Threat actors obtained names and contact information for an unspecified number of BWH Hotels guests.
The post BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months appeared first on SecurityWeek.
Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware
CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities in development.
The post Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware appeared first on SecurityWeek.
Deal Reached With Hackers to Delete Data Stolen From the Canvas Educational Platform
The company that operates online learning system Canvas said it struck a deal with hackers to delete the data they pilfered in a cyberattack that created chaos for students, many of them in the middle of finals.
The post Deal Reached With Hackers to Delete Data Stolen From the Canvas Educational Platform appeared first on SecurityWeek.
West Pharmaceutical Services Hit by Disruptive Ransomware Attack
The company took systems offline globally after hackers exfiltrated data and deployed file-encrypting ransomware.
The post West Pharmaceutical Services Hit by Disruptive Ransomware Attack appeared first on SecurityWeek.
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2).
The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet users in France, Italy, and Austria.
“TrickMo relies on a runtime-loaded APK (dex.module),
The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet users in France, Italy, and Austria.
“TrickMo relies on a runtime-loaded APK (dex.module),
Apple Patches Dozens of Vulnerabilities in macOS, iOS
The tech giant has also ported the patch for a recent deleted chats recovery issue to older versions of iOS.
The post Apple Patches Dozens of Vulnerabilities in macOS, iOS appeared first on SecurityWeek.
SAP Patches Critical S/4HANA, Commerce Vulnerabilities
The flaws could allow attackers to inject malicious code, leading to information disclosure and code execution.
The post SAP Patches Critical S/4HANA, Commerce Vulnerabilities appeared first on SecurityWeek.
Webinar: What the Riskiest SOC Alerts Go Unanswered – and How Radiant Security Can Help
Why do the Riskiest SOC Alerts Go Unanswered?
Security operations teams are drowning in alerts. But the real problem isn’t always alert volume; it’s the blind spots. The most dangerous alerts are the ones no one is investigating.
A recent report from The Hacker News examined why certain high-risk alert categories – WAF, DLP, OT/IoT, dark web intelligence, and supply chain signals- consistently
Security operations teams are drowning in alerts. But the real problem isn’t always alert volume; it’s the blind spots. The most dangerous alerts are the ones no one is investigating.
A recent report from The Hacker News examined why certain high-risk alert categories – WAF, DLP, OT/IoT, dark web intelligence, and supply chain signals- consistently
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
A large-scale software supply-chain attack involving the “Shai-Hulud” malware has compromised hundreds of packages across open-source software ecosystems. […]
Claude Mythos Finds Only One Curl Vulnerability; Experts Divided on What It Really Means
Curl’s lead developer says Mythos claims are marketing, but many in the industry believe the results stem from Curl’s robust security.
The post Claude Mythos Finds Only One Curl Vulnerability; Experts Divided on What It Really Means appeared first on SecurityWeek.