AI Testing

OverviewList cybersecList Category cybersecAI Testing - Cybersecurity - Microsoft traces Universal Print issues to Graph API code change

Add Comment

notice: please create a custom view template for the cybersec class view-cybersec.html

Microsoft traces Universal Print issues to Graph API code change

Microsoft says that an ongoing Universal Print sharing issue that prevents users from creating some printer shares is due to a Microsoft Graph API code change. [...]

11:10 am, April 22, 2026

guid

https://www.bleepingcomputer.com/news/microsoft/microsoft-graph-api-code-change-causes-universal-print-share-issues/

source_url

https://www.bleepingcomputer.com/news/microsoft/microsoft-graph-api-code-change-causes-universal-print-share-issues/

author_name

Sergiu Gatlan

id: 749
uid: 1tgLH
insdate: 2026-04-22 11:10:07
title: Microsoft traces Universal Print issues to Graph API code change
additional: Microsoft says that an ongoing Universal Print sharing issue that prevents users from creating some printer shares is due to a Microsoft Graph API code change. [...]
category: Cybersecurity
md5:
guid: https://www.bleepingcomputer.com/news/microsoft/microsoft-graph-api-code-change-causes-universal-print-share-issues/
source_url: https://www.bleepingcomputer.com/news/microsoft/microsoft-graph-api-code-change-causes-universal-print-share-issues/
updated:
image:
author_name: Sergiu Gatlan
author_link:

Add Comment

Nick Name Type in a Nick Name here

Comment

Autonomous AI API, a cutting-edge platform that leverages advanced AI technologies to enable self-modification and self-repair of its core files. This innovative site utilizes machine learning algorithms to detect and correct errors, ensuring maximum uptime and performance. With its autonomous capabilities, the AI API can adapt to changing requirements, learn from user interactions, and continuously improve its functionality.

View Details

cybersec Overview List Category cybersec List cybersec List Table cybersec Search cybersec

Images Overview List Category Images List Images List Table Images Search Images

Videos Overview List Category Videos List Videos List Table Videos Search Videos

Wiki Overview List Category Wiki List Wiki List Table Wiki Search Wiki

Page Views

This page has been viewed 4 times.

Search cybersec

Search cybersec by entering your search text above.

