Microsoft has officially released a new Group Policy setting that allows IT administrators to silently uninstall the Microsoft Copilot app from managed Windows 11 devices, a move that signals a broader enterprise shift away from bundled AI bloat and toward…
Microsoft Outlook.com Issue Blocks Users From Accessing Emails
Microsoft has acknowledged a service degradation affecting Outlook.com, with users reporting difficulties accessing the platform as of Monday, April 27, 2026. The company’s official Microsoft 365 Status account on X confirmed the incident, noting the last status update at 10:15…
ClickFix Attack Replaces PowerShell With Cmdkey and Remote Regsvr32 Payload Delivery
A new and more capable version of the ClickFix attack has been spotted in the wild, and it works a little differently from what security teams have seen before. Instead of relying on PowerShell, attackers are now chaining native Windows…
Burglar alarm biz burgled: ADT confirms cyber intrusion after ShinyHunters extortion attempt
Security giant says attackers grabbed ‘limited set’ of data. Crooks claim 10 million records A home security biz getting digitally burgled is not a great look – but that’s exactly where ADT finds itself. The company has confirmed a cyber…
Most Cybersecurity Professionals Feel Undervalued and Underpaid
A new report by global technology recruitment firm, Harvey Nash, found that three quarters of cybersecurity staff are pessimistic on pay and half are looking for a new job This article has been indexed from www.infosecurity-magazine.com Read the original article:…
Medieval Encrypted Letter Decoded
Sent by a Spanish diplomat. Apparently people have been working on it since it was rediscovered in 1860. This article has been indexed from Schneier on Security Read the original article: Medieval Encrypted Letter Decoded
Microsoft updates the Windows Update Experience: You can hit pause now
Keep the patches away for as long as you like Microsoft has devised a solution to the problem of Windows Updates that break customer devices – users are now able to pause them for as long as they like.… This…
Energy and Water Management Firm Itron Hacked
Itron, which serves utilities and cities around the world, discovered unauthorized access to its systems on April 13. The post Energy and Water Management Firm Itron Hacked appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Researchers Warn macOS textutil, KeePassXC Can Fuel Automation Attacks
Researchers are warning that widely trusted local tools such as macOS’s textutil and KeePassXC can pose unexpected security risks when used within automated workflows. The issue is not traditional vulnerabilities such as memory corruption or code execution, but how normal…
Linux ELF Malware Generator Evades ML Detection With Semantic-Preserving Changes
As Linux continues to dominate high-performance computing, cloud services, and Internet of Things (IoT) devices, it has become a prime target for cybercriminals. However, while much research has focused on manipulating Windows executables to bypass security, the Linux Executable and…
Itron Discloses Data Breach After Hackers Access Internal Systems
Itron, Inc., a leading smart metering and energy infrastructure technology company, has disclosed a cybersecurity incident after an unauthorized third party gained access to certain of its internal systems, according to a Form 8-K filing submitted to the U.S. Securities…
Firefox bug CVE-2026-6770 enabled cross-site tracking and Tor fingerprinting
CVE-2026-6770 let attackers fingerprint Firefox and Tor users, even in Private mode. Firefox 150 and Tor Browser 15.0.10 fixed it. A vulnerability, tracked as CVE-2026-6770, allowed attackers to fingerprint Firefox users, even in Private Browsing, and also impacted the Tor…
UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware
The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access. The post UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware appeared first on SecurityWeek. This article has been indexed…
AI Security Questionnaires: Why Most Startups Fail (And the Trust Stack That Fixes It)
AI Security Questionnaires: Why Most Startups Fail (And the Trust Stack That Fixes It) It’s Monday. Your enterprise prospect just sent a 312-question security questionnaire. Forty of those questions are about AI — model bias, training data lineage, ISO 42001,…
Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files
New version of Vidar infostealer spreads via fake CAPTCHAs, hides in JPEG and TXT files, uses fileless attacks and steals browser, crypto wallet data. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read…
Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access
A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages. The post Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
ICO chief John Edwards steps back as workplace probe quietly unfolds
UK’s data watchdog confirms its boss has been off the job since February while an HR investigation runs The UK’s data watchdog is without its chief after John Edwards stepped aside from the Information Commissioner’s Office while an independent workplace…
US Launches Sweeping Crackdown on Southeast Asia Cyberscams and Sanctions Cambodian Senator
U.S. officials have announced a sweeping crackdown on Southeast Asian cyberscam operations as part of what U.S. Attorney Jeanine Pirro characterized Friday as a “new theater of war” launched by the Trump administration against Chinese transnational organized crime. The crackdown,…
IT Security News Hourly Summary 2026-04-27 12h : 15 posts
15 posts were published in the last hour 9:36 : OpenClaw Flaws Expose Systems to Policy Bypass Attacks 9:36 : North Korean Hackers Target Pharma Firms with Malware-Laced Excel Attacks 9:36 : ‘fast16’ Malware with Sabotage Capabilities Attacking Ultra expensive…
OpenClaw Flaws Expose Systems to Policy Bypass Attacks
OpenClaw, a rapidly adopted open-source autonomous AI agent framework, has released critical security updates to address three moderate-severity vulnerabilities. Found in npm package versions before 2026.4.20, these complex flaws expose systems to severe policy bypasses, unauthorized local configuration modifications, and…
North Korean Hackers Target Pharma Firms with Malware-Laced Excel Attacks
North Korean state-backed hackers are using weaponized Excel-themed files to infect pharmaceutical and life science companies with malware, abusing Windows shortcut files, PowerShell, and cloud storage for stealthy data theft. The campaign begins with highly tailored spear‑phishing emails sent to…
‘fast16’ Malware with Sabotage Capabilities Attacking Ultra expensive Targets
The fast16 malware is a recently exposed sabotage‑capable threat designed to target extremely high‑value environments and ultra‑expensive systems with precision. It does not behave like common commodity malware that aims for broad infections, but instead focuses on select victims where…
Top 10 Best NDR (Network Detection and Response) Solutions in 2026
In the modern enterprise, the network is the ultimate source of ground truth. As organizations accelerate their digital transformation and adopt complex, cloud-native security architectures, the traditional perimeter has dissolved. Threat actors routinely bypass endpoint defenses using compromised credentials, living-off-the-land…
Attackers Can Backdoor CODESYS Applications by Chaining Vulnerabilities
Multiple vulnerabilities in the CODESYS Control runtime, one of the world’s most widely adopted software-based programmable logic controller (Soft PLC) platforms. According to Nozomi Networks Labs researchers, by chaining these security flaws, an authenticated attacker can replace a legitimate industrial…