Cybersecurity researchers have uncovered a large and organized network of malicious infrastructure quietly running inside Russia’s commercial hosting ecosystem. Over a three-month window from January 1 to April 1, 2026, more than 1,250 active command-and-control (C2) servers were detected across…
Fake Adobe Reader Download Delivers ScreenConnect Through Stealthy In-Memory Loader
A newly uncovered attack campaign is tricking users into installing remote access software on their systems by disguising malware as a legitimate Adobe Acrobat Reader download. The attack uses a sophisticated chain of techniques — including in-memory execution, process masquerading,…
Teenaged Boy Arrested After NI Schools Hacked
Police arrest 16-year-old after hack on Northern Ireland school IT system at beginning of Easter school break that compromised data This article has been indexed from Silicon UK Read the original article: Teenaged Boy Arrested After NI Schools Hacked
OpenAI expands cybersecurity program with GPT-5.4-Cyber model
OpenAI will be expanding its cybersecurity efforts by increasing the number of verified defenders served by its Trusted Access for Cyber (TAC) program into the thousands, with hundreds more security teams to follow. This move aims to address the challenge of defenders…
EU cybersecurity standards are at risk if supplier ban passes
Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s planned revision to its existing cybersecurity certification framework. The paper focuses on two…
GitHub lays out copyright liability changes and upcoming DMCA review for developers
A U.S. Supreme Court ruling issued in March has settled a question that has circulated among platform operators and developers for years: whether a service provider can be held liable for copyright infringement committed by its users without evidence of…
OpenAI’s GPT-5.4-Cyber, McGraw Hill blames Salesforce for breach, signed adware disables antivirus
OpenAI rolls out GPT-5.4-Cyber McGraw Hill breach due to Salesforce misconfig Signed adware operation disables antivirus Get the show notes here: https://cisoseries.com/cybersecurity-news-openais-gpt-5-4-cyber-mcgraw-hill-blames-salesforce-for-breach-signed-adware-disables-antivirus/ Huge thanks to our sponsor, Conveyor At some point, every fast-growing SaaS team hits the same wall. The…
Government Backs Autonomous Vehicle Tests Around UK
Eight feasibility studies around the UK receive funding under CAM Pathfinder programme to test future forms of transport This article has been indexed from Silicon UK Read the original article: Government Backs Autonomous Vehicle Tests Around UK
Fake Adobe Reader Download Drops ScreenConnect via Fileless Loader
A deceptive campaign in which attackers distributed a fake Adobe Acrobat Reader installer that secretly deployed ConnectWise’s ScreenConnect via a complex in‑memory execution chain. Although ScreenConnect is a legitimate remote‑access tool, it was repurposed for unauthorized system control and data collection. The attack chain…
Cisco Webex Vulnerability Allows User Impersonation Attacks
Cisco has released an urgent security advisory warning organizations of a critical vulnerability in its Webex communication platform. Tracked as CVE-2026-20184, this severe flaw could allow unauthenticated, remote attackers to entirely bypass security checks and impersonate any legitimate user within…
Critical Cisco ISE Flaws Let Remote Attackers Execute Malicious Code
Networking giant Cisco has issued an urgent security advisory warning of two newly discovered vulnerabilities impacting its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). Cisco Identity Services Engine (ISE) is a widely deployed security policy management platform…
Chrome Privacy Vulnerability Exposes Users via Fingerprinting and Header Leaks
A new technical review of Google Chrome’s privacy posture shows that modern tracking no longer depends only on cookies, because websites can combine browser fingerprinting, storage tricks, and HTTP header leaks to identify users with surprising accuracy. Chrome has reduced…
When PUPs bite: Huntress uncovers “weaponised” adware exposing 25,000+ systems
Cybersecurity provider Huntress has identified a major security threat. What appeared to be an unassuming potentially unwanted program (PUP) has transformed into a threat that can disable antivirus systems and put thousands of endpoints at risk. As mentioned in a recent blog, the cyberattack involves the…
UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp. The activity, which…
IT Security News Hourly Summary 2026-04-16 09h : 6 posts
6 posts were published in the last hour 6:36 : Command integrity breaks in the LLM routing layer 6:7 : Nginx-UI Flaw Actively Exploited to Enable Full Server Takeover 6:7 : Russian Hosting Tied to 1,250+ C2 Servers Across 165…
Command integrity breaks in the LLM routing layer
Systems that rely on LLM agents often send requests through intermediary routing services before reaching a model. These routers connect to different providers through a single endpoint and manage how requests are handled. This layer can influence what gets executed…
Nginx-UI Flaw Actively Exploited to Enable Full Server Takeover
A severe vulnerability in nginx-ui, a widely used open-source web interface for managing Nginx servers, is currently being actively exploited in the wild. Tracked as CVE-2026-33032 with a maximum CVSS base score of 9.8, this critical flaw allows remote attackers…
Russian Hosting Tied to 1,250+ C2 Servers Across 165 Providers
More than 1,250 C2 servers were identified across 165 Russian infrastructure providers within the past 3 months. Infrastructure analytics and ISP mapping are exposing the hidden backbone of cyber threats operating inside Russian networks. By looking beyond single IPs or…
Hackers Abuse Google Discover With AI-Generated Content to Push Malicious Notifications
A newly identified threat operation is exploiting one of the most widely used content discovery tools on Android and Chrome devices — Google’s Discovery feed — to deliver malicious push notifications to unsuspecting users across multiple countries. The operation, named Pushpaganda by…
Web Supply Chain Risk in ANZ: Why the Browser is the New Front Line
Right now, code is executing in your users’ browsers that your WAF has never inspected, your DAST never tested, and your pen testers never touched. […] The post Web Supply Chain Risk in ANZ: Why the Browser is the New…
What the EU AI Act requires for AI agent logging
The EU AI Act is 144 pages long. The logging requirements that matter for AI agent developers sit across four articles that keep referencing each other. Here’s what they say, when the deadlines hit, and where the gaps are. Your…
Why Using a Burner Email Can Strengthen Your Online Privacy
Email accounts are among the most frequently exposed pieces of personal data in security breaches, which is a major reason why people often find their information circulating online. While using stronger passwords and enabling multi-factor authentication can significantly improve…
Product showcase: Ente Auth encrypts, backs up, and syncs 2FA
Two-factor authentication (2FA) is an essential layer of protection for online accounts, and Ente Auth makes it easier to manage securely across devices. Ente Auth is a free, open-source authenticator app designed to generate and store one-time passcodes for 2FA.…
Critical Chrome Flaws Allow Arbitrary Code Execution – Patch Immediately
Google has released an urgent security update for its Chrome web browser to address 31 vulnerabilities, including five rated as critical. The stable channel has been updated to version 147.0.7727.101/102 for Windows and Mac, and 147.0.7727.101 for Linux. This update…