Linux Rootkits, Router 0-Day, AI Intrusions, Rip-off Kits and 25 New Tales

The Pwn2Own Berlin 2026 hacking contest has concluded, with security researchers accumulating $1,298,250 in rewards after exploiting 47 zero-day flaws in numerous merchandise from Home windows, Linux, VMware, and NVIDIA. DEVCORE gained the occasion with 50.5 Grasp of Pwn factors and $505,000 in rewards all through the three-day contest after hacking Microsoft SharePoint, Microsoft Change, Microsoft Edge, and Home windows 11. STARLabs SG and Out Of Bounds adopted with $242,500 (25 factors) and $95,750 (12.75 factors).

The U.Okay. Nationwide Cyber Safety Centre (NCSC) has launched new steering for organizations to implement ample security controls when rolling out agentic synthetic intelligence (AI) instruments in enterprise environments. “If an agent is over-privileged or poorly designed, a single failure can shortly turn into a critical incident,” NCSC mentioned. “It’s essential, due to this fact, to suppose earlier than you deploy.”

The Polish authorities is urging public officers and “entities throughout the Nationwide Cybersecurity System” to cease utilizing Sign, as an alternative directing them to make use of an encrypted messenger known as mSzyfr developed by a number one Polish analysis group, citing social engineering assaults orchestrated by superior persistent menace (APT) teams. The event comes as a number of governments have warned of an increase in social engineering assaults, together with efforts that contain menace actors impersonating Sign help, to take management of victims’ accounts.

The Dutch police mentioned the identification of 74 of 100 suspects has been unmasked following the launch of an initiative known as Recreation Over?! that shows blurred photographs of 100 suspected fraudsters on billboards at numerous public locations, in addition to in tv and on-line ads, giving the criminals two weeks to give up earlier than the pictures are unblurred. Of those, 34 suspects voluntarily reported to authorities, whereas the remaining suspects have been recognized via data offered by the general public. The youngest suspect is just 14, and the oldest is 42 years outdated. Recreation Over?! was launched in March 2026.

U.S President Donald Trump mentioned he and Chinese language President Xi Jinping mentioned cyber assaults and espionage actions carried out by each nations through the bilateral conferences final week. “They’re speaking concerning the spying. Effectively, we do it too,” Trump mentioned throughout his return flight to the U.S. “We spy like hell on them too,” including “I informed him, ‘we do numerous stuff to you that you do not know about and also you’re doing issues to us that we in all probability do learn about.'” Whereas Trump didn’t elaborate on the assaults carried out towards China, the acknowledgement comes as China has been accused of conducting sweeping intrusions into U.S. networks.

The ransomware household often known as Gunra has focused 5 South Korean firms because it was first found in April 2025, S2W mentioned. “When Gunra ransomware was first found, it utilized Conti-based ransomware,” the South Korean security vendor famous. “Nevertheless, after transitioning to a RaaS (Ransomware-as-a-Service) mannequin, the group developed and utilized its personal ransomware.” As of March 2026, the group has claimed 32 victims.

Composer, a dependency supervisor for the PHP programming language, has urged its customers to replace Composer to model 2.9.8 or 2.2.28 (LTS). “The brand new releases repair a vulnerability the place Composer leaks the complete contents of GitHub Actions issued GITHUB_TOKEN’s or GitHub App set up tokens to the GitHub Actions logs,” Composer mentioned. The vulnerability has been assigned the CVE identifier CVE-2026-45793 (CVSS rating: 7.5). The event got here after GitHub launched a brand new format for these tokens as of late final month. “The brand new format, together with a – (hyphen) fails Composer’s validation and results in disclosure of the GITHUB_TOKEN in logs,” Composer mentioned. As workarounds, it is suggested to disable any GitHub Actions workflow that runs Composer instructions till Composer has been up to date.

