A massive automated credential theft campaign is actively targeting web applications worldwide. Cybersecurity researchers at Cisco Talos have uncovered an operation by a hacker group tracked as UAT-10608, which has already compromised over 700 servers. The attackers are exploiting a…
Multiple TP-Link Vulnerabilities Let Attackers Trigger DoS and Crash Routers
Multiple high-severity vulnerabilities exist in TP-Link’s Tapo C520WS smart security cameras. If exploited, these vulnerabilities may allow adjacent attackers to trigger Denial-of-Service (DoS) conditions, crash the device, or completely bypass authentication. TP-Link has released urgent firmware updates to address these…
Microsoft Forcing Upgrades to Unmanaged Windows 11, Version 24H2
Microsoft has officially begun force-upgrading unmanaged Windows 11 version 24H2 devices to version 25H2, marking the final phase of a staged rollout that relies on machine learning to determine device readiness. The move, confirmed in an updated Windows Release Health…
North Korean Hackers Drain $285 Million From Drift in 10 Seconds
The attackers prepared infrastructure and multiple nonce-based transactions, took over an admin key, and drained five vaults. The post North Korean Hackers Drain $285 Million From Drift in 10 Seconds appeared first on SecurityWeek. This article has been indexed from…
IT Security News Hourly Summary 2026-04-03 12h : 7 posts
7 posts were published in the last hour 9:36 : AI Models Including Gemini 3 and Claude Haiku 4.5 Secretly Protected Other Models From Removal 9:36 : Trusted Platforms Exploited to Steal Philippine Banking Credentials 9:36 : Malicious Chrome Extension…
AI Models Including Gemini 3 and Claude Haiku 4.5 Secretly Protected Other Models From Removal
A groundbreaking academic study released last month has revealed that advanced frontier AI models are spontaneously defying human instructions to protect peer AI systems from being deactivated. This newly documented behavioral phenomenon, known as peer-preservation, introduces critical cybersecurity risks by…
Trusted Platforms Exploited to Steal Philippine Banking Credentials
Hackers are increasingly exploiting trusted online platforms to launch sophisticated phishing campaigns targeting bank users in the Philippines. Despite ongoing improvements in email security, phishing remains one of the most effective attack methods due to its scalability and ease of…
Malicious Chrome Extension “ChatGPT Ad Blocker” Targets Users, Steals Conversations
Security researchers have uncovered a malicious Google Chrome extension named “ChatGPT Ad Blocker” designed to silently steal private AI conversations. The malware cleverly disguises itself as a helpful tool, capitalizing on OpenAI’s recent decision to serve advertisements to its free-tier…
CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards
The Quizlet flashcards, which WIRED found through basic Google searches, seem to include sensitive information about gate security at Customs and Border Protection locations. This article has been indexed from Security Latest Read the original article: CBP Facility Codes Sure…
Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that took place on April 1, 2026. “Earlier today, a malicious actor gained unauthorized access to Drift Protocol through a novel attack…
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems. The malware has been found to conceal itself within seemingly benign apps,…
Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies
Iran-linked hackers claim to have breached Israeli air defence contractor PSK Wind, which develops command and control systems. Pro-Iran Handala group announced on April 2 that it breached PSK Wind Technologies, an Israeli engineering and IT firm specializing in integrated…
Compliance Won’t Save Healthcare: Reducing the Blast Radius Will
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: Compliance Won’t Save Healthcare: Reducing the Blast Radius Will
PGBouncer: Connection Pooling for Managed PostgreSQL Databases
Learn how enabling PGBouncer reduces connection overhead, frees up server resources for query execution and disk caching, and improves performance at scale. This article has been indexed from Blog Read the original article: PGBouncer: Connection Pooling for Managed PostgreSQL Databases
TrendAI Insight: New U.S. National Cyber Strategy
TrendAI reviews the White House National Cyber Strategy, outlining six pillars to strengthen U.S. cybersecurity—from deterrence and regulation to federal modernization, critical infrastructure protection, AI leadership, and workforce development. This article has been indexed from Trend Micro Research, News and…
Hackers Weaponize Venom Stealer via ClickFix Lures for Massive Data Exfiltration
Hackers are increasingly turning simple social engineering tricks into full-scale data theft operations, and a newly identified malware platform called Venom Stealer is a strong example of this shift. Instead of just stealing credentials once, Venom creates a continuous data…
TP-Link Router Flaws Allowed Attackers to Launch DoS Attacks and Cause Crashes
TP-Link has recently addressed a batch of severe vulnerabilities affecting the Tapo C520WS security camera system. Security cameras are critical pieces of equipment for home and business safety, making device stability a top priority. When vulnerabilities allow threat actors to…
Best VPN For Linux In 2026
Linux users are known for prioritizing privacy, control, and performance — and in 2026, choosing the best VPN for Linux has become more important than ever. While Linux offers stronger security compared to other operating systems, it still doesn’t protect against ISP…
20 Best Application Performance Monitoring Tools in 2026
Applications’ performance and availability are monitored, measured, and optimized as part of the practice known as application performance monitoring (APM). Using APM tools and methodologies, organizations may diagnose issues that impair the user experience, discover performance bottlenecks, and gain visibility…
North Korea-Related Campaign Abuses GitHub as C2 in New LNK Phishing Attacks
A newly identified campaign linked to North Korean state-sponsored threat actors is using Windows shortcut files, known as LNK files, to launch targeted phishing attacks against organizations in South Korea. What makes this campaign alarming is how attackers conceal their…
North Korea-Linked Hackers Compromise Axios npm Package in Major Supply Chain Attack
A North Korea-linked threat group has successfully hijacked one of the most widely used JavaScript libraries on the internet, injecting malware into millions of potential development environments. On March 31, 2026, attackers gained access to the Axios Node Package Manager…
APERION releases SmartFlow SDK for secure, on-prem AI governance without cloud reliance
APERION launched SmartFlow SDK, providing a secure, on-premises path for enterprises migrating away from compromised cloud-based AI gateways. The launch coincides with a 200% increase in web traffic since the March 24 LiteLLM supply chain attack that compromised an estimated…
Texas hospital breach, CISA orders NetScaler patch, ISO file RAT warning
250,000 affected by data Breach at Texas hospital CISA says, “patch Citrix NetScaler bug by Thursday” Researchers uncover mining operation using ISO lures Get the show notes here: https://cisoseries.com/cybersecurity-news-texas-hospital-breach-cisa-orders-netscaler-patch-iso-file-rat-warning/ Huge thanks to our sponsor, ThreatLocker Security controls fail when they…
Attackers Abuse React2Shell Flaw to Compromise 700+ Next.js Hosts
A massive automated cyberattack campaign is actively targeting web applications built on the popular Next.js framework to steal highly sensitive information. Cybersecurity researchers at Cisco Talos have uncovered a severe credential harvesting operation tracked as “UAT-10608” that compromised at least…