126Articles
9Categories
2026-04-01Date
🚨 CISA KEV 1[−]
1 Apr KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-5281 Google Dawn Use-After-Free Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 25[−]
1 AprCisco Breached: Source Code Stolen - Cybersecurity TodayCisco Source Code Stolen in Trivy Fallout, Axios Supply Chain Attack, and Active Exploitation of Fortinet and Citrix Flaws David Shipley reports multiple major security incidents: attackers used credentials stolen in the Trivy supply-chain attack via a malicious GitHub action to …CYBERSECURITYTODAY.LIBSYN.COM
1 AprHackers Actively Exploit Critical WebLogic RCE Vulnerabilities in Ongoing AttacksA maximum-severity vulnerability in Oracle WebLogic Server is facing rapid exploitation in the wild. Tracked as CVE-2026-21962, this unauthenticated Remote Code Execution (RCE) flaw carries a maximum CVSS score of 10.0. According to a recent honeypot study, attackers began weapon…GBHACKERS.COM
1 AprTrueConf Vulnerability Under Active Exploitation in Southeast Asia Government AttacksCheck Point Research has discovered a critical zero-day vulnerability in the TrueConf video conferencing client. Tracked as CVE-2026-3502 with a CVSS score of 7.8, this flaw is currently being exploited in targeted attacks against government entities in Southeast Asia. Dubbed …GBHACKERS.COM
1 AprCVE-2025-66037 OpenSC: Out of Bounds vulnerabilityInformation published.MSRC.MICROSOFT.COM
1 AprCVE-2026-34714Information published.MSRC.MICROSOFT.COM
1 AprCVE-2026-21717Information published.MSRC.MICROSOFT.COM
1 AprCVE-2026-21715Information published.MSRC.MICROSOFT.COM
1 AprCVE-2026-21714Information published.MSRC.MICROSOFT.COM
1 AprCVE-2025-49010 OpenSC: Stack-buffer-overflow WRITE in GET RESPONSEInformation published.MSRC.MICROSOFT.COM
1 AprCVE-2025-66215 OpenSC: Stack-buffer-overflow WRITE in card-oberthurInformation published.MSRC.MICROSOFT.COM
1 AprCVE-2026-21710Information published.MSRC.MICROSOFT.COM
1 AprCVE-2026-21716Information published.MSRC.MICROSOFT.COM
1 AprCVE-2026-21713Information published.MSRC.MICROSOFT.COM
1 AprCVE-2026-21711Information published.MSRC.MICROSOFT.COM
1 AprCVE-2023-52676 bpf: Guard stack limits against 32bit overflowInformation published.MSRC.MICROSOFT.COM
1 AprPoC Exploit Code Published for nginx-ui Backup Restore Security FlawA critical security flaw in the nginx-ui backup restore mechanism, tracked as CVE-2026-33026, allows attackers to manipulate encrypted backups and execute arbitrary commands. Proof-of-Concept (PoC) exploit code has been publicly released, prompting an urgent need for administrato…GBHACKERS.COM
1 AprVim Modeline Vulnerability Opens Door to Arbitrary OS Command ExecutionVim is a widely used, highly configurable text editor, but a recently disclosed flaw highlights the risks associated with its file-parsing features. Tracked as CVE-2026-34982, a high-severity vulnerability allows attackers to execute arbitrary operating system commands simply by …GBHACKERS.COM
1 Apr KEVNew Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch ReleasedGoogle on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild. The high-severity vulnerability, CVE-2026-5281 (CVSS score: N/A), concerns a use-after-free bug in Dawn, a…THEHACKERNEWS.COM
1 AprExploited Zero-Day Among 21 Vulnerabilities Patched in ChromeGoogle has announced fixes for CVE-2026-5281, a zero-day affecting Chrome’s Dawn component. The post Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprVim and GNU Emacs: Claude Code helpfully found zero-day exploits for bothDevelopers can spend days using fuzzing tools to find security weaknesses in code. Alternatively, they can simply ask an LLM to do the job for them in seconds. The catch: LLMs are evolving so rapidly that this convenience might come with hidden dangers. The latest example is from…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 37[−]
1 AprMercor says it was hit by cyberattack tied to compromise of open-source LiteLLM projectThe AI recruiting startup confirmed a security incident after an extortion hacking crew took credit for stealing data from the company's systems.TECHCRUNCH.COM
1 AprAnthropic employee error exposes Claude Code sourceAn Anthropic employee accidentally exposed the entire proprietary source code for its AI programming tool, Claude Code, by including a source map file in a version of the tool posted on Anthropic’s open npm registry account, a risky mistake, says an AI expert. “A compromised sour…CSOONLINE.COM