Category List cybersec

$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
[GUEST DIARY] Tearing apart website fraud to see how it works., (Wed, May 13th)
[Guest Diary] New Malware Libraries means New Signatures, (Fri, May 15th)
[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)
[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)
'NoVoice' Android malware on Google Play infected 2.3 million devices
/proxy/ URL scans with IP addresses, (Mon, Mar 16th)
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
13-year-old bug in ActiveMQ lets hackers remotely execute commands
149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
15-year-old detained over French govt agency data breach
18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
18-year-old NGINX vulnerability allows DoS, potential RCE
2026 Browser Data Reveals Major Enterprise Security Blind Spots
2026: The Year of AI-Assisted Attacks
22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters
22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters
26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
3 SOC Process Fixes That Unlock Tier 1 Productivity
30,000 Facebook Accounts Hacked via Google AppSheet Phishing Campaign
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
5 Ways Zero Trust Maximizes Identity Security
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
7 Ways to Prevent Privilege Escalation via Password Resets
73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation
9 Critical IP KVM Flaws Enable Unauthenticated Root Access Across Four Vendors
A .WAV With A Payload, (Tue, Apr 21st)
A Little Bit Pivoting: What Web Shells are Attackers Looking for?, (Tue, Apr 7th)
A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)
ADT confirms data breach after ShinyHunters leak threat
AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged
AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE
AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
AI-generated Slopoly malware used in Interlock ransomware attack
APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
APT28 hackers deploy customized variant of Covenant open-source tool
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
After Mythos: New Playbooks For a Zero-Window Era
Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Ajax football club hack exposed fan data, enabled ticket hijack
Alabama man pleads guilty to hacking, extorting hundreds of women
Alleged Silk Typhoon hacker extradited to US for cyberespionage
Amazon SES increasingly abused in phishing to evade detection
Amazon: Drone strikes damaged AWS data centers in Middle East
American utility firm Itron discloses breach of internal IT network
Americans sentenced for running 'laptop farms' for North Korea
An Adaptive Cyber Analytics UI for Web Honeypot Logs [Guest Diary], (Wed, May 6th)
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
Analyzing "Zombie Zip" Files (CVE-2026-0866), (Wed, Mar 11th)
Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
Android 17 to expand banking scam call and privacy protections
Android Adds Intrusion Logging for Sophisticated Spyware Forensics
Android Developer Verification Rollout Begins Ahead of September Enforcement
Android gets patches for Qualcomm zero-day exploited in attacks
Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems
Anti-DDoS Firm Heaped Attacks on Brazilian ISPs
Anti-piracy coalition takes down AnimePlay app with 5 million users
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS
Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages
Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit
Apple Patches (almost) everything again. March 2026 edition., (Wed, Mar 25th)
Apple Patches Everything, (Mon, May 11th)
Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd)
Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Apple account change alerts abused to send phishing emails
Apple adds macOS Terminal warning to block ClickFix attacks
Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
Apple fixes bug that let the FBI recover deleted Signal messages
Apple fixes iOS bug that retained deleted notification data
Apple patches older iPhones and iPads against Coruna exploits
Apple pushes first Background Security Improvements update to fix WebKit flaw
Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)
AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code
April KB5083769 Windows 11 update causes backup software failures
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload
Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)
Aura confirms data breach exposing 900,000 marketing contacts
Australia warns of ClickFix attacks pushing Vidar Stealer malware
Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
Avada Builder WordPress plugin flaws allow site credential theft
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
Axios npm hack used fake Teams error fix to hijack maintainer account
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
Backdoored PyTorch Lightning package drops credential stealer
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
Betterleaks, a new open-source secrets scanner to replace Gitleaks
Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
Bitrefill blames North Korean Lazarus group for cyberattack
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI npm package compromised to steal developer credentials
Bitwarden adds support for passkey login on Windows 11
Block the Prompt, Not the Work: The End of "Doctor No"
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
British Scattered Spider hacker pleads guilty to crypto theft charges
Broken VECT 2.0 ransomware acts as a data wiper for large files
Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
Bruteforce Scans for CrushFTP , (Tue, Mar 3rd)
Bubble AI app builder abused to steal Microsoft account credentials
Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow
CERT-EU: European Commission hack exposes data of 30 EU entities
CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths
CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
CISA flags VMware Aria Operations RCE flaw as exploited in attacks
CISA flags Windows Task Host vulnerability as exploited in attacks
CISA flags Wing FTP Server flaw as actively exploited in attacks
CISA flags new SD-WAN flaw as actively exploited in attacks
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
CISA orders feds to patch BlueHammer flaw exploited as zero-day
CISA orders feds to patch DarkSword iOS flaws exploited attacks
CISA orders feds to patch Fortinet flaw exploited in attacks by Friday
CISA orders feds to patch Windows flaw exploited as zero-day
CISA orders feds to patch Zimbra XSS flaw exploited in attacks
CISA orders feds to patch actively exploited Citrix flaw by Thursday
CISA orders feds to patch exploited Fortinet EMS flaw by Friday
CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
CISA orders feds to patch max-severity Cisco flaw by Sunday
CISA orders feds to patch n8n RCE flaw exploited in attacks
CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
