The OpenSSH project released version 10.3 and 10.3p1 on April 2, 2026, addressing a shell injection vulnerability and introducing several security-hardening changes that administrators should review before upgrading. The most notable security fix targets a shell injection vulnerability in the…
Qilin Ransomware Uses Malicious DLL to Kill Almost Every Vendor’s EDR Solutions
Qilin ransomware group is deploying a sophisticated, multi-stage infection chain via a malicious msimg32.dll that can disable over 300 endpoint detection and response (EDR) drivers from virtually every major security vendor. As organizations increasingly rely on EDR solutions, which offer…
New Akira Lookalike Ransomware Campaign Targeting Windows Users in South America
A new and dangerous ransomware campaign has surfaced across South America, targeting Windows users with a carefully crafted strain that closely imitates the well-known Akira ransomware. While the two may appear nearly identical on the surface, this new threat is…
Hackers Clone CERT-UA Site to Trick Victims Into Installing Go-Based RAT
A threat group recently set up a convincing fake version of Ukraine’s official cybersecurity authority website to trick targets into downloading a dangerous remote access tool. The campaign, now tracked under the identifier UAC-0255, relied on a mix of phishing…
How Elite SOCs Cut Escalation Rates by Arming Tier 1 With Better Threat Intelligence
In a mature Security Operations Center, escalation is supposed to work like a scalpel, precise, intentional, and reserved for alerts that genuinely demand deeper expertise. But across many teams today, it has become something far less disciplined: a reflex, a…
Why Email Aliases Are Important for Every User
Email spam was once annoying in the digital world. Recently, email providers have improved overflowing inboxes, which were sometimes confused with distractions and unwanted mail, such as hyperbolic promotions and efforts to steal user data. But the problem has not…
Securing Error Budgets: How Attackers Exploit Reliability Blind Spots in Cloud Systems
Error budgets represent tolerance for failure — the calculated gap between perfect availability and what service level objectives permit. SRE teams treat this space as room for innovation, experimentation, and acceptable degradation. Adversaries treat it as cover. The fundamental problem:…
Money transfer app Duc exposed thousands of driver’s licenses and passports to the open web
An exposed Amazon-hosted server allowed anyone to access reams of customer data without needing a password. This article has been indexed from Security News | TechCrunch Read the original article: Money transfer app Duc exposed thousands of driver’s licenses and…
Apple Rolls Out DarkSword Exploit Protection to More Devices
The DarkSword exploit kit has been used by both state-sponsored hackers and commercial spyware vendors. The post Apple Rolls Out DarkSword Exploit Protection to More Devices appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
AI Coding Assistants Expose New Cyber Risks, Undermining Endpoint Security Defenses
Not everyone realizes how much artificial intelligence shapes online safety today – yet studies now indicate it might be eroding essential protection layers. At the RSAC 2026 gathering in San Francisco, insights came sharply into focus when Oded Vanunu…
Yanluowang Access Broker Gets 81 Months in Prison
A Russian national has been sentenced to 81 months in prison for acting as an initial access broker for Yanluowang ransomware attacks, in a case that highlights how criminal access markets fuel major extortion campaigns . Prosecutors said the…
Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments
Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution behind specially crafted HTTP cookies. The post Cookie-controlled PHP webshells: A stealthy tradecraft in Linux…
Threat actor abuse of AI accelerates from tool to cyberattack surface
Generative AI is upgrading cyberattacks, from 450% higher phishing click‑through rates to industrialized MFA bypass. The post Threat actor abuse of AI accelerates from tool to cyberattack surface appeared first on Microsoft Security Blog. This article has been indexed from…
Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges. The vulnerability, tracked as…
Tax Season 2026: How Cyber Criminals Are Preparing Their Attacks Months in Advance
Tax season remains one of the most attractive periods of the year for cyber criminals. As individuals and organizations exchange sensitive financial and identity data online, attackers take advantage of increased tax‑related activity to launch phishing campaigns, fraudulent websites, and…
Cloud security architecture: Enterprise cloud blueprint for CISOs
<p>Cloud adoption has transformed how organizations build, deploy and scale technology. Infrastructure is now elastic, applications are distributed, identities are federated and data moves across environments at unprecedented speed. While this agility unlocks innovation, it also expands the attack surface…
5 top SOC-as-a-service providers and how to evaluate them
<p>SOC as a service, or <i>SOCaaS</i>, is a type of managed security service provider focused on delivering security operations center services. It differs from a managed SOC by virtue of requiring little or no installation of outsourcer systems or staff…
Alleged Starbucks Incident Exposes Code and Firmware
Threat actors claim to have stolen 10GB of Starbucks code and firmware from a misconfigured S3 bucket. The post Alleged Starbucks Incident Exposes Code and Firmware appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-5281 Google Dawn Use-After-Free Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant…
ICE says it bought Paragon’s spyware to use in drug trafficking cases
The acting director of U.S. Immigration and Customs Enforcement told lawmakers that the use of Paragon spyware is necessary to counter terrorists’ “thriving exploitation of encrypted communications platforms.” This article has been indexed from Security News | TechCrunch Read the…
How Do I Make Kubernetes Self‑Service Without Losing Control?
Platform teams are under pressure to move faster, but handing full Kubernetes access to every developer is risky. Self‑service and control are not opposites; they are two sides of a well‑designed platform. The post How Do I Make Kubernetes Self‑Service…
Critical flaw in F5 BIG-IP faces wide exploitation risk
The company revised a security advisory as newly disclosed information heightens the potential impact. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Critical flaw in F5 BIG-IP faces wide exploitation risk
IT Security News Hourly Summary 2026-04-02 18h : 12 posts
12 posts were published in the last hour 15:36 : Microsoft Warns of WhatsApp Attachments Spreading Backdoor on Windows PCs 15:36 : Contact center compliance checklist for modern workforces 15:36 : Shadow AI: How Unsanctioned Tools Create Invisible Risk 15:36…
Microsoft Warns of WhatsApp Attachments Spreading Backdoor on Windows PCs
Microsoft warns of a WhatsApp attachments spreading VBS malware that installs backdoors on Windows PCs, giving hackers remote access and control systems. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original…