Cyber Security News

Hacking Editorial Brief – May 25, 2026

A foreign state actor successfully compromised the WhatsApp account of an Australian Member of Parliament, according to testimony delivered at estimates hearings. The incident adds to growing concerns about parliamentary cybersecurity in multiple Western democracies, with UK officials simultaneously urging MPs and staff to strengthen digital security practices amid reports of similar targeting campaigns against legislative bodies. The revelation underscores persistent vulnerability in high-value political targets and the ongoing appetite among nation-state actors for access to government communications channels.

In vulnerability news, Microsoft issued mitigation guidance for CVE-2026-45585, a zero-day BitLocker bypass vulnerability rated 6.8 on the CVSS scale. The disclosure follows broader industry reporting from Mandiant's M-Trends 2026, which documents a concerning acceleration in exploitation timelines: attackers are now exploiting vulnerabilities an average of seven days *before* vendors release public patches—a metric the report describes as "negative seven days to exploit." This finding reflects adversaries' increasing ability to identify and weaponize flaws ahead of disclosure cycles, compressing defender response windows to effectively zero.

Meanwhile, a threat actor is advertising a database allegedly containing 340 million OnlyFans user records, reportedly compiled by correlating data from previous breaches with publicly available profile information to map users to actual OnlyFans accounts. The claimed dataset represents aggregation rather than a fresh breach, demonstrating how aging credential dumps continue to provide value to actors building correlation engines for targeted operations.

Sources: The Guardian · Hackread · Western Illinois University Cybersecurity Center · Stingrai