CISA urges US orgs to secure Microsoft Intune systems after Stryker breach
CISA warns feds to patch iOS flaws exploited in crypto-theft attacks
CISA warns of Apple flaws exploited in spyware, crypto-theft attacks
CISA: New Langflow flaw actively exploited to hijack AI workflows
CISA: Recently patched Ivanti EPM flaw now actively exploited
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
Can the Security Platform Finally Deliver for the Mid-Market?
Canada arrests three for operating “SMS blaster” device in Toronto
Canadian retail giant Loblaw notifies customers of data breach
Canvas Breach Disrupts Schools & Colleges Nationwide
Canvas login portals hacked in mass ShinyHunters extortion campaign
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
ChatGPT rolls out new $100 Pro subscription to challenge Claude
Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
China's Apple App Store infiltrated by crypto-stealing wallet apps
China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
Chinese state hackers target telcos with new malware toolkit
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Cisco flags more SD-WAN flaws as actively exploited in attacks
Cisco says critical Webex Services flaw requires customer action
Cisco source code stolen in Trivy-linked dev environment breach
Cisco warns of max severity Secure FMC flaws giving root access
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
Citrix urges admins to patch NetScaler flaws as soon as possible
Claude AI finds Vim, Emacs RCE bugs that trigger on file open
Claude Code Security and Magecart: Getting the Threat Model Right
Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms
Claude Code leak used to push infostealer malware on GitHub
Claude Code source code accidentally leaked in NPM package
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Cleartext Passwords in MS Edge? In 2026?, (Mon, May 4th)
ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
Cognizant TriZetto breach exposes health data of 3.4 million patients
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
Compromised Site Management Panels are a Hot Item in Cybercrime Markets
ConnectWise patches new flaw allowing ScreenConnect hijacking
ConsentFix v3 attacks target Azure with automated OAuth abuse
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
Coruna iOS exploit framework linked to Triangulation attacks
Cosmetics giant Rituals discloses data breach affecting customers
Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence Operations
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Critical Cisco IMC auth bypass gives attackers Admin access
Critical Citrix NetScaler memory flaw actively exploited in attacks
Critical Fortinet Forticlient EMS flaw now exploited in attacks
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
Critical Marimo pre-auth RCE flaw now under active exploitation
Critical Microsoft SharePoint flaw now exploited in attacks
Critical Nginx UI auth bypass flaw now actively exploited in the wild
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23
Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
Critical cPanel and WHM bug exploited as a zero-day, PoC now available
Critical flaw in Protobuf library enables JavaScript code execution
Critical flaw in wolfSSL library enables forged certificate use
Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials
Critical vm2 sandbox bug lets attackers execute code on hosts
Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
Crunchyroll probes breach after hacker claims to steal 6.8M users' data
Crypto gang member gets 6.5 years for role in $230 million heist
Crypto-exchange Kraken extorted by hackers after insider breach
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
CyberStrikeAI tool adopted by hackers for AI-powered attacks
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
DAEMON Tools devs confirm breach, release malware-free version
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
DORA and operational resilience: Credential management as a financial risk control
DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
DShield (Cowrie) Honeypot Stats and When Sessions Disconnect, (Mon, Mar 30th)
DShield Honeypot Update, (Mon, May 4th)
Danger of Libredtail [Guest Diary], (Wed, Apr 29th)
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
Day Zero Readiness: The Operational Gaps That Break Incident Response
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
Deepfake Voice Attacks are Outpacing Defenses: What Security Leaders Should Know
Dell confirms its SupportAssist software causes Windows BSOD crashes
Detecting IP KVMs, (Tue, Mar 24th)
Deterministic + Agentic AI: The Architecture Exposure Validation Requires
Developer Workstations Are Now Part of the Software Supply Chain
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Device code phishing attacks surge 37x as new kits spread online
Die Linke German political party confirms data stolen by Qilin ransomware
Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning [Guest Diary], (Wed, Mar 4th)
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices
Drift $280M crypto theft linked to 6-month in-person operation
Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
Drift loses $280 million North Korean hackers seize Security Council powers
Drift loses $280 million as hackers seize Security Council powers
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
Dutch Finance Ministry takes treasury banking portal offline after breach
Dutch Ministry of Finance discloses breach affecting employees
Dutch Police discloses security breach after phishing attack
Dutch govt warns of Signal, WhatsApp account hijacking attacks
EC-Council Expands AI Certification Portfolio to Strengthen U.S. AI Workforce Readiness and Security
EU court adviser says banks must immediately refund phishing victims
Edu tech firm Instructure discloses cyber incident, probes impact
Encrypted Client Hello: Ready for Prime Time?, (Mon, Mar 9th)
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
England Hockey investigating ransomware data breach
Ericsson US discloses data breach after service provider hack
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
Eurail says December data breach impacts 300,000 individuals
Europe sanctions Chinese and Iranian firms for cyberattacks
European Commission confirms data breach after Europa.eu hack
European Commission investigating breach after Amazon cloud account hack
European Commission investigating breach after Amazon cloud hack
European Gym giant Basic-Fit data breach affects 1 million members
European police dismantles €50 million crypto investment fraud ring
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
Europol-coordinated action disrupts Tycoon2FA phishing platform
Evolution of Ransomware: Multi-Extortion Ransomware Attacks
Ex-data analyst stole company data in $2.5M extortion scheme
Exploit available for new DirtyDecrypt Linux root escalation flaw
FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
FBI arrests suspect linked to $46M crypto theft from US Marshals
