Malware Supply Chain Attack3 Min Read April 29, 2026 SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malw…
7 Min Read April 29, 2026 New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs Cybersecurity researchers have discovered malicious code in an npm… Malware Social Engineering
2 Min Read April 29, 2026 Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks In February 2026, researchers uncovered a shift that completely changed… Artificial Intelligence Exposure Validation
5 Min Read April 29, 2026 What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong) Every security team has a version of the same story. The quarter ends… Exposure Management Security Operations
Software Security Vulnerability3 Min Read April 28, 2026 Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that…
Malware Supply Chain Attack4 Min Read April 28, 2026 Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players…
Malware Supply Chain Attack4 Min Read April 28, 2026 VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw…
Data Integrity Operational Technology4 Min Read April 28, 2026 Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a…
Network Security Vulnerability2 Min Read April 28, 2026 Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform…
Artificial Intelligence Enterprise Security4 Min Read April 28, 2026 After Mythos: New Playbooks For a Zero-Window Era When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know…
Cyber Espionage Vulnerability2 Min Read April 28, 2026 Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34,…
Identity Management Vulnerability2 Min Read April 28, 2026 Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity…
Linux Malware Ransomware Vulnerabilities5 Min Read April 28, 2026 FIRESTARTER: Cisco ASA Backdoor The Advisory That Changes EverythingOn April 23, 2026, CISA and the United Kingdom National Cyber Security Centre jointly assessed that…
Vulnerabilities2 Min Read April 28, 2026 Unfiltered: The 9.8 CVSS Deserialization Loophole Hijacking Apache MINA Apache MINA is widely recognized as a foundational network application framework, designed to help users easily develop high-performance and…
Security2 Min Read April 27, 2026 Robinhood account creation flaw abused to send phishing emails Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate…
Security2 Min Read April 27, 2026 GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update. Six…
Security2 Min Read April 27, 2026 Canada arrests three for operating “SMS blaster” device in Toronto Canadian authorities have arrested three men for operating an "SMS blaster" device that pretends to be a cellular tower to send phishing texts…
Browser Chrome Cybersecurity Data Security Extensions LayerX Privacy Security Surveillance2 Min Read April 27, 2026 82 Chrome Extensions Found Selling User Data, 6.5 Million Users Affected Most people install browser extensions without giving them much thought. Recent incidents, along with a new investigation by LayerX Security…
Security2 Min Read April 27, 2026 Alleged Silk Typhoon hacker extradited to US for cyberespionage A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to…
Anodot Cyber Attack Cyber Crime Cybersecurity Data Breaches Salesforce ShinyHunters Udemy Zara3 Min Read April 27, 2026 ShinyHunters Leaks Data of Udemy, Zara, 7-Eleven in Salesforce Linked Breach A series of new data leak listings posted on a dark web site linked to the ShinyHunters hacker group has put three well-known companies in the…
Security2 Min Read April 27, 2026 FTC: Americans lost over $2.1 billion to social media scams in 2025 The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in…
DDoS Vulnerabilities2 Min Read April 27, 2026 Notepad++ Vulnerability Allows Attackers to Crash Application, Leak Memory Data A security vulnerability has been identified in Notepad++, one of the most widely used open-source text editors among developers and IT…
Security2 Min Read April 27, 2026 PyPI package with 1.1M monthly downloads hacked to push infostealer An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data…
Social Engineering2 Min Read April 27, 2026 US Sanctions Target Cambodian Scam Network Leaders A Cambodian network accused of orchestrating large-scale cryptocurrency fraud has been hit with US sanctions targeting senior figures and…
APT Groups Exploits Vulnerabilities Windows2 Min Read April 27, 2026 The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit Conceptual flow of the original CVE-2026-21510 exploitation | Image: Akamai Researchers at Akamai have discovered that a previous fix for a…
