The proto hacker whose innate ability, curiosity, and absolute joy in the act of discovery is conveyed so artfully in the new documentary Joybubbles.
The series of incidents detailed by Mandiant researchers started in early to mid-January, and included a previously disclosed campaign involving Okta customers.
Read More Google Mandiant: ShinyHunters Attacks Target SaaS Platforms Via SSO, MFA Abuse
The vulnerabilities (CVE-2026-1281 and CVE-2026-1340) could lead to unauthenticated remote code execution if successfully exploited.
Google researchers observed more than 550 individual threat groups using IPIDEA exit nodes during a one-week period earlier this month.
Fortinet is rolling out updates for CVE-2026-24858, with fixes for some versions available as of Tuesday, and others in releases that are upcoming at an unspecified date.
Read More Fortinet Warns of Critical Flaw After FortiCloud SSO Exploitation
Exploitation of CVE-2025-8088 in the wild began before disclosure, with attacks confirmed as early as July 18, 2025.
The vulnerability (CVE-2026-21509) requires user interaction for an attack to succeed, with the most likely vector being an attacker sending a malicious Office file to a victim, who then opens it.
Read More Microsoft Releases Emergency Patch for CVE-2026-21509