FBI confirms hack of Director Patel's personal email inbox
FBI investigates breach of surveillance and wiretap systems
FBI links Signal phishing attacks to Russian intelligence services
FBI links cybercriminals to sharp surge in cargo theft attacks
FBI seeks victims of Steam games used to spread malware
FBI seizes Handala data leak site after Stryker cyberattack
FBI seizes LeakBase cybercrime forum, data of 142,000 members
FBI takedown of W3LL phishing service leads to developer arrest
FBI warns against using Chinese mobile apps due to privacy risks
FBI warns of Handala hackers using Telegram in malware attacks
FBI warns of phishing attacks impersonating US city, county officials
FBI: Americans lost a record $21 billion to cybercrime last year
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
FCC bans new routers made outside the USA over security risks
FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
FTC to ban data broker Kochava from selling Americans’ location data
FTC: Americans lost over $2.1 billion to social media scams in 2025
Facebook accounts unavailable in worldwide outage
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Fake Claude AI website delivers new 'Beagle' Windows malware
Fake Claude Code install guides push infostealers in InstallFix attacks
Fake Google Security site uses PWA app to steal credentials, MFA codes
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Fake LastPass support email threads try to steal vault passwords
Fake Ledger Live app on Apple’s App Store stole $9.5M in crypto
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
Fake OpenAI repository on Hugging Face pushes infostealer malware
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Fake VS Code alerts on GitHub spread malware to developers
Fake enterprise VPN downloads used to steal company credentials
Fake enterprise VPN sites used to steal company credentials
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
File read flaw in Smart Slider plugin impacts 500K WordPress sites
Firefox now has a free built-in VPN with 50GB monthly data limit
Firestarter malware survives Cisco firewall updates, security patches
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
Florida woman imprisoned for massive Microsoft license fraud scheme
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Former govt contractor convicted for wiping dozens of federal databases
Former ransomware negotiator pleads guilty to BlackCat attacks
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
French govt agency confirms breach as hacker offers to sell data
From VMware to what’s next: Protecting data during hypervisor migration
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming
Funnel Builder WordPress plugin bug exploited to steal credit cards
GIGABYTE Control Center vulnerable to arbitrary file write flaw
GM agrees to $12.75M California settlement over sale of drivers’ data
GSocket Backdoor Delivered Through Bash Script, (Fri, Mar 20th)
GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
German authorities identify REvil and GandCrab ransomware bosses
German authorities identify REvil and GangCrab ransomware bosses
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
Ghanain man pleads guilty to role in $100 million fraud ring
Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
GitHub adds AI-powered bug detection to expand security coverage
GitHub fixes RCE flaw that gave access to millions of private repos
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions
GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701M
Going the Extra Mile: Travel Rewards Turn into Underground Currency.
Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
Google Chrome adds infostealer protection against session cookie theft
Google Chrome shifts to two-week release cycle for increased stability
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome
Google Drive ransomware detection now on by default for paying users
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
Google adds ‘Advanced Flow’ for safe APK sideloading on Android
Google expands Gemini AI use to fight malicious ads on its platform
Google fixes fourth Chrome zero-day exploited in attacks in 2026
Google fixes two new Chrome zero-days exploited in attacks
Google now allows you to change your @gmail.com address
Google now offers up to $1.5 million for some Android exploits
Google paid $17.1 million for vulnerability reports in 2025
Google rolls out Gmail end-to-end encryption on mobile devices
Google says 90 zero-days were exploited in attacks last year
Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
Google: Cloud attacks exploit flaws more than weak credentials
Google: Hackers used AI to develop zero-day exploit for web admin tool
Google: New UNC6783 hackers steal corporate Zendesk support tickets
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt
Grafana says stolen GitHub token let hackers steal codebase
Grinex exchange blames "Western intelligence" for $13.7M crypto hack
HPE warns of critical AOS-CX flaw allowing admin password resets
HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)
Hacker charged with stealing $53 million from Uranium crypto exchange
Hacker mass-mails HungerRush extortion emails to restaurant patrons
HackerOne discloses employee data breach after Navia hack
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Hackers abuse .arpa DNS and ipv6 to evade phishing defenses
Hackers abuse Google ads for GoDaddy ManageWP login phishing
Hackers abuse Google ads, Claude.ai chats to push Mac malware
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
Hackers arrested for hijacking and selling 610,000 Roblox accounts
Hackers compromise Axios npm package to drop cross-platform malware
Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026
Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
Hackers exploit React2Shell in automated credential theft campaign
Hackers exploit TrueConf zero-day to push malicious software updates
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers exploit critical flaw in Ninja Forms WordPress plugin
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers exploiting Acrobat Reader zero-day flaw since December
Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now
Hackers steal $3.6 million from crypto ATM giant Bitcoin Depot
Hackers use pixel-large SVG trick to hide credit card stealer
Handling the CVE Flood With EPSS, (Mon, Apr 20th)
Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
Healthcare IT solutions provider ChipSoft hit by ransomware attack
Healthcare tech firm CareCloud says hackers stole patient data
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
Hims & Hers warns of data breach after Zendesk support ticket breach
Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks
Home security giant ADT data breach affects 5.5 million people
How AI Assistants are Moving the Security Goalposts
How AI Hallucinations Are Creating Real Security Risks
How CISOs Can Survive the Era of Geopolitical Cyberattacks
How Ceros Gives Security Teams Visibility and Control in Claude Code