Security2 Min Read April 27, 2026 Home security giant ADT data breach affects 5.5 million people The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant…
Exploits Network Ransomware Vulnerabilities3 Min Read April 27, 2026 The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026) Welcome to your Monday morning digest. As we close out the final full week of April, the global threat landscape is painting a complex…
Data Breach Malware Supply Chain2 Min Read April 27, 2026 Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group…
Ransomware2 Min Read April 27, 2026 Utilities Tech Supplier Itron Discloses Cyber-Attack, Operations Unaffected Itron, a global technology provider for the utilities industry, has disclosed it suffered a cybersecurity breach. In an 8-K form filed to the…
Security2 Min Read April 27, 2026 Medtronic confirms breach after hackers claim 9 million records theft Medical device giant Medtronic disclosed last week that hackers breached its network and accessed data in “certain corporate IT…
Uncategorized2 Min Read April 27, 2026 Widely Used Browser Extensions Selling User Data Dozens of widely used browser extensions have been collecting and selling user data with explicit disclosure in their privacy…
Cybersecurity Hacking10 Min Read April 27, 2026 ⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More Everything is dumb again. This week feels broken in a very familiar way. Old tricks are back. New tools are doing shady crap. Supply chains…
Cryptocurrency Security3 Min Read April 27, 2026 Money launderer linked to $230M crypto heist gets 70 months in prison 22-year-old Evan Tangeman of Newport Beach, California, was sentenced to 70 months in prison for laundering funds stolen in a massive…
Cyber Attack Cybersecurity Google Malware Mandiant Microsoft Security Snow UNC6692 Windoes2 Min Read April 27, 2026 UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware A data theft campaign by a relatively new hacking group, UNC6692, has been discovered, in which hackers use social engineering and a custom…
Microsoft2 Min Read April 27, 2026 Microsoft says Outlook.com outage is causing sign‑in failures Microsoft is investigating an ongoing Outlook.com outage that is causing intermittent signing issues and preventing customers from accessing…
Artificial Intelligence Enterprise Security5 Min Read April 27, 2026 Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a…
Hacktivism Vulnerability5 Min Read April 27, 2026 PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video…
Data Breach Ransomware2 Min Read April 27, 2026 Most Cybersecurity Professionals Feel Undervalued and Underpaid Over three quarters of cybersecurity professionals were not granted a pay rise last year, contributing to feelings of being undervalued among…
Malware Software Supply Chain2 Min Read April 27, 2026 Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository that are linked…
Captcha Cyber Attack Cybersecurity Infostealer JPEG Malware Security Vidar Windows3 Min Read April 27, 2026 Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files New research from the Lat61 Threat Intelligence Team at Point Wild reveals that hackers are now hiding malicious code inside everyday files…
Linux Malware Nation-state Windows2 Min Read April 27, 2026 Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet Security researchers have identified malware dating back to 2005 that appears to have been designed to disrupt Iran’s nuclear program…
ICS/OT Malware Ransomware Vulnerabilities2 Min Read April 27, 2026 Attackers Can Backdoor CODESYS Applications by Chaining Vulnerabilities Multiple vulnerabilities in the CODESYS Control runtime, one of the world’s most widely adopted software-based programmable logic…
Malware Network Phishing Ransomware2 Min Read April 27, 2026 BlackFile Group Targets Retail and Hospitality with Vishing Attacks Security researchers have revealed details of a new extortion group that has been actively targeting retail and hospitality businesses since…
Malware Ransomware Vulnerabilities2 Min Read April 27, 2026 Critical 9.8 CVSS RCE Hijacks Pipecat Voice Agents A critical has been disclosed in Pipecat, the popular open-source Python framework used to build voice and conversational agents. The flaw,…
Vulnerabilities2 Min Read April 27, 2026 Carlson VASCO-B GNSS Receivers Left Open to Remote Hijack In an era where precision timing and positioning are the invisible pillars of our global infrastructure, a critical has emerged that could…
Social Engineering Threat Intelligence4 Min Read April 27, 2026 Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe…