Security AffairsMicrosoft Defender under attack as three zero-days, two of them still unpatched, enable elevated accessSat, 18 Apr 2026 06:49:12 +0000 Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Microsoft Defender to gain higher privileges on compromised systems. The vulnerabilities, called BlueHammer, RedSun, and UnDefend, were revealed by a researcher known as Chaotic Eclipse after criticizing Microsoft’s handling of the […] Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western IntelligenceFri, 17 Apr 2026 19:56:42 +0000 Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a threat actor stole $13.7 million in a cyber attack that the company attributes to Western intelligence agencies. The stolen funds belonged to Russian users, as the […] DraftKings hacker sentenced to prison, ordered to pay $1.4 MillionFri, 17 Apr 2026 14:16:23 +0000 A DraftKings hacker got 30 months in prison for selling stolen credentials and must pay over $1.4 million in fines and restitution. Kamerin Stokes, 23, from Memphis (aka TheMFNPlug), received a 30-month prison sentence for his role in a 2022 credential stuffing attack against DraftKings. He continued selling stolen login data online even after pleading […] Operation PowerOFF: 53 DDoS domains seized and 3 Million criminal accounts uncoveredFri, 17 Apr 2026 13:38:32 +0000 Operation PowerOFF shut down 53 DDoS-for-hire domains, arrested four suspects, and exposed data on over 3 million criminal user accounts. Operation PowerOFF is an international law enforcement action that dismantled 53 domains linked to DDoS-for-hire services used by over 75,000 cybercriminals. Authorities arrested four suspects, seized infrastructure, and gained access to databases containing more than […] Inside ZionSiphon: politically driven malware aims at Israeli water systemsFri, 17 Apr 2026 09:06:28 +0000 New ZionSiphon malware targets water systems, and allows attackers to alter pressure and chlorine levels. A flaw makes it ineffective for now. Darktrace analyzed ZionSiphon, a new malware designed to target water treatment and desalination systems, which aims to disrupt operations by altering hydraulic pressure and increasing chlorine levels to unsafe levels. The malware combines […] U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalogFri, 17 Apr 2026 07:39:39 +0000 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-34197 is a critical flaw in Apache ActiveMQ caused by […] Cisco fixed four critical flaws in Identity Services and WebexThu, 16 Apr 2026 19:19:25 +0000 Cisco fixed four critical flaws in Identity Services and Webex that could allow code execution and user impersonation. Cisco has addressed four critical vulnerabilities affecting its Identity Services and Webex platforms. The flaws could allow attackers to execute arbitrary code and impersonate any user within the affected services. The issues pose serious security risks, prompting […] Cookeville Regional Medical Center hospital data breach impacts 337,917 peopleThu, 16 Apr 2026 18:03:55 +0000 A ransomware attack on Cookeville Regional Medical Center hospital (Tennessee) exposed data of 337,000 people after hackers stole 500GB of sensitive information from its systems. A ransomware attack on Cookeville Regional Medical Center (CRMC) in Tennessee led to a major data breach affecting about 337,000 people. The attack, carried out by the Rhysida group, involved […] AI platform n8n abused for stealthy phishing and malware deliveryThu, 16 Apr 2026 13:57:04 +0000 Attackers abuse AI automation platform n8n to run phishing campaigns, deliver malware, and evade security by using trusted infrastructure. Threat actors are exploiting the popular AI workflow automation platform n8n to launch advanced phishing campaigns, deliver malware, and collect device data through automated emails. By using trusted infrastructure, they can bypass traditional security controls and […] From clinics to government: UAC-0247 expands cyber campaign across UkraineThu, 16 Apr 2026 09:36:30 +0000 CERT-UA reports UAC-0247 targeting Ukrainian clinics and government bodies with malware stealing data from Chromium browsers and WhatsApp. CERT-UA has revealed a cyber campaign by the threat actor UAC-0247 targeting Ukrainian government entities and municipal healthcare facilities, including clinics and emergency hospitals. The operation between March and April 2026, used malware designed to steal sensitive […] |
The Hacker News[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise DataSat, 18 Apr 2026 13:37:00 +0530 In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your org, there are 40 to 50 automated credentials: service accounts, API tokens, AI agent connections, and OAuth grants. When projects end or employees leave, most $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence ClaimsSat, 18 Apr 2026 13:29:00 +0530 Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The exchange said it fell victim to what it described as a large-scale cyber attack that bore hallmarks of foreign intelligence agency involvement. This attack led to the theft of over 1 Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS BotnetSat, 18 Apr 2026 11:31:00 +0530 Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability affecting Three Microsoft Defender Zero-Days Actively Exploited; Two Still UnpatchedFri, 17 Apr 2026 18:51:00 +0530 Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse ( Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy OverhaulFri, 17 Apr 2026 16:17:00 +0530 Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9 million accounts in 2025. The new policy updates relate to contact and location permissions in Android, allowing third-party apps to access the contact lists and a user's location in NIST Limits CVE Enrichment After 263% Surge in Vulnerability SubmissionsFri, 17 Apr 2026 12:44:00 +0530 The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions. "CVEs that do not meet those criteria will still be listed in the NVD but will not Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal AccountsFri, 17 Apr 2026 11:16:00 +0530 An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000 cybercriminals. The ongoing effort, dubbed Operation PowerOFF, disrupted