Security AffairsThird-party AI hack triggers Vercel breach, internal environments accessedMon, 20 Apr 2026 10:11:04 +0000 Vercel suffered a breach after a hacked Context.ai tool exposed an employee account, letting attackers access limited internal systems and non-sensitive data. Vercel reported a security breach caused by the compromise of a third-party AI tool, Context.ai, used by one of its employees. The attacker took over the employee’s Google Workspace account and used it […] AI Model Claude Opus turns bugs into exploits for just $2,283Mon, 20 Apr 2026 08:24:01 +0000 Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome exploit for just $2,283, raising concerns about how easily AI can be used to find and exploit vulnerabilities. Below is the cost of the experiment: Model […] Cyber attacks fuel surge in cargo theft across logistics industrySun, 19 Apr 2026 14:59:46 +0000 Hackers infiltrate logistics firms to steal cargo and divert payments, cyberattacks are linked to organized crime and rising losses. Proofpoint researchers observed crooks targeting trucking and logistics companies, running coordinated remote access campaigns to steal cargo and divert payments. These attacks appear to be linked to organized crime. The findings highlight a growing trend of […] SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93Sun, 19 Apr 2026 13:00:38 +0000 Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CPU-Z / HWMonitor watering hole infection – a copy-pasted attack Fake Claude site installs malware that gives attackers access to your computer Malware Analysis Static SKILL for Codex JanelaRAT: a financial threat targeting users in Latin […] Security Affairs newsletter Round 573 by Pierluigi Paganini – INTERNATIONAL EDITIONSun, 19 Apr 2026 09:32:00 +0000 A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware Nexcorium Mirai variant […] Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malwareSat, 18 Apr 2026 15:20:06 +0000 Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, an open-source emulator, to hide malicious activity inside virtual machines. By running malware in a VM, attackers avoid endpoint security controls and leave minimal traces on […] Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacksSat, 18 Apr 2026 10:05:16 +0000 A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that threat actors are exploiting vulnerabilities in TBK DVRs and end-of-life TP-Link routers to spread a Mirai variant called Nexcorium. “IoT devices are increasingly prime targets for […] Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated accessSat, 18 Apr 2026 06:49:12 +0000 Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Microsoft Defender to gain higher privileges on compromised systems. The vulnerabilities, called BlueHammer, RedSun, and UnDefend, were revealed by a researcher known as Chaotic Eclipse after criticizing Microsoft’s handling of the […] Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western IntelligenceFri, 17 Apr 2026 19:56:42 +0000 Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a threat actor stole $13.7 million in a cyber attack that the company attributes to Western intelligence agencies. The stolen funds belonged to Russian users, as the […] DraftKings hacker sentenced to prison, ordered to pay $1.4 MillionFri, 17 Apr 2026 14:16:23 +0000 A DraftKings hacker got 30 months in prison for selling stolen credentials and must pay over $1.4 million in fines and restitution. Kamerin Stokes, 23, from Memphis (aka TheMFNPlug), received a 30-month prison sentence for his role in a 2022 credential stuffing attack against DraftKings. He continued selling stolen login data online even after pleading […] |
The Hacker NewsWhy Most AI Deployments Stall After the DemoMon, 20 Apr 2026 17:00:00 +0530 The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for your team. But most AI initiatives don't fail because of bad technology. They stall because what worked in the demo doesn't survive contact with real operations. The gap between a Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply ChainMon, 20 Apr 2026 16:12:00 +0530 Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture that could pave the way for remote code execution and have a cascading effect on the artificial intelligence (AI) supply chain. "This flaw enables Arbitrary Command Execution (RCE) on any system running a vulnerable MCP implementation, granting attackers direct access to Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT SystemsMon, 20 Apr 2026 13:04:00 +0530 Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by Darktrace, highlighting its ability to set up persistence, tamper with local configuration files, and scan for operational technology (OT)-relevant services on the local subnet. Vercel Breach Tied to Context AI Hack Exposes Limited Customer CredentialsMon, 20 Apr 2026 09:05:00 +0530 Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to "certain" internal Vercel systems. The incident stemmed from the compromise of Context.ai, a third-party artificial intelligence (AI) tool, that was used by an employee at the company. "The attacker used that access to take over the employee's Vercel Google Workspace account, [Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise DataSat, 18 Apr 2026 13:37:00 +0530 In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your org, there are 40 to 50 automated credentials: service accounts, API tokens, AI agent connections, and OAuth grants. When projects end or employees leave, most $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence ClaimsSat, 18 Apr 2026 13:29:00 +0530 Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The exchange said it fell victim to what it described as a large-scale cyber attack that bore hallmarks of foreign intelligence agency involvement. This attack led to the theft of over 1 Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS BotnetSat, 18 Apr 2026 11:31:00 +0530 Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability affecting Three Microsoft Defender