1 AprGoogle Cloud’s Vertex AI Hit by Vulnerability Enabling Sensitive Data AccessArtificial intelligence agents are transforming enterprise workflows, but they also introduce dangerous new attack vectors. Security researchers from Palo Alto Networks’ Unit 42 recently uncovered a significant vulnerability in Google Cloud Platform’s (GCP) Vertex AI Agent Engine…GBHACKERS.COM
1 AprClaude Code Source Leaked via npm Packaging Error, Anthropic ConfirmsAnthropic on Tuesday confirmed that internal code for its popular artificial intelligence (AI) coding assistant, Claude Code, had been inadvertently released due to a human error. "No sensitive customer data or credentials were involved or exposed," an Anthropic spokesperson said…THEHACKERNEWS.COM
1 AprGoogle Addresses Vertex Security Issues After Researchers Weaponize AI AgentsPalo Alto Networks has disclosed the details of its analysis of Google Cloud Platform’s Vertex AI. The post Google Addresses Vertex Security Issues After Researchers Weaponize AI Agents appeared first on SecurityWeek .SECURITYWEEK.COM
1 Apr9 ways CISOs can combat AI hallucinationsAI hallucinations are a well-known problem and, when it comes to compliance assessments, these convincing but inaccurate assessments can cause real damage with poor risk assessments, incorrect policy guidance, or even inaccurate incident reports. Cybersecurity leaders say the rea…CSOONLINE.COM
1 AprSecurity awareness is not a control: Rethinking human risk in enterprise securityOrganizations have been responding to phishing, business email compromise, and credential theft in essentially the same manner for over ten years. They essentially follow a playbook that involves investing in awareness training, running phishing simulations, and requiring employe…CSOONLINE.COM
1 AprA Taxonomy of Cognitive SecurityLast week, I listened to a fascinating talk by K. Melton on cognitive security, cognitive hacking, and reality pentesting. The slides from the talk are here , but—even better—Menton has a long essay laying out the basic concepts and ideas. The whole thing is important…SCHNEIER.COM
1 AprGoogle fixes fourth Chrome zero-day exploited in attacks in 2026Google has fixed the fourth Chrome vulnerability exploited in zero-day attacks since the start of the year. [...]BLEEPINGCOMPUTER.COM
1 AprHackers Exploit Hotel Booking Systems to Send Fake Payment Requests to GuestsHackers are increasingly targeting hotel booking workflows to trick travelers into handing over payment details, using a technique that blends real reservation data with convincing social engineering. The message references real booking details such as the hotel name, stay dates,…GBHACKERS.COM
1 AprUnrelenting Threats Against Government and Education: Why Human Risk Is the Front LinePublic sector organizations are operating in a threat environment that is both relentless and increasingly personal. Federal agencies, state and local governments and educational institutions are prime targets for ransomware , phishing , business email compromise (BEC) and creden…KNOWBE4.COM
1 AprWhatsApp malware campaign uses malicious VBS files to gain persistent accessMicrosoft is warning WhatsApp users of a new malware campaign that tricks them into executing malicious Visual Basic Script (VBS) files, ultimately enabling persistence and remote access. In a March 31 report , Microsoft Defender Experts said attackers have been distributing mali…CSOONLINE.COM
1 AprCisco Faces Alleged Data Leak as ShinyHunters Claims ResponsibilityCisco is actively dealing with a major cybersecurity incident after threat actors breached its internal development networks. The notorious hacking group ShinyHunters has claimed responsibility for the attack, alleging they stole sensitive source code and data affecting Cisco, Sa…GBHACKERS.COM
1 AprMicrosoft Teams to Improve Privacy With EXIF Data Removal FeatureMicrosoft is rolling out a wave of privacy and security updates for Microsoft Teams, headlining with a critical new feature that automatically removes EXIF metadata from shared images. These upcoming changes are designed to protect user privacy by default, streamline biometric da…GBHACKERS.COM
1 AprVertex AI Vulnerability Exposes Google Cloud Data and Private Artifactssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/03/vertex-ai-vulnerability-exposes-google.htmlSH.ITJUST.WORKS
1 AprTeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/teampcp-exploit-stolen-supply/SH.ITJUST.WORKS
