Summary of the last 12 hours (124 new articles)
**Cybercrime & Law Enforcement** The criminal organisation, comprising individuals from Romania, the Republic of Moldova, Bulgaria, Estonia, Poland, and Ukraine, has been operating for nearly two decades, generating at least EUR 240 — Some of Europe’s most wanted fugitives are still at large despite being sentenced to years in prison for serious crimes. A new international campaign launched today is asking the public to help change — For years, the service, known as ‘First VPN’, was promoted on Russian-speaking cybercrime forums as a trusted tool for remaining beyond the reach of law enforcement. It offered users anonymous payment
**Zero-Day Vulnerabilities & Exploits** View CSAF Summary An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as affected in this advisory. An attacker who succes — View CSAF Summary ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of hea — View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addresses and remediates the vulnerability. A network at
**Tech Business: Acquisitions & Partnerships** According to users on X, the website was hijacked by hackers in an attempt to trick visitors into installing malware. — First VPN promised hackers complete anonymity for their cyberattacks. But Europol said it was able to notify the service’s users that they have now been identified. — The loophole allows spammers and scammers to send emails from a legitimate Microsoft email address typically used for sending genuine account alerts.
**AI Security & Compute Infrastructure** France is already moving on from Zoom and Microsoft Teams in favor of homegrown alternatives. Other countries are quickly following suit. — GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations. — Three firms will pay nearly $1 million for selling “Active Listening” technology that they claimed tapped people’s phones for advertising. The FTC alleges the “tech” was just pricey email lists.
**Key Developments** • CISA Adds One Known Exploited Vulnerability to Catalog: CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-9082 Dru • ABB B&R Automation Studio: View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that replaces a • ABB Terra AC Wallbox: View CSAF Summary ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited t • ABB B&R PCs: View CSAF Summary ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addres • ABB B&R Automation Runtime: View CSAF Summary An update is available that resolves a vulnerability identified by B&Rs internal security analysis in the product versions listed as
The FBI says First VPN has been used by dozens of ransomware groups for network reconnaissance and intrusions. The post ‘First VPN’ Cybercrime Service Disrupted, Administrator Arrested appeared first on SecurityWeek.
The sovereignAI cloud is intended to provide public administrations with a basis for the development and operation of AI applications. (Sovereign, AI)
Cloud Atlas attacks the public sector and diplomatic structures of Russia and Belarus, using ReverseSocks, SSH, and Tor for persistence in infected systems and its new tool, PowerCloud.
Will Anthropics hardware base become even more heterogeneous? A deal could help Microsoft market its own AI hardware. (Microsoft, Google)
U.S. and Canadian authorities arrested and charged a Canadian man with operating the KimWolf distributed denial-of-service (DDoS) botnet, which infected nearly two million devices worldwide. [...]
First VPN has probably been quite popular with cybercriminals. But that's over now: prosecutors got their hands on servers and user data. (Cybercrime, Server)
CVE-2026-34926 is a directory traversal flaw that can be exploited against the on-premise version of Apex One. The post TrendAI Patches Apex One Zero-Day Exploited in the Wild appeared first on SecurityWeek.
The city ofZurich has had the use of Opendesk tested. The result takes a critical look at costs and development effort. (Sovereign, Office Suite)
Kias EV5 is a comfortable SUV that is well suitedfor long-distance driving. As a 400-volt system, however, the electric car is a little longer at the charging station. A review by Tobias KZsch(Kia, electric car)
AI podcasts are in and Spotify is picking up the trend - including AI agent. Inaddition, future concert tickets will be reserved for super fans. (Spotify, Podcast)
Hackers accessed Grafana’s GitHub repositories after a token compromised in the TanStack attack was not rotated. The post Grafana Says Codebase and Other Data Stolen via TanStack Supply Chain Attack appeared first on SecurityWeek.
In Apache Airflow CNCF Kubernetes Provider and Apache Airflow Amazon Provider, the developers have each closed a security gap.
An update for Notepad++ closes a vulnerability in the installer. An official CVE entry with risk assessment is still missing.
Donald Trump has cancelled the signing of an AI regulation at short notice. Techexecutives warned against innovation brakes. (Donald Trump, AI)
A service provider of university hospitals from all over Germany has become the target of a cyber attack. Data from tens of thousands of patients has been drained. (Cybercrime, data protection)
Uplink carrier aggregation with TX switching will be rolled out after successful tests at Vodafone. It combines several transmission channels in the 5G standalone network for the upload. (5G, Vodafone)
If you search for connections on Bahn.de under Linux, you may fail due to error 751. Deutsche Bahn refers to protection systems against bots. (Deutsche Bahn, Chrome)
Cisco provides an update that addresses a vulnerability with the highest possible risk assessment in Secure Workload.
NATO observes a Russian ship in the Arctic Ocean with growing concern. The suspicion: It couldhide nuclear missiles on the seabed. (Military, Politics)
Rototaxis from Waymo have problems with roads floodedby heavy rain. Driving on motorways has also been paused for the time being. (Waymo, Auto)