Zero-Days Actively Exploited; Two Still UnpatchedFri, 17 Apr 2026 18:51:00 +0530 Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse ( Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy OverhaulFri, 17 Apr 2026 16:17:00 +0530 Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9 million accounts in 2025. The new policy updates relate to contact and location permissions in Android, allowing third-party apps to access the contact lists and a user's location in NIST Limits CVE Enrichment After 263% Surge in Vulnerability SubmissionsFri, 17 Apr 2026 12:44:00 +0530 The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions. "CVEs that do not meet those criteria will still be listed in the NVD but will not Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal AccountsFri, 17 Apr 2026 11:16:00 +0530 An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000 cybercriminals. The ongoing effort, dubbed Operation PowerOFF, disrupted access to the DDoS-for-hire services, took down the technical infrastructure supporting them, and obtained access to Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active ExploitationFri, 17 Apr 2026 08:52:00 +0530 A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To that end, the agency has added the vulnerability, tracked as CVE-2026-34197 (CVSS score: 8.8), to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 TrafficThu, 16 Apr 2026 23:22:00 +0530 Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. "PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to the C2 server, to evade the network signature detections," Cisco Talos ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More StoriesThu, 16 Apr 2026 18:35:00 +0530 You know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers getting creative in ways that are almost impressive if you ignore the whole "crime" part, ancient vulnerabilities somehow still ruining people's days, and enough supply chain drama to fill a season of television nobody asked for. Not Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code ExecutionThu, 16 Apr 2026 16:57:00 +0530 Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 (CVSS score: 9.8) - An improper certificate validation in the integration of single sign-on (SSO) Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto AttacksThu, 16 Apr 2026 15:50:00 +0530 A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors. Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware CampaignThu, 16 Apr 2026 11:50:00 +0530 The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp. The activity, which was observed between March and April n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing EmailsWed, 15 Apr 2026 22:39:00 +0530 Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails. "By leveraging trusted infrastructure, these attackers bypass traditional security filters, turning productivity tools into delivery Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server TakeoverWed, 15 Apr 2026 18:26:00 +0530 A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild. The vulnerability in question is CVE-2026-33032 (CVSS score: 9.8), an authentication bypass vulnerability that enables threat actors to seize control of the Nginx service. It has been codenamed MCPwn by Pluto Security. " April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and MoreWed, 15 Apr 2026 18:07:00 +0530 A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse (CVE-2026-27681, CVSS score: 9.9) that could result in the execution of arbitrary database Deterministic + Agentic AI: The Architecture Exposure Validation RequiresWed, 15 Apr 2026 17:00:00 +0530 Few technologies have moved from experimentation to boardroom mandate as quickly as AI. Across industries, leadership teams have embraced its broader potential, and boards, investors, and executives are already pushing organizations to adopt it across operational and security functions. Pentera’s AI Security and Exposure Report 2026 reflects that momentum: every CISO surveyed Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New VulnerabilitiesWed, 15 Apr 2026 14:10:00 +0530 Microsoft on Tuesday released updates to address a record 169 security flaws across its product portfolio, including one vulnerability that has been actively exploited in the wild. Of these 169 vulnerabilities, 157 are rated Important, eight are rated Critical, three are rated Moderate, and one is rated Low in severity. Ninety-three of the flaws are OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security TeamsWed, 15 Apr 2026 10:00:00 +0530 OpenAI on Tuesday unveiled GPT-5.4-Cyber, a variant of its latest flagship model, GPT‑5.4, that's specifically optimized for defensive cybersecurity use cases, days after rival Anthropic unveiled its own frontier model, Mythos. "The progressive use of AI accelerates defenders – those responsible for keeping systems, data, and users safe – enabling them to find and fix problems New PHP Composer Flaws Enable Arbitrary Command Execution — Patches ReleasedTue, 14 Apr 2026 21:27:00 +0530 Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities have been described as command injection flaws affecting the Perforce VCS (version control software) driver. Details of the two flaws are below - CVE-2026-40176 (CVSS Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance SecurityTue, 14 Apr 2026 20:26:00 +0530 Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-safe code at a more foundational level. "The new Rust-based DNS parser significantly reduces our security risk by mitigating an entire class of vulnerabilities in a risky area, while also laying AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad FraudTue, 14 Apr 2026 20:00:00 +0530 Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google's Discover feed and trick users into enabling persistent browser notifications that lead to scareware and financial scams. The campaign, which has been Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta AdsTue, 14 Apr 2026 15:50:00 +0530 A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, Messenger, and