In July 2022, cybersecurity agency Intezer detailed a Linux malware named OrBit that implements superior evasion methods, good points persistence on the machine by hooking key features, offers the menace actors with distant entry capabilities over SSH, harvests credentials, and logs TTY instructions. Almost 4 years later, a number of new artifacts of the userland rootkit have been recognized, indicating that the malware is being actively refined and maintained by its operators. “We found two parallel lineages: a full-featured ‘Lineage A’ construct that tracks intently with the 2022 unique, and a lite ‘Lineage B’ fork that drops total functionality domains (PAM, pcap, TCP-port hiding) in change for a smaller footprint,” researcher Nicole Fishbein mentioned. “Alongside the way in which, the operators rotate XOR keys, shuffle set up paths, swap backdoor credentials, add auditd-evasion hooks, and finally bolt on a service-side PAM impersonation primitive.” OrBit has been put to make use of by Blockade Spider, a cybercrime group working Embargo ransomware campaigns. It is assessed that OrBit is a fork of an open-source rootkit known as Medusa, which first publicly surfaced in December 2022. “Primarily based on this data, there are two choices: both the Medusa creator revealed a privately-circulated rootkit supply that had already been deployed operationally, or the earliest OrBit pattern was constructed from a pre-publication snapshot of the identical tree,” Intezer mentioned. “Both approach, the 2022 OrBit pattern and the December 2022 Medusa supply tree are the identical codebase. This means that the backdoor was created earlier than its public launch and has since been selectively forked, configured, and redeployed by a number of operators over 4 years.”

Two rising campaigns, dubbed SHADOW-AETHER-040 and SHADOW-AETHER-064, have independently deployed agentic AI with “strikingly comparable techniques” to facilitate intrusion operations towards governments and monetary organizations in Latin America. “Each campaigns established site visitors tunnels to sufferer methods, enabling AI brokers to conduct malicious assaults instantly into sufferer inner community environments by way of ProxyChains and SSH,” Pattern Micro mentioned. “The AI brokers dynamically generated a number of hacking instruments and scripts, moderately than counting on pre-built hacking instruments. This lowered the chance of detection by conventional security options that depend on identified software signatures.” The 2 exercise clusters are mentioned to be the work of separate entities. The attackers bypassed AI security controls by framing their requests as licensed penetration testing and purple teaming workouts. Undertaken by a Spanish-speaking menace actor, SHADOW-AETHER-040 has compromised six authorities entities in Mexico between December 27, 2025, and January 4, 2026. This exercise is according to Gambit Safety’s report about large-scale compromise of a number of Mexican authorities organizations between December 2025 and February 2026 by an unknown adversary utilizing Anthropic’s Claude and OpenAI’s GPT AI fashions to hold out the intrusion actions. In accordance with Dragos, which is monitoring the exercise as TAT26-12, certainly one of these assaults focused a municipal water and drainage utility in January 2026, resulting in an unsuccessful try to breach its operational expertise setting. “Claude acted as the first technical executor and independently recognized the OT setting’s relevance to crucial infrastructure, assessed its potential as a crown jewel asset, and investigated attainable entry pathways to breach the IT-OT boundary,” Dragos mentioned. The second marketing campaign, linked to a Portuguese-speaking hacking crew named SHADOW-AETHER-064, has been energetic since April and has singled out monetary organizations in Brazil. The findings present how industrial AI instruments are compressing the standard assault kill chain, accelerating duties like reconnaissance and exploit improvement that traditionally required important time and operator experience. Like within the case of VoidLink, whereas the instruments assembled for these assaults will not be significantly subtle or novel, the pace at which AI fashions generate and enhance upon them is operationally important, primarily collapsing what would have taken days or even weeks of guide improvement effort into hours.

In accordance with the Wall Avenue Journal, Anthropic has begun letting customers of its Mythos AI mannequin share cybersecurity threats with others who might face comparable vulnerabilities. “Final week, Anthropic started telling the businesses they may share details about cyber threats and Mythos findings with different entities so long as it was completed responsibly,” a spokesperson for the corporate was quoted as saying. “As this system has matured, we have tailored them to make sure key data might be shared broadly – together with exterior this system – for optimum defensive impression.” The event comes as Cloudflare mentioned Mythos is a “actual step ahead” and is able to chaining “small assault primitives collectively right into a working exploit.” It is also outfitted to seek out vulnerabilities and show they’re exploitable. The online infrastructure and security firm additionally mentioned it has designed a multi-stage vulnerability discovery harness to scan codebases throughout “runtime, edge knowledge path, protocol stack, management airplane, and the open-source tasks we rely on.” Identical to Microsoft’s MDASH, totally different brokers deal with totally different tasks: “hunter” brokers establish candidate vulnerabilities, others argue for or towards their exploitability, whereas a deduplication stage collapses findings that share the identical root trigger. A tracer agent checks whether or not attacker-controlled enter really reaches the bug from exterior the system, whereas a remaining “reporting” agent writes a structured report.

