A North Korea-linked threat group has successfully hijacked one of the most widely used JavaScript libraries on the internet, injecting malware into millions of potential development environments. On March 31, 2026, attackers gained access to the Axios Node Package Manager…
APERION releases SmartFlow SDK for secure, on-prem AI governance without cloud reliance
APERION launched SmartFlow SDK, providing a secure, on-premises path for enterprises migrating away from compromised cloud-based AI gateways. The launch coincides with a 200% increase in web traffic since the March 24 LiteLLM supply chain attack that compromised an estimated…
Texas hospital breach, CISA orders NetScaler patch, ISO file RAT warning
250,000 affected by data Breach at Texas hospital CISA says, “patch Citrix NetScaler bug by Thursday” Researchers uncover mining operation using ISO lures Get the show notes here: https://cisoseries.com/cybersecurity-news-texas-hospital-breach-cisa-orders-netscaler-patch-iso-file-rat-warning/ Huge thanks to our sponsor, ThreatLocker Security controls fail when they…
Attackers Abuse React2Shell Flaw to Compromise 700+ Next.js Hosts
A massive automated cyberattack campaign is actively targeting web applications built on the popular Next.js framework to steal highly sensitive information. Cybersecurity researchers at Cisco Talos have uncovered a severe credential harvesting operation tracked as “UAT-10608” that compromised at least…
Phorpiex Botnet Fuels Ransomware, Sextortion, and Crypto-Theft Attacks
Hackers are abusing the long-running Phorpiex (Trik) botnet to run large-scale ransomware, sextortion, and crypto-clipping operations, turning one infrastructure into a multi-purpose crime machine. A newer variant called Twizt gives the botnet a hybrid architecture that combines traditional command-and-control (C2) with a…
Trivy supply chain attack enabled European Commission cloud breach
CERT-EU confirmed that ShinyHunters are behind the recent breach of the cloud infrastructure underpinning websites of the European Commission, and that they stole and subsequently leaked approximately 340 GB of data. “Analysis of the published dataset has so far confirmed…
IT Security News Hourly Summary 2026-04-03 09h : 1 posts
1 posts were published in the last hour 6:32 : North Korea-Linked Hackers Hit Axios npm in Supply Chain Attack
North Korea-Linked Hackers Hit Axios npm in Supply Chain Attack
A major software supply chain attack has been uncovered after threat actors compromised the widely used Axios npm package, impacting developers and organizations worldwide. The incident, detected on March 31, 2026, involved the use of stolen maintainer credentials to inject…
OpenSSH 10.3 Released With Patch for Shell Injection and Other Security Flaws
the OpenSSH project released version 10.3 alongside its portable version 10.3p1. Following a brief testing phase in late March, this major update addresses several important security vulnerabilities. The most critical fix prevents a dangerous shell injection flaw, making this an…
Microsoft releases open-source toolkit to govern autonomous AI agents
AI agents can book travel, execute financial transactions, write and run code, and manage infrastructure without human intervention at each step. Frameworks like LangChain, AutoGen, CrewAI, and Azure AI Foundry Agent Service have made this kind of autonomy straightforward to…
Qilin Ransomware Deploys Malicious DLL to Disable Most EDR Defenses
The Qilin ransomware group has developed a highly sophisticated infection chain that targets and disables over 300 endpoint detection and response (EDR) solutions. As defenders improve behavioral detection capabilities, attackers are increasingly targeting the defense layer itself during the early…
Top 10 Best SaaS Security Posture Management (SSPM) Tools 2026
The rapid and relentless adoption of Software-as-a-Service (SaaS) applications has fundamentally transformed how businesses operate in 2026. From critical productivity suites like Microsoft 365 and Google Workspace to specialized CRM, HR, and development tools, SaaS is ubiquitous. However, this convenience…
North Korea Uses GitHub as C2 in New LNK Phishing Campaign
A new phishing campaign that uses malicious Windows shortcut (LNK) files to target users in South Korea, while abusing GitHub as Command and Control (C2) infrastructure to hide its activity. The operation, linked through tooling and tradecraft to North Korea–related…
Adobe Data Breach Allegedly Exposes 13 Million Support Tickets
A threat actor known as “Mr. Raccoon” claims to have breached Adobe, stealing a massive amount of sensitive data. According to a report by International Cyber Digest, the stolen files include 13 million customer support tickets, 15,000 employee records, internal…
Click, wait, repeat: Digital trust erodes one login at a time
Sign-up forms that drag on, login steps that repeat, and access requests that take longer than expected have become a normal part of using digital services. These moments rarely stand out on their own, and over time they influence how…
Which messaging app takes the most limited approach to permissions on Android?
Messaging apps handle sensitive conversations, contacts, and media, and their behavior on a device varies in ways that affect privacy. An analysis of Android versions of Messenger, Signal, and Telegram shows that differences in permissions, background activity, and system exposure…
New infosec products of the month: March 2026
Here’s a look at the most interesting products from the past month, featuring releases from Beazley, Bonfy.AI, Mend.io, Mimecast, NinjaOne, Novee, Intel 471, Singulr AI, Stellar Cyber, Teleport, and Vicarius. Beazley Exposure Management platform identifies external exposures and prioritizes cyber…
Electric Vehicles and EV Security – Steve Visconti CEO of Xiid Corporation with David Shipley
EV Charging Infrastructure Security: How Hackers Could Disrupt Chargers, Networks, and the Grid Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one…
IT Security News Hourly Summary 2026-04-03 06h : 1 posts
1 posts were published in the last hour 3:31 : Adobe Breach – Threat Actor Allegedly Claims Leak of 13 Million Support Tickets and Employee Records
Adobe Breach – Threat Actor Allegedly Claims Leak of 13 Million Support Tickets and Employee Records
A threat actor identified as “Mr. Raccoon” has allegedly breached Adobe, claiming to have exfiltrated a massive trove of sensitive data, including 13 million support tickets containing personal information, 15,000 employee records, all HackerOne bug bounty submissions, and a range…
ISC Stormcast For Friday, April 3rd, 2026 https://isc.sans.edu/podcastdetail/9878, (Fri, Apr 3rd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, April 3rd, 2026…
Granular Policy Enforcement for Hybrid Classical-Quantum AI Workflows
Master granular policy enforcement for hybrid classical-quantum AI workflows. Secure your MCP servers with post-quantum encryption and advanced threat detection. The post Granular Policy Enforcement for Hybrid Classical-Quantum AI Workflows appeared first on Security Boulevard. This article has been indexed…
GenAI Alone Isn’t Enough: Rethinking AI in Cybersecurity
Melissa Ruzzi, Director of AI at AppOmni says GenAI alone isn’t enough for security. The post GenAI Alone Isn’t Enough: Rethinking AI in Cybersecurity appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
Crowdstrike 2026 Global Threat Report: Adversaries Use AI to Bypass Defenses
The CrowdStrike 2026 Global Threat Report shows how attackers are using AI, trusted access, and faster breakout times to launch stealthier attacks. The post Crowdstrike 2026 Global Threat Report: Adversaries Use AI to Bypass Defenses appeared first on eSecurity Planet.…