A security researcher operating under the alias “Chaotic Eclipse” has publicly released a proof-of-concept (PoC) exploit for a vulnerability in Microsoft Defender. Published on April 15, 2026, the exploit targets a flaw in CVE-2026-33825, a recently patched vulnerability. The uncoordinated…
Critical Chrome Vulnerabilities Let Attackers Execute Arbitrary Code – Update Now!
Google has rolled out a crucial security update for its Chrome browser, addressing 31 vulnerabilities that could leave systems exposed to severe cyber threats. Released on April 15, 2026, this Stable Channel update requires immediate attention from users worldwide, as…
Splunk Enterprise and Cloud Platform Vulnerability Enables Remote Code Execution Attacks
A critical security vulnerability has been officially disclosed, affecting multiple versions of Enterprise and Cloud platforms. Tracked as CVE-2026-20204, this high-severity flaw carries a CVSS score of 7.1 and poses a significant threat to organizational networks. Discovered and reported by…
New Chrome Privacy Analysis Shows How Fingerprinting and Header Leaks Can Expose Users
Google Chrome is the most widely used browser in the world, yet a sweeping new analysis reveals it offers users almost no protection against fingerprinting and data leaks that quietly expose their identity to websites and trackers. Published April 14,…
Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments
A researcher has disclosed the details of the AI attack method he has named ‘Comment and Control’. The post Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments appeared first on SecurityWeek. This article has been…
How to Implement Passwordless Authentication to Boost User Conversion
Stop losing customers to password fatigue. Learn how implementing passwordless authentication removes friction, slashes support costs, and boosts conversions. The post How to Implement Passwordless Authentication to Boost User Conversion appeared first on Security Boulevard. This article has been indexed…
March 2026 Cyber Attacks Statistics
After the cyber attacks timelines, it’s time to publish the statistics for March 2026 where I collected and analyzed 282 events: a sharp increase compared to the 176 events of the previous month. In March 2026, Cyber Crime continued to…
Anthropic tests user trust with ID and selfie checks for Claude
Anthropic announced identity verification for Claude using government ID and selfie checks, becoming the first major AI chatbot to do so, a move that may prove unpopular with users. Having built its reputation around privacy in the AI race, Anthropic…
Booking.com Customers Hit By Scams After Data Breach
Travel reservation giant warns of heightened risks for customers after confirming users’ booking data stolen by hackers This article has been indexed from Silicon UK Read the original article: Booking.com Customers Hit By Scams After Data Breach
Cisco FMC Zero-Day Among 31 High-Impact Vulnerabilities Exploited in March
31 high-impact vulnerabilities were actively exploited in March 2026, with a Cisco firewall zero-day abused by the Interlock ransomware group emerging as one of the most dangerous threats to enterprise networks. Affected vendors span core enterprise and developer ecosystems, including…
Booking.com breach gives scammers what they need to target guests
Guest reservation data stolen from the booking giant can be used by scammers to impersonate hotels to steal payment and personal info. This article has been indexed from Malwarebytes Read the original article: Booking.com breach gives scammers what they need…
Server-room lock was nothing but a crock
Your cybersecurity is only as good as the physical security of the servers PWNED Welcome back to Pwned, the column where we immortalize the worst vulns that organizations opened up for themselves. If you’re the kind of person who leaves…
Sweden reports cyberattack attempt on heating plant amid rising energy threats
Sweden says a pro-Russian group attacked a heating plant in 2025. The failed cyberattack highlights growing threats to Europe’s energy infrastructure. Sweden has blamed a pro-Russian group linked to Russian intelligence for a failed cyberattack on a heating plant in…
16-31 March 2026 Cyber Attacks Timeline
The second half of March 2026 has been very active from an infosec standpoint, with 124 events and a threat landscape dominated by malware. As always, cyber crime led the motivations chart with 65%, slightly up from the previous timeline.…
1,250+ C2 Servers Mapped Across Russian Hosting Across 165 Providers
Cybersecurity researchers have uncovered a large and organized network of malicious infrastructure quietly running inside Russia’s commercial hosting ecosystem. Over a three-month window from January 1 to April 1, 2026, more than 1,250 active command-and-control (C2) servers were detected across…
Fake Adobe Reader Download Delivers ScreenConnect Through Stealthy In-Memory Loader
A newly uncovered attack campaign is tricking users into installing remote access software on their systems by disguising malware as a legitimate Adobe Acrobat Reader download. The attack uses a sophisticated chain of techniques — including in-memory execution, process masquerading,…
Teenaged Boy Arrested After NI Schools Hacked
Police arrest 16-year-old after hack on Northern Ireland school IT system at beginning of Easter school break that compromised data This article has been indexed from Silicon UK Read the original article: Teenaged Boy Arrested After NI Schools Hacked
OpenAI expands cybersecurity program with GPT-5.4-Cyber model
OpenAI will be expanding its cybersecurity efforts by increasing the number of verified defenders served by its Trusted Access for Cyber (TAC) program into the thousands, with hundreds more security teams to follow. This move aims to address the challenge of defenders…
EU cybersecurity standards are at risk if supplier ban passes
Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s planned revision to its existing cybersecurity certification framework. The paper focuses on two…
GitHub lays out copyright liability changes and upcoming DMCA review for developers
A U.S. Supreme Court ruling issued in March has settled a question that has circulated among platform operators and developers for years: whether a service provider can be held liable for copyright infringement committed by its users without evidence of…
OpenAI’s GPT-5.4-Cyber, McGraw Hill blames Salesforce for breach, signed adware disables antivirus
OpenAI rolls out GPT-5.4-Cyber McGraw Hill breach due to Salesforce misconfig Signed adware operation disables antivirus Get the show notes here: https://cisoseries.com/cybersecurity-news-openais-gpt-5-4-cyber-mcgraw-hill-blames-salesforce-for-breach-signed-adware-disables-antivirus/ Huge thanks to our sponsor, Conveyor At some point, every fast-growing SaaS team hits the same wall. The…
Government Backs Autonomous Vehicle Tests Around UK
Eight feasibility studies around the UK receive funding under CAM Pathfinder programme to test future forms of transport This article has been indexed from Silicon UK Read the original article: Government Backs Autonomous Vehicle Tests Around UK
Fake Adobe Reader Download Drops ScreenConnect via Fileless Loader
A deceptive campaign in which attackers distributed a fake Adobe Acrobat Reader installer that secretly deployed ConnectWise’s ScreenConnect via a complex in‑memory execution chain. Although ScreenConnect is a legitimate remote‑access tool, it was repurposed for unauthorized system control and data collection. The attack chain…
Cisco Webex Vulnerability Allows User Impersonation Attacks
Cisco has released an urgent security advisory warning organizations of a critical vulnerability in its Webex communication platform. Tracked as CVE-2026-20184, this severe flaw could allow unauthenticated, remote attackers to entirely bypass security checks and impersonate any legitimate user within…