Discord has introduced that each one voice and video calls via the communication platform at the moment are protected by default with end-to-end encryption (E2EE). The answer is powered by the DAVE protocol. “The DAVE protocol is open, and the implementation is open-source,” Discord mentioned. “As of early March 2026, each voice and video name on Discord, whether or not in DMs, group DMs, voice channels, or Go Dwell streams, is end-to-end encrypted by default.” Discord mentioned there aren’t any plans to increase it to textual content messages. “Most of the options folks use on Discord have been constructed on the belief that textual content is not end-to-end encrypted, and rebuilding them to work with encryption is a significant engineering problem,” it added.

Microsoft has make clear a “methodical, subtle, and multi-layered assault” orchestrated by Storm-2949 with an goal to exfiltrate delicate knowledge from an unnamed group’s high-value property. The assault, which is notable for abusing Microsoft’s Self-Service Password Reset (SSPR) course of to trick the goal into finishing multi-factor authentication (MFA) prompts, led to the exfiltration of information from Microsoft 365 purposes, file-hosting providers, and Azure-hosted manufacturing environments. The social engineering assault focused IT personnel and senior management in order to compromise their identities for post-compromise actions. The attacker can be mentioned to have performed discovery actions, put in ScreenConnect, and tried to disable Microsoft Defender Antivirus protections. “Storm-2949 did not depend on conventional malware and different on-premises techniques, methods, and procedures (TTPs),” Microsoft mentioned. “As an alternative, they leveraged professional cloud and Azure administration options to achieve control-plane and data-plane entry, which they then used to execute code remotely on VMs, and entry delicate cloud assets corresponding to Key Vaults and storage accounts, amongst others. These actions allowed them to maneuver laterally throughout cloud and endpoint environments whereas mixing into anticipated administrative conduct.”

Apple mentioned its App Retailer stopped over $2.2 billion in doubtlessly fraudulent transactions and rejected over 2 million problematic app submissions in 2025. “Final 12 months, Apple’s methods additionally efficiently rejected 1.1 billion fraudulent buyer account creations – blocking unhealthy actors on the outset – and deactivated a further 40.4 million buyer accounts for fraud and abuse,” Apple mentioned. “In 2025, Apple terminated 193,000 developer accounts over fraud considerations and rejected greater than 138,000 developer enrollments. To additional shield customers from dangerous software program, Apple in 2025 detected and blocked 28,000 illegitimate apps on pirate storefronts, which embrace malware, pornography apps, playing apps, and pirated variations of professional apps from the App Retailer.” Apple additionally rejected over 22,000 submissions for holding hidden or undocumented options and greater than 443,000 submissions for privateness violations. Within the final month alone, the iPhone maker mentioned it prevented 2.9 million makes an attempt to put in or launch apps distributed illicitly exterior the App Retailer or permitted different app marketplaces.

Two U.S. nationals, CEO Adam Younger, 42, of Miami, and Harrison Gevirtz, 33, of Las Vegas, have pleaded responsible to working a enterprise that offered providers to prospects engaged in widespread telemarketing and tech-support fraud schemes focusing on victims throughout the nation. The providers, which included phone numbers, name routing providers, name monitoring, and name forwarding providers, have been provided to prospects who engaged in tech-support fraud schemes. They’re scheduled to be sentenced on June 16, 2026. The investigation additionally led to the conviction of 5 India-based telemarketing fraudsters and a former worker of their name routing firm (Sahil Narang, Chirag Sachdeva, Abrar Anjum, Manish Kumar, and Jagmeet Singh Virk) for focusing on and defrauding Individuals. “Name facilities based mostly in India utilized Younger and Gervitz’s enterprise to route their ‘tech fraud’ scheme calls and, in some cases, suggested these fraudsters on strategies supposed to scale back complaints and stop account terminations,” the U.S. Justice Division mentioned. The schemes used misleading pop-up messages to falsely persuade customers that their computer systems had been contaminated with viruses or malware, urging them to contact a quantity to deal with the difficulty. In actuality, the numbers related the victims to name facilities, the place they have been duped into paying tons of of {dollars} for pointless or fictitious technical-support providers. In some cases, the decision middle brokers gained distant entry to victims’ computer systems and obtained private and monetary data.

