Shortly after announcing that its delayed, gold-plated T1 smartphone would finally begin shipping, TrumpMobile. com was found to be suffering from a critical web security exploit. A security researcher discovered a flaw that allowed anyone to scrape the company's complete preorder database and submit arbitrary fake orders.

The Flaw & Data Exposure:

The vulnerability resided within the site’s backend infrastructure (specifically targeting order processing endpoints). Unauthenticated requests allowed the researcher to dump cleartext customer records, exposing:

• Full Names
• Physical/Mailing Addresses
• Primary Email Addresses
• Unique Order Identifiers

High-profile buyers who purchased the $499 phone out of curiosity - including YouTubers Coffeezilla and penguinz0 - were contacted directly by the researcher and confirmed the accuracy of their exposed personal data. No credit card information or payment data appears to have been caught in the leak.

The Operational Leak (The Real Data):

Beyond the privacy implications, the database dump inadvertently exposed the company's actual sales volume. While initial viral marketing metrics claimed roughly 590,000 reservation deposits, the database sequence numbers and unique identifiers indicate the platform only has approximately 10,000 unique customers with roughly 30,000 total smartphone orders.

Supply Chain Context:

The hardware itself is facing intense regulatory scrutiny. Initially marketed with a "Made in the USA" pledge, the branding was quietly altered to "designed with American values." Senator Mark Warner (Senate Intelligence Committee) recently issued an official inquiry demanding full transparency regarding the phone's true OEM suppliers, motherboard origins, and potential Chinese component sourcing.

The security flaw on the preorder site was reportedly patched on May 20, 2026, following zero-response to initial administrative disclosure attempts.

Full Technical Details & Coverage Timeline:

https://www.technadu.com/trump-mobile-reportedly-leaks-customer-data-from-t1-smartphone-orders/628185/

A cybercriminal group, TeamPCP, is executing large-scale software supply chain attacks, compromising thousands of open source code repositories and eroding trust in the software ecosystem.

Key Points:

• TeamPCP claims to have accessed approximately 4,000 GitHub repositories through a poisoned VSCode extension.
• The group has conducted 20 waves of attacks recently, embedding malware in over 500 distinct software tools.
• Their tactics exploit software developers, creating a self-perpetuating cycle of malware distribution.
• TeamPCP has transitioned to an automated approach, utilizing a self-spreading worm called Mini Shai-Hulud.
• Organizations are urged to adopt strict security practices to mitigate the dangers of software supply chain attacks.

The ongoing cybersecurity threat posed by TeamPCP underscores their new level of aggression in targeting open source software. What was once a rare event known as a software supply chain attack has become alarmingly frequent, with the group recently claiming they breached GitHub through a compromised tool. This incident has raised significant concerns for developers and organizations relying on open source solutions, showcasing an emerging trend of systemic vulnerabilities that can be exploited by malicious actors. More than just an isolated breach, the attacks leverage compromised tools to infiltrate a diverse array of companies, creating a ripple effect of risk throughout their networks.

The self-sustaining nature of TeamPCP’s approach is particularly alarming. By inserting malware into widely used open source projects, they effectively turn developers into unwitting accomplices, who then propagate malicious code to their various platforms. The emergence of automated tactics, such as the Mini Shai-Hulud worm, reinforces the complexity of defending against these threats. While GitHub's statement indicates that the breached repositories contained their own code, the broader implications for the security of open source software tarnish the trust in a system that many developers depend upon for efficiency and innovation all the while raising outside questions about how effectively compromises can be detected and mitigated.

What measures do you think developers should take to protect themselves from supply chain attacks in the current landscape?

Learn More: Wired

Want to stay updated on the latest cyber threats?

👉 Subscribe to /r/PwnHub

Sharing RedThread, an open-source CLI for AI red-team campaigns:

https://github.com/matheusht/redthread

The angle is AI agents as an attack surface. Prompt injection gets more interesting once the model can call tools, delegate to workers, write memory, retry failed actions, or propose guardrail changes.

RedThread is built for staging/internal targets. It runs LLM red-team campaigns, records traces, scores failures, and can replay exploit and benign cases before treating a defense as evidence.

Current pieces:

• PAIR, TAP, Crescendo, and GS-MCTS attack flows
• JudgeAgent/rubric scoring
• replay-backed defense proposals
• telemetry/drift signals
• agentic checks for tool poisoning, confused deputy paths, canary propagation, and budget amplification

It is not a magic prompt shield and not broad production enforcement.

Looking for people who test agent workflows and can suggest realistic failure cases or target adapters.

Microsoft has released a mitigation for the YellowKey vulnerability which compromises BitLocker encryption on certain Windows systems.

Key Points:

• CVE-2026-45585 is a BitLocker security feature bypass with a CVSS score of 6.8.
• The exploit allows attackers with physical access to bypass BitLocker protections using specially crafted files.
• Mitigations include modifying the WinRE image and mandatory configurations for BitLocker settings.
• Switching to a TPM+PIN configuration can enhance security against potential attacks.

