In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks
Security WeekArchived May 29, 2026✓ Full text saved
Noteworthy stories that might have slipped under the radar: Trump Mobile exposes customer data, phishers target the 2026 FIFA World Cup, CISA responds to recent supply chain attacks. The post In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks appeared first on SecurityWeek .
Full text archived locally
✦ AI Summary· Claude Sonnet
SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape.
This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment.
Here are this week’s highlights:
Trump Mobile data breach
Phone provider Trump Mobile has confirmed that customers’ names, addresses, email addresses, phone numbers, and other data was exposed to the internet. The company reportedly said a third-party platform provider was responsible for the exposure.
Russian hackers’ deep reach in Treasury emails
Documents presented in a Freedom of Information Act lawsuit filed by Bloomberg News against the US government show that the Russian state-sponsored APT responsible for the 2019-2020 SolarWinds supply chain attack had deep access to Treasury emails. The hackers reportedly focused on only eight email accounts linked to 300 other email addresses. The Treasury had roughly 94,000 people at the time.
VS Code Remote SSH extension vulnerability
A remote code execution (RCE) vulnerability in the Visual Studio Code (VS Code) Remote‑SSH extension could allow attackers to pivot to remote systems, security researcher Suman Kumar Chakraborty warns. The issue exists because, upon initiating a Remote SSH connection, the extension writes a bootstrap shell script to the Temp directory. An attacker with access to the system can modify the script before it is transmitted and executed on the remote server, to deploy a reverse shell.
UK Visa Portal exposes over 100,000 documents
Immigration portal UK Visa Portal publicly exposed over 100,000 documents of people who applied for a UK visa, TechCrunch reports. Not affiliated with the UK government, the website requires applicants to upload selfies and passports, and to pay a fee for obtaining visas. The exposed files were stored in an AWS S3 bucket and were secured earlier this week.
LinkedIn phishing campaign abuses Adobe Target
Phishers are posing as LinkedIn in a new phishing campaign posing as a business inquiry. The emails contain fake contract attachments masquerading as PDFs. In fact, they are HTML files directing victims to the Adobe Target A/B testing platform. The attackers are abusing Adobe Target to track users and serve them fake login pages to steal their credentials before redirecting them to LinkedIn.
2026 FIFA World Cup in attackers’ crosshairs
Just as the 2026 FIFA World Cup is about to kick off, Group-IB has discovered over 4,300 fraudulent domains impersonating FIFA, including a sophisticated phishing campaign run by Chinses-speaking hacking group Ghost Stadium. The threat actor has set up over 300 domains, including a pixel-perfect clone of the legitimate FIFA site. The phishers could cause hundreds of millions of dollars in losses.
Veeam, Notepad++, Roundcube patches
Veeam this week resolved two high-severity vulnerabilities in its Backup & Replication product, warning they could lead to privilege escalation and arbitrary file writes. Notepad++ patched three security issues, including two leading to arbitrary code execution. The latest Roudcube security updates fix eight flaws, including unauthenticated SQL injection and arbitrary file delete bugs.
CISA responds to recent supply chain attacks
The US cybersecurity agency CISA has expanded its KEV catalog with three vulnerabilities describing recent software supply chain attacks. These include Daemon Tools Lite, TanStack, and Nx Console (which led to the 3.800 internal GitHub repositories hack). CISA also issued an alert on the Megalodon and Nx Console attacks, urging organizations to hunt for and remediate potential compromises. NPM invalidated granular access tokens in response to these attacks.
Supply chain attack hits 176 NPM packages
Sonatype warns of a supply chain attack involving 176 malicious NPM packages containing postinstall scripts designed to install information-stealing malware on the victims’ computers. The malware harvests and exfiltrates credentials, system and directory information, environment variables, CI/CD secrets, and other tokens and sensitive information. All malicious packages have the version number 99.99.99.
Contractor jailed for hacking former employer
Maxwell Schultz, 36, of Columbus, Ohio, was sentenced to 24 months in federal prison for hacking into his employer’s network after his contract was terminated in May 2021. Impersonating another contractor, he obtained login credentials, accessed the former employer’s systems, and executed a script that reset roughly 2,500 passwords, locking out employees and contractors and causing more than $862,000 in losses. Schultz pleaded guilty in November 2025.
Related: In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking
Related: In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws
WRITTEN BY
SecurityWeek News
More from SecurityWeek News
IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell”
SecurityWeek to Host AI Risk Summit August 11-12 at the Ritz-Carlton, Half Moon Bay
Lastwall Raises $11.5 Million for Quantum-Resilient Identity Platform
Watch on Demand: Threat Detection & Incident Response Summit – All Sessions Available
In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking
Ocean Emerges From Stealth With $28M for Agentic Email Security Platform
Quantum Bridge Raises $8 Million for Quantum-Safe Key Distribution Solution
Virtual Event Today: Threat Detection & Incident Response Summit
Latest News
Charter Communications Data Breach Could Impact Nearly 5 Million
MokN Raises $15 Million for Phish-Back Platform
Gogs Zero-Day Exposes Servers to Remote Code Execution
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
Chrome 148 Update Patches 151 Vulnerabilities
Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks
Geordie Raises $30 Million for AI Security and Governance Platform
Carnival Data Breach Exposed 6 Million People
Trending
Virtual Event: Threat Detection And Incident Response Summit
On-Demand
Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.
Register
Webinar: Third-Party Risk In Practice
June 4, 2026
Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.
Register
People on the Move
Anurag Jain has been appointed Senior Vice President of Engineering at CodeHunter
CTERA has appointed Tal Sarfaty as Senior Vice President of Cybersecurity.
Quantum Secure Encryption has named Michael Massing as Chief Technology Officer.
More People On The Move
Expert Insights
Raising The Cybersecurity Stakes: Ante Up For The Agentic Era
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale. (Nadir Izrael)
Caught Off Guard: Securing AI After It Hits Production
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode. (Joshua Goldfarb)
Cyber Resilience Is The New Business Continuity Plan
The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose. (Steve Durbin)
Enhancing Data Center Security Without Sacrificing Performance
For AI data centers, where the stakes are the highest and performance constraints are the tightest, security and performance are no longer a zero-sum game. (Nadir Izrael)
Is The SOC Obsolete, And We Just Haven’t Admitted It Yet?
Many AI-first enterprises have already embraced sovereign architectures for general AI initiatives; cybersecurity—and the SOC—should be next. (Danelle Au)
Flipboard
Reddit
Whatsapp
Email