Cybercrime
-
Ransomware attack on University of Hawaii Cancer Center exposed data for nearly 1.2 million people
A ransomware gang breached the University of Hawaii Cancer Center Epidemiology Division in August 2025 and stole data for nearly 1.2 million people, including Social Security and driver’s license numbers, the university said in a notice.
-
SloppyLemming deploys BurrowShell and Rust keylogger against Pakistan and Bangladesh
SloppyLemming attacked government and critical infrastructure in Pakistan and Bangladesh from January 2025 to January 2026, deploying the BurrowShell backdoor and a Rust keylogger through spear-phishing PDF and Excel lures.
-
Starkiller phishing suite proxies live login pages to bypass MFA
Researchers disclosed Starkiller, a phishing suite that proxies live login pages through attacker controlled headless browsers to capture keystrokes, session tokens and MFA codes. The toolkit centralises deployment and uses URL masking to hide destinations.
-
CyberStrikeAI observed on infrastructure tied to FortiGate campaign, researchers say
A Team Cymru report says the open source CyberStrikeAI platform was observed on infrastructure tied to a campaign that compromised more than 500 FortiGate firewalls. The report found 21 IPs running the tool between January 20 and February 26, 2026.
-
North Korean actors publish 26 malicious npm packages that deploy credential stealer and RAT
North Korean-linked actors published 26 malicious npm packages in March 2026 that use Pastebin text steganography and Vercel hosted C2 to deliver a credential stealer and remote access trojan targeting developer systems.
-
ClawJacked flaw let malicious websites brute force local OpenClaw instances
A high severity OpenClaw vulnerability called ClawJacked let malicious websites brute force local management passwords at hundreds of guesses per second. OpenClaw issued a fix in version 2026.2.26 on February 26 to block the attack.
-
ManoMano notifies customers after third-party provider breach affecting 38 million
ManoMano notified customers after a January 2026 breach of a third-party support provider exposed personal data for 38 million people. No passwords were accessed and the company revoked the subcontractor’s data access.
-
Olympique de Marseille confirms cyberattack after threat actor leaks sample of alleged data
Olympique de Marseille said it was hit by a cyberattack this month and that a threat actor posted a sample claiming a database of about 400,000 people. The club notified the CNIL and filed a complaint.
-
Malicious NuGet package impersonated Stripe library and logged 180,000 downloads
A malicious NuGet package posing as a Stripe payments library was uploaded on February 16, 2026 and amassed over 180,000 downloads across 506 versions before removal. Researchers documented the campaign.
-
UFP Technologies discloses data stolen in February cyber incident
UFP Technologies detected suspicious activity on February 14 that resulted in data theft from its IT systems. The firm removed the threat, restored access and does not expect a material operational or financial impact.