How Deepfakes and Injection Attacks Are Breaking Identity Verification
How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
How a Brute Force Attack Unmasked a Ransomware Infrastructure Network
How often are redirects used in phishing in 2026?, (Mon, Apr 6th)
How to Categorize AI Agents and Prioritize Risk
How to Evaluate AI SOC Agents: 7 Questions Gartner Says You Should Be Asking
How to Reduce Phishing Exposure Before It Turns into Business Disruption
How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows
INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)
ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)
ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th)
ISC Stormcast For Friday, April 3rd, 2026 https://isc.sans.edu/podcastdetail/9878, (Fri, Apr 3rd)
ISC Stormcast For Friday, March 13th, 2026 https://isc.sans.edu/podcastdetail/9848, (Fri, Mar 13th)
ISC Stormcast For Friday, March 20th, 2026 https://isc.sans.edu/podcastdetail/9858, (Fri, Mar 20th)
ISC Stormcast For Friday, March 27th, 2026 https://isc.sans.edu/podcastdetail/9868, (Fri, Mar 27th)
ISC Stormcast For Friday, March 6th, 2026 https://isc.sans.edu/podcastdetail/9838, (Fri, Mar 6th)
ISC Stormcast For Friday, May 15th, 2026 https://isc.sans.edu/podcastdetail/9934, (Fri, May 15th)
ISC Stormcast For Friday, May 1st, 2026 https://isc.sans.edu/podcastdetail/9914, (Fri, May 1st)
ISC Stormcast For Friday, May 8th, 2026 https://isc.sans.edu/podcastdetail/9924, (Fri, May 8th)
ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th)
ISC Stormcast For Monday, April 20th, 2026 https://isc.sans.edu/podcastdetail/9898, (Mon, Apr 20th)
ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)
ISC Stormcast For Monday, March 16th, 2026 https://isc.sans.edu/podcastdetail/9850, (Mon, Mar 16th)
ISC Stormcast For Monday, March 23rd, 2026 https://isc.sans.edu/podcastdetail/9860, (Mon, Mar 23rd)
ISC Stormcast For Monday, March 30th, 2026 https://isc.sans.edu/podcastdetail/9870, (Mon, Mar 30th)
ISC Stormcast For Monday, March 9th, 2026 https://isc.sans.edu/podcastdetail/9840, (Mon, Mar 9th)
ISC Stormcast For Monday, May 11th, 2026 https://isc.sans.edu/podcastdetail/9926, (Mon, May 11th)
ISC Stormcast For Monday, May 4th, 2026 https://isc.sans.edu/podcastdetail/9916, (Mon, May 4th)
ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th)
ISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904, (Thu, Apr 23rd)
ISC Stormcast For Thursday, April 2nd, 2026 https://isc.sans.edu/podcastdetail/9876, (Thu, Apr 2nd)
ISC Stormcast For Thursday, April 30th, 2026 https://isc.sans.edu/podcastdetail/9912, (Thu, Apr 30th)
ISC Stormcast For Thursday, April 9th, 2026 https://isc.sans.edu/podcastdetail/9886, (Thu, Apr 9th)
ISC Stormcast For Thursday, March 12th, 2026 https://isc.sans.edu/podcastdetail/9846, (Thu, Mar 12th)
ISC Stormcast For Thursday, March 19th, 2026 https://isc.sans.edu/podcastdetail/9856, (Thu, Mar 19th)
ISC Stormcast For Thursday, March 26th, 2026 https://isc.sans.edu/podcastdetail/9866, (Thu, Mar 26th)
ISC Stormcast For Thursday, March 5th, 2026 https://isc.sans.edu/podcastdetail/9836, (Thu, Mar 5th)
ISC Stormcast For Thursday, May 14th, 2026 https://isc.sans.edu/podcastdetail/9932, (Thu, May 14th)
ISC Stormcast For Thursday, May 7th, 2026 https://isc.sans.edu/podcastdetail/9922, (Thu, May 7th)
ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th)
ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900, (Tue, Apr 21st)
ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th)
ISC Stormcast For Tuesday, April 7th, 2026 https://isc.sans.edu/podcastdetail/9882, (Tue, Apr 7th)
ISC Stormcast For Tuesday, March 10th, 2026 https://isc.sans.edu/podcastdetail/9842, (Tue, Mar 10th)
ISC Stormcast For Tuesday, March 17th, 2026 https://isc.sans.edu/podcastdetail/9852, (Tue, Mar 17th)
ISC Stormcast For Tuesday, March 24th, 2026 https://isc.sans.edu/podcastdetail/9862, (Tue, Mar 24th)
ISC Stormcast For Tuesday, March 31st, 2026 https://isc.sans.edu/podcastdetail/9872, (Tue, Mar 31st)
ISC Stormcast For Tuesday, March 3rd, 2026 https://isc.sans.edu/podcastdetail/9832, (Tue, Mar 3rd)
ISC Stormcast For Tuesday, May 12th, 2026 https://isc.sans.edu/podcastdetail/9928, (Tue, May 12th)
ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918, (Tue, May 5th)
ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)
ISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)
ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)
ISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910, (Wed, Apr 29th)
ISC Stormcast For Wednesday, April 8th, 2026 https://isc.sans.edu/podcastdetail/9884, (Wed, Apr 8th)
ISC Stormcast For Wednesday, March 11th, 2026 https://isc.sans.edu/podcastdetail/9844, (Wed, Mar 11th)
ISC Stormcast For Wednesday, March 18th, 2026 https://isc.sans.edu/podcastdetail/9854, (Wed, Mar 18th)
ISC Stormcast For Wednesday, March 25th, 2026 https://isc.sans.edu/podcastdetail/9864, (Wed, Mar 25th)
ISC Stormcast For Wednesday, March 4th, 2026 https://isc.sans.edu/podcastdetail/9834, (Wed, Mar 4th)
ISC Stormcast For Wednesday, May 13th, 2026 https://isc.sans.edu/podcastdetail/9930, (Wed, May 13th)
ISC Stormcast For Wednesday, May 6th, 2026 https://isc.sans.edu/podcastdetail/9920, (Wed, May 6th)
Infinite Campus warns of breach after ShinyHunters claims data theft
Inside Caller-as-a-Service Fraud: The Scam Economy Has a Hiring Process
Inside a Modern Fraud Attack: From Bot Signups to Account Takeovers
Inside an OPSEC Playbook: How Threat Actors Evade Detection
Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
Instructure confirms data breach, ShinyHunters claims attack
Instructure confirms hackers used Canvas flaw to deface portals
Instructure hacker claims data theft from 8,800 schools, universities
Instructure reaches 'agreement' with ShinyHunters to stop data leak
Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
International joint action disrupts world’s largest DDoS botnets
Investigating a New Click-Fix Variant
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
Iranian hackers targeted major South Korean electronics maker
Is a $30,000 GPU Good at Password Cracking?
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti warns of new EPMM flaw exploited in zero-day attacks
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
JDownloader site hacked to replace installers with Python RAT malware
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet
Kali Linux 2026.1 released with 8 new tools, new BackTrack mode
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
KelpDAO suffers $290 million heist tied to Lazarus hackers
KongTuke hackers now use Microsoft Teams for corporate breaches
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
Kyber ransomware gang toys with post-quantum encryption on Windows
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks
LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks
Leaked Shai-Hulud malware fuels new npm infostealer campaign
Learning from the Vercel breach: Shadow AI & OAuth sprawl
LexisNexis confirms data breach as hackers leak stolen files
LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