HP has launched fixes for CVE-2026-8631 (CVSS rating: 9.3), a crucial heap-based buffer overflow vulnerability in HPLIP that might enable escalation of privileges and/or arbitrary code execution. “As a result of HPLIP is deeply built-in into the usual Linux printing structure (CUPS), this flaw exposes tens of millions of Linux endpoints and enterprise print servers,” security researcher Mohamed Lemine Ahmed Jidou, who found the flaw, informed The Hacker Information. “An unauthenticated attacker over the community – or a low-privileged native consumer – can silently exploit this by merely submitting a maliciously crafted print job. Profitable exploitation grants the attacker arbitrary command execution on the host machine. This permits for fast system compromise, unauthorized entry to delicate paperwork passing via the print spooler, and offers a stealthy foothold for lateral motion throughout company networks.”

AhnLab is warning of a brand new Telegram-oriented smishing marketing campaign that is designed to take management of victims’ accounts and steal account data utilizing SMS messages that declare to be about non-existent security points. “Menace actors hijack Telegram accounts by tricking customers into coming into their telephone numbers and login codes on phishing websites,” AhnLab mentioned. “As soon as an account is compromised, it could result in private data and chats being leaked, in addition to secondary harm.”

A brand new subtle Android malware marketing campaign dubbed Premium Deception has been noticed conducting provider billing fraud via premium SMS abuse throughout Malaysia, Thailand, Romania, and Croatia between March 2025 and January 2026. The exercise includes greater than 250 malicious purposes that selectively goal customers based mostly on their cellular operator, stealthily subscribing customers to premium providers with out their information or consent. System metadata and subscription confirmations are despatched to the operators by way of a Telegram-based exfiltration channel. “When deployed on units with non-targeted operators, the malware employs a fallback mechanism to show benign content material, thereby evading detection and sustaining persistence,” Zimperium zLabs mentioned. Three distinct malware variants have been recognized, every with various ranges of sophistication. There is no such thing as a proof that these apps have been circulated by way of the Google Play Retailer. As an alternative, the scheme depends on social media platforms like Fb and TikTok for distribution.

A brand new Brazilian banking trojan dubbed Banana RAT has turn into the most recent malware to focus on monetary establishments within the area. In contrast to different Latin American banking malware which are sometimes written in Delphi, Banana RAT is a PowerShell-only consumer orchestrated by a Python (FastAPI) server-side polymorphism engine. As soon as energetic, it permits operator-driven fraud via distant enter management, keylogging, clipboard monitoring, display streaming, faux overlays, and Pix QR code interception focusing on Brazilian banks. It additionally screens foreground window titles and serves a bogus credential harvesting overlay when a sufferer opens an internet site that matches a goal listing of greater than 30 financial institution and cryptocurrency exchanges. Pattern Micro, which is monitoring the exercise beneath the moniker SHADOW-WATER-063, mentioned the design diverges “meaningfully” from the Delphi binary structure traditionally related to the banking malware ecosystem comprising Grandoreiro, Mekotio, Casbaneiro, Guildma, and CHAVECLOAK. “The Brazilian cybercrime cartels are very subtle and arranged, they usually have been a bane to the monetary sector since 2000,” Tom Kellermann, TrendAI’s vice chairman of AI Safety and Menace Analysis, mentioned. “The RATs and rootkits they develop are on par with these we’ve got seen from Russia. Inadequate consideration is being paid to cybercrime in LATAM, and the monetary sector has good cause to be involved as one thing depraved comes this fashion.”

A malicious Go module revealed as github.com/shopsprint/decimal has been flagged as a typosquat of the broadly used github.com/shopspring/decimal arbitrary precision arithmetic library. It was first revealed in November 2017 and was weaponized in August 2023 when model v1.3.3 added a malicious performance that “opens a DNS TXT document command-and-control channel to a menace actor-controlled subdomain on a free dynamic DNS supplier,” per Socket. Though the GitHub repository and the shopsprint proprietor account have since been eliminated, the library continues to be served by proxy.golang[.]org. The payload “polls web.LookupTXT(“dnslog-cdn-images.freemyip.com”) each 5 minutes, and sleeps on DNS failure with out logging or signaling an error,” researcher Kush Pandya mentioned. “Every returned TXT worth is handed on to os/exec.Command and executed.”

