Author, Creator & Presenter: Brendan Dolan-Gavitt, AI Researcher, XBOW & Vincent Olesen, AI Researcher, XBOW Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’) YouTube Channel. Permalink The…
MITRE ATT&CK v19 Drops April 28: How to Prepare Your SOC for the Defense Evasion Split
MITRE ATT&CK v19: What the Defense Evasion Split Means for Your SOC What’s Changing in ATT&CK v19 MITRE ATT&CK v19 drops April 28, 2026. The biggest change: Defense Evasion (TA0005), the framework’s most bloated tactic, is being split into two…
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took…
IT Security News Hourly Summary 2026-04-06 21h : 8 posts
8 posts were published in the last hour 18:36 : Border Patrol Agents Sold Challenge Coins With ‘Charlotte’s Web’ Characters in Riot Gear 18:36 : Attackers exploited this critical FortiClient EMS bug as a 0-day 18:36 : FluBot / Android…
Border Patrol Agents Sold Challenge Coins With ‘Charlotte’s Web’ Characters in Riot Gear
Nonprofits run out of US Border Patrol stations are also selling other “operation”-themed coins that include a phrase popularized by the Proud Boys, potentially in violation of government rules. This article has been indexed from Security Latest Read the original…
Attackers exploited this critical FortiClient EMS bug as a 0-day
CISA added the flaw to KEV after Fortinet confirmed exploitation in the wild Fortinet released an emergency patch over the weekend for a critical FortiClient Enterprise Management Server (EMS) bug believed to be under attack since at least March 31.……
FluBot / Android banking malware
North Korean financially motivated threat actors, AI-Enabled Social Engineering and the New Face of Crypto Intrusions. This article has been indexed from CyberMaterial Read the original article: FluBot / Android banking malware
Trojanized PyPI AI Proxy Uses Stolen Claude Prompt to Exfiltrates Data
A malicious Python package has been discovered on PyPI that disguises itself as a privacy-focused AI inference tool while quietly stealing sensitive user data in the background. Named hermes-px, the package marketed itself as a “Secure AI Inference Proxy” that routes…
CISA Warns of Fortinet 0-Day Vulnerability Actively Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-35616, a critical improper access control vulnerability in Fortinet FortiClient Enterprise Management Server (EMS), to its Known Exploited Vulnerabilities (KEV) catalog on April 6, 2026, mandating federal agencies to remediate by April…
Protecting Your Data with Veeam
The days of using backup as a simple “set it and forget it” insurance policy are officially over. If you’re still treating your secondary storage like a digital attic where you shove old boxes and hope for the best, you…
The Value of Immutability with Object First
IT security teams today must have the feeling of a target on their back. It is not paranoia. Hackers target backup storage in nearly every single ransomware incident because they know that if they kill your safety net, you are…
Microsoft 365 Phishing Bypasses MFA via OAuth Device Codes
A recent wave of phishing attacks is bypassing traditional security protections on Microsoft 365, even when multi‑factor authentication (MFA) is enabled. Instead of stealing passwords directly, attackers are abusing legitimate Microsoft login flows to trick users into granting access…
Ten Great Cybersecurity Job Opportunities
Security Boulevard is now providing a weekly cybersecurity jobs report through which opportunities for cybersecurity professionals will be highlighted as part of an effort to better serve our audience. Our goal in these challenging economic times is to make it…
Inside an AI‑enabled device code phishing campaign
A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation. This campaign goes beyond traditional phishing by generating live authentication codes on demand, enabling higher success rates and sustained post‑compromise…
DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
Threat actors likely associated with the Democratic People’s Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) infrastructure in multi-stage attacks targeting organizations in South Korea. The attack chain, per Fortinet FortiGuard Labs, involves obfuscated Windows shortcut (LNK) files acting as the…
Missile Alert Phishing Exploits Iran-US-Israel Conflict for Microsoft Logins
New Phishing scam uses fake missile alerts and the ongoing conflict involving Iran to target users with QR codes and fake government emails to steal Microsoft passwords. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI…
North Korea’s hijack of one of the web’s most used open source projects was likely weeks in the making
North Korean hackers pushed out malicious updates to a popular open source project by hacking a top developer’s computer in a long-running campaign. This article has been indexed from Security News | TechCrunch Read the original article: North Korea’s hijack…
Watch this video of how a job interviewer exposes a North Korean fake IT worker
An apparent North Korean worker was caught visibly stumped during a remote job interview when asked to insult the country’s leader. This article has been indexed from Security News | TechCrunch Read the original article: Watch this video of how…
Randall Munroe’s XKCD ‘Little Red Dots’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Little Red Dots’ appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article: Randall…
Smart Controls for Infrastructure as Code with LLMs
Infrastructure as Code (IaC) has transformed how we manage and provision infrastructure in the cloud. It enabled developers to consider compute, storage, network, and other infrastructure components as software which was not the case before infra was modeled as code.…
New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems
Fortinet warns of a critical FortiClient EMS zero-day vulnerability that is currently being exploited, allowing attackers to bypass authentication and execute commands. The post New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems appeared first on TechRepublic. This article has…
Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations
The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize recently disclosed vulnerabilities to obtain initial access, exfiltrate data, and deploy Medusa ransomware (Gaze.exe). The post Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware…
50,000 WordPress Sites affected by Arbitrary File Upload Vulnerability in Ninja Forms – File Upload WordPress Plugin
On January 8th, 2026, we received a submission for an Arbitrary File Upload vulnerability in Ninja Forms – File Upload, a WordPress plugin with an estimated 50,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to upload…
Google DeepMind Researchers Map Web Attacks Against AI Agents
Malicious web content can be used to manipulate, deceive, and exploit autonomous AI agents navigating the internet, Google DeepMind researchers show. The researchers have identified six types of attacks against AI agents that can be mounted via web content to…