
OpenAI Confirms Breach via Mini Shai-Hulud npm Supply Chain Attack
OpenAI confirmed two employee devices were compromised through a supply chain attack, exposing code-signing certificates for macOS, Windows, iOS, and

OpenAI confirmed two employee devices were compromised through a supply chain attack, exposing code-signing certificates for macOS, Windows, iOS, and

Grafana Labs confirmed CoinbaseCartel stole its source code via a stolen GitHub token; the group has links to ShinyHunters; no

ShinyHunters claimed and 7-Eleven confirmed a breach of its Salesforce CRM containing over 600,000 records, with a ransom demand issued

Nitrogen ransomware hit Foxconn’s North American factories, encrypting systems and stealing 8TB of files containing schematics from Apple, Intel, and

OpenLoop Health disclosed a January 2026 breach affecting 716,000 patients across two days, with a threat actor claiming the true

Socket identified GemStuffer, a campaign abusing 150+ RubyGems packages to scrape UK government council portals and publish collected data as

InterLock ransomware posted four new victims in 24 hours on May 11, including Park Dental Research — a US healthcare

The UK ICO fined South Staffordshire Water £963,900 after Cl0p ransomware went undetected inside the utility’s systems for 20 months,

ShinyHunters posted Houghton Mifflin Harcourt with a May 12 pay-or-leak deadline, threatening to expose student and educator data from one

Dell advisory DSA-2026-047 patches a CVSS 9.8 hard-coded credentials flaw in Dell ECS and ObjectScale that grants unauthenticated filesystem access
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.