Threads through advertisements on Meta. "Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)Tue, 14 Apr 2026 15:30:00 +0530 OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly 400%. The surge in AI-assisted development is creating a "velocity gap" where the density of high-impact vulnerabilities is scaling faster than 108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 UsersTue, 14 Apr 2026 14:05:00 +0530 Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with the goal of collecting user data and enabling browser-level abuse by injecting ads and arbitrary JavaScript code into every web page visited. According to Socket, the extensions (complete list ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched ServersTue, 14 Apr 2026 11:20:00 +0530 A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which carries a CVSS score of 9.4 out of 10.0. It relates to a case of unrestricted file upload that stems from improper validation of CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe SoftwareTue, 14 Apr 2026 11:09:00 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2026-21643 (CVSS score: 9.1) - An SQL injection vulnerability in Fortinet FortiClient EMS that could allow an JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025Mon, 13 Apr 2026 22:45:00 +0530 Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to be the target of a malware family called JanelaRAT. A modified version of BX RAT, JanelaRAT is known to steal financial and cryptocurrency data associated with specific financial entities, as well as track mouse inputs, log keystrokes, take screenshots, and collect system metadata. "One of the FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud AttemptsMon, 13 Apr 2026 20:16:00 +0530 The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an off-the-shelf toolkit called W3LL to steal thousands of victims' account credentials and attempt more than $20 million in fraud. In tandem, authorities detained the alleged developer, who has& ⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and MoreMon, 13 Apr 2026 18:31:00 +0530 Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings where the gap between a quiet shift and a full-blown incident response is basically Your MTTD Looks Great. Your Post-Alert Gap Doesn'tMon, 13 Apr 2026 17:11:00 +0530 Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks' Wendi Whitmore warned that similar capabilities are weeks or months from proliferation. CrowdStrike's 2026 Global Threat Report puts average eCrime breakout time at 29 minutes. Mandiant's M-Trends North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT MalwareMon, 13 Apr 2026 14:45:00 +0530 The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. "The threat actor used two Facebook OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain IncidentMon, 13 Apr 2026 12:20:00 +0530 OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user data or internal system was compromised. "Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps," OpenAI said in a post last week. "We found no CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor DownloadsSun, 12 Apr 2026 11:24:00 +0530 Unknown threat actors compromised CPUID ("cpuid[.]com"), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621Sun, 12 Apr 2026 09:55:00 +0530 Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an attacker to run malicious code on affected installations. It has been described as Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad DataSat, 11 Apr 2026 11:32:00 +0530 Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies and is now sold by its successor Penlink after the two firms merged in July 2023 GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEsFri, 10 Apr 2026 18:53:00 +0530 Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments (IDEs) on a developer's machine. The technique has been discovered in an Open VSX extension named "specstudio.code-wakatime-activity-tracker," which masquerades as WakaTime, a Browser Extensions Are the New AI Consumption Channel That No One Is Talking AboutFri, 10 Apr 2026 16:30:00 +0530 While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there's a wide-open window nobody's guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI threat surface in your network that isn't on anyone's Google Rolls Out DBSC in Chrome 146 to Block Session Theft on WindowsFri, 10 Apr 2026 13:28:00 +0530 Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta. The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned in an upcoming Chrome release. "This project represents a significant Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of DisclosureFri, 10 Apr 2026 13:07:00 +0530 A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend ServersFri, 10 Apr 2026 11:58:00 +0530 Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a popular WordPress slider plugin with more than 800,000 active installations across its free and Pro EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet InstallsThu, 09 Apr 2026 22:56:00 +0530 Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data," the Microsoft Defender UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing CampaignsThu, 09 Apr 2026 21:53:00 +0530 A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More StoriesThu, 09 Apr 2026 18:27:00 +0530 Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twice. Quiet escalations more than loud zero-days, but the kind that matter more in The Hidden Security Risks of Shadow AI in EnterprisesThu, 09 Apr 2026 17:01:00 +0530 As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows, they also operate outside the visibility of security teams, bypassing controls and creating new blind spots in what is known as shadow AI. While similar to the phenomenon of Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025Thu, 09 Apr 2026 16:45:00 +0530 Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON's Haifei Li, has been described as a highly-sophisticated PDF exploit. The artifact ("Invoice540.pdf") first appeared on the VirusTotal platform on November 28, 2025. A second |