The npm bundle art-template, a JavaScript template engine with about 26,000 weekly downloads, has been compromised via a maintainer account takeover to push malicious variations (from 4.13.3 via 4.13.6) designed to load exterior JavaScript from third-party domains. “Unauthorized code in template-web.js injects exterior <script> tags into any web page utilizing the browser bundle,” SafeDep mentioned. “The exterior area (v3.jiathis[.]com) serves a multi-stage payload when the request features a Referer header. The payload injects Baidu Analytics monitoring on all guests and targets iPhone customers with a hidden iframe chain resulting in an obfuscated JavaScript payload. The ultimate payload is the Coruna exploit package.”

A malicious sport distributed via Steam has been faraway from Valve after it was noticed profiling gamers’ methods and speaking with exterior infrastructure that enables it to deploy secondary payloads. The sport, titled Past The Darkish, masqueraded as a free indie horror title on Steam. The invention was documented by YouTuber Eric Parker.

The exploitation of a zero-day vulnerability in Huawei enterprise router software program led to a nationwide telecom outage in Luxembourg on July 23, 2025, The Document reported this week. The incident disrupted cellular, landline, and emergency communications for greater than three hours. The assault is alleged to have brought on Huawei enterprise routers to enter right into a steady restart loop, crashing components of POST Luxembourg’s infrastructure. There are at the moment no particulars concerning the vulnerability, and it stays unclear if the difficulty was patched by Huawei.

The U.S. Federal Bureau of Investigation (FBI) has revealed that Individuals have misplaced over $388 million final 12 months to scams utilizing cryptocurrency kiosks (aka crypto ATMs or Bitcoin ATMs). “Cryptocurrency kiosks are ATM-like units or digital terminals that enable customers to change money and cryptocurrency,” the FBI mentioned. “Criminals might direct victims to ship funds by way of cryptocurrency kiosks.” The event comes as CertiK famous that bodily coercion assaults (aka wrench assaults) on cryptocurrency holders rose 75% year-over-year to 72 confirmed instances worldwide and $41 million in identified losses in 2025, up 44% from 2024. This 12 months alone, 34 verified incidents have been recorded internationally, in comparison with 24 over the identical interval in 2025.

Operational expertise security firm Nozomi Networks mentioned it detected 29 occasions between July 2025 and January 2026 that “conclusively recognized as Sandworm exercise.” Primarily based on knowledge collected from buyer and companion engagements, honey analysis, and telemetry, the exercise follows a bureaucratic execution mannequin, “peaking midweek and through post-lunch enterprise hours, with Wednesday at roughly 2:00 PM Moscow time exhibiting the best alert quantity.” Throughout the dataset, 17 Sandworm-infected machines have been recognized throughout the ten prospects. These methods performed lateral motion towards 923 distinctive inner targets. “Regardless of widespread consciousness and patch availability, Sandworm continues to depend on older however confirmed exploit chains, together with EternalBlue, DoublePulsar, and WannaCry,” Nozomi Networks mentioned. “Maybe probably the most crucial discovering: each single Sandworm-infected system produced 20 to 155 days of warning alerts previous to Sandworm exercise.”

A brand new phishing marketing campaign has been noticed utilizing invoice-themed lures to distribute malicious archives to set off the execution of JavaScript code, which employs setting variables to cover malicious instructions and makes use of a steganographic loader dubbed PawsRunner to deploy the PureLogs infostealer malware. “The embedded JavaScript makes use of a complicated method to retailer decoded malicious instructions in setting variables, which then triggers a decrypted steganographic .NET loader,” Fortinet mentioned. “This loader retrieves the ultimate payload by extracting encrypted knowledge hidden inside a cat picture. This model of PureLogs makes use of in depth async/await patterns to enhance process effectivity and complicate evaluation.” The same marketing campaign was detailed by Swiss Put up Cybersecurity in January 2026.

The infamous B1ack’s Stash darkish internet carding market has introduced the free obtain of 4.6 million stolen bank card data. In accordance with SOCRadar, the launched knowledge consists of full card numbers, expiration dates, CVV2 codes, cardholder names, billing addresses, electronic mail addresses, telephone numbers, and IP addresses. Of those, 4.3 million data seem like new and usable for illicit actions. A lot of the data belong to victims from the U.S., Canada, the U.Okay., France, and Malaysia.