Microsoft is aware of a significant security vulnerability in its BitLocker encryption system, known as YellowKey. This flaw allows an attacker with physical access to a Windows device to bypass the encryption protection using crafted files placed on a USB drive. The vulnerability, which has been assigned the identifier CVE-2026-45585 and carries a CVSS score of 6.8, was disclosed publicly without adhering to best practices, thereby exposing countless systems to potential risk. With targeted systems including various Windows 11 versions and Windows Server 2025, the implications are considerable for organizations relying on BitLocker for data protection.

Learn More: The Hacker News

Want to stay updated on the latest cyber threats?

👉 Subscribe to /r/PwnHub

A newly discovered vulnerability in ExifTool allows attackers to compromise Mac systems just by exploiting a single malicious image file.

Key Points:

• ExifTool vulnerability enables remote code execution on Macs.
• Attackers can exploit this flaw simply by sending a malicious image.
• Mac users are urged to update their software to mitigate risks.

A critical vulnerability has been identified in ExifTool, a widely used open-source software for reading, writing, and editing metadata in image files. This flaw potentially allows cybercriminals to execute malicious code on Mac systems by using specially crafted image files. The simplicity of the exploit—requiring only a single image to trigger the attack—raises significant concerns for Apple users, particularly those who may unknowingly open or interact with compromised files.

The implications of this vulnerability are serious. Once compromised, attackers could gain unauthorized access to sensitive information or take control of the affected systems. Users of ExifTool are strongly advised to apply software updates and observe best practices in safeguarding their devices against potential exploitation. The speed at which the flaw is addressed will be crucial in preventing widespread cyber threats to Mac users in the future.

What steps are you taking to protect your devices from vulnerabilities like this one?

Learn More: Cyber Security News

Want to stay updated on the latest cyber threats?

👉 Subscribe to /r/PwnHub

The latest Verizon Data Breach Investigations Report (DBIR) highlights vulnerability exploitation as the primary cause of data breaches in 2025.

Key Points:

• 31% of breaches stemmed from unpatched vulnerabilities, a significant rise compared to prior years.
• Ransomware incidents increased to 48% of confirmed breaches, despite a decrease in ransom payments.
• AI is being leveraged by threat actors to exploit vulnerabilities faster, reducing defense windows drastically.

Verizon's 2026 Data Breach Investigations Report shows a troubling trend in the cybersecurity landscape, marking a shift where vulnerability exploitation has overtaken credential theft as the most common access vector for data breaches. In a year marked by a dramatic rise in analyzed security incidents, the report identifies that 31% of confirmed breaches were due to unpatched vulnerabilities. This percentage reflects an alarming reality where organizations are struggling to remediate known flaws, with the median time to fully patch vulnerabilities increasing to 43 days, up from 32 days the previous year.

The report also showcases the role of ransomware, which was tied to 48% of confirmed breaches, signifying a 4% increase from the previous year. Interestingly, while the frequency of ransomware incidents has risen, the median ransom payment has decreased, indicating a potentially evolving threat landscape. Furthermore, the analysis reveals that threat actors are increasingly utilizing AI to speed up vulnerability exploitation, intensifying the urgency for organizations to tighten their security measures. With findings indicating that organizations struggled to address only 26% of security defects in the CISA's Known Exploited Vulnerabilities catalog last year, the time for proactive risk management and effective security practices has never been more critical.

What measures should organizations take to close the vulnerability remediation gap highlighted in the DBIR?

Learn More: Security Week

Want to stay updated on the latest cyber threats?

👉 Subscribe to /r/PwnHub

A report from EPIC reveals that many major data companies employ deceptive practices that hinder consumers from opting out of data sales and sharing.

Key Points:

• Many data broker opt-out processes are designed to confuse consumers.
• Major AI companies like Google and OpenAI obscure their opt-out links and often require multiple submissions.
• EPIC links opt-out difficulties to safety concerns, citing cases of harassment and violence against vulnerable individuals.

The Electronic Privacy Information Center (EPIC) conducted an audit on 38 significant data-collecting companies in the U.S., discovering numerous methods that complicate or outright prevent consumers from opting out of their personal information being sold or shared. Key findings highlight misleading opt-out links that are buried in fine print or scattered across multiple forms, often requiring unnecessary account setups or fees. For instance, OpenAI’s opt-out option merely filters data responses in its chatbot, failing to effectively disable data sales.

EPIC emphasizes that these manipulative design tactics are not merely an inconvenience but pose genuine safety risks. The report illustrates how individuals—especially those in vulnerable demographics like domestic violence survivors—may rely heavily on opt-out mechanisms to protect themselves. Without accessible options to remove personal information from circulation, these individuals face heightened exposure to potential threats. The audit notably points out that companies like Spokeo and Whitepages offer convoluted processes that require users to remove listings one by one and do not guarantee further data sales will cease, perpetuating the risks associated with poorly secured personal information.

What steps should consumers take to protect their privacy in light of these findings, and how should regulations evolve to ensure clearer opt-out options?

Learn More: Wired

Want to stay updated on the latest cyber threats?

👉 Subscribe to /r/PwnHub