Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-24 16:00 PST
- Phishing campaign targets freight and logistics orgs in the US, Europe
BleepingComputer • 2026-02-24 15:57 • www.bleepingcomputer.com
A financially motivated threat group dubbed “Diesel Vortex” is stealing credentials from freight and logistics operators in the U.S. and Europe in phishing attacks using 52 domains. […]
https://www.bleepingcomputer.com/news/security/phishing-campaign-targets-freight-and-logistics-orgs-in-the-us-europe/ - Wynn Resorts confirms employee data breach after extortion threat
BleepingComputer • 2026-02-24 13:51 • www.bleepingcomputer.com
Wynn Resorts has confirmed that a hacker stole employee data from its systems after the company was listed on the ShinyHunters extortion gang’s data leak site. […]
https://www.bleepingcomputer.com/news/security/wynn-resorts-confirms-employee-data-breach-after-extortion-threat/ - 1Campaign platform helps malicious Google ads evade detection
BleepingComputer • 2026-02-24 13:45 • www.bleepingcomputer.com
A newly identified cybercrime service known as 1Campaign is enabling threat actors to run malicious Google Ads that remain online for extended periods while evading scrutiny from security researchers. […]
https://www.bleepingcomputer.com/news/security/1campaign-platform-helps-malicious-google-ads-evade-detection/ - RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
The Hacker News • 2026-02-24 10:52 • thehackernews.com
A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue.
The artificial intelligence (AI)-driven vulnerability has been codenamed RoguePilot by Orca Security. It has since been patched by Microsoft following responsible disclosure.
“Attackers can craft hidden instructions inside a
https://thehackernews.com/2026/02/roguepilot-flaw-in-github-codespaces.html - CarGurus data breach exposes information of 12.4 million accounts
BleepingComputer • 2026-02-24 10:08 • www.bleepingcomputer.com
The ShinyHunters extortion group has published personal information in more than 12 million records allegedly stolen from CarGurus, a U.S.-based digital auto platform. […]
https://www.bleepingcomputer.com/news/security/cargurus-data-breach-exposes-information-of-124-million-accounts/ - Open Redirects: A Forgotten Vulnerability?, (Tue, Feb 24th)
SANS ISC Diary (full) • 2026-02-24 10:04 • isc.sans.eduIn 2010, OWASP added “Unvalidated Redirects and Forwards” to its Top 10 list and merged it into “Sensitive Data Exposure” in 2013 [owasp1] [owasp2]. Open redirects are often overlooked, and their impact is not always well understood. At first, it does not look like a big deal. The user is receiving a 3xx status code and is being redirected to another URL. That target URL should handle all authentication and access control, regardless of where the data originated.
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
