News
-
Taiwan student accused of hacking high-speed rail radio system to trigger emergency brakes
A 23-year-old Taiwanese university student was arrested after allegedly using radio equipment to trigger emergency brakes on Taiwan High Speed Rail, stopping four trains for 48 minutes on April 5, according to a local report.
-
DAEMON Tools installers trojanized in supply chain attack, Kaspersky says
DAEMON Tools installers were trojanized in a supply chain attack that affected versions released since April 8, 2026, Kaspersky said. The compromise reached users in more than 100 countries and delivered targeted malware to a small set of hosts.
-
China-linked UAT-8302 targets government networks in South America and Europe
Cisco Talos says China-nexus UAT-8302 targeted government networks in South America and southeastern Europe, using custom malware and tools linked to other China-aligned groups. The group’s initial access method remains unknown.
-
FTC to bar Kochava from selling Americans’ location data without consent
The FTC will bar Kochava and its subsidiary from selling precise location data without explicit consent, settling a case over data tied to hundreds of millions of mobile devices and alleged tracking of sensitive places.
-
MetInfo CMS flaw under active exploitation after April patch
Threat actors are exploiting a critical MetInfo CMS flaw, CVE-2026-29014, that can enable remote code execution. VulnCheck said activity began on April 25 and intensified on May 1, after MetInfo released patches on April 7.
-
ScarCruft pushes Android BirdCall spyware through game platform
APT37 has been distributing an Android version of its BirdCall backdoor through a gaming platform supply chain attack, according to ESET. The spyware can gather contacts, messages, device data, screenshots and files.
-
Weaver E-cology flaw exploited in attacks since March
Hackers have exploited a critical Weaver E-cology vulnerability since mid-March to run discovery commands. The flaw affects E-cology 10.0 builds before March 12, and the vendor says upgrading is the only fix.
-
Amazon SES abuse rises in phishing campaigns, Kaspersky says
Kaspersky says Amazon Simple Email Service is being increasingly abused in phishing campaigns that can bypass standard email defenses. The report links the activity to exposed AWS credentials and notes that the messages can evade SPF, DKIM and DMARC checks.
-
Phishing campaign used RMM software to hit more than 80 organizations
A phishing campaign has targeted more than 80 organizations since at least April 2025, using legitimate remote monitoring tools to maintain access after victims opened fake Social Security Administration emails.
-
Trellix says attackers accessed part of source code repository
Trellix said attackers gained unauthorized access to part of its source code repository. The company has found no evidence so far that the code was exploited or altered and is investigating with forensic experts.