access to the DDoS-for-hire services, took down the technical infrastructure supporting them, and obtained access to Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active ExploitationFri, 17 Apr 2026 08:52:00 +0530 A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To that end, the agency has added the vulnerability, tracked as CVE-2026-34197 (CVSS score: 8.8), to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 TrafficThu, 16 Apr 2026 23:22:00 +0530 Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. "PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to the C2 server, to evade the network signature detections," Cisco Talos ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More StoriesThu, 16 Apr 2026 18:35:00 +0530 You know that feeling when you open your feed on a Thursday morning and it's just... a lot? Yeah. This week delivered. We've got hackers getting creative in ways that are almost impressive if you ignore the whole "crime" part, ancient vulnerabilities somehow still ruining people's days, and enough supply chain drama to fill a season of television nobody asked for. Not Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code ExecutionThu, 16 Apr 2026 16:57:00 +0530 Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 (CVSS score: 9.8) - An improper certificate validation in the integration of single sign-on (SSO) Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto AttacksThu, 16 Apr 2026 15:50:00 +0530 A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors. Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware CampaignThu, 16 Apr 2026 11:50:00 +0530 The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp. The activity, which was observed between March and April n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing EmailsWed, 15 Apr 2026 22:39:00 +0530 Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails. "By leveraging trusted infrastructure, these attackers bypass traditional security filters, turning productivity tools into delivery Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server TakeoverWed, 15 Apr 2026 18:26:00 +0530 A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild. The vulnerability in question is CVE-2026-33032 (CVSS score: 9.8), an authentication bypass vulnerability that enables threat actors to seize control of the Nginx service. It has been codenamed MCPwn by Pluto Security. " April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and MoreWed, 15 Apr 2026 18:07:00 +0530 A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulnerability impacting SAP Business Planning and Consolidation and SAP Business Warehouse (CVE-2026-27681, CVSS score: 9.9) that could result in the execution of arbitrary database Deterministic + Agentic AI: The Architecture Exposure Validation RequiresWed, 15 Apr 2026 17:00:00 +0530 Few technologies have moved from experimentation to boardroom mandate as quickly as AI. Across industries, leadership teams have embraced its broader potential, and boards, investors, and executives are already pushing organizations to adopt it across operational and security functions. Pentera’s AI Security and Exposure Report 2026 reflects that momentum: every CISO surveyed Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New VulnerabilitiesWed, 15 Apr 2026 14:10:00 +0530 Microsoft on Tuesday released updates to address a record 169 security flaws across its product portfolio, including one vulnerability that has been actively exploited in the wild. Of these 169 vulnerabilities, 157 are rated Important, eight are rated Critical, three are rated Moderate, and one is rated Low in severity. Ninety-three of the flaws are OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security TeamsWed, 15 Apr 2026 10:00:00 +0530 OpenAI on Tuesday unveiled GPT-5.4-Cyber, a variant of its latest flagship model, GPT‑5.4, that's specifically optimized for defensive cybersecurity use cases, days after rival Anthropic unveiled its own frontier model, Mythos. "The progressive use of AI accelerates defenders – those responsible for keeping systems, data, and users safe – enabling them to find and fix problems New PHP Composer Flaws Enable Arbitrary Command Execution — Patches ReleasedTue, 14 Apr 2026 21:27:00 +0530 Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities have been described as command injection flaws affecting the Perforce VCS (version control software) driver. Details of the two flaws are below - CVE-2026-40176 (CVSS Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance SecurityTue, 14 Apr 2026 20:26:00 +0530 Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-safe code at a more foundational level. "The new Rust-based DNS parser significantly reduces our security risk by mitigating an entire class of vulnerabilities in a risky area, while also laying AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad FraudTue, 14 Apr 2026 20:00:00 +0530 Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google's Discover feed and trick users into enabling persistent browser notifications that lead to scareware and financial scams. The campaign, which has been Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta AdsTue, 14 Apr 2026 15:50:00 +0530 A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, Messenger, and Threads through advertisements on Meta. "Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)Tue, 14 Apr 2026 15:30:00 +0530 OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly 400%. The surge in AI-assisted development is creating a "velocity gap" where the density of high-impact vulnerabilities is scaling faster than 108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 UsersTue, 14 Apr 2026 14:05:00 +0530 Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with the goal of collecting user data and enabling browser-level abuse by injecting ads and arbitrary JavaScript code into every web page visited. According to Socket, the extensions (complete list ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched ServersTue, 14 Apr 2026 11:20:00 +0530 A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which carries a CVSS score of 9.4 out of 10.0. It relates to a case of unrestricted file upload that stems from improper validation of CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe SoftwareTue, 14 Apr 2026 11:09:00 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2026-21643 (CVSS score: 9.1) - An SQL injection vulnerability in Fortinet FortiClient EMS that could allow an JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025Mon, 13 Apr 2026 22:45:00 +0530 Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to be the target of a malware family called JanelaRAT. A modified version of BX RAT, JanelaRAT is known to steal financial and cryptocurrency data associated with specific financial entities, as well as track mouse inputs, log keystrokes, take screenshots, and collect system metadata. "One of the FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud AttemptsMon, 13 Apr 2026 20:16:00 +0530 The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an off-the-shelf toolkit called W3LL to steal thousands of victims' account credentials and attempt more than $20 million in fraud. In tandem, authorities detained the alleged developer, who has& ⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and MoreMon, 13 Apr 2026 18:31:00 +0530 Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings where the gap between a quiet shift and a full-blown incident response is basically Your MTTD Looks Great. Your Post-Alert Gap Doesn'tMon, 13 Apr 2026 17:11:00 +0530 Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks' Wendi Whitmore warned that similar capabilities are weeks or months from proliferation. CrowdStrike's 2026 Global Threat Report puts average eCrime breakout time at 29 minutes. Mandiant's M-Trends North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT MalwareMon, 13 Apr 2026 14:45:00 +0530 The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. "The threat actor used two Facebook OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain IncidentMon, 13 Apr 2026 12:20:00 +0530 OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user data or internal system was compromised. "Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps," OpenAI said in a post last week. "We found no CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor DownloadsSun, 12 Apr 2026 11:24:00 +0530 Unknown threat actors compromised CPUID ("cpuid[.]com"), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621Sun, 12 Apr 2026 09:55:00 +0530 Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an attacker to run malicious code on affected installations. It has been described as Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad DataSat, 11 Apr 2026 11:32:00 +0530 Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies and is now sold by its successor Penlink after the two firms merged in July 2023 GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEsFri, 10 Apr 2026 18:53:00 +0530 Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments (IDEs) on a developer's machine. The technique has been discovered in an Open VSX extension named "specstudio.code-wakatime-activity-tracker," which masquerades as WakaTime, a Browser Extensions Are the New AI Consumption Channel That No One Is Talking AboutFri, 10 Apr 2026 16:30:00 +0530 While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there's a wide-open window nobody's guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI threat surface in your network that isn't on anyone's Google Rolls Out DBSC in Chrome 146 to Block Session Theft on WindowsFri, 10 Apr 2026 13:28:00 +0530 Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta. The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned in an upcoming Chrome release. "This project represents a significant Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of DisclosureFri, 10 Apr 2026 13:07:00 +0530 A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend ServersFri, 10 Apr 2026 11:58:00 +0530 Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a popular WordPress slider plugin with more than 800,000 active installations across its free and Pro EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet InstallsThu, 09 Apr 2026 22:56:00 +0530 Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data," the Microsoft Defender UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing CampaignsThu, 09 Apr 2026 21:53:00 +0530 A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More StoriesThu, 09 Apr 2026 18:27:00 +0530 Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twice. Quiet escalations more than loud zero-days, but the kind that matter more in The Hidden Security Risks of Shadow AI in EnterprisesThu, 09 Apr 2026 17:01:00 +0530 As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows, they also operate outside the visibility of security teams, bypassing controls and creating new blind spots in what is known as shadow AI. While similar to the phenomenon of Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025Thu, 09 Apr 2026 16:45:00 +0530 Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON's Haifei Li, has been described as a highly-sophisticated PDF exploit. The artifact ("Invoice540.pdf") first appeared on the VirusTotal platform on November 28, 2025. A second Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA RegionThu, 09 Apr 2026 16:10:00 +0530 An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA), according to findings from Access Now, Lookout, and SMEX. Two of the targets included prominent Egyptian journalists and government critics, Mostafa New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS ProxyWed, 08 Apr 2026 23:21:00 +0530 Cybersecurity researchers have flagged a new variant ofmalware called Chaosthat'scapable of hitting misconfigured cloud deployments, marking an expansion of the botnet's targeting infrastructure. "Chaos malware is increasingly targeting misconfigured cloud deployments, expanding beyond its traditional focus on routers and edge devices," Darktrace said in a new report. Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT DevicesWed, 08 Apr 2026 22:00:00 +0530 Cybersecurity researchers have lifted the curtain on a stealthy botnet that's designed for distributed denial-of-service (DDoS) attacks. Called Masjesu, the botnet has been advertised via Telegram as a DDoS-for-hire service since it first surfaced in 2023. It's capable of targeting a wide range of IoT devices, such as routers and gateways, spanning multiple architectures. "Built for APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO AlliesWed, 08 Apr 2026 19:20:00 +0530 The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented malware suite codenamed PRISMEX. "PRISMEX combines advanced steganography, component object model (COM) hijacking, and legitimate cloud service abuse for command-and-control," Trend Micro |
