x86.se

3 Min Read

April 30, 2026

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions …

14 Min Read

April 30, 2026

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

The internet is noisy this week. We are seeing some wild new tactics,…

3 Min Read

April 30, 2026

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

Cybersecurity researchers have disclosed details of a stealthy…

16 Min Read

April 30, 2026

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

Intro A sophisticated, high-resilience malicious campaign was identified…

3 Min Read

April 29, 2026

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with…

2 Min Read

April 29, 2026

Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks

In February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI setups to automate…

5 Min Read

April 29, 2026

What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)

Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting…

4 Min Read

April 29, 2026

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain…

1 Min Read

April 29, 2026

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and…

3 Min Read

April 29, 2026

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's…

3 Min Read

April 28, 2026

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that…

4 Min Read

April 28, 2026

Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign

A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players…

4 Min Read

April 28, 2026

VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi

Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw…

4 Min Read

April 28, 2026

Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About

Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a…

2 Min Read

April 28, 2026

Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE

Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform…

4 Min Read

April 28, 2026

After Mythos: New Playbooks For a Zero-Window Era

When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know…

2 Min Read

April 28, 2026

Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks

A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34,…

2 Min Read

April 28, 2026

Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover

An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity…

3 Min Read

April 28, 2026

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has…

5 Min Read

April 28, 2026

FIRESTARTER: Cisco ASA Backdoor

The Advisory That Changes EverythingOn April 23, 2026, CISA and the United Kingdom National Cyber Security Centre jointly assessed that…

Vulnerabilities

2 Min Read

April 28, 2026

Unfiltered: The 9.8 CVSS Deserialization Loophole Hijacking Apache MINA

Apache MINA is widely recognized as a foundational network application framework, designed to help users easily develop high-performance and…

Security

2 Min Read

April 27, 2026

Robinhood account creation flaw abused to send phishing emails

Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate…

Security

2 Min Read

April 27, 2026

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update. Six…

Security

2 Min Read

April 27, 2026

Canada arrests three for operating “SMS blaster” device in Toronto

Canadian authorities have arrested three men for operating an "SMS blaster" device that pretends to be a cellular tower to send phishing texts…

2 Min Read

April 27, 2026

82 Chrome Extensions Found Selling User Data, 6.5 Million Users Affected

Most people install browser extensions without giving them much thought. Recent incidents, along with a new investigation by LayerX Security…

Security

2 Min Read

April 27, 2026

Alleged Silk Typhoon hacker extradited to US for cyberespionage

A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to…

3 Min Read

April 27, 2026

ShinyHunters Leaks Data of Udemy, Zara, 7-Eleven in Salesforce Linked Breach

A series of new data leak listings posted on a dark web site linked to the ShinyHunters hacker group has put three well-known companies in the…

Security

2 Min Read

April 27, 2026

FTC: Americans lost over $2.1 billion to social media scams in 2025

The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in…

2 Min Read

April 27, 2026

Notepad++ Vulnerability Allows Attackers to Crash Application, Leak Memory Data

A security vulnerability has been identified in Notepad++, one of the most widely used open-source text editors among developers and IT…

Security

2 Min Read

April 27, 2026

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data…

2 Min Read

April 27, 2026

The Zero-Click Vulnerability: Akamai Uncovers Incomplete Patch for APT28 Exploit

Conceptual flow of the original CVE-2026-21510 exploitation | Image: Akamai Researchers at Akamai have discovered that a previous fix for a…

Security

2 Min Read

April 27, 2026

Home security giant ADT data breach affects 5.5 million people

The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant…

3 Min Read

April 27, 2026

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 20 – April 26, 2026)

Welcome to your Monday morning digest. As we close out the final full week of April, the global threat landscape is painting a complex…

2 Min Read

April 27, 2026

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group…

Ransomware

2 Min Read

April 27, 2026

Utilities Tech Supplier Itron Discloses Cyber-Attack, Operations Unaffected

Itron, a global technology provider for the utilities industry, has disclosed it suffered a cybersecurity breach. In an 8-K form filed to the…

Security

2 Min Read

April 27, 2026

Medtronic confirms breach after hackers claim 9 million records theft

Medical device giant Medtronic disclosed last week that hackers breached its network and accessed data in “certain corporate IT…

Uncategorized

2 Min Read

April 27, 2026

Widely Used Browser Extensions Selling User Data

Dozens of widely used browser extensions have been collecting and selling user data with explicit disclosure in their privacy…

10 Min Read

April 27, 2026

⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More

Everything is dumb again. This week feels broken in a very familiar way. Old tricks are back. New tools are doing shady crap. Supply chains…

3 Min Read

April 27, 2026

Money launderer linked to $230M crypto heist gets 70 months in prison

22-year-old Evan Tangeman of Newport Beach, California, was sentenced to 70 months in prison for laundering funds stolen in a massive…

2 Min Read

April 27, 2026

UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware

A data theft campaign by a relatively new hacking group, UNC6692, has been discovered, in which hackers use social engineering and a custom…

Microsoft

2 Min Read

April 27, 2026

Microsoft says Outlook.com outage is causing sign‑in failures

Microsoft is investigating an ongoing Outlook.com outage that is causing intermittent signing issues and preventing customers from accessing…

5 Min Read

April 27, 2026

Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side

Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a…

5 Min Read

April 27, 2026

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video…

2 Min Read

April 27, 2026

Most Cybersecurity Professionals Feel Undervalued and Underpaid

Over three quarters of cybersecurity professionals were not granted a pay rise last year, contributing to feelings of being undervalued among…

Explore Trending Topics