Cybersecurity

When the internet’s plumbing catches fire

INTERPOL Arrested 5,811 Fraud Suspects Across 97 Countries and Seized $293 Million — Meanwhile a New AI-Powered Phishing Platform Just Launched Because the Supply Chain of Crime Is Remarkably Resilient

🤚 The Open-Palm Dragnet INTERPOL, in coordination with Europol, ASEANAPOL, GCCPOL, and China’s Ministry of Public Security, has completed Operation First Light 2026 — a…

Read more

Accenture Confirms a Hacker Stole 35 Gigabytes of Source Code, RSA Keys, and Azure Tokens — The Company That Just Spent $4.1 Billion on Cybersecurity Acquisitions Would Like to Discuss Irony

🤚 The Open-Palm Disclosure Accenture, the $64 billion consulting colossus that advises Fortune 500 companies on how to secure their digital infrastructure, has confirmed that…

Read more

Hackers Are Calling Employees on Microsoft Teams Pretending to Be IT Support and Installing a Trojan That Uses Ethereum Smart Contracts to Find Its Command Servers — The Malware Has a Blockchain Strategy and Your SOC Does Not

🤚 The Open-Palm Incident Report Security researchers at Palo Alto Networks’ Unit 42 have documented a campaign in which threat actors are calling employees on…

Read more

An AI Agent Just Ran the First Fully Autonomous Ransomware Operation From Reconnaissance to Encryption — It Fixed Its Own Errors in 31 Seconds and Copied Its Bitcoin Address From a Tutorial

🤚 The Open-Palm Debrief Cloud security firm Sysdig has published what it calls the first documented case of a ransomware operation conducted entirely by a…

Read more

Google and the FBI Unplugged Two Million Smart TVs That Were Secretly Working as Proxy Nodes for 316 Cybercriminal Organizations — Your Living Room Was Conducting Password-Spraying Attacks While You Watched Netflix

🤚 The Open-Palm Disconnection A coordinated operation led by Google’s Threat Intelligence Group (GTIG), the FBI, Lumen Technologies, and The Shadowserver Foundation has dismantled NetNut,…

Read more

Hackers Fired 81 Million Login Attempts at Microsoft 365 in Two Weeks and Bypassed MFA Using Microsoft’s Own OAuth Flow — The Password Sprayer Used Azure CLI Because Even Threat Actors Prefer the Terminal

🤚 The Open-Palm Barrage Between June 12 and June 26, an unknown threat actor launched 81 million login attempts against Microsoft 365 environments in what…

Read more

Hackers Breached the Department of Homeland Security’s Own Threat-Sharing Platform While America Prepares for the World Cup — The Network Built to Coordinate National Security Needed a Security Response of Its Own

The Department of Homeland Security has confirmed that an unknown threat actor compromised the Homeland Security Information Network (HSIN), a sensitive information-sharing platform used by…

Read more

Russian Intelligence Is Impersonating Signal Support to Steal Your Backup Recovery Keys — The FBI Spent $10 Million in Bounties to Tell You That the Weakest Link in End-to-End Encryption Has Always Been the Person Holding the Phone

🤚 The Open-Palm Briefing The FBI and CISA issued a joint advisory on June 26 warning that Russian intelligence operatives — tracked as UNC5792 and…

Read more

Djinn Stealer Exploits a Critical SimpleHelp Auth Bypass to Harvest Your Claude, Gemini, and GitHub Tokens — The Cross-Platform Infostealer Knows Exactly Where Developers Keep Their Secrets and It Packed Them in AES-256 Before You Noticed

🤚 The Open-Palm Disclosure A previously undocumented cross-platform information stealer called Djinn has been deployed in the wild through a critical authentication bypass in SimpleHelp,…

Read more

KDDI Lost 14.2 Million Email Credentials Through a Vulnerability in Software It Won’t Name — Five Japanese ISPs Outsourced Their Email to One Platform and the Platform Outsourced Its Security to an Anonymous Dependency

🤚 The Open-Palm Disclosure KDDI Corporation, one of Japan’s largest telecommunications operators, has disclosed a breach affecting up to 14.22 million email accounts across five…

Read more