VulnHub

A group of attackers known as BlackFile is actively extorting companies in the retail and hospitality sectors by threatening to release stolen data. Researchers believe these attackers are linked to another group called The Com. In a disturbing tactic, they have reportedly swatted company executives, which involves falsely reporting emergencies to law enforcement to create fear and pressure victims into complying with ransom demands. This aggressive strategy not only harms the targeted businesses but also raises concerns about the safety and privacy of their executives and employees. Companies in these sectors need to be vigilant about their cybersecurity measures and consider the potential risks of data breaches and extortion attempts.

A Chinese national executed a spear-phishing campaign targeting NASA employees by impersonating a U.S. researcher. This deception led to the unauthorized sharing of sensitive information related to defense software and export controls. The NASA Office of Inspector General is investigating the incident, which raises concerns about national security and the vulnerability of governmental agencies to social engineering attacks. Such incidents can have serious implications, as they may compromise sensitive technologies and data. The case underscores the need for enhanced cybersecurity measures and employee training to prevent future breaches.

A recent investigation by Fairlinked, an organization representing LinkedIn users, alleges that LinkedIn is engaged in unauthorized user tracking through browser fingerprinting. This practice reportedly involves collecting device data and details from browser extensions, which are then sent to third parties in an encrypted format. The investigation claims this situation represents one of the largest data breaches and corporate espionage incidents in digital history. Users of LinkedIn may be unknowingly affected as their data could be used for tracking purposes without their consent. This raises significant privacy concerns and questions about how user data is managed by large platforms like LinkedIn.

Recent findings reveal that numerous browser extensions are selling user data, as disclosed in their privacy policies. These extensions, which are widely used, have been caught sharing sensitive information with third parties, raising significant concerns about user privacy and data security. The issue affects a broad range of users who rely on these extensions for various functionalities, including ad-blocking and productivity enhancements. The implications are serious, as users may unknowingly expose their personal data, browsing habits, and even login credentials. This situation calls for heightened scrutiny from both users and regulatory bodies to ensure that privacy standards are upheld and to protect individuals from potential misuse of their data.

A recently identified vulnerability in Windows has been exploited by APT28, a hacking group linked to Russia, in attacks targeting Ukraine and several EU nations. This flaw allows for zero-click attacks, meaning attackers can compromise systems without any user interaction. The incomplete patch aimed at fixing this vulnerability has raised concerns about its effectiveness, potentially leaving users at risk. The ongoing exploitation of this vulnerability poses a serious threat to sensitive data and national security for affected countries. As this situation evolves, it is crucial for Windows users to stay updated on patches and security advisories.

Google has reported an increase in malicious AI prompt injection attacks, although many of these attempts are not sophisticated and pose little harm. Some of these exploits have been identified as potentially dangerous, indicating that while attackers are becoming more active, their methods remain relatively basic. The findings suggest that users and organizations interacting with AI systems should be aware of the risks associated with prompt injections. As AI technology continues to evolve, the security implications of these attacks could become more significant, making it essential for developers and users alike to stay vigilant and informed about the potential for exploitation.

PhantomCore, a pro-Ukrainian hacktivist group, has been targeting TrueConf video conferencing software in Russia since September 2025. Researchers from Positive Technologies reported that the group is exploiting a series of three vulnerabilities to gain remote access to affected systems. This attack is significant as it affects servers that may be crucial for communications in various sectors, potentially disrupting operations and compromising sensitive information. The ongoing nature of these attacks raises concerns for organizations using TrueConf, as they may be at risk of unauthorized access and data breaches. Users of this software are advised to remain vigilant and implement security measures to protect their systems.

A recently discovered vulnerability, tracked as CVE-2026-6770, allowed attackers to track and fingerprint users of Firefox and the Tor Browser, even when they were using Private Browsing mode. This flaw could bypass Tor's New Identity feature, which is designed to enhance privacy. As a result, both Firefox version 150 and Tor Browser version 15.0.10 have released updates to address this issue. This vulnerability is particularly concerning because it compromises the privacy protections that users rely on, especially those using Tor for anonymous browsing. Users are urged to update their browsers promptly to protect against this tracking risk.

A group identified as UNC6692 is using email bombing tactics and social engineering to spread the Snow malware family, which includes variants like Snowbelt, Snowglaze, and Snowbasin. This malware provides attackers with persistent access to infected systems, raising significant concerns for both individuals and organizations. The methods employed, such as overwhelming targets with emails to trick them into clicking malicious links, illustrate the evolving strategies cybercriminals use to gain entry. Victims of this campaign may face data theft or further exploitation, making it crucial for users to remain vigilant against suspicious emails and to enhance their cybersecurity measures. As these types of attacks become more sophisticated, organizations need to prioritize employee training on recognizing phishing attempts and implementing strong security protocols.