IT Security News

Cybersecurity news and articles about information security, vulnerabilities, exploits, hacks, laws, spam, viruses, malware, breaches.

Main menu

Skip to content
  • Advertising
  • Contact
  • Legal and Contact information
  • Opt-out preferences
  • Privacy Policy
  • Social Media
    • Telegram Channel
EN, Help Net Security

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild

2026-04-17 12:04

The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two more. The first, dubbed “RedSun,” is another privilege escalation flaw in the same platform. The…

Read more →

EN, GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Fake Zoom SDK Update Spreads Sapphire Sleet Malware in New macOS Attack Chain

2026-04-17 12:04

A sophisticated macOS-focused cyber campaign orchestrated by the North Korean threat actor Sapphire Sleet, revealing a shift toward social engineering over traditional software exploitation. Instead of relying on vulnerabilities, the attackers trick users into executing malicious files disguised as legitimate…

Read more →

EN, The Register - Security

Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug

2026-04-17 12:04

University student says he plans to move to Android, but concedes iOS engineers acting fast Apple is finally working on a fix for a bug that has locked some users out of their iPhones for months, The Register understands.… This…

Read more →

EN, Security Latest

The Shocking Secrets of Madison Square Garden’s Surveillance Machine

2026-04-17 12:04

Famously vengeful Knicks owner Jim Dolan has long spied on people at his iconic arenas. WIRED goes deep inside the operation that allegedly tracked a trans woman, lawyers, protesters, and more. This article has been indexed from Security Latest Read…

Read more →

EN, Security Affairs

Inside ZionSiphon: politically driven malware aims at Israeli water systems

2026-04-17 12:04

New ZionSiphon malware targets water systems, and allows attackers to alter pressure and chlorine levels. A flaw makes it ineffective for now. Darktrace analyzed ZionSiphon, a new malware designed to target water treatment and desalination systems, which aims to disrupt…

Read more →

EN, securityweek

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

2026-04-17 12:04

The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April. The post Recent Apache ActiveMQ Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Recent…

Read more →

EN, Help Net Security

GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics

2026-04-17 12:04

GitLab has released GitLab 18.11, expanding agentic AI across the entire software lifecycle with security remediation, pipeline configuration, and delivery analytics. AI-generated code moves faster than the systems around it can keep up with, creating the AI paradox: faster code…

Read more →

hourly summary

IT Security News Hourly Summary 2026-04-17 12h : 11 posts

2026-04-17 12:04

11 posts were published in the last hour 9:34 : New CGrabber and Direct-Sys Malware Spread Through GitHub ZIP Files 9:34 : Critical Flowise Flaw Enables Remote Command Execution via MCP Adapters 9:34 : PoC Released for FortiSandbox Flaw Enabling…

Read more →

EN, Hackread – Cybersecurity News, Data Breaches, AI and More

New CGrabber and Direct-Sys Malware Spread Through GitHub ZIP Files

2026-04-17 11:04

Hackers spread CGrabber and Direct-Sys malware through GitHub ZIP files, bypassing security tools to steal passwords, crypto wallets, and user data. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…

Read more →

EN, GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Critical Flowise Flaw Enables Remote Command Execution via MCP Adapters

2026-04-17 11:04

OX Security researchers have uncovered a critical, systemic vulnerability built directly into the architecture of Anthropic’s Model Context Protocol (MCP). As the industry standard for AI agent communication, this foundational flaw exposes systems to Arbitrary Command Execution (RCE). Attackers who…

Read more →

EN, GBHackers Security | #1 Globally Trusted Cyber Security News Platform

PoC Released for FortiSandbox Flaw Enabling Arbitrary Command Execution

2026-04-17 11:04

A proof-of-concept (PoC) exploit has been publicly released for a critical security flaw in Fortinet’s FortiSandbox. Tracked as CVE-2026-39808, this severe vulnerability allows an unauthenticated attacker to execute arbitrary commands on the underlying operating system with the highest level of…

Read more →

EN, Security Archives - TechRepublic

Top 5 Disaster Recovery Companies in 2026

2026-04-17 11:04

This is a comprehensive list of the top Disaster Recovery as a Service providers. Use this guide to compare and choose the best solution for you. The post Top 5 Disaster Recovery Companies in 2026 appeared first on TechRepublic. This…

Read more →

Cyber Security News, EN

One-Click RCE in Azure Windows Admin Center Allow Attacker to Execute Arbitrary Commands

2026-04-17 11:04

Windows Admin Center is a locally deployed, browser-based management tool used by IT administrators to manage Windows servers, clients, and clusters from a centralized graphical interface. This newly discovered critical flaw, identified by Cymulate Research Labs, allows attackers to achieve…

Read more →

Cyber Security News, EN

Windows Snipping Tool Vulnerability Allows Attacker to Perform Spoofing Over a Network

2026-04-17 11:04

Microsoft has addressed a moderate-severity security flaw in the Windows Snipping Tool that could allow malicious actors to steal user credentials. Tracked as CVE-2026-33829, this spoofing vulnerability was officially patched during the April 14, 2026, security updates. Discovered and reported…

Read more →

Cyber Security News, EN

Microsoft Confirms Windows Servers Enter Reboot Loops Following April Patches

2026-04-17 11:04

Microsoft has confirmed a critical known issue affecting Windows Server 2025 domain controllers following the deployment of the April 2026 Patch Tuesday cumulative update, KB5082063, where affected servers are entering repeated reboot loops after installation. Released on April 14, 2026,…