1 Apr KEVGoogle Warns of New Chrome Zero-Day Under Active Exploitation – Users Urged to Update ImmediatelyGoogle has released an urgent security update for its Chrome desktop browser to address 21 vulnerabilities, including a critical zero-day flaw that is actively being exploited in the wild. Users are strongly urged to update their browsers immediately to version 146.0.7680.177/.17…GBHACKERS.COM
1 AprUS Charges Uranium Crypto Exchange HackerJonathan Spalletta exploited smart contract vulnerabilities to steal approximately $55 million in cryptocurrency and cause Uranium to shut down. The post US Charges Uranium Crypto Exchange Hacker appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprRoutine Access Is Powering Modern Intrusions, a New Threat Report FindsModern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber's upcoming threat report shows how VPN abuse, RMM tools, and social engineering drive most incidents. [...]BLEEPINGCOMPUTER.COM
1 AprCERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million EmailsThe Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a new phishing campaign in which the cybersecurity agency itself was impersonated to distribute a remote administration tool known as AGEWHEEZE. As part of the attacks, the threat actors, tracked a…THEHACKERNEWS.COM
1 AprFireside Chat: AI agents are reshaping mobile attacks — and exposing weak API trust modelsSAN FRANCISCO — A new exposure is emerging in mobile security as AI begins to act on behalf of users — and attackers move to exploit that shift. Related: RSAC wrap-up—no easy fixes for AI exposures In a Fireside Chat … (more…) The post Fireside Chat: AI agents are reshaping…LASTWATCHDOG.COM
1 AprMultiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. De…CISECURITY.ORG
1 AprChronic Resource Constraints: Doing More With Less in Public Sector CybersecurityIf the public sector had unlimited cybersecurity budgets and fully staffed SOCs, today’s threat landscape would look very different. But that’s not reality.KNOWBE4.COM
1 AprHackers exploit TrueConf zero-day to push malicious software updatesHackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on all connected endpoints. [...]BLEEPINGCOMPUTER.COM
1 AprRSA 2026: Agentic Future, Analog Fundamentals — The Paradox of Why the Old Guard Still SurvivesOK, RSA 2026 is over. If my record keeping is correct, I first attended RSA in 2006 . At that time, I was annoyed by … AI? XDR? NIDS? …. noooo… I was annoyed by NAC ( “As many other RSA observers agreed, under each tree you now see a NAC.” NAC rapidly arose from the “wormy” early…MEDIUM.COM
1 Apr KEVApple expands iOS 18 updates to more iPhones to block DarkSword attacksApple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the actively exploited DarkSword exploit kit. [...]BLEEPINGCOMPUTER.COM
1 AprTrendAI Insight: New U.S. National Cyber StrategyTrendAI reviews the White House National Cyber Strategy, outlining six pillars to strengthen U.S. cybersecurity—from deterrence and regulation to federal modernization, critical infrastructure protection, AI leadership, and workforce development.TRENDMICRO.COM
1 Apr6 critical mistakes that undermine cyber resilience (and how to fix them)Silos are the enemy of business resilience. As IT leaders, we’ve all felt the pain: the backup administrator, SOC analyst, and endpoint engineer operating in separate worlds—often meeting for the first time in the chaos of a live cyberattack. The result? Delayed responses, missed…CSOONLINE.COM
1 Apr6 metrics IT leaders can’t afford to ignore for business resilienceIf you’re in IT, you know: what we don’t measure puts business resilience at risk. In the face of rising threat volumes, scaling complexity, and board-level scrutiny, tracking the right operational metrics isn’t just about visibility—it’s the foundation for proactive risk managem…CSOONLINE.COM
1 Apr5 critical steps to achieve business resilience in cybersecurityWhat does it really take to keep your organization running when attackers strike? The answer is business resilience—being able to detect, contain, and recover fast enough that disruptions are minimized, customers stay confident, and operations keep moving. From the latest 2026 St…CSOONLINE.COM
1 Apr7 ways to improve your business resilience with backup and recoveryWhen your network goes down, your business stops. That’s a stark truth we see confirmed daily in incident response—and N-able’s 2026 State of the SOC Report only underscores it. Backup isn’t just an IT routine anymore; it’s the backbone of your business resilience strategy. Yet, …CSOONLINE.COM
