| Website | https://oversecurity.net/ |
| https://twitter.com/OverSecurity | |
| Telegram | https://t.me/OverSecurity |
| https://www.facebook.com/Over-Security-181948988484222 |
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack Microsoft 365 accounts.
🔗️ [Bleepingcomputer] https://link.is.it/oH0vL0
Microsoft rejects critical Azure vulnerability report, no CVE issued
A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE....
🔗️ [Bleepingcomputer] https://link.is.it/0Iq2PY
A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE. Microsoft disputes the claim, telling BleepingComputer the behavior was expected and that "no product changes were made," despite the researcher documenting a silent fix.
Russian hackers turn Kazuar backdoor into modular P2P botnet
The Russian hacker group Secret Blizzard has developed its long-running Kazuar backdoor into a modular peer-to-peer (P2P) botnet designed for long-...
🔗️ [Bleepingcomputer] https://link.is.it/8OrYZ7
Funnel Builder WordPress plugin bug exploited to steal credit cards
A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into...
🔗️ [Bleepingcomputer] https://link.is.it/NDERYR
Abrigo - 711,099 breached accounts
In April 2026, the fintech software company Abrigo was targeted in a "pay or leak" extortion attempt by the ShinyHunters group. Shortly after, data...
🔗️ [Haveibeenpwned] https://link.is.it/KBeKbf
In April 2026, the fintech software company Abrigo was targeted in a "pay or leak" extortion attempt by the ShinyHunters group. Shortly after, data allegedly taken from the company's Salesforce instance was published publicly and contained over 700k unique email addresses belonging to both Abrigo staff and external contacts. Whilst separate from Abrigo's Salesforce compromise via the Drift application connector the previous year, the data fields described in that incident are consistent with the ShinyHunters data, namely that it was "business contact information" including "institution name, employee name, email addresses, and phone numbers".
Canada Life - 237,810 breached accounts
In April 2026, Canada Life was the victim of a "pay or leak" extortion campaign by the ShinyHunters group. The group subsequently published the...
🔗️ [Haveibeenpwned] https://link.is.it/fos2oo
In April 2026, Canada Life was the victim of a "pay or leak" extortion campaign by the ShinyHunters group. The group subsequently published the data which contained over 200k unique email addresses along with names, phone numbers, physical addresses and, in some cases, customer support tickets. In their disclosure notice, Canada Life advised that "it is a small proportion of our customers who may have been impacted". In the wake of the incident, Canada Life also published an alert cautioning customers to be wary of phishing attacks, a pattern often seen after the public release of breached data.
Mythos trova bug persino in Apple: una sveglia per tutte le aziende
Calif, con Claude Mythos Preview, ha scoperto un exploit su MacOS 26.4.1 su chip M5. Si conferma che con l'AI è urgente un cambio di passo nella...
🔗️ [Cybersecurity360] https://link.is.it/l8mGB8
Cushman & Wakefield - 310,431 breached accounts
In May 2026, the real estate services firm Cushman & Wakefield was the target of a "pay or leak" extortion campaign by the ShinyHunters group....
🔗️ [Haveibeenpwned] https://link.is.it/CL1Lpe
In May 2026, the real estate services firm Cushman & Wakefield was the target of a "pay or leak" extortion campaign by the ShinyHunters group. Following the threat, the group publicly published data they alleged had been obtained from the firm, consisting mostly of C&W email addresses along with tens of thousands of external email addresses and corporate contact records. The exposed data was primarily business information, including names, job titles, company addresses and phone numbers.
Data manipulation, l’attacco che non si vede: minaccia strutturale dell’industria connessa
A differenza del ransomware, che si annuncia con una nota di riscatto, la Data Manipulation può restare invisibile per settimane o mesi. Ecco...
🔗️ [Cybersecurity360] https://link.is.it/nByCvA
A differenza del ransomware, che si annuncia con una nota di riscatto, la Data Manipulation può restare invisibile per settimane o mesi. Ecco perché è la minaccia numero uno rilevata nei sistemi OT e IoT delle organizzazioni italiane e perché per il manifatturiero italiano la visibilità OT non è un investimento opzionale
Zara - 197,376 breached accounts
In April 2026, the fashion brand Zara was among a number of organisations targeted by the ShinyHunters extortion group as part of their "pay or...
🔗️ [Haveibeenpwned] https://link.is.it/7sZcYN
In April 2026, the fashion brand Zara was among a number of organisations targeted by the ShinyHunters extortion group as part of their "pay or leak" campaign. The group claimed the breach was related to a compromise of the Anodot analytics platform and subsequently published a terabyte of data allegedly including 95M support ticket records. The data contained 197k unique email addresses alongside product SKUs, order IDs and the market the support ticket originated in. Zara's parent company Inditex advised that the incident didn't affect passwords or payment information.