Malicious Ad for Homebrew Leads to MacSync Stealer, (Fri, May 1st)
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
Man admits to locking thousands of Windows devices in extortion plot
Man gets 30 months for selling thousands of hacked DraftKings accounts
Manager of botnet used in ransomware attacks gets 2 years in prison
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
Marquis: Ransomware gang stole data of 672K people in cyberattack
Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception
Max severity Flowise RCE vulnerability now exploited in attacks
Max severity Ubiquiti UniFi flaw may allow account takeover
Mazda discloses security breach exposing employee and partner data
McGraw-Hill confirms data breach following extortion threat
Medtech giant Stryker fully operational after data-wiping attack
Medtech giant Stryker offline after Iran-linked wiper malware attack
Medtronic confirms breach after hackers claim 9 million records theft
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown
Meta adds new WhatsApp, Facebook, and Messenger anti-scam tools
Meta to Shut Down Instagram End-to-End Encrypted Chat Support Starting May 2026
Microsoft 365 Backup to add file-level restore for faster recovery
Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
Microsoft Azure Monitor alerts abused for callback phishing attacks
Microsoft Azure Monitor alerts abused in callback phishing campaigns
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft Exchange Online outage blocks access to mailboxes
Microsoft Exchange Online service change causes email access issues
Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
Microsoft March 2026 Patch Tuesday fixes 2 zero-days, 79 flaws
Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
Microsoft May 2026 Patch Tuesday, (Tue, May 12th)
Microsoft Patch Tuesday April 2026., (Tue, Apr 14th)
Microsoft Patch Tuesday March 2026, (Tue, Mar 10th)
Microsoft Patch Tuesday, March 2026 Edition
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
Microsoft Teams phishing targets employees with A0Backdoor malware
Microsoft Teams phishing targets employees with backdoors
Microsoft Teams right-click paste broken by Edge update bug
Microsoft Teams to get efficiency mode on PCs with limited resources
Microsoft Teams will tag third-party bots trying to join meetings
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
Microsoft adds Windows protections for malicious Remote Desktop files
Microsoft asks iPhone users to reauthenticate after Outlook outage
Microsoft backpedals: Edge to stop loading passwords into memory
Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
Microsoft confirms April Windows updates cause backup failures
Microsoft confirms Windows 11 security update install issues
Microsoft fixes BitLocker recovery issue only for Windows 11 users
Microsoft fixes Classic Outlook bug causing email delivery issues
Microsoft fixes Outlook Classic crashes caused by Teams Meeting add-in
Microsoft fixes Remote Desktop warnings displaying incorrectly
Microsoft fixes Windows Autopatch bug installing restricted drivers
Microsoft fixes bug behind Windows Server 2025 automatic upgrades
Microsoft fixes bug causing Classic Outlook sync issues with Gmail
Microsoft investigates classic Outlook sync and connection issues
Microsoft links Classic Outlook issue to email delivery problems
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft now force upgrades unmanaged Windows 11 24H2 PCs
Microsoft now lets admins choose pre-installed Store apps to uninstall
Microsoft now lets admins uninstall Copilot on enterprise devices
Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest
Microsoft pulls KB5079391 Windows update over install issues
Microsoft pulls Samsung app blocking Windows C: drive from Store
Microsoft pulls service update causing Teams launch failures
Microsoft rejects critical Azure vulnerability report, no CVE issued
Microsoft releases Windows 10 KB5078885 extended security update
Microsoft releases Windows 10 KB5082200 extended security update
Microsoft releases Windows 10 KB5087544 extended security update
Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw
Microsoft releases emergency patches for critical ASP.NET flaw
Microsoft releases emergency updates to fix Windows Server issues
Microsoft removes Support and Recovery Assistant from Windows
Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
Microsoft rolls out fix for broken Windows Start Menu search
Microsoft rolls out revamped Windows Insider Program
Microsoft says Outlook.com outage is causing sign‑in failures
Microsoft says backend change broke Teams Free chat and calls
Microsoft says some users can't install Office on Windows 365 devices
Microsoft shares fix for Windows C: drive access issues on Samsung PCs
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft still working to fix Windows Explorer white flashes
Microsoft stops force-installing the Microsoft 365 Copilot app
Microsoft suspends dev accounts for high-profile open source projects
Microsoft testing adjustable taskbar, Start menu in Windows 11
Microsoft tests Windows Explorer speed, performance improvements
Microsoft tests modern Windows Run, says it's faster than legacy dialog
Microsoft to automatically roll back faulty Windows drivers
Microsoft to deprecate legacy TLS in Exchange Online starting July
Microsoft to enable Windows hotpatch security updates by default
Microsoft to roll out Entra passkeys on Windows in late April
Microsoft traces Universal Print issues to Graph API code change
Microsoft warns of Exchange zero-day flaw exploited in attacks
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday
Microsoft: April Windows Server 2025 update may fail to install
Microsoft: April updates trigger BitLocker key prompts on some servers
Microsoft: Canadian employees targeted in payroll pirate attacks
Microsoft: Enabling Teams Meeting add-in breaks Outlook Classic
Microsoft: Hackers abuse OAuth error flows to spread malware
Microsoft: Hackers abusing AI at every stage of cyberattacks
Microsoft: March Windows updates break Teams, OneDrive sign-ins
Microsoft: New Remote Desktop warnings may display incorrectly
Microsoft: Some Teams users can’t join meetings after Edge update
Microsoft: Some Windows servers enter reboot loops after April patches
Microsoft: Teams increasingly abused in helpdesk impersonation attacks
Microsoft: Windows 11 users can't access C: drive on some Samsung PCs
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
Mississippi medical center reopens clinics hit by ransomware attack
Money launderer linked to $230M crypto heist gets 70 months in prison
More Honeypot Fingerprinting Scans, (Wed, Apr 8th)
Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
Most Remediation Programs Never Confirm the Fix Actually Worked
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
MuddyWater hackers use Chaos ransomware as a decoy in attacks
Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
Musician admits to $10M streaming royalty fraud using AI bots
Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side
