News

Ghost Accounts Abuse GitHub API in Mass Recon Campaign

Threat actors are abusing the GitHub API to systematically enumerate organizations, repositories, and user accounts, Datadog reports. Spanning multiple overlapping campaigns, the activity has been ongoing for several months, relying on ghost accounts that were registered two to five years ago but left dormant. The activity, Datadog says, involves automated scanners, the abuse of leaked credentials, and coordinated networks of dormant accounts. While the observed GitHub API requests are targeting publicly available data, blending with…

Read More

In Other News: DHS Database Hacked, Adobe Boosts Patch Cadence, Canada Disrupts Ransomware Ops

SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: Armenian man pleads guilty in the US to ransomware attacks Karen…

Read More

Third US Security Expert Sentenced to Prison for Helping Ransomware Gang

Another cybersecurity expert from the United States, accused of helping a cybercrime gang while working as a ransomware negotiator, has been sentenced to prison. Angelo Martino, 41, of Florida, was sentenced on Thursday to 70 months in prison after he pleaded guilty in April.  Martino is one of the three individuals charged by US authorities last year over their role in ransomware attacks. The three men worked at cybersecurity firms, and two of them served…

Read More

QIZ Security Raises $17 Million for Cryptographic Governance Platform

Israeli startup QIZ Security announced on Thursday that it has raised $17 million in seed funding for its cryptographic posture and post-quantum cryptography (PQC) management platform. The funding round was led by Bessemer Venture Partners and Merlin Ventures, with participation from Evolution Equity Partners, Qbeat Ventures, Singtel Innov8, and Qino Cyber Capital.  The investment will be used to accelerate the company’s growth and enhance its platform. QIZ Security has developed a platform designed to help…

Read More

Accenture Confirms Data Breach After Hacker Claims Source Code Theft

Professional services giant Accenture confirmed a data breach after a hacker claimed the theft of internal source code from the company. The incident came to light this week, when a threat actor boasted on the hacker forum PwnForums about compromising Accenture and stealing 35 gigabytes of data. According to the hacker, the information, including Azure access keys and tokens, configuration files, RSA and SSH keys, and source code, was exfiltrated from Accenture earlier this month.…

Read More

CISA Reportedly Using Anthropic’s Mythos to Scan Government Software for Flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) is using Anthropic’s powerful Mythos AI model to scan and audit federal government software for security vulnerabilities, according to a report from Reuters. Citing three sources familiar with the matter, Reuters reported that CISA is utilizing Mythos to scan code repositories across federal agencies. The operation aims to proactively discover and patch security bugs that could otherwise be exploited by foreign intelligence agencies and cybercriminals. The audits are…

Read More

The Shift Toward Business-Aligned Risk Management

In the movie Moneyball, the Oakland A’s didn’t need more data; they needed to know which data actually won games. Risk assessment data has the same problem. A CVSS score of 9.1 might mean little to a CFO; the fact that it represents a vulnerability in a payment system processing $2 million daily means a great deal. This data must therefore link to information about operational disruptions that can cause financial loss, product delays, or…

Read More

In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting

SecurityWeek’s cybersecurity news weekly roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: Anonymous-linked hacker Aubrey Cottle jailed over Texas GOP cyberattack Aubrey Cottle,…

Read More

Agentic AI Used to Conduct Ransomware Attack via Langflow

A threat actor exploited a vulnerability in Langflow to access an organization’s instance and abuse it in an agentic ransomware attack, cloud security firm Sysdig reports. Langflow is a Python-based, LLM-agnostic open source framework used for building LLM-driven applications and agent workflows. As part of the attack, a threat actor tracked as JadePuffer gained access to an internet-exposed Langflow instance through the exploitation of CVE-2025-3248 (CVSS score of 9.8), a critical missing authentication vulnerability disclosed…

Read More

Medtronic Data Breach Impacts 3.8 Million People

Medical technology giant Medtronic is notifying more than 3.8 million individuals that their personal and medical information was compromised in a recent data breach. The incident occurred in April 2026, when the infamous extortion group ShinyHunters accessed the company’s corporate IT systems. Medtronic confirmed the attack in late April, noting that its products and manufacturing and distribution operations were not affected. ShinyHunters had added the company to its Tor-based leak site on April 17, claiming…

Read More