1 Apr5 Steps to break free from alert fatigue and build resilient security operationsHow many times has your SOC hit crisis mode at 2:00 AM, with the dashboard blaring red and analysts scrambling to separate real threats from useless noise? We’ve all been there, and if you’re still measuring success by the number of alerts closed, chances are you’re feeling the s…CSOONLINE.COM
1 Apr5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)Business resilience starts at the endpoint. Between March and December 2025, the N-able SOC processed over 900,000 alerts—and a staggering 18% originated from network and perimeter exploits that most endpoint-only security never saw. Attackers are constantly shifting tactics, and…CSOONLINE.COM
1 AprFrequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of developer environments during a three-hour window on March 31. Key takeaways: The axios npm package, which has over 100 mill…TENABLE.COM
1 AprSecuring the open source supply chain across GitHubRecent attacks on open source focus on exfiltrating secrets; here are the prevention steps you can take today, plus a look at the security capabilities GitHub is working on. The post Securing the open source supply chain across GitHub appeared first on The GitHub Blog .GITHUB.BLOG
1 AprMutation testing for the agentic eraCode coverage is one of the most dangerous quality metrics in software testing. Many developers fail to realize that code coverage lies by omission: it measures execution, not verification. Test suites with high coverage can obfuscate the fact that critical functionality is untes…TRAILOFBITS.COM
1 Apr KEVRisky Business #831 -- The AI bugpocalypse beginsOn this week’s show, Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Those pesky North Koreans shim a backdoor into a 100M-downloads-a-week npm package TeamPCP appear to have ransacked Cisco’s source and cloud environments AI is gett…RISKY.BIZ
📋 SECURITY BULLETINS 1[−]
1 AprApple releases security fix for older iPhones and iPads to protect against DarkSword attacksThe security update protects a raft of older iPhones and iPads from attacks linked to leaked hacking tools called DarkSword.TECHCRUNCH.COM
📢 SECURITY ADVISORIES 5[−]
1 AprClosing the Gap by Enhancing Visibility and Mitigating RisksSecure your UK public sector digital estate. Cortex Xpanse delivers active External Attack Surface Management (EASM) with continuous monitoring, NCSC alignment and risk mitigation. The post Closing the Gap by Enhancing Visibility and Mitigating Risks appeared first on Palo Alto N…PALOALTONETWORKS.COM
1 AprExecutive Paralysis and Two Pre-Recorded RSAC 2026 Interviews from DigiCert and Okta - BSW #441Most organizations don’t fail because of technology. They fail because decision authority is unclear in the first critical minutes. “Being careful” is often interpreted as waiting for certainty, but that delay creates exposure. How should executives make decisions under pressure?…YOUTUBE.COM
🔥 INCIDENT REPORTING 13[−]
1 AprGoogle Drive ransomware detection now on by default for paying usersGoogle announced that the AI-powered Google Drive ransomware detection feature has reached general availability and is now enabled by default for all paying users. [...]BLEEPINGCOMPUTER.COM
1 AprNorth Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux SystemsA North Korea–nexus threat actor has hijacked the popular Axios NPM package in a high‑impact software supply chain attack that can silently backdoor Windows, macOS, and Linux systems. Between March 31, 2026, 00:21 and 03:20 UTC, attackers used a compromised maintainer account to …GBHACKERS.COM
1 AprSUCCESS - 253,510 breached accountsIn March 2026, the personal development and achievement media brand SUCCESS suffered a data breach . The incident exposed 250k unique email addresses along with names, IP addresses, phone numbers and, for a limited number of staff members, bcrypt password hashes. The data also in…HAVEIBEENPWNED.COM
1 AprAxios NPM Package Breached in North Korean Supply Chain AttackA long-lived NPM access token was used to bypass the GitHub Actions OIDC-based CI/CD publishing workflow and push backdoored package versions. The post Axios NPM Package Breached in North Korean Supply Chain Attack appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprWebinar Today: Agentic AI vs. Identity’s Last Mile ProblemJoin the webcast as we explore what Agentic AI can and cannot solve today, and real world breach scenarios linked to disconnected applications. The post Webinar Today: Agentic AI vs. Identity’s Last Mile Problem appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprTeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)This is the fifth update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026). Update 004 covered developments through March 30, including the Databricks investigation, dual ransomware operations, an…ISC.SANS.EDU