darkreadingHow NIST's Cutback of CVE Handling Impacts Cyber TeamsFri, 17 Apr 2026 19:51:57 GMT Industry and ad hoc coalitions appear poised to help fill the gap created by NIST's decision to cut back on CVE data enrichment. Tycoon 2FA Phishers Scatter, Adopt Device Code PhishingFri, 17 Apr 2026 19:05:51 GMT In embracing device code phishing, attackers trick victims into handing over account access by using a service's legitimate new-device login flow. Every Old Vulnerability Is Now an AI VulnerabilityFri, 17 Apr 2026 14:47:18 GMT AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones. Coast Guard's New Cybersecurity Rules Offer Lessons for CISOsFri, 17 Apr 2026 13:00:00 GMT The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, and a hybrid OT-security role. NIST Revamps CVE Framework to Focus on High-Impact VulnerabilitiesThu, 16 Apr 2026 21:47:31 GMT The National Institute of Standards and Technology carved a new path for vulnerability remediation by changing the way it prioritizes software flaws. North Korea Uses ClickFix to Target macOS Users' DataThu, 16 Apr 2026 19:42:45 GMT Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials and sensitive data from Macs. 'Harmless' Global Adware Transforms Into an AV KillerThu, 16 Apr 2026 19:07:26 GMT A benign looking update Dragon Boss pushed out in March 2025 established persistence via scheduled tasks and arranged for future payloads to be excluded from Windows Defender. Two-Factor Authentication Breaks Free from the DesktopThu, 16 Apr 2026 15:28:15 GMT Threat actors know how to bypass security systems outside of traditional IT environments. Implementing 2FA could provide a needed extra security barrier in the physical world. Microsoft's Original Windows Secure Boot Certificate Is ExpiringThu, 16 Apr 2026 15:16:30 GMT The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, Microsoft said. Update those PCs soon. 6-Year Ransomware Campaign Targets Turkish Homes & SMBsThu, 16 Apr 2026 06:00:00 GMT While enterprises breaches make more headlines, smaller incidents tend to be under-reported, if at all, allowing campaigns to last longer with less disruption. Critical MCP Integration Flaw Puts NGINX at RiskWed, 15 Apr 2026 21:45:18 GMT Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration files. Navigating the Unique Security Risks of Asia's Digital Supply ChainWed, 15 Apr 2026 19:30:47 GMT Regulatory differences, interconnected digital ecosystems, and the rise of AI have created a complex supply chain Asian organizations must wrangle. Prepping for 'Q-Day': Why Quantum Risk Management Should Start NowWed, 15 Apr 2026 15:12:01 GMT Quantum computers are coming and may impact systems in unexpected ways, and it will "take years to be fully quantum-safe, if ever," cryptography expert warns. Audit: Big Tech Often Ignores CA Privacy Law Opt-Out RequestsWed, 15 Apr 2026 14:38:53 GMT Google, Meta, and Microsoft about half the time don't comply with requests to opt out of online tracking per a California law mandate, privacy watchdog finds. Microsoft, Salesforce Patch AI Agent Data Leak FlawsWed, 15 Apr 2026 12:00:00 GMT Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data. Microsoft Bets $10B to Boost Japan's AI, CybersecurityWed, 15 Apr 2026 00:00:08 GMT The deal aims to accelerate AI adoption, train workers, and develop cybersecurity partnerships — the latest move by a hyperscaler to compete for sovereign AI and data centers. Privilege Elevation Dominates Massive Microsoft Patch UpdateTue, 14 Apr 2026 21:22:07 GMT Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix. EDR-Killer Ecosystem Expansion Requires Stronger BYOVD DefensesTue, 14 Apr 2026 20:20:34 GMT Stopping EDR killers, which employ bring-your-own-vulnerable-driver (BYOVD) attack techniques, is difficult, but not impossible. War Game Exercise Demonstrates How Social Media Manipulation WorksTue, 14 Apr 2026 16:06:14 GMT In an educational game called "Capture the Narrative," students created bots to sway a fictional election, simulating influence in real-world political scenarios. Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak LoadsMon, 13 Apr 2026 21:48:09 GMT Security teams can't test distributed denial-of-service defenses in a vacuum. They need to test during periods of high demand, such as tax-filing deadlines. CSA: CISOs Should Prepare for Post-Mythos Exploit StormMon, 13 Apr 2026 21:29:31 GMT In a new report from the Cloud Security Alliance (CSA), experts warn of an "AI vulnerability storm" triggered by the introduction of Anthropic's Claude Mythos. Adobe Patches Actively Exploited Zero-Day That Lingered for MonthsMon, 13 Apr 2026 20:52:38 GMT An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four months. Empty Attestations: OT Lacks the Tools for Cryptographic ReadinessMon, 13 Apr 2026 19:10:55 GMT OT asset owners are being asked by regulators to attest to their post-quantum cryptographic readiness without the appropriate tooling, resulting in paperwork dressed up to look like genuine security. APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud CredentialsMon, 13 Apr 2026 15:08:12 GMT The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication. Hims Breach Exposes the Most Sensitive Kinds of PHIFri, 10 Apr 2026 20:02:30 GMT Threat actors breached the telehealth brand, and now they may know patients' personal health details. What could they do with that information? Your Next Breach Will Look Like Business as UsualFri, 10 Apr 2026 19:21:55 GMT These are the fundamental detection model shifts cybersecurity teams need to make to keep up with the rising number of credential-based attacks. FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud ThreatsFri, 10 Apr 2026 15:52:28 GMT Orange Business Reimagines Enterprise Voice Communications With Trust and AIFri, 10 Apr 2026 15:05:14 GMT Industrial Controllers Still Vulnerable As Conflicts Move to CyberFri, 10 Apr 2026 13:30:00 GMT The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices. Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?Fri, 10 Apr 2026 13:00:00 GMT Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the vendor said. Russia's 'Fancy Bear' APT Continues Its Global OnslaughtThu, 09 Apr 2026 20:50:37 GMT Victims don't need to match the cyber espionage group's technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable. 'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure IssuesThu, 09 Apr 2026 20:13:34 GMT Under the alias 'Chaotic Eclipse,' a researcher released a PoC exploit for a zero-day flaw that allows for system takeover by a local user, citing an undisclosed beef with Microsoft. Do Ceasefires Slow Cyberattacks? History Suggests NotThu, 09 Apr 2026 18:15:00 GMT The cybersecurity community is waiting with bated breath to see if Iranian hackers will honor a ceasefire that doesn't actually name or directly involve them. Russia's Forest Blizzard Nabs Rafts of Logins via SOHO RoutersThu, 09 Apr 2026 01:00:00 GMT Heard of fileless malware? How about malwareless cyber espionage? Russia's APT28 is spying on global organizations by modifying just one DNS setting in vulnerable routers. Threat Actors Get Crafty With Emojis to Escape DetectionWed, 08 Apr 2026 20:21:32 GMT When 🤖 means "bot available," 🧰 signifies "toolkit," or 💰💰💰 translates to "big ransom," bad actors can evade filters and keep it all on the down-low. AI-Led Remediation Crisis Prompts HackerOne to Pause Bug BountiesWed, 08 Apr 2026 19:47:32 GMT Discovery used to be the bottleneck for open source bugs, but with automated discovery, remediation's the bottleneck, which bounties don't fund. Fraud Rockets Higher in Mobile-First Latin AmericaWed, 08 Apr 2026 15:45:11 GMT Cyber-fraudsters move quickly from compromised devices to account takeover to funds transfer, shifting money before many financial institutions can react. Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on CampusWed, 08 Apr 2026 14:43:49 GMT Niobium Introduces The FogWed, 08 Apr 2026 14:22:33 GMT Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity TeamsWed, 08 Apr 2026 14:08:22 GMT Iranian Threat Actors Disrupt US Critical Infrastructure via Exposed PLCsWed, 08 Apr 2026 13:46:29 GMT Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors. Storm-1175 Deploys Medusa Ransomware at 'High Velocity'Tue, 07 Apr 2026 20:15:07 GMT Microsoft says the financially motivated cybercrime group has exploited n-day and zero-day vulnerabilities in campaigns predicated on speed. Grafana Patches AI Bug That Could Have Leaked User DataTue, 07 Apr 2026 19:52:26 GMT By hiding malicious instructions on an attacker-controlled Web page, AI could ingest orders that appear benign but return sensitive data to the attacker's server. RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than EverTue, 07 Apr 2026 14:57:16 GMT Dark Reading's Kelly Jackson Higgins shares insights on the past, present, and future of cybersecurity after attending RSAC 2026 Conference. Human vs. AI: Debates Shape RSAC 2026 Cybersecurity TrendsTue, 07 Apr 2026 14:36:44 GMT As AI dominated RSAC 2026, CISOs and industry leaders debated its role in security, from agentic applications to the challenges of scaling human involvement in decision-making. Lies, Damned Lies, and Cybersecurity MetricsTue, 07 Apr 2026 14:26:02 GMT A panel of five C-suite leaders discuss how cybersecurity success is measured and why it isn't improving results. Focusing on the People in Cybersecurity at RSAC 2026 ConferenceTue, 07 Apr 2026 13:00:00 GMT AI dominated RSAC 2026 Conference, but it's still the humans in cybersecurity who matter most. AI-Assisted Supply Chain Attack Targets GitHubMon, 06 Apr 2026 21:38:53 GMT PRT-scan is the second campaign in recent months where a threat actor appears to have leveraged AI for automated targeting of a widespread GitHub misconfiguration. Axios Attack Shows How Complex Social Engineering Is IndustrializedMon, 06 Apr 2026 20:55:44 GMT The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns. Fortinet Issues Emergency Patch for FortiClient Zero-DayMon, 06 Apr 2026 20:24:19 GMT The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild. |
Krebs on SecurityPatch Tuesday, April 2026 EditionTue, 14 Apr 2026 21:47:59 +0000 Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution. Russia Hacked Routers to Steal Microsoft Office TokensTue, 07 Apr 2026 17:02:44 +0000 Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code. Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrabMon, 06 Apr 2026 02:07:17 +0000 An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021. ‘CanisterWorm’ Springs Wiper Attack Targeting IranMon, 23 Mar 2026 15:43:04 +0000 A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language. Feds Disrupt IoT Botnets Behind Huge DDoS AttacksFri, 20 Mar 2026 00:49:19 +0000 The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets -- named Aisuru, Kimwolf, JackSkid and Mossad -- are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline. Iran-Backed Hackers Claim Wiper Attack on Medtech Firm StrykerWed, 11 Mar 2026 16:20:13 +0000 A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency. Microsoft Patch Tuesday, March 2026 EditionWed, 11 Mar 2026 00:32:51 +0000 Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this month's Patch Tuesday. How AI Assistants are Moving the Security GoalpostsSun, 08 Mar 2026 23:35:42 +0000 AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey. Who is the Kimwolf Botmaster “Dort”?Sat, 28 Feb 2026 12:01:57 +0000 In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle "Dort" -- has coordinated a barrage of distributed denial-of-service (DDoS), doxing and email flooding attacks against the researcher and this author, and more recently caused a SWAT team to be sent to the researcher's home. This post examines what is knowable about Dort based on public information. ‘Starkiller’ Phishing Service Proxies Real Login Pages, MFAFri, 20 Feb 2026 20:00:30 +0000 Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand's real website, and then acts as a relay between the target and the legitimate site -- forwarding the victim's username, password and multi-factor authentication (MFA) code to the legitimate site and returning its responses. |