A brand new web-based scareware package known as CypherLoc is able to combining “superior evasion, aggressive browser controls, and psychological manipulation” to drive victims into calling fraudulent tech help telephone numbers. Barracuda Networks mentioned it has noticed round 2.8 million assaults that includes the package because the begin of 2026. “The assault normally begins with a phishing electronic mail that directs the sufferer to a malicious internet web page via a hyperlink that’s both embedded within the electronic mail physique or in an attachment,” Barracuda mentioned. “The online web page initially seems innocent however step by step transitions into a completely managed scareware setting. The set off for this transition is hidden within the internet web page and can solely decrypt if sure situations are met.” The top result’s a full-screen scareware interface that locks the browser and shows faux security messages that urge victims to contact help instantly.

New analysis has demonstrated that “publicly accessible social-media knowledge and generative AI (GenAI) might be misused to automate and scale extremely customized, context-aware spear-phishing campaigns.” Researchers from the College of Texas at Arlington and Louisiana State College, Baton Rouge, mentioned a “small quantity of public exercise per goal” is sufficient for AI fashions to extract pursuits and contextual cues that may very well be exploited to hold out persuasive phishing campaigns that mirror a goal’s fashion. The findings present that unhealthy actors shouldn’t have to depend on stolen databases or in depth reconnaissance to hold out focused phishing campaigns.

Bitdefender haș disclosed that attackers are persevering with to take advantage of Microsoft HTML Utility Host (MSHTA), a legacy utility accessible by default on Home windows methods, for malware campaigns. “MSHTA stays a broadly abused Residing-off-the-Land binary (LOLBIN) regardless of being a legacy utility,” Bitdefender mentioned. “Attackers use it throughout a number of malware classes, from commodity stealers to superior threats. Campaigns steadily depend on multi-stage, fileless execution chains involving PowerShell and HTA scripts.” MSHTA has been abused in supply chains for commodity stealers corresponding to Lumma Stealer and Amatera, loaders corresponding to CountLoader and Emmenhtal Loader (aka PEAKLIGHT), clipper malware, and extra superior threats like Purple Fox.

A contractor for the U.S. Cybersecurity and Infrastructure Safety Company (CISA) maintained credentials to a number of extremely privileged AWS GovCloud accounts and numerous inner CISA methods uncovered on a public GitHub repository (satirically named “Non-public-CISA”) since November 2025. The repository was found by GitGuardian on Could 14, 2026. It harbored 844 MB of plain-text passwords, AWS tokens, and Entra ID SAML certificates belonging to the company. The repository has since been pulled offline following accountable disclosure. There is no such thing as a proof that any delicate knowledge was compromised because of this incident.

Palo Alto Networks Unit 42 mentioned it has recognized 4,000 samples throughout 100 distinctive variants related to a menace often known as TamperedChef (aka EvilAI), which includes utilizing trojanized variations of productiveness software program to ship malicious payloads utilizing malicious adverts that direct customers to websites internet hosting the purposes. “TamperedChef-style malware samples share traits with doubtlessly undesirable packages (PUPs) and adware,” Unit 42 mentioned. “These embrace sturdy mechanisms to stay persistent, and end-user licensing agreements (EULAs) that try to legally cowl the software program’s questionable actions. Nevertheless, TamperedChef-style malware is way extra stealthy than PUPs or adware, remaining dormant for weeks to months earlier than activating. This consists of steady command and management (C2) strategies enabling adversaries to retrieve further payloads, corresponding to data stealers, proxy tooling or distant entry Trojans (RATs).” The exercise has been attributed to 3 distinct clusters distributing malicious apps since early 2023: CL-CRI-1089 (Calendaromatic, DocuFlex, and AppSuite PDF), CL-UNK-1090 (CrystalPDF, Easy2Convert, and PDF-Ezy), and CL-UNK-1110 (JustAskJacky, GoCookMate, RocketPDFPro, ManualReaderPro). Whereas CL-CRI-1089 seems to focus on credentials and deploy adware and proxy-style payloads, the motivations of the opposite two clusters are unknown.