darkreadingHow NIST's Cutback of CVE Handling Impacts Cyber TeamsFri, 17 Apr 2026 19:51:57 GMT Industry and ad hoc coalitions appear poised to help fill the gap created by NIST's decision to cut back on CVE data enrichment. Tycoon 2FA Phishers Scatter, Adopt Device Code PhishingFri, 17 Apr 2026 19:05:51 GMT In embracing device code phishing, attackers trick victims into handing over account access by using a service's legitimate new-device login flow. Every Old Vulnerability Is Now an AI VulnerabilityFri, 17 Apr 2026 14:47:18 GMT AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones. Coast Guard's New Cybersecurity Rules Offers Lessons for CISOsFri, 17 Apr 2026 13:00:00 GMT The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, and a hybrid OT-security role. NIST Revamps CVE Framework to Focus on High-Impact VulnerabilitiesThu, 16 Apr 2026 21:47:31 GMT The National Institute of Standards and Technology carved a new path for vulnerability remediation by changing the way it prioritizes software flaws. North Korea Uses ClickFix to Target macOS Users' DataThu, 16 Apr 2026 19:42:45 GMT Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials and sensitive data from Macs. 'Harmless' Global Adware Transforms Into an AV KillerThu, 16 Apr 2026 19:07:26 GMT A benign looking update Dragon Boss pushed out in March 2025 established persistence via scheduled tasks and arranged for future payloads to be excluded from Windows Defender. Two-Factor Authentication Breaks Free from the DesktopThu, 16 Apr 2026 15:28:15 GMT Threat actors know how to bypass security systems outside of traditional IT environments. Implementing 2FA could provide a needed extra security barrier in the physical world. Microsoft's Original Windows Secure Boot Certificate Is ExpiringThu, 16 Apr 2026 15:16:30 GMT The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, Microsoft said. Update those PCs soon. 6-Year Ransomware Campaign Targets Turkish Homes & SMBsThu, 16 Apr 2026 06:00:00 GMT While enterprises breaches make more headlines, smaller incidents tend to be under-reported, if at all, allowing campaigns to last longer with less disruption. Critical MCP Integration Flaw Puts NGINX at RiskWed, 15 Apr 2026 21:45:18 GMT Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration files. Navigating the Unique Security Risks of Asia's Digital Supply ChainWed, 15 Apr 2026 19:30:47 GMT Regulatory differences, interconnected digital ecosystems, and the rise of AI have created a complex supply chain Asian organizations must wrangle. Prepping for 'Q-Day': Why Quantum Risk Management Should Start NowWed, 15 Apr 2026 15:12:01 GMT Quantum computers are coming and may impact systems in unexpected ways, and it will "take years to be fully quantum-safe, if ever," cryptography expert warns. Audit: Big Tech Often Ignores CA Privacy Law Opt-Out RequestsWed, 15 Apr 2026 14:38:53 GMT Google, Meta, and Microsoft about half the time don't comply with requests to opt out of online tracking per a California law mandate, privacy watchdog finds. Microsoft, Salesforce Patch AI Agent Data Leak FlawsWed, 15 Apr 2026 12:00:00 GMT Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data. Microsoft Bets $10B to Boost Japan's AI, CybersecurityWed, 15 Apr 2026 00:00:08 GMT The deal aims to accelerate AI adoption, train workers, and develop cybersecurity partnerships — the latest move by a hyperscaler to compete for sovereign AI and data centers. Privilege Elevation Dominates Massive Microsoft Patch UpdateTue, 14 Apr 2026 21:22:07 GMT Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix. EDR-Killer Ecosystem Expansion Requires Stronger BYOVD DefensesTue, 14 Apr 2026 20:20:34 GMT Stopping EDR killers, which employ bring-your-own-vulnerable-driver (BYOVD) attack techniques, is difficult, but not impossible. War Game Exercise Demonstrates How Social Media Manipulation WorksTue, 14 Apr 2026 16:06:14 GMT In an educational game called "Capture the Narrative," students created bots to sway a fictional election, simulating influence in real-world political scenarios. Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak LoadsMon, 13 Apr 2026 21:48:09 GMT Security teams can't test distributed denial-of-service defenses in a vacuum. They need to test during periods of high demand, such as tax-filing deadlines. CSA: CISOs Should Prepare for Post-Mythos Exploit StormMon, 13 Apr 2026 21:29:31 GMT In a new report from the Cloud Security Alliance (CSA), experts warn of an "AI vulnerability storm" triggered by the introduction of Anthropic's Claude Mythos. Adobe Patches Actively Exploited Zero-Day That Lingered for MonthsMon, 13 Apr 2026 20:52:38 GMT An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four months. Empty Attestations: OT Lacks the Tools for Cryptographic ReadinessMon, 13 Apr 2026 19:10:55 GMT OT asset owners are being asked by regulators to attest to their post-quantum cryptographic readiness without the appropriate tooling, resulting in paperwork dressed up to look like genuine security. APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud CredentialsMon, 13 Apr 2026 15:08:12 GMT The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication. Hims Breach Exposes the Most Sensitive Kinds of PHIFri, 10 Apr 2026 20:02:30 GMT Threat actors breached the telehealth brand, and now they may know patients' personal health details. What could they do with that information? Your Next Breach Will Look Like Business as UsualFri, 10 Apr 2026 19:21:55 GMT These are the fundamental detection model shifts cybersecurity teams need to make to keep up with the rising number of credential-based attacks. FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud ThreatsFri, 10 Apr 2026 15:52:28 GMT Orange Business Reimagines Enterprise Voice Communications With Trust and AIFri, 10 Apr 2026 15:05:14 GMT Industrial Controllers Still Vulnerable As Conflicts Move to CyberFri, 10 Apr 2026 13:30:00 GMT The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices. Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?Fri, 10 Apr 2026 13:00:00 GMT Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the vendor said. Russia's 'Fancy Bear' APT Continues Its Global OnslaughtThu, 09 Apr 2026 20:50:37 GMT Victims don't need to match the cyber espionage group's technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable. 'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure IssuesThu, 09 Apr 2026 20:13:34 GMT Under the alias 'Chaotic Eclipse,' a researcher released a PoC exploit for a zero-day flaw that allows for system takeover by a local user, citing an undisclosed beef with Microsoft. Do Ceasefires Slow Cyberattacks? History Suggests NotThu, 09 Apr 2026 18:15:00 GMT The cybersecurity community is waiting with bated breath to see if Iranian hackers will honor a ceasefire that doesn't actually name or directly involve them. Russia's Forest Blizzard Nabs Rafts of Logins via SOHO RoutersThu, 09 Apr 2026 01:00:00 GMT Heard of fileless malware? How about malwareless cyber espionage? Russia's APT28 is spying on global organizations by modifying just one DNS setting in vulnerable routers. Threat Actors Get Crafty With Emojis to Escape DetectionWed, 08 Apr 2026 20:21:32 GMT When 🤖 means "bot available," 🧰 signifies "toolkit," or 💰💰💰 translates to "big ransom," bad actors can evade filters and keep it all on the down-low. AI-Led Remediation Crisis Prompts HackerOne to Pause Bug BountiesWed, 08 Apr 2026 19:47:32 GMT Discovery used to be the bottleneck for open source bugs, but with automated discovery, remediation's the bottleneck, which bounties don't fund. Fraud Rockets Higher in Mobile-First Latin AmericaWed, 08 Apr 2026 15:45:11 GMT Cyber-fraudsters move quickly from compromised devices to account takeover to funds transfer, shifting money before many financial institutions can react. Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on CampusWed, 08 Apr 2026 14:43:49 GMT Niobium Introduces The FogWed, 08 Apr 2026 14:22:33 GMT Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity TeamsWed, 08 Apr 2026 14:08:22 GMT Iranian Threat Actors Disrupt US Critical Infrastructure via Exposed PLCsWed, 08 Apr 2026 13:46:29 GMT Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors. Storm-1175 Deploys Medusa Ransomware at 'High Velocity'Tue, 07 Apr 2026 20:15:07 GMT Microsoft says the financially motivated cybercrime group has exploited n-day and zero-day vulnerabilities in campaigns predicated on speed. Grafana Patches AI Bug That Could Have Leaked User DataTue, 07 Apr 2026 19:52:26 GMT By hiding malicious instructions on an attacker-controlled Web page, AI could ingest orders that appear benign but return sensitive data to the attacker's server. RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than EverTue, 07 Apr 2026 14:57:16 GMT Dark Reading's Kelly Jackson Higgins shares insights on the past, present, and future of cybersecurity after attending RSAC 2026 Conference. Human vs. AI: Debates Shape RSAC 2026 Cybersecurity TrendsTue, 07 Apr 2026 14:36:44 GMT As AI dominated RSAC 2026, CISOs and industry leaders debated its role in security, from agentic applications to the challenges of scaling human involvement in decision-making. Lies, Damned Lies, and Cybersecurity MetricsTue, 07 Apr 2026 14:26:02 GMT A panel of five C-suite leaders discuss how cybersecurity success is measured and why it isn't improving results. Focusing on the People in Cybersecurity at RSAC 2026 ConferenceTue, 07 Apr 2026 13:00:00 GMT AI dominated RSAC 2026 Conference, but it's still the humans in cybersecurity who matter most. AI-Assisted Supply Chain Attack Targets GitHubMon, 06 Apr 2026 21:38:53 GMT PRT-scan is the second campaign in recent months where a threat actor appears to have leveraged AI for automated targeting of a widespread GitHub misconfiguration. Axios Attack Shows How Complex Social Engineering Is IndustrializedMon, 06 Apr 2026 20:55:44 GMT The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns. Fortinet Issues Emergency Patch for FortiClient Zero-DayMon, 06 Apr 2026 20:24:19 GMT The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild. |
Krebs on SecurityPatch Tuesday, April 2026 EditionTue, 14 Apr 2026 21:47:59 +0000 Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited flaw that can lead to remote code execution. Russia Hacked Routers to Steal Microsoft Office TokensTue, 07 Apr 2026 17:02:44 +0000 Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code. Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrabMon, 06 Apr 2026 02:07:17 +0000 An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021. ‘CanisterWorm’ Springs Wiper Attack Targeting IranMon, 23 Mar 2026 15:43:04 +0000 A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language. Feds Disrupt IoT Botnets Behind Huge DDoS AttacksFri, 20 Mar 2026 00:49:19 +0000 The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets -- named Aisuru, Kimwolf, JackSkid and Mossad -- are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline. Iran-Backed Hackers Claim Wiper Attack on Medtech Firm StrykerWed, 11 Mar 2026 16:20:13 +0000 A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency. Microsoft Patch Tuesday, March 2026 EditionWed, 11 Mar 2026 00:32:51 +0000 Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this month's Patch Tuesday. How AI Assistants are Moving the Security GoalpostsSun, 08 Mar 2026 23:35:42 +0000 AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey. Who is the Kimwolf Botmaster “Dort”?Sat, 28 Feb 2026 12:01:57 +0000 In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to assemble Kimwolf, the world's largest and most disruptive botnet. Since then, the person in control of Kimwolf -- who goes by the handle "Dort" -- has coordinated a barrage of distributed denial-of-service (DDoS), doxing and email flooding attacks against the researcher and this author, and more recently caused a SWAT team to be sent to the researcher's home. This post examines what is knowable about Dort based on public information. ‘Starkiller’ Phishing Service Proxies Real Login Pages, MFAFri, 20 Feb 2026 20:00:30 +0000 Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand's real website, and then acts as a relay between the target and the legitimate site -- forwarding the victim's username, password and multi-factor authentication (MFA) code to the legitimate site and returning its responses. |
