Here is a ransomware trend that is becoming more frequent in 2026: The same victim organizations are posted twice, under two different flags. This is occurring frequently enough that we stopped treating it as a curiosity and went looking for the why behind this trend. We expected one answer, but we found at least five....Read More

While total phishing volume declined for the second year in a row, ThreatLabz identified 413,524 AI-generated site instances, underscoring how quickly adversaries can scale high-fidelity phishing   News Highlights    Quality Over Quantity: Phishing volume fell 20% for the second year in a row as attackers recalibrate to high-fidelity, AI-accelerated lures. Services Sector Surge: Targeted hits...Read More

The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing system defenses before deploying the encryptor. This mature portfolio of EDR-terminating tools is centered around a framework that’s known as GentleKiller. “They also incorporate third-party or leaked tools...Read More

Commercial printing and imaging technologies company Kodak has confirmed suffering a data breach after the ShinyHunters cybercrime group claimed to have stolen information from its systems.  Kodak was named on the ShinyHunters website on June 15, with the hackers claiming to have obtained more than 2.2 million records of customer personal information and other corporate...Read More

AI agents don’t just need identities. They need accountability. That distinction matters more than most enterprise security teams have fully reckoned with. The conversation I have most often with security and technology leaders right now is not about whether to deploy agentic AI. It is about what happens once those agents are operating across production...Read More

Cybercrime , Fraud Management & Cybercrime Police Seize Evil Corp-Tied Group’s Servers, Clean Subverted WordPress Sites Mathew J. Schwartz (euroinfosec) • June 19, 2026     Image: Shutterstock A criminal hacking operation that sold access to hacked computers to other cybercriminals had more than a hundred servers seized by police, who also cleaned tens of...Read More

As many as 145 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from Endor Labs, JFrog, OX Security, SafeDep, Socket, StepSecurity, and Synk. “A single npm account...Read More

Hamilton Police say they have been made aware of a cybersecurity incident involving Navigate360, the TIP management software provider behind the P3 platform used by Crime Stoppers organizations across Canada. According to information shared with Hamilton Police, Crime Stoppers of Hamilton has reported that its system may have been impacted as part of a broader...Read More

Cybercrime , Fraud Management & Cybercrime Police Seize Evil Corp-Tied Group’s Servers, Clean Subverted WordPress Sites Mathew J. Schwartz (euroinfosec) • June 19, 2026     Image: Shutterstock A criminal hacking operation that sold access to hacked computers to other cybercriminals had more than a hundred servers seized by police, who also cleaned tens of...Read More

Ransomware remains the costliest category of cyber event while third-party vendor incidents are responsible for a growing share of losses, according to Willis. Cyber insurance is covering more than 95% of the average data breach loss and 90% of the average first-party loss for policyholders, according to a new report from Willis. The report identifies...Read More