1 AprWhen Crisis Plans Fail to ActOrganizations often have strong incident response, crisis communication, and business continuity plans in place. Despite this, crises can fail at the governance level when no one has clear authority to make critical decisions in real time. Does your organization know exactly who …YOUTUBE.COM
1 AprHasbro says it was hacked, and may take ‘several weeks’ to recoverThe American toymaking giant noted that it was continuing to "implement measures to secure its business operations," suggesting that the hackers may still be in the company's systems.TECHCRUNCH.COM
1 AprToy Giant Hasbro Hit by CyberattackThe company is investigating the full scope of the incident, including whether any files have been compromised. The post Toy Giant Hasbro Hit by Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprIs “Hackback” Official US Cybersecurity Strategy?The 2026 US “ Cyber Strategy for America ” document is mostly the same thing we’ve seen out of the White House for over a decade, but with a more aggressive tone. But one sentence stood out: “We will unleash the private sector by creating incentives to ide…SCHNEIER.COM
1 AprLeadership or Career RiskCybersecurity leaders often face increased visibility and accountability during incidents, especially in high-stakes environments. Without shared responsibility and the right culture, stepping into leadership can feel like personal risk rather than opportunity—impacting decision-…YOUTUBE.COM
1 AprSmashing Security podcast #461: This man hid $400 million in a fishing rod. Then it vanishedA cannabis-growing, beekeeping, gyrocopter-flying Irishman invested his drug money in Bitcoin back in 2011 - and now sits on a fortune worth $400 million. There's just one small problem: the access codes were tucked inside his fishing rod case, which has mysteriously vanished. Or…GRAHAMCLULEY.COM
1 AprMajor Cyber Attacks in March 2026: OAuth Phishing, SVG Smuggling, Magecart, and MoreMarch 2026 brought a wave of cyber attacks that reflected how quickly modern threats can move from subtle early signals to serious business impact. ANY.RUN analysts identified and explored several major threats this month, exposing phishing campaigns, stealthy malware, payment-sk…ANY.RUN
🕵️ THREAT INTELLIGENCE 22[−]
1 AprISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
1 AprXLoader malware Sharpens Obfuscation, Masks C2 Traffic via Decoy ServersXLoader’s developers have released new versions that significantly harden the malware’s code and hide its command‑and‑control (C2) traffic behind layers of encryption and decoy servers, making analysis and detection more difficult for defenders. This article summarizes the latest…GBHACKERS.COM
1 AprNPM Supply Chain Attack Uses undicy-http to Deploy RATA highly sophisticated npm supply chain attack that abuses a fake HTTP client package to deliver both a powerful RAT and a stealthy browser stealer. The malicious package, undicy-http@2.0.0, was uploaded to npm to impersonate undici, the official HTTP client widely used in Node.j…GBHACKERS.COM
1 AprPyPI Telnyx Python SDK Backdoored to Steal Credentials on Windows, macOS, and LinuxTelnyx Python SDK on PyPI, using a multi‑stage WAV steganography payload to steal credentials across Windows, macOS, and Linux systems. The backdoor lives in telnyx/_client.py and is triggered at module scope, so simply importing telnyx is enough to execute the payload before any…GBHACKERS.COM
1 AprWindows 11 Update Fixes Critical Installation Loop ProblemMicrosoft has rolled out an urgent, out-of-band update to fix a frustrating installation glitch plaguing Windows 11 users. On March 31, 2026, the company released KB5086672 to rescue devices trapped in an update loop caused by the recent March 26 preview release. When users attem…GBHACKERS.COM
1 AprCrewAI Hit by Critical Vulnerabilities Enabling Sandbox Escape and Host CompromiseCrewAI, a prominent tool used by developers to orchestrate multi-agent AI systems, is currently vulnerable to a chain of critical security flaws. By using direct or indirect prompt injection, attackers can manipulate AI agents to escape secure sandboxes and compromise the host ma…GBHACKERS.COM
