Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    ​ ​AsyncAPI npm packages infected with credential-stealing malware

    July 15, 2026

    We built a vulnerability vending machine: AI tokens in, zero-days out

    July 15, 2026

    Infosec News Nuggets — July 15, 2026 – AboutDFIR

    July 15, 2026
    Facebook X (Twitter) Instagram
    • Demos
    • Technology
    • Gaming
    • Buy Now
    Facebook X (Twitter) Instagram Pinterest Vimeo
    Canadian Cyber WatchCanadian Cyber Watch
    • Home
    • News
    • Alerts
    • Tips
    • Tools
    • Industry
    • Incidents
    • Events
    • Education
    Subscribe
    Canadian Cyber WatchCanadian Cyber Watch
    Home»News»InfoSec News Nuggets 04/28/2026
    News

    InfoSec News Nuggets 04/28/2026

    adminBy adminApril 28, 2026No Comments2 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak

    Medtronic confirmed a cyber incident after the ShinyHunters group claimed to have stolen 9 million records and terabytes of corporate data. The company said it has not identified impacts to products, patient safety, manufacturing, distribution, or hospital customer networks, but it is still working to determine whether personal information was accessed.

     

    Canada arrests three for operating “SMS blaster” device in Toronto

    Canadian authorities arrested three men for allegedly operating an SMS blaster, a rogue cellular device that mimics a legitimate tower and pushes phishing texts directly to nearby phones. The tactic matters because it bypasses the normal need for a phone number list and lets attackers hit large numbers of people in dense areas with messages that appear to come from trusted entities like banks or government agencies.

     

    Cyber crooks got Robinhood to send phishing emails to its own users

    Attackers abused Robinhood’s account creation flow to inject malicious HTML into legitimate login notification emails, causing real Robinhood infrastructure to send convincing phishing messages to victims. Because the emails came from Robinhood’s own domain and passed SPF, DKIM, and DMARC checks, the campaign is a good example of how attackers can weaponize a trusted platform’s own mail systems rather than spoofing them from the outside.

     

    Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia

    ESET researchers say a China-linked group they call GopherWhisper targeted Mongolian government entities and used multiple cloud services for command and control, including Slack, Discord, Outlook email drafts, and file.io. The tradecraft is notable less for sophistication than for flexibility, giving the operators several mainstream channels to support espionage and pivot if one method is discovered or blocked.

     

    ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

    A 24-year-old British national identified as Tyler Robert Buchanan pleaded guilty to wire fraud conspiracy and aggravated identity theft tied to Scattered Spider activity. Prosecutors say the campaign involved large-scale SMS phishing against companies like Twilio, LastPass, DoorDash, and Mailchimp, followed by SIM swapping and cryptocurrency theft totaling at least $8 million, which keeps the spotlight on how effective social engineering remains in high-impact intrusions.

    The post InfoSec News Nuggets 04/28/2026 appeared first on AboutDFIR – The Definitive Compendium Project.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleSSA-563922 V1.0: Local Privilege Escalation Vulnerability in SIMOTION Tools
    Next Article CVE-2026-7268 | THREATINT
    admin
    • Website

    Related Posts

    News

    ​ ​AsyncAPI npm packages infected with credential-stealing malware

    July 15, 2026
    News

    We built a vulnerability vending machine: AI tokens in, zero-days out

    July 15, 2026
    News

    Infosec News Nuggets — July 15, 2026 – AboutDFIR

    July 15, 2026
    Add A Comment

    Comments are closed.

    Demo
    Top Posts

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202634 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews
    85
    Featured

    Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

    January 15, 2021 Featured
    8.1
    Uncategorized

    A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

    January 15, 2021 Uncategorized
    8.9
    Editor's Picks

    DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

    January 15, 2021 Editor's Picks

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Demo
    Most Popular

    Catchy & Intriguing

    March 17, 202677 Views

    The Canadian Password Playbook: Navigating Compliance and Building Strong Passwords

    March 25, 202634 Views

    IP Address Investigations and Local OSINT

    March 20, 202634 Views
    Our Picks

    ​ ​AsyncAPI npm packages infected with credential-stealing malware

    July 15, 2026

    We built a vulnerability vending machine: AI tokens in, zero-days out

    July 15, 2026

    Infosec News Nuggets — July 15, 2026 – AboutDFIR

    July 15, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Technology
    • Gaming
    • Phones
    • Buy Now
    © 2026 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.