The Wire
Curated cybersecurity and tech news — AI-summarized, source attributed.
Breeze Cache WordPress plugin under active attack via unauth file upload flaw
CVE-2026-3844, a critical 9.8-severity flaw in the Cloudways Breeze Cache plugin, is being actively exploited, with Wordfence logging over 170 attack attempts.
Checkmarx KICS supply chain hit: Docker images and VSCode extensions weaponized
Attackers pushed trojanized versions of Checkmarx's KICS scanner to Docker Hub and compromised the associated VS Code and Open VSX extensions, turning a securit
China-Backed Botnet Operations Shift From Artisanal to Industrial Scale
Dark Reading reports that state-aligned Chinese threat actors have moved botnet construction out of bespoke, campaign-specific work and into something closer to
Chinese APT Weaponizes Legitimate Cloud Services for Mongolia Espionage Campaign
A Chinese advanced persistent threat group is running a surveillance operation against Mongolian targets by piggybacking on trusted cloud infrastructure rather
Chinese phishing campaign tricks NASA staff to reach U.S. defense software
A targeted phishing operation attributed to Chinese actors successfully compromised NASA employees as part of a broader effort to access U.S. defense software.
DOJ Dismantles Myanmar-Based Fraud Ring Preying on American Victims
US authorities have disrupted a Myanmar-based criminal operation that targeted American citizens through financial fraud schemes. The takedown reflects the grow
DORA Article 9 turns credential hygiene into a binding EU financial control
The Digital Operational Resilience Act, in force across the EU since January 2025, recasts credential management as a supervised financial risk control rather t
FIRESTARTER implant persists on federal Cisco Firepower device through patching
A backdoor tracked as FIRESTARTER was recovered from a Cisco Firepower appliance in use at a U.S. federal agency, with the implant demonstrating the ability to
Glasswing Locks Down the Code, But Your Stack's Exposure Is Still Yours to Own
Glasswing's pitch centers on hardening application code itself, closing off a class of vulnerabilities at the source layer. That narrows one attack surface, but
Hidden Bluetooth tracker in postcard exposes Dutch warship's location
A journalist at Dutch outlet Omroep Gelderland followed a public mailing address on the Dutch government website and slipped a Bluetooth tracker inside a postca
Latin America Overtakes Africa as Most-Attacked Region in Q1 2026
Regional cyberattack rankings shifted this quarter, with Latin America surpassing Africa as the most-targeted region globally. The change reflects a measurable
Lazarus Group Pivots ClickFix Social Engineering to macOS Targets
North Korea's Lazarus Group has extended its ClickFix campaign to macOS, expanding a technique previously aimed at Windows users. ClickFix relies on social engi