1 AprGoogle Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster tracked as UNC1069. "We have attributed the attack to a suspected North Korean threat actor we track as UNC1069," John Hultq…THEHACKERNEWS.COM
1 AprCybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM & AppSecNew York, New York, April 1st, 2026, CyberNewswire TAC Infosec, a global leader in cybersecurity (NSE: TAC), with presence across 100+ countries, announced a historic milestone by crossing 10,000 clients – 6,500+ of TAC Security and 3,500+ of CyberScope, since April 2024, deliver…GBHACKERS.COM
1 AprCrystalX Malware-as-a-Service Spreads via Telegram With Stealer, RAT ToolsHackers are actively promoting a new malware-as-a-service (MaaS) platform called CrystalX RAT through private Telegram channels, offering cybercriminals a powerful toolkit that combines remote access, data theft, surveillance, and even prank-based disruption features. Security re…GBHACKERS.COM
1 AprHacker zielen auf Exilportal IranwireUnbekannte sollen das Exilportal Iranwire gehackt haben. PX Media – shutterstock.com Hacker haben nach Angaben der iranischen Justiz mutmaßlich Zugriff auf Daten eines bekannten Exilportals erlangt. Dabei seien große Menge an Daten erbeutet worden, darunter Schriftwechsel, Listen…CSOONLINE.COM
1 Apr3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s next. Threat actors now use malware less frequently in favor of what’s already inside your environment, including abusing trusted tools, native binaries,…THEHACKERNEWS.COM
1 AprGIGABYTE Control Center vulnerable to arbitrary file write flawsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/gigabyte-control-center-vulnerable-to-arbitrary-file-write-flaw/SH.ITJUST.WORKS
1 AprCrewAI Vulnerabilities Expose Devices to Hacking - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/crewai-vulnerabilities-expose-devices-to-hacking/SH.ITJUST.WORKS
1 AprEthereum-Based EtherRAT, EtherHiding Power Stealthy Malware CampaignsHackers are abusing the Ethereum blockchain to hide and control a new Node.js backdoor called EtherRAT, using a stealthy technique known as EtherHiding to make their command‑and‑control (C2) infrastructure difficult to disrupt. EtherRAT, previously profiled by Sysdig and linked t…GBHACKERS.COM
1 AprWA local gov entity lost $350,000 in phishing attack - iTnewssubmitted by kid to cybersecurity 1 points | 0 comments https://www.itnews.com.au/news/wa-local-gov-entity-lost-350000-in-phishing-attack-624680SH.ITJUST.WORKS
1 AprAxios npm supply chain attack: Malicious updates add remote access trojan | news | SC Mediasubmitted by kid to cybersecurity 1 points | 0 comments https://www.scworld.com/news/axios-npm-supply-chain-attack-malicious-updates-add-remote-access-trojanSH.ITJUST.WORKS
1 AprCasbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF LuresA multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America and Europe to deliver Windows banking trojans like Casbaneiro (aka Metamorfo) via another malware called Horabot. The activity has been attributed to a Brazilian cybercrime…THEHACKERNEWS.COM
1 AprMicrosoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC BypassMicrosoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS) files. The activity, beginning in late February 2026, leverages these scripts to initiate a multi-stage infection chain for establishing persist…THEHACKERNEWS.COM
1 AprFBI Warns of Data Security Risks From China-Made Mobile AppsThe agency has not named the problematic foreign-made applications, but TikTok and Temu come to mind. The post FBI Warns of Data Security Risks From China-Made Mobile Apps appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprNew DeepLoad Malware Dropped in ClickFix AttacksThe malware steals credentials, installs a malicious browser extension, and can spread via USB drives. The post New DeepLoad Malware Dropped in ClickFix Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprDepthfirst Raises $80 Million in Series B FundingThe startup will expand its AI research team, train additional security models, and scale enterprise adoption. The post Depthfirst Raises $80 Million in Series B Funding appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprMitigating the Axios npm supply chain compromiseOn March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages for version updates (1.14.1 and 0.30.4) to download from command and control (C2) that Microsoft Threat Intelligence has attributed to the North Korean sta…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 10[−]