Hackread – Cybersecurity News, Data Breaches, AI and MoreBritish Hacker Tyler Buchanan Pleads Guilty to $8M Hacking Scheme in USMon, 20 Apr 2026 12:43:48 +0000 Tyler Robert Buchanan, a 24-year-old British hacker linked to Scattered Spider, admits to a multi-year US hacking scheme involving at least $8M in crypto theft. 52M-Download protobuf.js Library Hit by RCE in Schema HandlingMon, 20 Apr 2026 10:42:15 +0000 Critical RCE flaw in protobuf.js lets attackers execute code via malicious schemas. Learn who is at risk, affected versions, and how to fix it. ShowDoc Vulnerability Patched in 2020 Now Used in Active Server TakeoversSat, 18 Apr 2026 14:25:37 +0000 Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide. Operation PowerOFF: 75K Users of DDoS-for-Hire Services Identified and WarnedSat, 18 Apr 2026 11:23:52 +0000 Operation PowerOFF identifies and warns 75K users of DDoS-for-hire services, nets 4 arrests, and seizes 53 domains in a Europol-led crackdown. Founder Liquidity Without Compromising on GrowthFri, 17 Apr 2026 19:42:51 +0000 Founders can access liquidity without exiting by selling shares via secondary deals, reducing financial pressure while staying focused on long-term growth. New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 AppsFri, 17 Apr 2026 18:44:32 +0000 New research from Zimperium reveals four active Android malware campaigns, RecruitRat, SaferRat, Astrinox, and Massiv, targeting over 800 banking apps globally. The Race to Quantum-Proof the Internet Has Already BegunFri, 17 Apr 2026 17:44:46 +0000 The race to quantum-proof the internet is underway as experts warn of “harvest now, decrypt later” risks and slow migration to post-quantum security. New Mirai Variant Nexcorium Hijacks DVR Devices for DDoS AttacksFri, 17 Apr 2026 14:00:59 +0000 Cybersecurity researchers at Fortinet have discovered Nexcorium, a new Mirai-based malware targeting TBK DVR systems to turn them into a botnet for DDoS attacks. New ZionSiphon Malware Discovered Targeting Israeli Water SystemsFri, 17 Apr 2026 11:00:56 +0000 Researchers at Darktrace have identified ZionSiphon, a new malware targeting Israeli water treatment plants. Learn how this OT-focused… New CGrabber and Direct-Sys Malware Spread Through GitHub ZIP FilesFri, 17 Apr 2026 09:25:45 +0000 Hackers spread CGrabber and Direct-Sys malware through GitHub ZIP files, bypassing security tools to steal passwords, crypto wallets, and user data. |
Hacker CombatSnowflake Data Breach: What Happened and How to Prevent ItTue, 05 Aug 2025 18:00:42 +0000 In 2024, the cybersecurity landscape was shaken by an unexpected and widespread incident—the Snowflake data breach. Despite being a leading provider of cloud-based data warehousing solutions, Snowflake found itself at... The post Snowflake Data Breach: What Happened and How to Prevent It appeared first on Hacker Combat. Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk ManagementFri, 13 Dec 2024 12:04:08 +0000 Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the... The post Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management appeared first on Hacker Combat. Zero Trust ArchitectureMon, 02 Dec 2024 10:43:16 +0000 Zero trust security takes an “never trust, always verify” approach to access control. Access is only granted once an individual’s identity and context have been confirmed through multifactor authentication and... The post Zero Trust Architecture appeared first on Hacker Combat. What Is a Security Operations Center (SOC)?Mon, 02 Dec 2024 07:51:03 +0000 A Security Operations Center (SOC) specializes in monitoring and analyzing data to detect cyber threats and prevent attacks from them. They work to sort actual threats from false positives before... The post What Is a Security Operations Center (SOC)? appeared first on Hacker Combat. XDR vs SIEM Security Information and Event ManagementFri, 29 Nov 2024 12:53:23 +0000 The Extended Detection and Response Platform (XDR) ingestion and correlation technology captures and correlates high-fidelity data across your security layers, such as endpoint, network, logs, cloud services and identities to... The post XDR vs SIEM Security Information and Event Management appeared first on Hacker Combat. Best Free EDR for Windows PCFri, 29 Nov 2024 11:19:32 +0000 Endpoint detection and response (EDR) tools offer businesses that employ hybrid work models or remote employees an extra layer of cybersecurity protection. Utilizing artificial intelligence (AI) and machine learning (ML),... The post Best Free EDR for Windows PC appeared first on Hacker Combat. Free EDR Solutions for Home Users in 2025Tue, 26 Nov 2024 07:46:59 +0000 EDR can detect and respond to emerging and advanced cyber threats quickly and efficiently, making it an essential component of modern business ecosystems. Beyond signature-based detection capabilities, its features go... The post Free EDR Solutions for Home Users in 2025 appeared first on Hacker Combat. Cloud Security EssentialsMon, 28 Oct 2024 04:57:20 +0000 Cloud security involves employing perimeter defenses like firewalls, IDPSs and VPNs as well as guaranteeing isolation through network segmentation and virtual LANs while monitoring traffic for anomalies and threats –... The post Cloud Security Essentials appeared first on Hacker Combat. Antivirus SoftwareMon, 28 Oct 2024 02:43:18 +0000 Antivirus software protects devices against viruses, malware, and other cyberthreats by detecting, quarantining, and deleting malicious code. Modern antivirus products also offer additional security features such as password protection, identity... The post Antivirus Software appeared first on Hacker Combat. How to Protect Against Ransomware Attacks?Fri, 25 Oct 2024 03:57:42 +0000 Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within an allotted timeframe or risk losing it forever. When an... The post How to Protect Against Ransomware Attacks? appeared first on Hacker Combat. |
