ADT Data Breach: ShinyHunters Leak Threat Confirmed — BleepingComputer

ADT has confirmed a data breach following threats from the ShinyHunters extortion group. The breach reportedly involves the theft of 10 million records, including sensitive customer information. Security teams should assess the exposure of ADT systems and monitor for potential misuse of stolen data, as this incident highlights the ongoing threat of data extortion campaigns.

Firestarter Malware Survives Cisco Firewall Updates — BleepingComputer

The Firestarter malware has been found persisting in Cisco Firepower devices, even after security patches were applied. This custom malware targets federal systems, bypassing traditional security measures. Organizations using Cisco Firepower should review their patching processes and consider additional detection mechanisms to identify and mitigate this persistent threat.

LMDeploy CVE-2026-33626 Exploited Within Hours — The Hacker News

A high-severity vulnerability in LMDeploy, CVE-2026-33626, was exploited within 13 hours of disclosure. This flaw affects the open-source toolkit for compressing and deploying models, allowing attackers to execute arbitrary code. Security teams should prioritize patching affected systems and monitor for indicators of compromise related to this vulnerability.

• Why are top university websites serving porn? It comes down to shoddy housekeeping. [Ars Technica Security]
• NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software [The Hacker News]
• Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks [BleepingComputer]
• AI Phishing Is No. 1 With a Bullet for Cyberattackers [Dark Reading]
• North Korea's Lazarus Targets macOS Users via ClickFix [Dark Reading]