Hackread – Cybersecurity News, Data Breaches, AI and MoreFounder Liquidity Without Compromising on GrowthFri, 17 Apr 2026 19:42:51 +0000 Founders can access liquidity without exiting by selling shares via secondary deals, reducing financial pressure while staying focused on long-term growth. New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 AppsFri, 17 Apr 2026 18:44:32 +0000 New research from Zimperium reveals four active Android malware campaigns, RecruitRat, SaferRat, Astrinox, and Massiv, targeting over 800 banking apps globally. The Race to Quantum-Proof the Internet Has Already BegunFri, 17 Apr 2026 17:44:46 +0000 The race to quantum-proof the internet is underway as experts warn of “harvest now, decrypt later” risks and slow migration to post-quantum security. New Mirai Variant Nexcorium Hijacks DVR Devices for DDoS AttacksFri, 17 Apr 2026 14:00:59 +0000 Cybersecurity researchers at Fortinet have discovered Nexcorium, a new Mirai-based malware targeting TBK DVR systems to turn them into a botnet for DDoS attacks. New ZionSiphon Malware Discovered Targeting Israeli Water SystemsFri, 17 Apr 2026 11:00:56 +0000 Researchers at Darktrace have identified ZionSiphon, a new malware targeting Israeli water treatment plants. Learn how this OT-focused… New CGrabber and Direct-Sys Malware Spread Through GitHub ZIP FilesFri, 17 Apr 2026 09:25:45 +0000 Hackers spread CGrabber and Direct-Sys malware through GitHub ZIP files, bypassing security tools to steal passwords, crypto wallets, and user data. OpenAI Launches GPT-5.4-Cyber to Boost Defensive CybersecurityThu, 16 Apr 2026 14:59:48 +0000 OpenAI unveils GPT-5.4-Cyber, a cybersecurity-focused model built to help defenders analyze malware and fix software bugs. The company is also expanding its Trusted Access for Cyber (TAC) program to thousands of verified experts. Cybersecurity Risks of Hiring a Virtual Assistant and How to Protect Your BusinessThu, 16 Apr 2026 11:23:46 +0000 Virtual assistants boost productivity but add cybersecurity risks. Poor access control, weak devices, and credential sharing can expose sensitive business data. Researchers Say Fiverr Left User Files Open to Google SearchThu, 16 Apr 2026 10:42:26 +0000 Private Fiverr user documents, including tax records and IDs, were reportedly found in Google search results due to a storage configuration issue. Read more about the findings and the company’s response to the data exposure. Anonymizing Network Traffic: A Dive into SOCKS5 and Data EncryptionWed, 15 Apr 2026 23:28:36 +0000 SOCKS5 protocol explained: anonymize traffic, boost security with encryption, bypass restrictions, and enable reliable data collection for business use. |
Hacker CombatSnowflake Data Breach: What Happened and How to Prevent ItTue, 05 Aug 2025 18:00:42 +0000 In 2024, the cybersecurity landscape was shaken by an unexpected and widespread incident—the Snowflake data breach. Despite being a leading provider of cloud-based data warehousing solutions, Snowflake found itself at... The post Snowflake Data Breach: What Happened and How to Prevent It appeared first on Hacker Combat. Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk ManagementFri, 13 Dec 2024 12:04:08 +0000 Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the... The post Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management appeared first on Hacker Combat. Zero Trust ArchitectureMon, 02 Dec 2024 10:43:16 +0000 Zero trust security takes an “never trust, always verify” approach to access control. Access is only granted once an individual’s identity and context have been confirmed through multifactor authentication and... The post Zero Trust Architecture appeared first on Hacker Combat. What Is a Security Operations Center (SOC)?Mon, 02 Dec 2024 07:51:03 +0000 A Security Operations Center (SOC) specializes in monitoring and analyzing data to detect cyber threats and prevent attacks from them. They work to sort actual threats from false positives before... The post What Is a Security Operations Center (SOC)? appeared first on Hacker Combat. XDR vs SIEM Security Information and Event ManagementFri, 29 Nov 2024 12:53:23 +0000 The Extended Detection and Response Platform (XDR) ingestion and correlation technology captures and correlates high-fidelity data across your security layers, such as endpoint, network, logs, cloud services and identities to... The post XDR vs SIEM Security Information and Event Management appeared first on Hacker Combat. Best Free EDR for Windows PCFri, 29 Nov 2024 11:19:32 +0000 Endpoint detection and response (EDR) tools offer businesses that employ hybrid work models or remote employees an extra layer of cybersecurity protection. Utilizing artificial intelligence (AI) and machine learning (ML),... The post Best Free EDR for Windows PC appeared first on Hacker Combat. Free EDR Solutions for Home Users in 2025Tue, 26 Nov 2024 07:46:59 +0000 EDR can detect and respond to emerging and advanced cyber threats quickly and efficiently, making it an essential component of modern business ecosystems. Beyond signature-based detection capabilities, its features go... The post Free EDR Solutions for Home Users in 2025 appeared first on Hacker Combat. Cloud Security EssentialsMon, 28 Oct 2024 04:57:20 +0000 Cloud security involves employing perimeter defenses like firewalls, IDPSs and VPNs as well as guaranteeing isolation through network segmentation and virtual LANs while monitoring traffic for anomalies and threats –... The post Cloud Security Essentials appeared first on Hacker Combat. Antivirus SoftwareMon, 28 Oct 2024 02:43:18 +0000 Antivirus software protects devices against viruses, malware, and other cyberthreats by detecting, quarantining, and deleting malicious code. Modern antivirus products also offer additional security features such as password protection, identity... The post Antivirus Software appeared first on Hacker Combat. How to Protect Against Ransomware Attacks?Fri, 25 Oct 2024 03:57:42 +0000 Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within an allotted timeframe or risk losing it forever. When an... The post How to Protect Against Ransomware Attacks? appeared first on Hacker Combat. |
