BrianKrebs – WindowsTechs.com

Patch Tuesday, May 2026 Edition

Posted on May 12, 2026 by BrianKrebs

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers — including Apple, Google, Microsoft, Mozilla and Oracle — fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases. Continue reading Patch Tuesday, May 2026 Edition→

Canvas Breach Disrupts Schools & Colleges Nationwide

Posted on May 8, 2026 by BrianKrebs

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service’s login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions. Continue reading Canvas Breach Disrupts Schools & Colleges Nationwide→

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

Posted on April 30, 2026 by BrianKrebs

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company’s public image. Continue reading Anti-DDoS Firm Heaped Attacks on Brazilian ISPs→

‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

Posted on April 21, 2026 by BrianKrebs

A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology companies and steal tens of millions of dollars worth of cryptocurrency from investors. Continue reading ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty→

Patch Tuesday, April 2026 Edition

Posted on April 14, 2026 by BrianKrebs

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed “BlueHammer.” Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution. Continue reading Patch Tuesday, April 2026 Edition→

Russia Hacked Routers to Steal Microsoft Office Tokens

Posted on April 7, 2026 by BrianKrebs

Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code. Continue reading Russia Hacked Routers to Steal Microsoft Office Tokens→

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

Posted on April 6, 2026 by BrianKrebs

An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021. Continue reading Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab→

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

Posted on March 23, 2026 by BrianKrebs

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have Farsi set as the default language. Continue reading ‘CanisterWorm’ Springs Wiper Attack Targeting Iran→

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

Posted on March 20, 2026 by BrianKrebs

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets — named Aisuru, Kimwolf, JackSkid and Mossad — are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline. Continue reading Feds Disrupt IoT Botnets Behind Huge DDoS Attacks→

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

Posted on March 11, 2026 by BrianKrebs

A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker’s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker’s main U.S. headquarters says the company is currently experiencing a building emergency. Continue reading Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker→