A highly sophisticated npm supply chain attack that abuses a fake HTTP client package to deliver both a powerful RAT and a stealthy browser stealer. The malicious package, undicy-http@2.0.0, was uploaded to npm to impersonate undici, the official HTTP client…
A laughing RAT: CrystalX combines spyware, stealer, and prankware features
Kaspersky researchers analyze a new CrystalX RAT distributed as MaaS and featuring extensive spyware, stealer, and prankware capabilities. This article has been indexed from Securelist Read the original article: A laughing RAT: CrystalX combines spyware, stealer, and prankware features
Axios Front-End Library npm Supply Chain Poisoning Alert
Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of the project, changed the account email address…
Mimecast makes enterprise email security deployable in minutes
Most organizations running Microsoft 365 rely on native email controls as their primary line of defense. According to Mimecast research, 38% of organizations depend exclusively on those native controls for collaboration security, and 64% say those controls are insufficient against…
XLoader malware Sharpens Obfuscation, Masks C2 Traffic via Decoy Servers
XLoader’s developers have released new versions that significantly harden the malware’s code and hide its command‑and‑control (C2) traffic behind layers of encryption and decoy servers, making analysis and detection more difficult for defenders. This article summarizes the latest obfuscation changes…
Hackers Actively Exploit Critical WebLogic RCE Vulnerabilities in Ongoing Attacks
A maximum-severity vulnerability in Oracle WebLogic Server is facing rapid exploitation in the wild. Tracked as CVE-2026-21962, this unauthenticated Remote Code Execution (RCE) flaw carries a maximum CVSS score of 10.0. According to a recent honeypot study, attackers began weaponizing…
Google Cloud’s Vertex AI Hit by Vulnerability Enabling Sensitive Data Access
Artificial intelligence agents are transforming enterprise workflows, but they also introduce dangerous new attack vectors. Security researchers from Palo Alto Networks’ Unit 42 recently uncovered a significant vulnerability in Google Cloud Platform’s (GCP) Vertex AI Agent Engine. By exploiting overly…
Google Now Allows You to Change Your @gmail.com Address in a Few Simple Steps
For over two decades, the permanence of a Google Account username has been a strict rule of the digital landscape. Many users found it frustrating to create new accounts and transfer data after outgrowing their childhood email addresses or changing…
Mercor AI Confirms Data Breach Following Lapsus$ Claims of 4TB Data Theft
Mercor AI has officially confirmed a severe data breach following claims by the notorious Lapsus$ hacking group that they stole 4 terabytes of sensitive company data. The incident, stemming from a recent supply chain attack on the open-source LiteLLM project,…
Financial groups lay out a plan to fight AI identity attacks
Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the American Bankers Association, the Better Identity Coalition, and the Financial Services…
Cisco Breached: Source Code Stolen – Cybersecurity Today
Cisco Source Code Stolen in Trivy Fallout, Axios Supply Chain Attack, and Active Exploitation of Fortinet and Citrix Flaws David Shipley reports multiple major security incidents: attackers used credentials stolen in the Trivy supply-chain attack via a malicious GitHub action…
Workload IAM vs. Secrets Management: A Practical Decision Guide
6 min readMost organizations start their nonhuman identity security program with a secrets manager. It’s a sensible first step. But as workloads multiply across clouds and the credential sprawl grows, the question shifts from “where do we store secrets?” to…
Workload Identity and Access Management: The Definitive Guide
6 min readFor every human identity your IAM program governs, there are roughly 82 machine identities operating outside it. Most of them authenticate with static credentials that were provisioned once and never reviewed. The post Workload Identity and Access Management:…
Malware detectors trained on one dataset often stumble on another
Machine learning models built to catch malware on Windows systems are typically evaluated on data that closely resembles their training set. In practice, the malware arriving on enterprise endpoints looks different, comes from different sources, and in many cases has…
IT Security News Hourly Summary 2026-04-01 06h : 2 posts
2 posts were published in the last hour 3:13 : Phantom Project Bundles Infostealer, Crypter and RAT For Sale 3:13 : Maryland Man Charged Over $53m Uranium Finance Crypto Hack
Phantom Project Bundles Infostealer, Crypter and RAT For Sale
Phantom Stealer .NET harvests browser credentials, cookies, cards, sessions, as stealer-as-a-service This article has been indexed from www.infosecurity-magazine.com Read the original article: Phantom Project Bundles Infostealer, Crypter and RAT For Sale
Maryland Man Charged Over $53m Uranium Finance Crypto Hack
Maryland man accused of $53m Uranium Finance hack, exploited smart contract flaws, laundered funds This article has been indexed from www.infosecurity-magazine.com Read the original article: Maryland Man Charged Over $53m Uranium Finance Crypto Hack
ISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, April 1st, 2026…
This month in security with Tony Anscombe – March 2026 edition
The past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a well-thought-out cyber-resilience plan This article has been indexed from WeLiveSecurity Read the original article: This month in security with Tony…
Mercor says it was hit by cyberattack tied to compromise of open-source LiteLLM project
The AI recruiting startup confirmed a security incident after an extortion hacking crew took credit for stealing data from the company’s systems. This article has been indexed from Security News | TechCrunch Read the original article: Mercor says it was…
Granular Policy Enforcement Engines for Post-Quantum MCP Governance
Learn how to secure Model Context Protocol (MCP) deployments using granular policy engines and post-quantum cryptography to prevent AI tool poisoning and puppet attacks. The post Granular Policy Enforcement Engines for Post-Quantum MCP Governance appeared first on Security Boulevard. This…
IT Security News Hourly Summary 2026-04-01 03h : 1 posts
1 posts were published in the last hour 1:4 : Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool
Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool
As a DarkSword takeover technique spreads, Apple tells WIRED it will release fixes for millions of iPhone owners who remain on iOS 18 rather than force them to update to iOS 26 simply to be protected. This article has been…
North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack
Written by: Austin Larsen, Dima Lenz, Adrian Hernandez, Tyler McLellan, Christopher Gardner, Ashley Zaya, Michael Rudden Introduction Google Threat Intelligence Group (GTIG) is tracking an active software supply chain attack targeting the popular Node Package Manager (NPM) package “axios.” Between…