Bitcoin Depot has disclosed a cyber-attack that led to the theft of more than 50 Bitcoin, worth $3.66m, after hackers accessed its internal systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Bitcoin Depot Reports $3.6m Crypto…
STX RAT Targets Finance Sector With Advanced Stealth Tactics
STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods This article has been indexed from www.infosecurity-magazine.com Read the original article: STX RAT Targets Finance Sector With Advanced Stealth Tactics
IT Security News Hourly Summary 2026-04-09 18h : 16 posts
16 posts were published in the last hour 15:37 : Trenchant Exec Says He Had Depression, Money Troubles When He Decided to Sell Zero Days to Russian Buyer; Also, New Info Reveals Nature of His Work for Australian Intelligence Agency…
Trenchant Exec Says He Had Depression, Money Troubles When He Decided to Sell Zero Days to Russian Buyer; Also, New Info Reveals Nature of His Work for Australian Intelligence Agency
Peter Joseph Williams, a former L3 Trenchant executive recently convicted of secretly selling zero-day exploits to a Russian broker, says he was suffering anxiety, burnout, years of depression, and financial difficulties when he decided to steal exploits from his US…
Tracking Dependencies Beyond the Build Stage
When working on modern software, a developer will often use hundreds or thousands of dependencies. Кeeping an accurate and consistent bill of materials is essential for license compliance and for security. Motivation In a large organization, the scope of dependencies…
Massive Data Breach Exposes 337K LAPD-Linked Records
A massive breach exposed 337K LAPD-linked files, raising concerns over third-party risk, sensitive data exposure, and law enforcement cybersecurity gaps. The post Massive Data Breach Exposes 337K LAPD-Linked Records appeared first on TechRepublic. This article has been indexed from Security…
Adobe Acrobat Reader Zero Day Exploited in Active PDF Attacks
An Adobe Acrobat zero day is being exploited in the wild. The post Adobe Acrobat Reader Zero Day Exploited in Active PDF Attacks appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article:…
Hacker stole £700,000 from U.K. energy company by redirecting payment
The U.K. energy company said a redirected payment meant for a contractor instead landed in a hacker’s bank account. This article has been indexed from Security News | TechCrunch Read the original article: Hacker stole £700,000 from U.K. energy company…
New STX RAT Uses Hidden Remote Desktop and Infostealer Features to Evade Detection
A newly discovered remote access trojan called STX RAT has emerged as a serious cybersecurity threat in 2026, combining hidden remote desktop access with credential-stealing features to quietly compromise targeted machines. The malware gets its name from the Start of…
Hackers Use ClickFix and Malicious DMG Files to Deliver notnullOSX on macOS
A new macOS info-stealer named notnullOSX has surfaced, targeting crypto holders with wallets above $10,000. Written in Go, it uses two parallel attack paths — ClickFix social engineering and malicious DMG disk image files — to silently compromise Apple Mac…
New ClickFix Campaign Uses macOS Script Editor to Deliver Atomic Stealer
A newly discovered ClickFix campaign is targeting macOS users through a technique that completely bypasses Terminal, using Script Editor to drop the Atomic Stealer infostealer onto compromised systems. This campaign marks a clear shift in how attackers are responding to…
Chevin pulls the handbrake on FleetWave software after security scare
UK and US customers stuck waiting after fleet management SaaS vendor took affected environments offline A cybersecurity incident has knocked FleetWave into a “major outage” across the UK and US after Chevin Fleet Solutions pulled parts of its SaaS platform…
Masjesu botnet targets IoT devices while evading high-profile networks
Masjesu is a stealthy DDoS-for-hire botnet targeting IoT devices, active since 2023 and designed to stay hidden by avoiding high-profile networks. Masjesu is a stealthy botnet active since 2023, advertised as a DDoS-for-hire service. It targets IoT devices like routers…
Months-old Adobe Reader zero-day uses PDFs to size up targets
Malicious PDFs abuse legit features to harvest system data and decide which victims get a 2nd-stage payload Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat Reader for months, using booby-trapped PDFs to profile targets…
The Most Important Cybersecurity Trends in 2026 So Far
In the first quarter of the year, cybersecurity trends have been much of the same, with some new twists. Cyber threats are always evolving, but often have much of the same foundation. The leading 2026 cybersecurity trends so far involve…
Trump’s Proposed $707 Million CISA Budget Cut a ‘Gift to Nation-State Actors’
The Trump Administration wants to strip $707 million from CISA as it looks to narrow the scope of the security agency, but cybersecurity experts are saying that such cuts are a strategic mistake at a time when threat groups linked…
[un]prompted 2026 – Al Go Beep Boop!
Author, Creator & Presenter: Adam Laurie (Major Malfunction) CISO At Alpitronic Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’ YouTube Channel. Permalink The post [un]prompted 2026 –…
Claude Managed Agents bring execution and control to AI agent workflows
Anthropic’s Claude Managed Agents are a suite of composable APIs for building and deploying cloud-hosted agents at scale, handling sandboxed code execution, checkpointing, credential management, scoped permissions, and end-to-end tracing for you. Developers can define tasks, tools, and permissions within…
NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat
Hackers have disrupted critical U.S. infrastructure by targeting programmable logic controllers, the Cybersecurity and Infrastructure Security Agency warned. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: NERC is ‘actively monitoring the grid’ following…
Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk
A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of apps. Microsoft researchers detail how the flaw works, why it matters, and how developers can mitigate similar risks by updating affected SDKs. The…
113,000 explicit prompts from AI girlfriend platform exposed, many linked to user IDs
MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users. MyLovely.AI allows people to create personalized not safe for work (NSFW) content and engage in real-time conversations with AI-generated companions, often involving highly personal prompts and…
Cyber Briefing: 2026.04.09
Attackers are escalating tactics across cloud and AI ecosystems, exploiting Kubernetes misconfigurations to pivot into cloud accounts and distributing malicious npm packages to steal tokens… This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.04.09
How Microsegmentation Helps Governments Meet CJIS Compliance
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: How Microsegmentation Helps Governments Meet CJIS Compliance
Claude Code Can Be Manipulated via CLAUDE.md to Run SQL Injection Attacks
LayerX researchers have discovered how to bypass Claude Code’s safety rules using the CLAUDE.md file. This exploit allows… This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Claude Code Can…