Read more →

EN, securityweek

Two North Korean IT Worker Scheme Facilitators Jailed in the US

2026-04-17 11:04

Kejia Wang and Zhenxing Wang compromised the identities of dozens of US persons to help land jobs at over 100 companies. The post Two North Korean IT Worker Scheme Facilitators Jailed in the US appeared first on SecurityWeek. This article…

Read more →

EN, Help Net Security

Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control

2026-04-17 11:04

For organizations that want to keep company data within their own systems and have more control over how AI is deployed, Mozilla is offering an alternative to externally hosted AI services with Thunderbolt, an open-source AI client designed for self-hosted…

Read more →

EN, Help Net Security

Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery

2026-04-17 11:04

Liongard has announced the expansion of LiongardIQ with new capabilities spanning programmatic AI integration, conversational querying, enhanced network discovery, and deeper identity mapping, extending its system of authority for asset intelligence across the full IT stack. Without a trusted foundation…

Read more →

EN, Help Net Security

Codex can now operate between apps. Where are the boundaries?

2026-04-17 11:04

OpenAI is rolling out a major update to the Codex desktop app for users signed in with ChatGPT. Personalization features, including context-aware suggestions and memory, will roll out to Enterprise, Edu, and users in the EU and UK soon. Computer…

Read more →

EN, GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Weaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging Face

2026-04-17 10:04

Attackers are rapidly exploiting CVE-2026-39987 in the marimo Python notebook platform to deploy a new NKAbuse backdoor variant hosted on Hugging Face Spaces, turning AI/ML developer environments into high‑value infection points. The campaign combines pre-auth RCE, credential theft, lateral movement…

Read more →

Cyber Security News, EN

Hackers Target Israeli Desalination Plants With ZionSiphon Sabotage Malware

2026-04-17 10:04

A newly discovered piece of malware called ZionSiphon has raised serious concerns about the security of critical water infrastructure in Israel. The malware was built with a clear focus: to infiltrate and potentially sabotage Israeli water treatment and desalination systems,…

Read more →

EN, securityweek

ZionSiphon Malware Targets ICS in Water Facilities

2026-04-17 10:04

The malware is configured to operate on systems associated with Israeli water treatment and desalination plants. The post ZionSiphon Malware Targets ICS in Water Facilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Read more →

EN, Silicon UK

Starlink Outage Disrupted US Navy Drone Tests

2026-04-17 10:04

US Navy reportedly finds SpaceX’s Starlink presents single point of failure after multiple drone tests disrupted by network issues This article has been indexed from Silicon UK Read the original article: Starlink Outage Disrupted US Navy Drone Tests

Read more →

EN, Malwarebytes

“Your shipment has arrived” email hides remote access software

2026-04-17 10:04

This DHL-themed email tries to get recipients to install remote access software attackers can use to deploy further malware, including ransomware. This article has been indexed from Malwarebytes Read the original article: “Your shipment has arrived” email hides remote access…

Read more →

Page 384 of 5645
« 1 … 382 383 384 385 386 … 5,645 »

Pages

  • Advertising
  • Contact
  • Legal and Contact information
  • Opt-out preferences
  • Privacy Policy
  • Social Media
    • Telegram Channel

Recent Posts

  • Why a Windows Hello PIN Beats a Password for Enterprise Security July 2, 2026
  • New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure July 2, 2026
  • Perimeter to posture: A roadmap to zero trust maturity July 2, 2026
  • Microsoft said exploitation was ‘less likely’ … but CISA just added SharePoint RCE to KEV list July 2, 2026
  • Hackers Breached Kubota, Employee Data Compromised July 2, 2026
  • WhatsApp Tests New Android Chat Backup Management Feature to Improve Google Drive Storage Control July 2, 2026
  • Most cybersecurity workers have been told to conceal a breach, report finds July 2, 2026
  • US government says it got hacked — again July 2, 2026
  • Agentic Ransomware JADEPUFFER Uses Base64 Python Payloads to Harvest Cloud and API Keys July 2, 2026
  • Microsoft Outlook Bug Removes Copilot Button For Windows Users July 2, 2026
  • Opera Blocks Clipboard Attacks, Including ClickFix, With New Paste Protect Feature July 2, 2026
  • Hackers Use Fake VLC Executable and Malicious libvlc.dll to Deploy ValleyRAT July 2, 2026
  • 900+ Oracle E-Business instances Exposed Online Amid Active Vulnerability Exploitation July 2, 2026
  • Cyber Briefing: 2026.07.02 July 2, 2026
  • Scattered Spider suspect extradited over $8 million ransom scheme July 2, 2026
  • ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API July 2, 2026
  • Opera Browser Adds Native Paste Protect to Stop Clipboard Hijacking and Code Injection Attacks July 2, 2026
  • How to Conduct a Successful Audit of AI-Driven Software Development July 2, 2026
  • Context Engineering | Compaction & Agent Memory for Automated Malware Analysis July 2, 2026
  • Hackers Abuse ScreenConnect Remote Access Tool to Deploy AsyncRAT Through Fake Installers July 2, 2026

Copyright © 2026 IT Security News. All Rights Reserved. The Magazine Basic Theme by bavotasan.com.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}