing, after community backlash over a perceived firmware development slowdown.
Cybersecurity Week in Review: AI Model Redeployment, a Linux Root Zero-Day, and Hundreds of Chrome Patches
This week: Anthropic's Claude Mythos 5 returns to critical infrastructure use, a near-100%-reliable Linux root zero-day emerges, Chrome patches 382 bugs, and Scattered Spider notches another extradition.
Google Dismantles NetNut-Linked “Popa” Residential Proxy Botnet That Hijacked 2 Million Home Devices
Google, working with the FBI, Lumen Technologies, and other partners, has taken action against the NetNut residential proxy network - also tracked as "Popa" - estimated to have...
81 Million Login Attempts: Massive Password Spray Campaign Bypasses MFA to Compromise Azure and Microsoft 365 Accounts
A massive automated campaign made 81 million login attempts against Microsoft 365 and Azure CLI accounts between June 12 and June 26, 2026, successfully compromising 78 accounts across...
Russia’s Turla APT Deploys STOCKSTAY Backdoor Against Ukrainian Government and Military Targets
Russia-linked Turla (FSB Center 16) has been running a long-running espionage campaign deploying a new .NET backdoor called STOCKSTAY against Ukrainian government and military organizations since December 2022....
FortiBleed: Over 73,000 Fortinet Firewalls Compromised in Industrial-Scale Cyber Espionage Campaign
An industrial-scale cyber espionage campaign dubbed "FortiBleed" has silently compromised over 73,932 unique Fortinet firewall URLs across 194 countries, targeting Fortune 500 companies, government entities, and a NATO...
HazyBeacon APT Campaign Weaponizes AWS Lambda to Hide Command-and-Control Traffic
Qualys researchers have exposed HazyBeacon, a stealthy APT campaign targeting Southeast Asian governments that uses AWS Lambda Function URLs as covert command-and-control relays. By routing malicious traffic through...
OceanLotus APT (APT32) Compromises FireAnt MetaKit in Targeted Supply-Chain Attack on Vietnamese Stock Investors
The Vietnamese state-aligned threat group OceanLotus (APT32) hijacked the update server of popular investment software FireAnt MetaKit to deliver the SPECTRALVIPER backdoor to targeted stock market users, in...