Flipboard.com CybercriminalitéQuand la Russie teste l’Europe et l’OTAN: retour sur l’invention de la "République populaire de Narva", faux Etat séparatiste estonien et "véritable supercherie de propagande" russe en ligneSat, 18 Apr 2026 09:25:31 GMT Le cyberespace est devenu un véritable terrain de confrontation sur le flanc est de l’Europe et de l’OTAN. Face à la Russie, l’Estonie se retrouve … Danger sur votre IBAN : ce que les cybercriminels peuvent vraiment faire avec votre simple RIBSat, 18 Apr 2026 06:52:00 GMT On le pensait inoffensif, mais il est devenu une arme de choix pour les cybercriminels. Loin d'être une simple coordonnée de réception, votre IBAN … Elon Musk convoqué devant la justice française concernant les contenus à caractère pédopornographique qui circulent sur XSat, 18 Apr 2026 05:40:16 GMT Elon Musk répondra-t-il à la convocation du parquet de Paris? Le multimilliardaire américain est attendu lundi, en audition libre, dans le cadre de … Un million de comptes bancaires piratés en 2025 : le dark web est au cœur du problèmeSat, 18 Apr 2026 06:01:30 GMT En 2025, plus d’un million de comptes bancaires ont été compromis par des cybercriminels. Dans la plupart des cas, les comptes en banque ont été … Basic Fit piraté : quelles informations ont fuité ?Sat, 18 Apr 2026 06:15:46 GMT ► En bref Basic Fit a récemment subi un piratage de ses bases de données • Les mots de passe et pièces d’identité ne semblent pas concernés • Certaines … « L’open source est mort » : ce projet majeur ferme subitement son code par peur de l’IAFri, 17 Apr 2026 05:30:00 GMT Cal, application de planification parmi les plus importantes de l’écosystème open source, abandonne sa licence ouverte. En cause : la capacité des IA … 90 vidéos, chantage et silence : le bilan d’un weekend noir qui pourrait tout changer pour GTA 6Fri, 17 Apr 2026 12:00:00 GMT Le calme après la tempête numériqueLa deadline est tombée le 14 avril dernier. Le groupe de hackers, qui affirmait détenir des données sensibles sur … Un gendarme jugé pour pédopornographie, des familles normandes dénoncent le silence des autoritésFri, 17 Apr 2026 04:00:00 GMT L'affaire n'avait pas vocation à être médiatisée mais, depuis des mois, elle ronge d'inquiétude des familles manchoises en manque d'informations. Le … La plateforme Grinex liée à la Russie suspend ses opérations après un piratage « soutenu par l'État » de 13 millions de dollarsFri, 17 Apr 2026 09:15:37 GMT La plateforme d’échange, anciennement connue sous le nom de Garantex et basée au Kirghizistan, a été sanctionnée par les États-Unis, le Royaume-Uni … « Intraçables » sur Prime Video : c’est quoi cette série avec Sofia Essaïdi où la menace vient de la technologieFri, 17 Apr 2026 06:01:00 GMT Mis en ligne sur Prime Video ce 17 avril, ce thriller franco-suisse de 6 épisodes suit une mère et son fils traqués par un hacker redoutable et … Trump a un nouveau levier: La dépendance aux clouds américains expose l'Europe à un risque stratégiqueFri, 17 Apr 2026 07:17:36 GMT La dépendance des pays européens aux services de cloud américains fait peser un risque sur leur sécurité nationale, selon un rapport publié vendredi. … Et si votre robot aspirateur vous espionnait ? Une faille expose des milliers d’appareilsFri, 17 Apr 2026 08:00:00 GMT Un ingénieur voulait simplement piloter son robot aspirateur avec une manette de jeu vidéo. Il s'est involontairement retrouvé à avoir accès à près … Il n’a fallu que 2 minutes pour pirater la nouvelle appli de vérification d’âge de l’UEFri, 17 Apr 2026 10:10:00 GMT Alors que la vérification d’âge pour accéder aux réseaux sociaux entrera en vigueur en septembre prochain, l’Union européenne se ridiculise. Présentée … Un VPN sans traces : DuckDuckGo fait ses preuvesFri, 17 Apr 2026 06:00:47 GMT Une vérification externe confirme que le service fonctionne sans stockage d’activité ni données personnelles traçables. Une confidentialité validée … L'app de vérification d'âge de l'UE piratée en 2 minutes : un fiasco prévisibleFri, 17 Apr 2026 07:33:00 GMT Trois jours après son lancement, l'application européenne de vérification d'âge accumule les failles de sécurité. Un chercheur a tout contourné en … "Le système de sécurité a détecté une écoute téléphonique sur votre Apple iPhone" : Méfiez-vous de ce message qui cache une arnaque bien ficelée | TF1 InfoThu, 16 Apr 2026 21:00:43 GMT C’est une escroquerie particulièrement vicieuse qui touche, pour l’instant, les détenteurs d'un iPhone. Même si les appareils de la marque Apple, à … Des failles Microsoft vieilles de 14 ans encore exploitées par les cybercriminels : les entreprises et les particuliers sont exposés aux attaques, alerte la cybersécurité américaineFri, 17 Apr 2026 12:30:55 GMT Des failles Microsoft non corrigées, dont une vieille de 14 ans, servent encore à des attaques de ransomware contre des entreprises. L'agence … Leak GTA : les hackers voulaient faire chanter Rockstar, ils viennent de leur faire gagner 1 milliard de dollars à la place !Fri, 17 Apr 2026 09:06:07 GMT En tentant d'extorquer 200 000 dollars à Rockstar Games, les hackers de ShinyHunters ont accidentellement fait gagner un milliard de dollars à sa … En 2025, l'Assurance maladie a détecté près de 723 millions d'euros de fraudesThu, 16 Apr 2026 19:35:00 GMT Faux arrêts de travail, des centres de santé fictifs, du blanchiment... Un nouveau record de fraude à l'assurance maladie a été battu en 2025. Les … Comment les Américains évaluent les risques de Mythos, l’IA d’Anthropic qui effraie la planèteFri, 17 Apr 2026 03:30:22 GMT Le nouveau système du géant mondial de l’intelligence artificielle fait craindre la divulgation massive de failles informatiques, qui ferait le … Cyberattaques à la demande : 75 000 internautes ont reçu un avertissement des autoritésFri, 17 Apr 2026 06:00:37 GMT