Europol and Eurojust led a massive international police operation that successfully dismantled a crypto fraud network that laundered over β¬700M using deepfake ads.
Four distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader, strengthening the previous assessment that the tool is offered to other threat actors under a malware-as-a-service (MaaS) model.
The threat actor behind CastleLoader has been assigned the name GrayBravo by Recorded Future's Insikt Group, which was previously tracking it as TAG-150.
Google AI systems (Gemini Enterprise) had a critical 'GeminiJack' security flaw allowing attackers to steal Gmail, Docs, and Calendar data with no clicks.
The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL side-loading, and fileless PowerShell execution to facilitate ransomware attacks.
"These methods allow them to bypass defenses, infiltrate networks, maintain persistence, and operate undetected, raising serious concerns for
Major League Hacking (MLH) is excited to announce a new initiative to expand access to blockchain education and hands-on learning for next-gen developers worldwide, with a focus on Solana, the fastest-growing blockchain ecosystem.
Weβre creating new ways for students and next-gen developers to learn, build, and explore the future of decentralized technology. As of December 2025, Solana will debut at MLH hackathons across the world, offering participants hands-on opportunities to experiment with blockchain development. Through workshops, technical challenges, and mentorship, developers will be able to gain practical experience building on Solana in a supportive environment designed for learning-by-doing.
Learning by Doing, Supported by Solana Technology
At MLH, our mission has always been to help developers learn by doing. This initiative builds directly on that philosophy by giving students access to the tools, resources, and guidance they need to turn ideas into real, deployable projects.
Solanaβs debut at MLH hackathons represents more than a new track. Itβs an invitation for student developers to join an active, global ecosystem. By bringing Solana technology directly into hackathon environments, weβre helping hackers take their first steps into blockchain development with the tools and mentorship to succeed.
Building Beyond the Hackathon: The Solana Micro-Grant Program
One of the most exciting parts of this initiative is the launch of the Solana Micro-Grant Program, coming later this year.
Through this initiative, MLH and Solana will award up to 75 developer micro-grants through December 2026, helping promising projects continue long after the hackathon weekend ends. These grants will support a wide range of projects, from developer tooling and educational templates to early-stage startups and public-good infrastructure that strengthen the Solana ecosystem.
In addition to funding, grant recipients will receive mentorship and community exposure, helping them grow their projects and connect with other builders in the Solana network. Itβs another way MLH helps ensure that great ideas donβt just start at hackathons; they keep growing.
Expanding Hands-On Blockchain Education
The initiative will also extend to our Fellowship Program, where students will have opportunities to contribute directly to Solana-related open-source projects in place of a traditional internship. This means students wonβt just learn how blockchain works. Theyβll build real-world software that powers it.
Additional educational support, including workshops, developer challenges, and learning content, will help participants understand key concepts in Solana program development, payments, and AI.
A Global Opportunity for Builders
While the initial rollout focuses on North America, the initiative will soon expand globally through initiatives like 100 Days of Solana, an open developer learning challenge that invites hackers from around the world to explore blockchain development together.
This aligns with MLHβs commitment to accessibility and inclusion in tech. Our community already spans over one million student developers across 98 countries, and with Solanaβs involvement, even more hackers will have access to cutting-edge tools, mentorship, and funding opportunities.
What This Means for the MLH Community
This initiative represents a natural evolution of MLHβs mission: to bridge the gap between academic learning and real-world experience. By integrating Solanaβs technology and developer ecosystem into MLH programs, weβre helping next-gen developers gain future-ready skills and the confidence to apply them in meaningful ways.
Get Involved
Want to start building on Solana at your next hackathon? Check out upcoming MLH events at mlh.io/events, and keep an eye out for the launch of the Solana Micro-Grant Program later this year.
Hypervisors the invisible backbone of modern corporate IT have become the new primary battleground for ransomware groups. According to new data from Huntress, attacks targeting hypervisors to deploy ransomware have skyrocketed in late 2025. While hypervisors like VMware ESXi and Microsoft Hyper-V power virtually all enterprise virtual machines (VMs), they often lack the security protections [β¦]
A sophisticated vishing campaign has emerged that combines social engineering with legitimate Microsoft tools to establish command execution chains leading to multi-stage .NET malware deployment. Security researchers have identified an attack flow that begins with impersonated IT personnel contacting victims via Microsoft Teams and culminates in fileless malware execution through memory-based reflection techniques. The infection [β¦]
Security researchers at Koi Security have uncovered a sophisticated malware campaign targeting developers through the Visual Studio Code Marketplace. The attack uses two seemingly innocent extensions a dark theme and an AI assistant to unleash a potent infostealer capable of capturing screenshots, hijacking browser sessions, and stealing Wi-Fi passwords. The malicious extensions, identified asΒ βBitcoin BlackβΒ andΒ βCodo [β¦]
SAP has released its December 2025 Security Patch Day updates, addressing 14 new security notes that fix multiple critical and highβseverity vulnerabilities across key enterprise products. Administrators are strongly advised to review the latest security notes in the SAP Support Portal and apply the patches without delay to protect their SAP environments. The most serious [β¦]
A sophisticated Linux backdoor named GhostPenguin has been discovered by Trend Micro Research, evading detection for over four months after its initial submission to VirusTotal in July 2025. The threat represents a new breed of stealthy malware designed to maintain a low profile while delivering comprehensive remote access and file system manipulation capabilities to threat [β¦]
ActiveScan++, a widely used extension for the popular penetration testing tool Burp Suite, has released a significant upgrade. The scanner now includes specific detection capabilities for the critical βReact2Shellβ vulnerabilities. This update addresses two high-severity security flaws, CVE-2025-55182 and CVE-2025-66478. Why This Update Matters React2Shell vulnerabilities are critical because they allow attackers to execute remote [β¦]
Security researchers have uncovered critical vulnerabilities in the Model Context Protocol (MCP) sampling feature that enable malicious servers to execute stealthy prompt injection attacks, drain computational resources, and compromise large language model applications without user detection. The findings reveal three primary attack vectors that exploit the protocolβs inherent trust model and lack of robust security [β¦]
LACβs Cyber Emergency Center has identified a sophisticated cyberespionage campaign targeting Japanese shipping and transportation companies. The operation, orchestrated by a China-based threat actor in April 2025, leveraged critical vulnerabilities in Ivanti Connect Secure (ICS) to deploy βMetaRAT,β a newly identified variant of the notorious PlugX malware family. This campaign highlights the persistent evolution of [β¦]
Cydomeβs Cybersecurity Research Team has uncovered a sophisticated new variant of the notorious Mirai botnet, designated as βBroadside,β currently executing an active campaign against the maritime logistics sector. Unlike generic botnet waves, Broadside is specifically exploiting a critical vulnerability in digital video recorders (DVRs) used on commercial vessels, signaling a strategic shift toward specialized industrial [β¦]
Polish authorities have arrested three Ukrainian citizens after discovering sophisticated hacking equipment, including FLIPPER devices, during a routine traffic stop in Warsaw. The discovery marks a significant operation targeting cybercriminals allegedly traveling across Europe and conducting cyberattacks against critical infrastructure. Officers from Warsawβs ΕrΓ³dmieΕcie district stopped a Toyota sedan on Senatorska Street. They found three [β¦]
Zero Trust helps organizations shrink their attack surface and respond to threats faster, but many still struggle to implement it because their security tools donβt share signals reliably. 88% of organizations admit theyβve suffered significant challenges in trying to implement such approaches, according to Accenture. When products canβt communicate, real-time access decisions break down.
The
Login