Flipboard.com CybercriminalitéFuite massive en France : des millions de données d'état civil volées à l'Agence Nationale des Titres SécurisésMon, 20 Apr 2026 09:06:30 GMT L’Agence nationale des titres sécurisés (ANTS) a subi une attaque informatique. Les données d’état civil de nombreux Français ont été compromises. … "Ca m'a coûté beaucoup d'argent" : à 67 ans, cette arnaque à la carte bancaire le laisse "sans un centime" en quelques minutesMon, 20 Apr 2026 10:00:06 GMT La transition vers la banque à distance nécessite une vigilance de chaque instant pour éviter les pièges tendus par des fraudeurs experts. Pour … Elon Musk convoqué par la justice française : vers une confrontation judiciaire et diplomatiqueMon, 20 Apr 2026 07:14:39 GMT Attendu ce lundi 20 avril 2026 pour une audition libre, Elon Musk devrait briller par son absence. Derrière ce bras de fer entre le Parquet de Paris … Piratage de panneaux solaires : les 3 réflexes urgents pour protéger votre installation connectéeMon, 20 Apr 2026 12:06:53 GMT Les installations solaires reposent de plus en plus sur des systèmes intelligents et connectés. Mais leur dépendance au numérique devient aussi un … Windrose : le jeu de piraterie de type Assassin’s Creed Black Flag est en train de cartonner sur Steam - PaperGeekMon, 20 Apr 2026 06:31:42 GMT À peine son early access lancé, le jeu de survie coopératif Windrose vient déjà d’atteindre le million de téléchargements. Le jeu de pirates a même … ENQUETE. Russie, narcotrafic, darknet... Plongée dans les coulisses du très discret service espion des douanes françaisesMon, 20 Apr 2026 04:00:45 GMT Moins connue que d'autres services de renseignement, la DNRED joue un rôle clé dans la lutte contre les trafics ou encore le contournement des … Affaire Pegasus : deux ex-dirigeants de l’entreprise commercialisant le logiciel espion entendus par la justice françaiseMon, 20 Apr 2026 10:41:09 GMT Deux des cofondateurs de NSO ont été placés sous le statut de témoin assisté dans le cadre d’une enquête ouverte en 2022, rapporte « Mediapart ». Deux … Le vol d'identifiants explose, plus d'un million de comptes bancaires déjà compromisMon, 20 Apr 2026 07:56:20 GMT En 2025, plus d'un million de comptes bancaires ont atterri sur le dark web. Les chercheurs de Kaspersky ont passé l’année à surveiller les marchés … Un simple clic peut vous ruiner : des PDF piégés circulent, voici comment vous protégerSun, 19 Apr 2026 18:01:50 GMT Adobe a publié des mises à jour pour réparer une faille de sécurité très dangereuse. Elle est utilisée par des hackers pour distribuer des fichiers … Cybersécurité. À Singapour, les bons citoyens sont plus vulnérables aux arnaquesMon, 20 Apr 2026 03:00:21 GMT Malgré les campagnes de prévention, les escrocs qui se font passer pour des fonctionnaires soutirent des millions de dollars aux Singapouriens. Pour … "On a vraiment des lacunes" en matière de défense sol-air, selon le chef de l'armée | RTSSun, 19 Apr 2026 19:54:09 GMT L’armée suisse affronte depuis plusieurs mois un déluge de déconvenues, dans un contexte de guerre hybride et de situation géopolitique instable. Le … Cyberattaques Windows : une faille transforme l'antivirus Defender en arme pour les piratesMon, 20 Apr 2026 08:58:07 GMT Une série d’outils capables d’exploiter une faille zero-day dans Windows Defender ont été divulgués par un chercheur en conflit avec Microsoft. Ils … Délinquance : Quimper face à la montée des cambriolages et de la cybercriminalitéSun, 19 Apr 2026 17:00:00 GMT Le bilan de la délinquance à Quimper, en 2025, montre que la violence hors cadre familial stagne, mais les cambriolages explosent. Le narcotrafic, … Elon Musk convoqué lundi par la justice française après quinze mois d’une enquête tendueSun, 19 Apr 2026 15:00:04 GMT Le parquet de Paris enquête depuis janvier 2025 sur de nombreux abus prêtés au réseau social X et à son dirigeant. Le milliardaire a été convoqué, … Cybersécurité : quand la menace oblige à repenser le périmètre de la sécurité - ZDNETMon, 20 Apr 2026 08:45:53 GMT Les cyberattaques ne progressent plus, elles s’industrialisent. Face à des menaces qui ciblent désormais les couches les plus profondes des systèmes … Apple : Non, votre iPhone n’est pas forcément sur écoute, attention à cette arnaqueMon, 20 Apr 2026 11:11:03 GMT Une nouvelle arnaque jouant sur la peur d’un danger imminent a été repérée par les spécialistes de la cybersécurité. Ce « scareware » vise les … Le portail ANTS visé par une cyberattaque, des «données à caractère personnel» concernéesMon, 20 Apr 2026 11:09:17 GMT Un signalement a été transmis à la procureure de la République de Paris en application de l’article 40 du code de procédure pénale en vue de … Le portail ANTS, qui édite cartes d’identité et passeports, victime d’une fuite de données après une cyberattaqueMon, 20 Apr 2026 10:48:02 GMT Le ministre de l’Intérieur a annoncé ce lundi la fuite de données à la suite d’une cyberattaque du portail de l’Agence nationale des titres sécurisés. … L'ANTS piratée à cause d'une faille basique et 19 millions de Français en font les frais, une fois de plus !Mon, 20 Apr 2026 09:47:00 GMT Une fuite de données d'une grosse ampleur à l'ANTS met en péril les données de 19 millions de Français potentiellement concernés par une attaque … La bibliothèque JavaScript la plus utilisée au monde a été piégée par des hackers nord-coréensMon, 20 Apr 2026 12:56:00 GMT Des hackers nord-coréens ont infecté Axios, bibliothèque JavaScript incontournable avec 100 millions de téléchargements hebdomadaires, en … Microsoft Defender fragilisé par trois failles zero-day critiquesSun, 19 Apr 2026 18:00:07 GMT Plus d’un milliard d’utilisateurs de Windows se retrouvent exposés après la divulgation de failles critiques dans Microsoft Defender par un chercheur … Au Muséum national d’histoire naturelle, 7 000 factures en retard neuf mois après une cyberattaqueSun, 19 Apr 2026 17:00:04 GMT Le président du Muséum national d’histoire