Microsoft products and AI apps fell to multiple 0-days at Pwn2Own 2026 as researchers claimed huge cash prizes.
Hack RSS
A fake job interview, a harmless-looking update, and a hidden trap reveal how hackers quietly infiltrated macOS systems.
Learn the essential steps to verify your software and reset credentials to resolve vulnerabilities caused by a recent state-sponsored attack.
Rainbow Six Siege players have been receiving billions in premium currency or getting banned today following a breach at Ubisoft today. The company has now responded.
Discord has refuted reports about millions of customers being impacted by a recent data breach, claiming that 70,000 users are actually affected.
Plex has confirmed the recent hack. The firm has shared a detailed advisory on the issue as well as steps on what customers should do.
Popular chess platform, Chess.com, has confirmed a data breach that affects many of its customers. Those affected have been offered some free services.
Hyundai has decided to issue an "optional" £49 upgrade to Ioniq 5 customers to prevent the car from being stolen through a hacking device.
Coffeematic PC is a rather absurd invention that hacks together a GE coffee maker with a Linux Mint PC to dispense hot coffee being brewed while nearly blowing up the PC.
The U.S. Energy Department, responsible for producing and disassembling nuclear weapons, was impacted in the latest attacks on Microsoft SharePoint.
A person has hacked together a script that connects to an $8 plug and uses it as a physical switch to block certain websites.
Research has warned that your DNA data can be hacked into and used against you by exploiting certain vulnerabilities in modern techniques.
Cyberhaven has admitted that its Chrome extension was compromised for a short period after December 24 as part of a wider attack on various Chrome extensions.
Ireland has fined Meta over $264 million for a 2018 data breach where hackers gained access to users' profiles and personal information due to lack of security.
It has been revealed that a hacker stole details about OpenAI products in early 2023. The company decided not to disclose the hack to the public or law enforcement, creating divisions at the firm.
The U.S. government data breach by Chinese hackers has led to an investigation into Microsoft's role in securing cloud data. Security concerns about third-party clouds like Azure are growing.
Microsoft discovers a phishing attack by a Russian-backed hacker group. They are using compromised Microsoft 365 accounts to pose as tech support in Teams. The group targets govts, NGOs, and more.
Microsoft said Chinese hackers accessed US and EU government email accounts. Senator Wyden asked authorities to investigate Microsoft's role and negligence. They worry about the encryption keys.
The SEC has announced new rules that will force publicly traded companies to report any cybersecurity incidents within four business days. This will help customers learn of breaches sooner.
A Redis server malware, that has been built on Rust, is infecting servers based on both Windows as well as Linux. Dubbed the "P2PInfect", this worm is able to exploit the Lua vulnerability.
Chinese hacking group Storm-0558 accessed US and Western Europe government email accounts, targeting agencies, think tanks, and NGOs. Microsoft identified and notified affected organizations.
According to an alarming research, over 100,000 ChatGPT accounts have been compromised and are being traded on illicit dark web marketplaces. Affected regions include the U.S., India, and more.
Further to Reddit's recent woes since the announcement of the API pricing change, claims have surfaced that it has suffered a data breach at the hands of BlackCat, with 80GB of zipped data taken.
Users of AT&T email accounts are facing a wave of hacks by bad actors who are seeking to steal cryptocurrency, by utilising API issues in the service to take control of email addresses.
_medium.jpg)
Password management company LastPass has confirmed another cybersecurity incident following the August hack. However, unlike the previous instance, customer data has been accessed this time.
Half a billion phone numbers of WhatsApp users is reportedly up for sale on a well-known hacking community. The dataset contains user data from 84 countries, with over 32 million numbers from the US.
The ticketing website, See Tickets, was affected by a major data breach in 2019 that went undetected for two years, and was only shut down in January, potentially impacting millions of customers.
Medibank, the Australian private health insurance provider has been hit by a cyber incident. Currently, It is investigating the nature of the incident and any impact it may have on its customers.
A recent hack at Fast Company resulted in iPhone users receiving racist and obscene push notifications via Apple News in the earlier hours of today. Fast Company has now shut down its website.
Following recent leaks of the new Grand Theft Auto 6 in development, a teenager from Oxfordshire, UK, has been arrested in London as part of an investigation by the UK National Crime Agency.
Uber has suffered a significant data breach. The rideshare company has taken several of its internal systems offline to assess the extent of the damage done. It's the first major attack since 2016.
Password management company LastPass has announced that its development environment was recently hacked. However, there are no signs of illicit access to user data at this point in time.
_danger_medium.jpg)
Plex has started warning users that data breach, though of "limited access" has taken place. As such, customers are being urged to reset passwords. However, the server load may be too much right now.
Google's Threat Analysis Group (TAG) has been running tests on a rather simple but effective tool that can download complete inboxes of popular services including Google, Yahoo, and Microsoft Outlook.
Signal has reported a recent phishing attack on its verification service provider, Twilio, which has exposed approximately 1,900 users registered to a Signal account. Twilio has shut down the attack.
Some of the Lapsus$ group's members may have been arrested, but the hackers managed to sneak inside T-Mobile servers and stole the company's source code to perform SIM swap attacks for ransomware.
In a recent cybertheft event, hackers stole over $600 million worth of cryptocurrencies from Sky Mavis' Ronin Network Bridge on March 23rd. The company noticed the security breach on March 29th.
_medium.jpg)
Join us as we recap an exciting week in the Microsoft-verse full of Windows Easter eggs, news about cybersecurity incidents involving Lapsus$ and others, and gaming news including DirectStorage.
A prominent member of the Lapsus$ hacking group has supposedly been identified as a 16-year-old boy; seven of the group's members have also been arrested by the City of London Police.
_medium.jpg)
Microsoft has officially confirmed that it was indeed compromised by Lapsus group. It has outlined a series of steps that organizations can take to protect themselves and identify malicious activity.
Microsoft wants to end printer driver headaches with Windows Ready Print
Microsoft explains why PowerToys 0.100.0 is faster and slimmer, there are new features too
Windows 11 KB5094126 June 2026 Patch Tuesday update now available to download
