The Zed Attack Proxy (ZAP) team has rolled out version 0.3.0 of the OWASP PenTest Kit (PTK) add-on, introducing a transformative workflow upgrade for application security testing. This new release bridges the critical gap between traditional proxy-level scanning and modern…
Apple Expands iOS 18.7.7 Update to More Devices to Shield Users from DarkSword Exploit
Apple has taken the rare step of expanding the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader set of devices on April 1, 2026, pushing critical backported security patches to millions of users still running iOS 18 who…
Microsoft Details Steps to Mitigate the Axios npm Supply Chain Compromise
A widely used JavaScript library called Axios was at the center of a serious supply chain attack that came to light on March 31, 2026. Two updated versions of the Axios npm package — version 1.14.1 and version 0.30.4 —…
Standardize or Suffer: The JCHK Blueprint for MSSPs Defending SMB and SME Clients
Advanced persistent threats don’t discriminate by organization size — they discriminate by defense capability. Nation-state actors and their proxies invest months conducting reconnaissance, moving laterally through networks with surgical patience, and exfiltrating data long before any alert fires. The reality…
GitHub Used as Covert Channel in Multi-Stage Malware Campaign
LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration This article has been indexed from www.infosecurity-magazine.com Read the original article: GitHub Used as Covert Channel in Multi-Stage Malware Campaign
Researchers Observe Sub-One-Hour Ransomware Attacks
Halcyon says Akira is now capable of carrying out an entire ransomware attack in less than an hour This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Observe Sub-One-Hour Ransomware Attacks
Apple Expands iOS 18 Security Updates Amid DarkSword Threat
iOS/iPadOS 18.7.7 updates expanded to protect older devices from DarkSword web exploit kit This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple Expands iOS 18 Security Updates Amid DarkSword Threat
Akira-Style Ransomware Campaign Hits Windows Users Across South America
A newly identified ransomware campaign is targeting Windows users across South America, leveraging tactics that closely mimic the notorious Akira ransomware group. According to ESET’s findings, the threat actors behind this campaign are attempting to exploit Akira’s reputation by replicating…
Mastering Azure Kubernetes Service: The Ultimate Guide to Scaling, Security, and Cost Optimization
Azure Kubernetes Service (AKS) has evolved from a simple managed orchestrator into a sophisticated platform that serves as the backbone for modern enterprise applications. However, as clusters grow in complexity, the challenge shifts from initial deployment to long-term operational excellence.…
DPRK-Related Campaigns with LNK and GitHub C2
Analysis of DPRK-linked LNK-based attacks using GitHub as covert C2 infrastructure, detailing multi-stage PowerShell execution, persistence mechanisms, and data exfiltration techniques targeting Windows environments. This article has been indexed from FortiGuard Labs Threat Research Read the original article: DPRK-Related…
Malwarebytes Privacy VPN receives full third-party audit
We commissioned a third-party audit for the infrastructure behind our VPNs. Here are the results. This article has been indexed from Malwarebytes Read the original article: Malwarebytes Privacy VPN receives full third-party audit
How to Improve Google Workspace Phishing Protection for Schools Without Adding IT Burden
Phishing attacks remain one of the most common, and most successful, cyber threats targeting K–12 schools. As districts continue to rely on Google Workspace for communication, collaboration, and file sharing, it has become a prime entry point for attackers looking…
New Red Hat subscription simplifies long-term enterprise Linux support
Red Hat has announced Red Hat Enterprise Linux Extended Life Cycle Premium, a new subscription that provides a predictable 14-year life cycle for major Red Hat Enterprise Linux releases. This stand-alone subscription consolidates extended support, simplifying the management of multiple…
[Video] The TTP Ep 21: When Attackers Become Trusted Users
An episode of the Talos Threat Perspective on the 2025 Year in Review trends. We explore how identity is being used to gain, extend, and maintain access inside environments. This article has been indexed from Cisco Talos Blog Read the…
Storm Infostealer Sold as Service, Targets Browsers, Wallets and Accounts
New research from Varonis Threat Labs reveals Storm infostealer, a malicious subscription service that bypasses Google Chrome encryption.… This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Storm Infostealer Sold…
Cisco Patches Critical and High-Severity Vulnerabilities
The bugs could lead to authentication bypass, remote code execution, information disclosure, and privilege escalation. The post Cisco Patches Critical and High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Cisco Patches…
Anthropic Responds To Claude Code Leak
Anthropic is currently working to mitigate the impact of a leak involving the foundational instructions for Claude Code, its popular AI agent for developers. This article has been indexed from CyberMaterial Read the original article: Anthropic Responds To Claude Code…
Proton Launches Privacy Meet Platform
Proton has launched Meet, a privacy-centric video conferencing tool designed to compete with major platforms by offering end-to-end encryption for all calls. This article has been indexed from CyberMaterial Read the original article: Proton Launches Privacy Meet Platform
Apple Expands iOS Update To Block Exploit
Apple has expanded the distribution of iOS 18.7.7 and iPadOS 18.7.7 to a wider selection of hardware to protect users against the DarkSword exploit kit. This article has been indexed from CyberMaterial Read the original article: Apple Expands iOS Update…
IT Security News Hourly Summary 2026-04-02 15h : 12 posts
12 posts were published in the last hour 12:34 : Casbaneiro Phishing Targets Europe 12:34 : Chrome Zero Day CVE Under Exploit 12:34 : Vertex AI Flaw Exposes Cloud Data 12:34 : Cyberattack Disrupts Phones In MA Towns 12:34 :…
Casbaneiro Phishing Targets Europe
A multi-pronged phishing campaign by a Brazilian threat actor is targeting Spanish-speaking organizations in Latin America and Europe to deploy banking trojans. This article has been indexed from CyberMaterial Read the original article: Casbaneiro Phishing Targets Europe
Chrome Zero Day CVE Under Exploit
Google recently launched security patches for Chrome to fix 21 different security issues, including a critical zero-day vulnerability that is already being used by attackers. This article has been indexed from CyberMaterial Read the original article: Chrome Zero Day CVE…
Vertex AI Flaw Exposes Cloud Data
Cybersecurity researchers have identified a flaw in Google Cloud’s Vertex AI platform where default service agent permissions allow for potential data exfiltration and unauthorized environment access. This article has been indexed from CyberMaterial Read the original article: Vertex AI Flaw…
Cyberattack Disrupts Phones In MA Towns
A cybersecurity attack discovered early Tuesday has disrupted several Massachusetts towns connected to the Patriot Regional Emergency Communications Center, impacting administrative systems and business phone lines for local police and fire departments. This article has been indexed from CyberMaterial Read…