1 AprAlleged RedLine malware developer extradited to United StatesA man has appeared in federal court in Austin, Texas, after being extradited to the United States to face charges related to his alleged role as a key developer of the notorious RedLine malware. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
1 AprMalicious Script That Gets Rid of ADS, (Wed, Apr 1st)Today, most malware are called “fileless” because they try to reduce their footprint on the infected computer filesystem to the bare minimum. But they need to write something… think about persistence. They can use the regi…ISC.SANS.EDU
1 AprCrystalX RAT: a Trojan for pranks, remote access, and cryptocurrency theft | Kaspersky official blogThe new CrystalX remote access Trojan combines pranks with full control over the victim’s computer. It also spies on its victims, steals their cryptocurrency and accounts, and uses advanced methods to bypass protection. We explain how it works, and how to avoid infection.KASPERSKY.COM
1 AprWhatsApp notifies hundreds of users who installed a fake app that was actually government spywareThe Meta-owned company said it identified around 200 users who were tricked into installing a fake version of WhatsApp that was actually Italian-made spyware.TECHCRUNCH.COM
1 Apr'NoVoice' Android malware on Google Play infected 2.3 million devicesA new Android malware named NoVoice was found on Google Play, hidden in more than 50 apps that were downloaded at least 2.3 million times. [...]BLEEPINGCOMPUTER.COM
1 AprNew CrystalRAT malware adds RAT, stealer and prankware featuresA new malware-as-a-service called CrystalRAT is being promoted on Telegram, offering remote access, data theft, keylogging, and clipboard hijacking capabilities. [...]BLEEPINGCOMPUTER.COM
1 AprThe Shift: An Era of Quantum GeopoliticsThe expanding conflict around Iran signals a deeper shift. We have entered an era of quantum geopolitics, where the old rules of the international order no longer applyRECORDEDFUTURE.COM
1 AprInside the Axios supply chain compromise - one RAT to rule them allElastic Security Labs analyzes a supply chain compromise of the axios npm package delivering a unified cross-platform RATELASTIC.CO
1 AprElastic releases detections for the Axios supply chain compromiseHunting and detection rules for the Elastic-discovered Axios supply chain compromise.ELASTIC.CO
1 AprA laughing RAT: CrystalX combines spyware, stealer, and prankware featuresKaspersky researchers analyze a new CrystalX RAT distributed as MaaS and featuring extensive spyware, stealer, and prankware capabilities.SECURELIST.COM
📡 INFOSEC NEWS 12[−]
1 AprWeekly Threat Bulletin – April 1st, 2026These are the top threats you should know about this week.F5.COM
1 AprNew Windows 11 emergency update fixes preview update install issuesMicrosoft released an emergency update to fix the March 2026 KB5079391 non-security preview update, which was pulled over the weekend due to installation issues. [...]BLEEPINGCOMPUTER.COM
1 AprIm Fokus: IT-LeadershipDE.RESOURCES.CSOONLINE.COM
1 AprFBI warns against using Chinese mobile apps due to privacy risksThe U.S. Federal Bureau of Investigation (FBI) warned Americans against using foreign-developed mobile applications, particularly those created by Chinese developers. [...]BLEEPINGCOMPUTER.COM
1 AprBlock the Prompt, Not the Work: The End of "Doctor No"There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say "No." No to ChatGPT. No to DeepSeek. No to the file-sharing tool the product team …THEHACKERNEWS.COM
1 AprNew EvilTokens service fuels Microsoft device code phishing attacksA new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide advanced features for business email compromise attacks. [...]BLEEPINGCOMPUTER.COM
1 AprDe-fi platform Drift suspends deposits and withdrawals after millions in crypto stolen in hackBlockchain trackers put the cryptocurrency heist in the hundreds of millions of dollars and is already on track to be the largest crypto theft in 2026 so far.TECHCRUNCH.COM
1 AprDigital assets after death: Managing risks to your loved one’s digital estateFraudsters often target the accounts of the deceased or their grieving relatives. Here’s how to keep the scammers at bay.WELIVESECURITY.COM
1 AprIndustrialization of the Fraud Ecosystem BlogPayment fraud has industrialized, and that's a defensive advantage. Learn how standardized attack infrastructure creates detectable patterns that financial institutions can act on before losses occur.RECORDEDFUTURE.COM