A recent investigation as exposed how a suspected North Korean IT worker allegedly used a stolen identity, AI-generated resume content, and scripted interview answers to try to secure a senior remote role at U.S.-based threat intelligence firm Nisos. The case…
Exposed Server Leaks TheGentlemen Ransomware Toolkit, Credentials, and Ngrok Tokens
A fully operational TheGentlemen ransomware toolkit on an exposed server, revealing victim credentials, ngrok tokens, and a complete pre-encryption playbook. This led them to an unauthenticated HTTP server at 176.120.22[.]127:80, hosted by Russian bulletproof provider Proton66 OOO, exposing 126 files…
vDefend’s Built-in Advantage: Enable Closed-Loop Lateral Security for Zero-Trust Private Cloud
Cybersecurity strategy now shapes how enterprises design cloud platforms, application environments, and core infrastructure. The financial stakes are significant. The next step is architectural: turning zero-trust strategy into foundational systems that enforce it by design rather than as an afterthought.…
Coro launches MCP capabilities to simplify security operations through AI workflows
Coro has announced new Model Context Protocol (MCP) capabilities that extend its AI-driven security platform beyond the Coro interface, allowing users to access, analyze, and take action on security data directly from tools like ChatGPT, Claude, and other AI environments.…
CrySome RAT: Stealthy .NET Malware Adds AV Killer, HVNC Features
CrySome RAT is a newly observed, advanced .NET remote access trojan that combines full‑featured post‑exploitation tooling with unusually hardened persistence, AV-killing, and anti‑removal logic, making it a serious long‑term threat to Windows environments. The client component (Crysome.Client.exe) communicates with a…
When AI Trust Breaks: The ChatGPT Data Leakage Flaw That Redefined AI Vendor Security Trust
AI assistants like ChatGPT have quickly become trusted environments for handling some of the most sensitive data people own. Users discuss medical symptoms, upload financial records, analyze contracts, and paste internal documents—often assuming that what they share remains safely contained within the platform. That assumption was challenged when…
Vim Vulnerability Let Attackers Execute Arbitrary Command Via Weaponized Files
A high-severity security flaw has been discovered in Vim, one of the most widely used text editors among developers. This vulnerability allows attackers to execute arbitrary operating system commands simply by tricking a user into opening a specially crafted file. Discovered…
CanisterWorm Malware Attacking Docker/K8s/Redis to Gain Access and Steal Secrets
A financially motivated cybercrime group has been quietly compromising cloud environments since late 2025, and its activities are now drawing serious concern across the security community. The group, known as TeamPCP, operates a self-propagating worm called CanisterWorm that hunts for…
Stored XSS Bug in Jira Work Management Could Lead to Full Organization Takeover
A popular collaboration tool within the Atlassian ecosystem is widely used by organizations to track projects, manage approvals, and manage daily tasks. Recently, security researchers at Snapsec uncovered a critical Stored Cross-Site Scripting (XSS) vulnerability within the platform. By exploiting a…
Huskeys Emerges From Stealth With $8 Million in Funding
The startup has built an edge security management (ESM) platform, an AI engine atop the entire edge security stack. The post Huskeys Emerges From Stealth With $8 Million in Funding appeared first on SecurityWeek. This article has been indexed from…
IPVanish Threat Protection Pro blocks malicious activity before they reach the user
IPVanish launched Threat Protection Pro, a new feature for Windows and macOS that is designed to provide always-on digital security. Threat Protection Pro is powered by cybersecurity technology from VIPRE, bringing over 25 years of threat intelligence and security expertise…
DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection
Researchers at ReliaQuest warn of persistent malware campaign targeting enterprise credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection
IT Security News Hourly Summary 2026-03-30 15h : 14 posts
14 posts were published in the last hour 12:32 : India Set to Ban Hikvision, TP-Link Devices in April 12:32 : FIRESIDE CHAT: AI gives rise to a semantic attack surface, forcing a new class of network defense 12:32 :…
India Set to Ban Hikvision, TP-Link Devices in April
Starting April 1, 2026, the Indian government will officially enforce a nationwide ban on the sale of internet-connected CCTV cameras from major Chinese manufacturers, including Hikvision, Dahua, and TP-Link. This decisive market restriction is fundamentally driven by escalating national security…
FIRESIDE CHAT: AI gives rise to a semantic attack surface, forcing a new class of network defense
SAN FRANCISCO — Enterprises rushing to deploy AI in their operations are opening a security exposure most of their existing tools were never designed to address. That’s the hard message coming out of RSAC 2026 — and it’s one worth…
7 tabletop exercise scenarios every cybersecurity team should practice in 2026
Overview As cybersecurity threats continue to evolve and become more sophisticated, the need for comprehensive preparedness has never been more critical. Tabletop exercises are essential for testing and refining incident response plans, enhancing coordination between departments, and staying ahead of…
Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)
A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under active exploitation. The warning comes from Defused Cyber, which helps organizations deploy honeypots/fake assets, and…
EU Investigates Cyberattack on Websites
The European Commission is currently investigating a cyberattack on the Europa.eu platform that may have resulted in the theft of some data. This article has been indexed from CyberMaterial Read the original article: EU Investigates Cyberattack on Websites
Ransomware Hits Goodwill Grand Rapids
Goodwill of Greater Grand Rapids is currently investigating a cybersecurity breach that has disrupted its internal network and retail operations. This article has been indexed from CyberMaterial Read the original article: Ransomware Hits Goodwill Grand Rapids
Spotify Seeks $300M From Anna’s Archive
Spotify and several major record labels have filed for a 322 million dollar default judgment against the shadow library Anna’s Archive following its failure to respond to a lawsuit regarding the scraping of millions of music files. This article has…
CISA Chief Warns Shutdown Raises Cyber Risks
Acting Director Nick Andersen recently warned that the ongoing Department of Homeland Security shutdown is causing dangerous security gaps as the agency operates with a severely depleted workforce. This article has been indexed from CyberMaterial Read the original article: CISA…
India To Ban Hikvision TP Link CCTV
The Indian government is implementing a ban on internet-connected CCTV cameras from Chinese manufacturers like Hikvision, Dahua, and TP-Link starting April 1, 2026. This article has been indexed from CyberMaterial Read the original article: India To Ban Hikvision TP Link…
WordPress Plugin Flaw Exposes Sensitive Data Across 800,000+ Sites
A severe security flaw has been disclosed in Smart Slider 3, a highly popular WordPress plugin currently active on more than 800,000 websites. Discovered by security researcher Dmitrii Ignatyev, this vulnerability enables authenticated attackers to read arbitrary files directly from…
ClickFix Evades PowerShell Detection via Rundll32 and WebDAV
A new variant of the ClickFix attack technique that shifts execution away from commonly monitored tools like PowerShell and mshta, instead abusing native Windows components such as rundll32.exe and WebDAV. This evolution allows attackers to bypass traditional script-based detection mechanisms,…