Reports from Iranian state media claim that U.S.-manufactured networking gear ceased functioning at critical moments during military strikes. The allegations, which cannot be independently verified, claim there were simultaneous failures across routers and switches produced by Cisco, Fortinet, Juniper Networks,…
IT Security News Hourly Summary 2026-04-21 21h : 6 posts
6 posts were published in the last hour 18:36 : 130K Users Compromised by StealTok Campaign That Uses Fake TikTok Downloaders 18:36 : VirtualBox 7.2.8 is out with Linux kernel 7.0 support and crash fixes 18:7 : Microsoft Vulnerabilities Drop,…
130K Users Compromised by StealTok Campaign That Uses Fake TikTok Downloaders
Malicious TikTok downloader extensions have compromised over 130,000 users by exploiting trust and harvesting sensitive data. The post 130K Users Compromised by StealTok Campaign That Uses Fake TikTok Downloaders appeared first on eSecurity Planet. This article has been indexed from…
VirtualBox 7.2.8 is out with Linux kernel 7.0 support and crash fixes
Oracle shipped VirtualBox 7.2.8 on April 21, 2026, as a maintenance release covering crashes, networking problems, clipboard issues, and extended Linux kernel compatibility. The update touches the VMM layer, NAT networking, graphics, UEFI, and both Linux and Windows guest support.…
Microsoft Vulnerabilities Drop, But Critical Flaws Double, Report Warns
Microsoft vulnerabilities fall, but critical flaws double, BeyondTrust report highlights rising risk in Microsoft Office, Azure, and cloud systems. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Microsoft Vulnerabilities…
The DevOps Security Paradox: Why Faster Delivery Often Creates More Risk
A few years ago, I was part of a large enterprise transformation program where the leadership team proudly announced that they had successfully implemented DevOps across hundreds of applications. Deployments were faster. Release cycles dropped from months to days. Developers…
The Attack Runs Itself: What Agentic AI Fraud Actually Looks Like
This is part 1 of a two-part series on agentic AI fraud defense. Since joining Arkose Labs, one of the first things I did was go deep on the threat data — what the attack patterns actually look like, how…
Critical SGLang Vulnerability Allows Remote Code Execution via Malicious AI Model Files
A newly disclosed high-severity flaw in SGLang could enable attackers to remotely execute code on affected servers through specially crafted AI model files. The issue, tracked as CVE-2026-5760, has received a CVSS score of 9.8 out of 10, placing…
Microsoft Vulnerabilities Hit Record High, Critical Flaws Decline, Report Find
Microsoft vulnerabilities hit a record high while critical flaws decline, BeyondTrust report reveals rising risks across Windows, Office, and Azure systems. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
More Cisco SD-WAN bugs battered in attacks
CISA gives federal agencies 4 days to patch America’s lead cyber-defense agency has warned that three Cisco Catalyst SD-WAN Manager bugs are under attack, and given federal agencies just four days to patch the security holes.… This article has been…
Siemens Analytics Toolkit
View CSAF Summary Multiple Siemens applications are affected by improper certificate validation in Siemens Analytics Toolkit. This could allow an unauthenticated remote attacker to perform man in the middle attacks. Siemens has released new versions for the affected products and…
SenseLive X3050
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to take complete control of the device. The following versions of SenseLive X3050 are affected: X3050 V1.523 (CVE-2026-40630, CVE-2026-25720, CVE-2026-35503, CVE-2026-39462, CVE-2026-27843, CVE-2026-40431, CVE-2026-40623, CVE-2026-27841, CVE-2026-40620, CVE-2026-35064, CVE-2026-25775)…
Siemens TPM 2.0
View CSAF Summary The products listed below contain a vulnerability that could allow an attacker to perform an out-of-bound read, potentially leading to information disclosure or denial of service of the TPM. Siemens has released new versions for several affected…
Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary
View CSAF Summary RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) contains a vulnerability that could allow an attacker to escalate their own privileges. Siemens has released a new version for RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) and recommends to…
Silex Technology SD-330AC and AMC Manager
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service, or configuration information may be altered without authentication. The following versions of Silex Technology SD-330AC and AMC Manager are affected: SD-330AC…
22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters
Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them. The vulnerabilities have been collectively codenamed BRIDGE:BREAK by…
Seceon Recognized in the 2026 Gartner® “Voice of the Customer” Report for Security Information and Event Management
Seceon earns a 4.6 out of 5.0 overall rating from 82 verified customer reviews, with 90% of reviewers willing to recommend the platform, reflecting strong real-world satisfaction across the global services and financial sectors WESTFORD, Mass., April 21, 2026 /PRNewswire/ — Seceon Inc.,…
ShinyHunters: SaaS Breaches & Identity Risks (2026)
Who are ShinyHunters? Learn how this group exploits SaaS, credentials, and identity-based access—and how to prevent modern data breaches. The post ShinyHunters: SaaS Breaches & Identity Risks (2026) appeared first on Security Boulevard. This article has been indexed from Security…
Meta Is Sued Over Scam Ads on Facebook and Instagram
A lawsuit from the Consumer Federation of America accuses Meta of misleading consumers about its efforts to combat scams advertisements on its platforms. This article has been indexed from Security Latest Read the original article: Meta Is Sued Over Scam…
New PureRAT Campaign Hides PE Payloads in PNG Files and Executes Them Filelessly
A new and sophisticated malware campaign has been discovered, using a remote access trojan (RAT) called PureRAT to silently compromise Windows systems. What makes this campaign stand out is how cleverly it hides malicious code inside ordinary-looking PNG image files.…
New NGate Malware Developed Using AI Hides in NFC Payment Apps
A new and more dangerous version of the NGate malware has been found hiding inside a trojanized NFC payment application. This time, threat actors appear to have used artificial intelligence to help write the malicious code, which marks a significant…
Where Most SOCs Stall: Building SOC Maturity with Threat Intelligence Feeds
SOC maturity comes down to the quality of decisions. Yet in many teams, those decisions are still made based on fragmented intelligence and outdated indicators. This is where progress stalls: threat data remains external to the workflow. Mature SOCs take…
Detection strategies across cloud and identities against infiltrating IT workers
The shift to remote and hybrid work since the pandemic expanded global hiring and accelerated digital onboarding, increasing reliance on online identity verification and remote access. The post Detection strategies across cloud and identities against infiltrating IT workers appeared first…
Ransomware negotiator pleads guilty to helping ransomware gang
A former employee of a cybersecurity firm pleaded guilty to aiding ransomware criminals to maximize their profits, with the goal of taking a cut of the ransom. This article has been indexed from Security News | TechCrunch Read the original…