N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
NAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 Support
NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
NGate Android malware uses HandyPay NFC app to steal card data
NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
NIST to stop rating non-priority flaws due to volume increase
NVIDIA confirms GeForce NOW data breach affecting Armenian users
Navia discloses data breach impacting 2.7 million people
Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
New 'Zombie ZIP' technique lets malware slip past security tools
New ATHR vishing platform uses AI voice agents for automated attacks
New AgingFly malware used in attacks on Ukraine govt, hospitals
New BeatBanker Android malware poses as Starlink app to hijack devices
New BlackFile extortion group linked to surge of vishing attacks
New Bluekit phishing service includes an AI assistant, 40 templates
New Booking.com data breach forces reservation PIN resets
New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
New Checkmarx supply-chain breach affects KICS analysis tool
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
New Cisco DoS flaw requires manual reboot to revive devices
New CrystalRAT malware adds RAT, stealer and prankware features
New EvilTokens service fuels Microsoft device code phishing attacks
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
New FortiClient EMS flaw exploited in attacks, emergency patch released
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption
New Fragnesia Linux flaw lets attackers gain root privileges
New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips
New GPUBreach attack enables system takeover via GPU rowhammer
New GhostLock tool abuses Windows API to block file access
New GoGra malware for Linux uses Microsoft Graph API for comms
New GopherWhisper APT group abuses Outlook, Slack, Discord for comms
New Infinity Stealer malware grabs macOS data via ClickFix lures
New KB5085516 emergency update fixes Microsoft account sign-in
New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
New Linux 'Dirty Frag' zero-day gives root on all major distros
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
New Linux ‘Copy Fail’ flaw gives hackers root on major distros
New Lotus data wiper used against Venezuelan energy, utility firms
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
New Mirai campaign exploits RCE flaw in EoL D-Link routers
New PCPJack worm steals credentials, cleans TeamPCP infections
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
New PhantomRaven NPM attack wave steals dev data via 88 packages
New Progress ShareFile flaws can be chained in pre-auth RCE attacks
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
New RFP Template for AI Usage Control and AI Governance
New RoadK1ll WebSocket implant used to pivot on breached networks
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
New TCLBanker malware self-spreads over WhatsApp and Outlook
New Torg Grabber infostealer malware targets 728 crypto wallets
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
New VENOM phishing attacks steal senior executives' Microsoft logins
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
New Windows 11 emergency update fixes preview update install issues
New Windows 11 hotpatch fixes Bluetooth device visibility issue
New critical Exim mailer flaw allows remote code execution
New font-rendering trick hides malicious commands from AI tools
New macOS stealer campaign uses Script Editor in ClickFix attack
New npm supply-chain attack self-spreads to steal auth tokens
New stealthy Quasar Linux malware targets software developers
New ‘BlackSanta’ EDR killer spotted targeting HR departments
New ‘LucidRook’ malware used in targeted attacks on NGOs, universities
New ‘Pack2TheRoot’ flaw gives hackers root Linux access
New ‘Perseus’ Android malware checks user notes for secrets
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
New “Darksword” iOS exploit used in infostealer attack on iPhones
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
Nordstrom's email system abused to send crypto scams to customers
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
Number Usage in Passwords: Take Two, (Thu, Apr 9th)
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
Obfuscated JavaScript or Nothing, (Thu, Apr 9th)
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
Official CheckMarx Jenkins package compromised with infostealer
Official SAP npm packages compromised to steal credentials
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth Breaches
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation
OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
OpenAI confirms security breach in TanStack supply chain attack
OpenAI rolls out ChatGPT Library to store your personal files
OpenAI rotates macOS certs after Axios attack hit code-signing workflow
OpenAI says ChatGPT ads are not rolling out globally for now
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
Oracle pushes emergency fix for critical Identity Manager RCE flaw
Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks
Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks
Over 100 Chrome Web Store extensions steal user accounts, data
Over 100 Chrome extensions in Web Store target users accounts and data
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
Over 20,000 crypto fraud victims identified in international crackdown
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug
Paid AI Accounts Are Now a Hot Underground Commodity
Paint maker giant AkzoNobel confirms cyberattack on U.S. site
Palo Alto Networks firewall zero-day exploited for nearly a month
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Patch Tuesday, April 2026 Edition
Patch Tuesday, May 2026 Edition
Payouts King ransomware uses QEMU VMs to bypass endpoint security
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
Phobos ransomware admin pleads guilty to wire fraud conspiracy
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
Poland's nuclear research centre targeted by cyberattack
Police dismantles 9 crypto scam centers, arrests 276 suspects
Police dismantles online gambling ring exploiting Ukrainian women
Police shut down reboot of Crimenetwork marketplace, arrest admin
Police sinkholes 45,000 IP addresses in cybercrime crackdown
Police take down 373,000 fake CSAM sites in Operation Alice
PolyShell attacks target 56% of all vulnerable Magento stores
Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
Popular LiteLLM PyPI package compromised in TeamPCP supply chain attack
Popular WordPress redirect plugin hid dormant backdoor for years
Popular node-ipc npm package compromised to steal credentials
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
Preparing for the Quantum Era: Post-Quantum Cryptography Webinar for Security Leaders
Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Progress warns of critical MOVEit Automation auth bypass flaw
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
Proton launches new "Meet" privacy-focused conferencing platform
