DeepSeek’s hundreds of millions of users deprived of tool during outage of multiple hours extending into early Monday morning This article has been indexed from Silicon UK Read the original article: DeepSeek AI Service Experiences Prolonged Outage
Apple Adds ClickFix Attack Warnings in New macOS Tahoe Security Feature
Apple has silently introduced a new security mechanism in macOS Tahoe 26.4 to protect users against social engineering campaigns known as ClickFix attacks. This defense intercepts potentially harmful commands before they are pasted into the Terminal application, breaking the infection…
Hackers Deploy RoadK1ll Pivoting Malware to Turn Compromised Hosts Into Network Relays
A new piece of malware called RoadK1ll has been found silently converting compromised machines into controllable network relay points. Unlike most malware that arrives loaded with commands and attack tools, RoadK1ll is deliberately lean, built around one goal: giving attackers…
New DeepLoad Malware Uses ClickFix and AI-Generated Evasion to Breach Enterprise Networks
A newly discovered malware named DeepLoad is targeting enterprise environments, turning a single user action into persistent, credential-stealing access that survives reboots and outlasts standard cleanup efforts. What sets this campaign apart is how every stage of the attack was…
Austria Plans Social Media ban For Under-14s
Austria ruling coalition to introduce law banning children under 14 from accessing social platforms, joining international trendj This article has been indexed from Silicon UK Read the original article: Austria Plans Social Media ban For Under-14s
Qilin Ransomware allegedly breached chemical manufacturer giant Dow Inc
Qilin ransomware claims a breach of Dow Inc., listing it on its Tor leak site, but no proof of the hack has been released yet. Qilin Ransomware group allegedly breached the chemical manufacturing giant Dow Inc. The cybercrime group added…
Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install
See how the attack works, what to look for, and how to remediate. The post Poisoned Axios: npm Account Takeover, 50 Million Downloads, and a RAT That Vanishes After Install appeared first on Security Boulevard. This article has been indexed…
Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)
In case of a cyber incident, most organizations fear more of data loss (via exfiltration) than regular data encryption because they have a good backup policy in place. If exfiltration happened, it means a total loss of control of the…
Google Maps Displays Non-Existent Clean Air Zone In Manchester
Google works to correct issue after Maps app warns drivers of Clean Air Zone around Manchester that was proposed, but never implemented This article has been indexed from Silicon UK Read the original article: Google Maps Displays Non-Existent Clean Air…
Tax Filing Scams Used to Deliver Malware in New Cybercrime Campaigns
Cybercriminals are once again exploiting global tax seasons, abusing IRS and tax filing lures to deliver malware, remote monitoring and management (RMM) tools, and credential phishing in a wave of new 2026 campaigns. Security researchers have already tracked more than…
GhostSocks Turns Victim Systems Into Residential Proxies for Evasive Cyberattacks
A new malware called GhostSocks has been quietly spreading through compromised systems, turning home and office devices into residential proxies that threat actors use to conceal their malicious traffic. Unlike traditional malware that simply steals data or locks files, GhostSocks…
macOS Terminal ClickFix attacks, Russian court sentences ‘Flint’, CareCloud probes data breach
macOS Terminal gets ClickFix attacks Russian court sentences ‘Flint’ over card fraud CareCloud probes data breach Get the show notes here: https://cisoseries.com/cybersecurity-news-macos-terminal-clickfix-attacks-russian-court-sentences-flint-carecloud-probes-data-breach/ Huge thanks to our sponsor, ThreatLocker Ransomware doesn’t need to be sophisticated if it’s allowed to execute. A…
European Commission Confirms Data Breach
Hackers claim theft of data on Commission employees, other sensitive material in latest hack of major organisation This article has been indexed from Silicon UK Read the original article: European Commission Confirms Data Breach
DeepLoad Malware Uses ClickFix and AI Evasion to Hit Enterprise Networks
New “DeepLoad” malware is turning a single user click into fileless, credential‑stealing persistence inside enterprise networks, leveraging the ClickFix technique and AI-generated obfuscation to evade traditional defenses. DeepLoad arrives via ClickFix a social engineering technique that instructs users to paste…
CareCloud Data Breach Exposes Patient Data After Hackers Access IT Systems
CareCloud, Inc., a prominent healthcare technology provider, has disclosed a material cybersecurity incident involving unauthorized access to its electronic health record (EHR) infrastructure. The security event was first detected on March 16, 2026, when the CareCloud Health division experienced an…
Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise
Researchers found an OpenAI Codex vulnerability that could have been exploited to compromise GitHub tokens. The post Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
What Makes Browser Hijacking a Silent Threat?
Web browsers act as a critical gateway to an organization’s digital ecosystem, enabling access to banking, email, cloud applications, and sensitive customer data. When attackers compromise this gateway, they can monitor user activity, redirect traffic, and capture confidential credentials without…
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency. Versions 1.14.1 and 0.30.4 of Axios have been found to inject “plain-crypto-js” version 4.2.1…
IT Security News Hourly Summary 2026-03-31 09h : 5 posts
5 posts were published in the last hour 6:32 : ChatGPT Vulnerability Enabled Silent Leakage of Prompts and Sensitive Information 6:32 : Apple Adds Terminal Paste Warning in macOS Tahoe 26.4 to Block ClickFix Attacks 6:11 : Claude AI Uncovers…
ChatGPT Vulnerability Enabled Silent Leakage of Prompts and Sensitive Information
Artificial intelligence assistants increasingly handle our most sensitive data, operating under the assumption that enclosed environments keep this information secure. However, a newly disclosed vulnerability in ChatGPT shattered this expectation. Discovered by Check Point Research, this flaw exploited the isolated…
Apple Adds Terminal Paste Warning in macOS Tahoe 26.4 to Block ClickFix Attacks
Apple has introduced a new security feature in macOS Tahoe 26. Thank you for being a Ghacks reader. The post Apple Adds Terminal Paste Warning in macOS Tahoe 26.4 to Block ClickFix Attacks appeared first on gHacks. This article has…
Claude AI Uncovers Zero-Day RCE Vulnerabilities in Vim and Emacs
Security researchers at Calif recently demonstrated the evolving power of artificial intelligence in vulnerability research by using Claude AI to uncover zero-day Remote Code Execution (RCE) flaws in both Vim and Emacs. The discoveries show that merely opening a malicious…
RoadK1ll Malware Turns Hacked Devices Into Network Relays
Hackers are deploying a new Node. js-based implant dubbed RoadK1ll to quietly turn compromised hosts into on-demand network relays, enabling stealthy pivoting deeper into victim environments without exposing obvious remote access tooling. The implant’s sole purpose is to provide attackers with reliable,…
Why I’m done calling humans the weakest link
Cybersecurity has long suffered from a people problem, but not in the way we often hear about. As industry that is based on enabling communication across the globe via the internet and many types of devices, many of us practitioners…