Cyber Threat Intel

22h ago

Cyber Threat Intel · 2026-05-27 Daily Digest

No significant updates today.

1d ago

ShinyHunters Extortion Campaign Targets 7-Eleven

Both reports confirm ShinyHunters breached 7-Eleven franchisee systems in April, exposing data of ~185,000 people.
Consistent data types leaked:...

7-Eleven Cyber Extortion Attack Exposes Personal Info Of 185K People

hothardware.com

7-Eleven Cyber Extortion Attack Exposes Personal Info Of 185K People

1d ago

ConnectWise Automate Flaw Enables Integrity Bypass and RCE

A newly disclosed CVE-2026-9089 (CVSS 8.8) in ConnectWise Automate lets attackers bypass integrity checks to execute malicious code via plugin loading...

ConnectWise Automate Vulnerability Could Allow Security Check Bypass and RCE

esecurityplanet.com

ConnectWise Automate Vulnerability Could Allow Security Check Bypass and RCE

1d ago

Class 12 Student Breaches CBSE Portal in 30 Minutes

A Class 12 ethical hacker accessed the CBSE evaluation portal in just 30 minutes via a hardcoded master password, enabling grade alterations, teacher...

1d ago

Database Extortion: High Volume, Low Revenue, Massive Damage

5-year study found 30,515 exposed databases (46.3%) already carried ransom notes, affecting over 215 billion records.
Victims rarely paid: only...

The Hidden Ransomware Economy Running on Exposed Databases

securityaffairs.com

The Hidden Ransomware Economy Running on Exposed Databases

1d ago

MFA Reset Attacks Dominate Financial Services

Financial services ranked as the fourth most targeted sector, seeing 43% more hands-on-keyboard intrusions than two years prior. Attackers skip password theft entirely by using vishing or device-code phishing to reset MFA and steal tokens instead.

The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.

venturebeat.com

The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.

1d ago

Massive Leak Exposes 116K Journalist Records

Over 116,000 data instances from The New York Times, Wall Street Journal, and Washington Post hit the dark web, exposing 35,000+ emails and thousands of passwords. This enables phishing, blackmail, and source exposure that threatens press freedom.

Massive journalist data leak hits major US newsrooms

msn.com

Massive journalist data leak hits major US newsrooms

1d ago

BTMOB Lowers Barrier to Android Device Takeover

BTMOB's ready-made toolkit makes full Android compromise accessible to low-skill attackers.

No-code builder: APK generator and phishing lure...

BTMOB: A stealthy RAT burrowing deep into Android devices

welivesecurity.com

BTMOB: A stealthy RAT burrowing deep into Android devices

1d ago

AI Expands Automotive Ransomware Risks

Automotive ransomware more than doubled in 2025, accounting for nearly half of incidents as AI-driven vehicle systems widen the attack surface for...

Automotive ransomware more than doubled – and AI is partly to blame

insurancebusinessmag.com

Automotive ransomware more than doubled – and AI is partly to blame

1d ago

Fake Installers Fuel Persistent Supply Chain Attacks

Attackers are systematically abusing GitHub and SourceForge with fake installers for tools like ChatGPT and AutoTune to deliver the DinDoor RAT via...

Why Are Software Supply Chains Under Constant Siege? - Palo Alto Networks Blog

paloaltonetworks.com

Why Are Software Supply Chains Under Constant Siege? - Palo Alto Networks Blog

1d ago

7-Eleven Breach Exposes 185K with SSNs via ShinyHunters

ShinyHunters claimed ransomware responsibility for the 7-Eleven breach, threatening data release if unpaid.
Confirmed impact exceeds 185,000...

ShinyHunters leaked 7-Eleven customer data, exposing SSNs and ...

mezha.net

ShinyHunters leaked 7-Eleven customer data, exposing SSNs and ...

1d ago

AI's Dual Cybersecurity Impact Emerges

AI is accelerating both vulnerability discovery and new attack surfaces.

Claude Mythos scanned 1,000+ open-source projects, surfacing 6,202...

1d ago

Iranian Government Behind LA Metro Breach

Iranian government-linked hackers, not unaffiliated activists, sabotaged LA Metro's systems through data-wiping attacks on critical transit...

Iranian government, not hacktivist group, breached LA Metro system, security firm says

cybersecuritydive.com

Iranian government, not hacktivist group, breached LA Metro system, security firm says

1d ago

Journalists' Data Leak Exposes Press Safety Risks

Over 116,000 dark web exposures tied to 35,000+ emails from just three US media outlets highlight massive scale.

Leaked credentials risk exposing...

Press safety at risk: US journalists' personal data leaked on the dark web

proton.me

Press safety at risk: US journalists' personal data leaked on the dark web

1d ago

Data Breaches Hit Insurance and Retail Alike

Beacon Mutual ransomware breach exposed SSNs, financial and medical data of 162,000 people
7-Eleven hack-and-extortion incident leaked names, SSNs...

Beacon Mutual Begins Notifying Those Affected by Data Breach

insurancejournal.com

Beacon Mutual Begins Notifying Those Affected by Data Breach

1d ago

Ransomware Spree Shows Cyber Risk Is Now Operational

Ransomware crews now treat vulnerabilities as targets, not industries, turning isolated IT events into multi-sector shutdowns.

A single campaign...

Ransomware gangs just hit a dozen companies in a single day — hospitals, law firms, a Vegas convention center, and an auto supplier all locked out at once

1d ago·

morningoverview.com

1d ago

Iranian hackers mix transit sabotage with targeted espionage

Iran-linked groups are hitting US critical infrastructure with both destructive breaches and stealthy espionage.

LA Metro hit: Ababil claimed a...

Iranian hackers responsible for Los Angeles transit system breach, Israeli researchers say

reuters.com

Iranian hackers responsible for Los Angeles transit system breach, Israeli researchers say

1d ago

Canvas LMS Supply Chain Breach Disrupts Education at Worst Time

Shiny Hunters exploited a single SaaS dependency flaw to breach Canvas LMS during finals week, shutting down the platform serving 9,000 institutions...

Dependency attack takes down ed-tech platform at scale | RL Blog

reversinglabs.com

Dependency attack takes down ed-tech platform at scale | RL Blog

1d ago

Patch Now: Chrome and LiteSpeed Exploits Demand Immediate Action

Two actively exploited flaws highlight shrinking response windows for defenders.

Chrome's May 19 update fixed two critical RCEs (CVE-2026-9111...

Chrome Security Update Patches Two Critical RCE Flaws: One Exploit Still Public, Unpatched

techtimes.com

Chrome Security Update Patches Two Critical RCE Flaws: One Exploit Still Public, Unpatched

1d ago