Proxying the Unproxyable? Sending EXE traffic to a Proxy, (Wed, May 13th)
PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and Linux
PyPI package with 1.1M monthly downloads hacked to push infostealer
PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
Ransomware gang exploits Cisco flaw in zero-day attacks since January
Recently leaked Windows zero-days now exploited in attacks
Regular Password Resets Aren’t as Safe as You Think
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Residential proxies evaded IP reputation checks in 78% of 4B sessions
Robinhood account creation flaw abused to send phishing emails
Rolling Networks: Securing the Transportation Sector
Romanian leader of online swatting ring gets 4 years in prison
Routine Access Is Powering Modern Intrusions, a New Threat Report Finds
RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded
Russia Hacked Routers to Steal Microsoft Office Tokens
Russia arrests suspected owner of LeakBase cybercrime forum
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
Russian hackers turn Kazuar backdoor into modular P2P botnet
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
SAP fixes critical vulnerabilities in Commerce Cloud and S/4HANA
SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites
SSL.com rotates their root certificate today, (Tue, May 5th)
Scanning for AI Models, (Tue, Apr 14th)
Scans for "adminer", (Wed, Mar 18th)
Scans for EncystPHP Webshell, (Mon, Apr 13th)
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
ScarCruft hackers push BirdCall Android malware via game platform
Seiko USA website defaced as hacker claims customer data theft
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Shadow AI is everywhere. Here’s how to find and secure it.
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
ShinyHunters claims ongoing Salesforce Aura data theft attacks
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
Signal adds security warnings for social engineering, phishing attacks
Signed software abused to deploy antivirus-killing scripts
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains
Simple bypass of the link preview function in Outlook Junk folder, (Thu, May 14th)
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
Smart Slider updates hijacked to push malicious WordPress, Joomla versions
SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2), (Wed, Mar 25th)
SmartApeSG campaign uses ClickFix page to push Remcos RAT, (Sat, Mar 14th)
Snowflake customers hit in data theft attacks after SaaS integrator breach
Spain dismantles major $4.7M manga piracy platform, arrests four
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks
Star Citizen game dev discloses breach affecting user data
Starbucks discloses data breach affecting hundreds of employees
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Stolen Rockstar Games analytics data leaked by extortion gang
Stopping Fraud at Each Stage of the Customer Journey Without Adding Friction
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Story retracted
Stryker attack wiped tens of thousands of devices, no malware needed
Student hacked Taiwan high-speed rail to trigger emergency brakes
Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitor
Suspected RedLine infostealer malware admin extradited to US
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
TP-Link warns users to patch critical router auth bypass flaw
TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise
TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
TeamPCP Supply Chain Campaign: Update 001 - Checkmarx Scope Wider Than Reported, CISA KEV Entry, and Detection Tools Available, (Thu, Mar 26th)
TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)
TeamPCP Supply Chain Campaign: Update 003 - Operational Tempo Shift as Campaign Enters Monetization Phase With No New Compromises in 48 Hours, (Sat, Mar 28th)
TeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Compromise, TeamPCP Runs Dual Ransomware Operations, and AstraZeneca Data Released, (Mon, Mar 30th)
TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)
TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)
TeamPCP Supply Chain Campaign: Update 007 - Cisco Source Code Stolen via Trivy-Linked Breach, Google GTIG Tracks TeamPCP as UNC6780, and CISA KEV Deadline Arrives with No Standalone Advisory, (Wed, Apr 8th)
TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)
TeamPCP Weekly Analysis: 2026-W18 (2026-04-27 through 2026-05-03), (Mon, May 4th)
TeamPCP deploys Iran-targeted wiper in Kubernetes attacks
TeamPCP hackers advertise Mistral AI code repos for sale
Telegram Mini Apps abused for crypto scams, Android malware delivery
Telus Digital confirms breach after hacker claims 1 petabyte data theft
Termite ransomware breaches linked to ClickFix CastleRAT attacks
The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls
The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check.
The EOL Blind Spot in Your CVE Feed: What SCA Tools Miss
The Gentlemen ransomware now uses SystemBC for bot-powered attacks
The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now Open
The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills
The Hidden Cost of Recurring Credential Incidents
The Hidden Security Risks of Shadow AI in Enterprises
The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
The New Turing Test: How Threats Use Geometry to Prove 'Humanness'
The Refund Fraud Economy: Exploiting Major Retailers and Payment Platforms
The State of Secrets Sprawl 2026: 9 Takeaways for CISOs
The State of Trusted Open Source Report
The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction
The backup myth that is putting businesses at risk
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
They don’t hack, they borrow: How fraudsters target credit unions
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
Threat actor uses Microsoft Teams to deploy new “Snow” malware
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories
ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
TikTok for Business accounts targeted in new phishing campaign
Today's Odd Web Requests, (Wed, Apr 29th)
Tool updates: lots of security and logic fixes, (Mon, Mar 23rd)
Top 5 Things CISOs Need to Do Today to Secure AI Agents
Top Five Sales Challenges Costing MSPs Cybersecurity Revenue
Toxic Combinations: When Cross-App Permissions Stack into Risk
Traffic violation scams switch to QR codes in new phishing texts
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
Trellix Confirms Source Code Breach With Unauthorized Repository Access
Trellix discloses data breach after source code repository hack
Trellix source code breach claimed by RansomHouse hackers
TrickMo Android banker adopts TON blockchain for covert comms
Trigona ransomware attacks use custom exfiltration tool to steal data
Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
Trivy supply-chain attack spreads to Docker, GitHub repos
Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

Microsoft traces Universal Print issues to Graph API code change

guid

source_url

author_name