Le marché du DDoS vient de subir un nouveau revers. Plus de 75 000 hackers ont par ailleurs reçu un avertissement des forces de l’ordre. Une vingtaine … Élève isolé inspiré par un tueur « incel » : qui était İsa Aras Mersinli, l’ado meurtrier du collège Ayser Çalık en TurquieThu, 16 Apr 2026 07:36:29 GMT Neuf personnes sont mortes et treize autres ont été blessées au collège Ayser Çalık de Kahramanmaraş en Turquie le 15 avril. L’auteur de la … CyberGhost VPN : 12 000 serveurs pour 2 €/mois, ça vaut le coup ?Sat, 18 Apr 2026 07:30:00 GMT Avec plus de 12 000 serveurs et un tarif promotionnel de 2,03 € par mois, CyberGhost s’impose comme l’un des VPN les plus attractifs du moment. Mais … « Un simple VPN ne suffit plus » : voici la nouvelle offre 4-en-1 d'ExpressVPN pour améliorer sa cyber-sécuritéFri, 17 Apr 2026 05:32:05 GMT Puisqu’un simple VPN ou antivirus ne suffit plus à protéger ses données et sa vie privée, ExpressVPN a conçu une suite d’outils de cybersécurité … IA : l'Europe s'inquiète à son tour de la menace que Mythos fait peser sur les banquesThu, 16 Apr 2026 04:00:35 GMT L'Autorité bancaire européenne prend au sérieux la menace que fait peser sur les banques le nouveau modèle d'Anthropic, « Mythos ». Son nouveau … « Intraçables » sur Prime Video : un thriller glacé mais un peu frileuxThu, 16 Apr 2026 15:35:11 GMT La série franco-suisse « Intraçables » mêle thriller et cybercriminalité dans une ambiance de paysages enneigés. Malgré une réalisation soignée, le … Vos appareils connectés n'ont jamais été aussi vulnérablesFri, 17 Apr 2026 01:56:00 GMT De nombreuses failles ont été détectées dans un protocole réseau, l'UPnP. A cause de cela, 50 millions d'appareils connectés sont vulnérables à une … Fuites de données : l’éducation nationale, une cible vulnérable face aux cyberattaquesSat, 18 Apr 2026 03:15:06 GMT Deux vols de données ont touché ces dernières semaines des bases de données d’élèves et d’enseignants. Le ministère, qui possède des données sur des … Arnaque du « pistolet mal raccroché » : gare à cette technique qui sévit dans les stations-service !Thu, 16 Apr 2026 06:00:00 GMT Une arnaque discrète qui peut vous coûter cher sans que vous vous en rendiez compte. À l’heure où les cyberattaques font trembler les multinationales, … Top 10 des signes qui prouvent qu'un mail de confirmation de commande est en réalité une tentative de phishingFri, 17 Apr 2026 10:00:05 GMT Les faux emails de confirmation de commande explosent sur les boîtes aux lettres électroniques. Pirates et cybercriminels utilisent cette technique … |
CyberScoopThe surveillance law Congress can’t quit — and can’t explainFri, 17 Apr 2026 17:31:13 +0000 Congress overhauled Section 702 in 2024 with 56 changes. Now, as the law nears expiration, supporters and critics can’t even agree on what the numbers show. The post The surveillance law Congress can’t quit — and can’t explain appeared first on CyberScoop. US nationals sentenced for aiding North Korea’s tech worker schemeThu, 16 Apr 2026 23:05:57 +0000 Kejia Wang and Zhenxing Wang established shell companies and hosted laptop farms to help operatives obtain jobs at more than 100 U.S. companies. The post US nationals sentenced for aiding North Korea’s tech worker scheme appeared first on CyberScoop. Officials seize 53 DDoS-for-hire domains in ongoing crackdownThu, 16 Apr 2026 17:26:16 +0000 Operation PowerOFF’s latest globally coordinated action identified more than 75,000 alleged cybercriminals. Officials warned each of them to stop jamming up traffic. The post Officials seize 53 DDoS-for-hire domains in ongoing crackdown appeared first on CyberScoop. Ghost breaches: How AI-mediated narratives have become a new threat vectorThu, 16 Apr 2026 10:00:00 +0000 Three incidents. No actual breaches. Full-scale crisis response. AI hallucinations are creating a new threat vector that most organizations have yet to prepare for. The post Ghost breaches: How AI-mediated narratives have become a new threat vector appeared first on CyberScoop. NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilitiesWed, 15 Apr 2026 20:17:55 +0000 The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation. The post NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities appeared first on CyberScoop. Executive orders likely ahead in next steps for national cyber strategyWed, 15 Apr 2026 18:51:33 +0000 National Cyber Director Sean Cairncross said execution of the strategy is “rolling forward actively.” The post Executive orders likely ahead in next steps for national cyber strategy appeared first on CyberScoop. OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber modelWed, 15 Apr 2026 13:59:27 +0000 A new cybersecurity-focused variant of ChatGPT and an expanded access program put OpenAI in direct competition with Anthropic's Project Glasswing — and raises fresh questions about who gets to wield the most powerful security AI. The post OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber model appeared first on CyberScoop. We’re only seeing the tip of the chip-smuggling icebergWed, 15 Apr 2026 10:00:00 +0000 A string of federal indictments has exposed a pervasive shadow network of data centers and fake products spanning Southeast Asia. To secure national security, the U.S. must move enforcement from the airport gate to the factory floor. The post We’re only seeing the tip of the chip-smuggling iceberg appeared first on CyberScoop. CISA cancels summer internships for cyber scholarship students amid DHS funding lapseTue, 14 Apr 2026 23:17:33 +0000 The move adds to mounting pressure on a scholarship program already strained by hiring freezes, proposed budget cuts and a growing backlog of unplaced graduates. The post CISA cancels summer internships for cyber scholarship students amid DHS funding lapse appeared first on CyberScoop. Microsoft drops its second-largest monthly batch of defects on recordTue, 14 Apr 2026 20:27:39 +0000 The vendor disclosed one actively exploited zero-day vulnerability in Microsoft Office SharePoint that allows attackers to view information and make changes to disclosed information. The post Microsoft drops its second-largest monthly batch of defects on record appeared first on CyberScoop. |