naturelle, Gilles Bloch, affirme que cet acte de malveillance émane d’« un grand pays peu démocratique … Ils piratent des transporteurs et volent des cargaisons entières : dans les coulisses de la cyberattaqueSun, 19 Apr 2026 14:02:00 GMT Dans un article de blog publié le 16 avril 2026, les chercheurs de Proofpoint retracent la manière dont ils ont infiltré un groupe criminel … Le crime à portée de clic : l’inquiétante mutation du banditismeSun, 19 Apr 2026 05:30:00 GMT Violence exacerbée, sous-traitance, rajeunissement des suspects : le renseignement criminel alerte sur l’expansion de la criminalité organisée, … Cybercriminalité : Elon Musk convoqué lundi devant la justice françaiseSat, 18 Apr 2026 18:00:48 GMT Le multimilliardaire américain est attendu lundi, en audition libre, dans le cadre de l’enquête menée par la justice française sur son réseau social X … Quels conseils de cybersécurité pour les Français de l’étranger, en première ligne ?Sun, 19 Apr 2026 16:00:00 GMT Les attaquants travaillent désormais à l'échelle industrielle, avec des campagnes mieux scénarisées, adaptées aux habitudes de déplacement. Le 23 … Olivier Minne victime de hackers, il alerte ses followers et dénonce l'abandon de "X"Sat, 18 Apr 2026 17:10:10 GMT L'ancien animateur phare de France Télévisions et maintenant de M6, Olivier Minne, traverse une zone de turbulences sur les réseaux sociaux. Celui qui … Une arnaque sur Booking tente de vous piéger juste après une réservation, le timing est redoutableSun, 19 Apr 2026 06:01:17 GMT À l’approche des vacances, une nouvelle vague d’arnaques vise les utilisateurs de Booking. Les cybercriminels ont mis au point des messages … Une commune désactive ses systèmes informatiques après une cyberattaqueSun, 19 Apr 2026 15:01:58 GMT Temse, une commune de Flandre-Orientale, a décidé de désactiver préventivement ses systèmes informatiques en raison d’une cyberattaque dont les … Fuite de données personnelles : l'Agence nationale des titres sécurisés visée par une cyberattaque | TF1 InfoMon, 20 Apr 2026 10:42:14 GMT Un nouvel organisme officiel victime d'une cyberattaque. L'Agence nationale des titres sécurisés (ANTS), qui gère les demandes de pièces d'identité, a … |
CyberScoopWhy the Axios attack proves AI is mandatory for supply chain securityMon, 20 Apr 2026 13:17:25 +0000 Two weeks ago, a suspected North Korean threat actor slipped malicious code into a package within Axios, a widely used JavaScript library. The immediate concern was the blast radius: roughly 100 million weekly downloads spanning enterprises, startups, and government systems. But beyond the sheer scale, the attack’s speed was just as worrisome – a stark […] The post Why the Axios attack proves AI is mandatory for supply chain security appeared first on CyberScoop. Network ‘background noise’ may predict the next big edge-device vulnerabilityMon, 20 Apr 2026 10:00:00 +0000 GreyNoise researchers spotted a consistent trend in forthcoming vulnerabilities affecting security tools, providing defenders an early-warning system for likely imminent attacks. The post Network ‘background noise’ may predict the next big edge-device vulnerability appeared first on CyberScoop. The surveillance law Congress can’t quit — and can’t explainFri, 17 Apr 2026 17:31:13 +0000 Congress overhauled Section 702 in 2024 with 56 changes. Now, as the law nears expiration, supporters and critics can’t even agree on what the numbers show. The post The surveillance law Congress can’t quit — and can’t explain appeared first on CyberScoop. US nationals sentenced for aiding North Korea’s tech worker schemeThu, 16 Apr 2026 23:05:57 +0000 Kejia Wang and Zhenxing Wang established shell companies and hosted laptop farms to help operatives obtain jobs at more than 100 U.S. companies. The post US nationals sentenced for aiding North Korea’s tech worker scheme appeared first on CyberScoop. Officials seize 53 DDoS-for-hire domains in ongoing crackdownThu, 16 Apr 2026 17:26:16 +0000 Operation PowerOFF’s latest globally coordinated action identified more than 75,000 alleged cybercriminals. Officials warned each of them to stop jamming up traffic. The post Officials seize 53 DDoS-for-hire domains in ongoing crackdown appeared first on CyberScoop. Ghost breaches: How AI-mediated narratives have become a new threat vectorThu, 16 Apr 2026 10:00:00 +0000 Three incidents. No actual breaches. Full-scale crisis response. AI hallucinations are creating a new threat vector that most organizations have yet to prepare for. The post Ghost breaches: How AI-mediated narratives have become a new threat vector appeared first on CyberScoop. NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilitiesWed, 15 Apr 2026 20:17:55 +0000 The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation. The post NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities appeared first on CyberScoop. Executive orders likely ahead in next steps for national cyber strategyWed, 15 Apr 2026 18:51:33 +0000 National Cyber Director Sean Cairncross said execution of the strategy is “rolling forward actively.” The post Executive orders likely ahead in next steps for national cyber strategy appeared first on CyberScoop. OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber modelWed, 15 Apr 2026 13:59:27 +0000 A new cybersecurity-focused variant of ChatGPT and an expanded access program put OpenAI in direct competition with Anthropic's Project Glasswing — and raises fresh questions about who gets to wield the most powerful security AI. The post OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber model appeared first on CyberScoop. We’re only seeing the tip of the chip-smuggling icebergWed, 15 Apr 2026 10:00:00 +0000 A string of federal indictments has exposed a pervasive shadow network of data centers and fake products spanning Southeast Asia. To secure national security, the U.S. must move enforcement from the airport gate to the factory floor. The post We’re only seeing the tip of the chip-smuggling iceberg appeared first on CyberScoop. |