A $293M KelpDAO hack shows how attackers exploited cross-chain weaknesses to trigger widespread DeFi risk. The post $293M KelpDAO Crypto Heist Exposes Cross-Chain Weaknesses in DeFi appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Nation-states want to cause harm, not just steal cash – stop handing your cyber defenses to the cheapest contractor
NCSC boss says China’s whole-of-state cyber machine has become Britain’s peer competitor in cyberspace State-sponsored cyberattacks from Chinese intelligence and military agencies display “an eye-watering level of sophistication,” UK National Cyber Security Centre CEO Richard Horne is expected to say…
IT Security News Hourly Summary 2026-04-22 00h : 3 posts
3 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-04-21 21:31 : Two MDO field reports every IT security lead should read 21:7 : Ransomware negotiator caught secretly assisting BlackCat extortion scheme
IT Security News Daily Summary 2026-04-21
171 posts were published in the last hour 21:31 : Two MDO field reports every IT security lead should read 21:7 : Ransomware negotiator caught secretly assisting BlackCat extortion scheme 20:32 : Thunderbird 150 arrives with encrypted message search and…
Two MDO field reports every IT security lead should read
Tyler Swinehart, Director of Global IT & Security at IRONSCALES, has been publishing the kind of LinkedIn pieces I wish more practitioners would write. No vendor angle. No positioning. Just “here’s what I learned the hard way operating this thing…
Ransomware negotiator caught secretly assisting BlackCat extortion scheme
Angelo Martino pleaded guilty to helping BlackCat ransomware group while acting as a ransomware negotiator. Another U.S. cybersecurity expert, Angelo Martino, admitted helping the BlackCat ransomware group while working as a ransomware negotiator. Angelo Martino (41) admitted helping the BlackCat…
Thunderbird 150 arrives with encrypted message search and OpenPGP improvements
Released today, Thunderbird 150.0 brings eight new features, a round of bug fixes, and security patches that cover the web engine underlying the email client. Thunderbird 150.0 runs on Windows 10 or later, macOS 10.15 or later, and Linux with…
Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide
Lawmakers decry CISA cuts: ‘We are shooting ourselves in the foot’ If a cyberattack leads to a death, that’s murder. A former FBI cyber division chief urged the US Justice Department to consider felony homicide charges against ransomware actors when…
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control (C2 or C&C) server linked to SystemBC has led…
Mozilla Used Anthropic’s Mythos to Find and Fix 271 Bugs in Firefox
The Firefox team doesn’t think emerging AI capabilities will upend cybersecurity long term, but they warn that software developers are likely in for a rocky transition. This article has been indexed from Security Latest Read the original article: Mozilla Used…
[un]prompted 2026 – 200 Bugs/Week/Engineer: How We Rebuilt Trail Of Bits Around Al
Author, Creator & Presenter: Dan Guido, CEO, Trail Of Bits Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’ YouTube Channel. Permalink The post [un]prompted 2026 – 200…
CVE-2025-29635: Mirai Campaign Targets D-Link Devices
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: CVE-2025-29635: Mirai Campaign Targets D-Link Devices
Mozilla Used Anthropic’s Mythos to Find and Fix 151 Bugs in Firefox
The Firefox team doesn’t think emerging AI capabilities will upend cybersecurity long term, but they warn that software developers are likely in for a rocky transition. This article has been indexed from Security Latest Read the original article: Mozilla Used…
North Korea’s Lazarus APT stole $290M from Kelp DAO
North Korea-linked Lazarus Group stole $290M from Kelp DAO by abusing LayerZero. A second $95M attempt was stopped. Hackers tied to the North-Korea linked group Lazarus APT carried out a $290M crypto theft targeting Kelp DAO. Kelp DAO is a…
Iran Alleges US Networking Gear Was Deliberately Disabled
Reports from Iranian state media claim that U.S.-manufactured networking gear ceased functioning at critical moments during military strikes. The allegations, which cannot be independently verified, claim there were simultaneous failures across routers and switches produced by Cisco, Fortinet, Juniper Networks,…
IT Security News Hourly Summary 2026-04-21 21h : 6 posts
6 posts were published in the last hour 18:36 : 130K Users Compromised by StealTok Campaign That Uses Fake TikTok Downloaders 18:36 : VirtualBox 7.2.8 is out with Linux kernel 7.0 support and crash fixes 18:7 : Microsoft Vulnerabilities Drop,…
130K Users Compromised by StealTok Campaign That Uses Fake TikTok Downloaders
Malicious TikTok downloader extensions have compromised over 130,000 users by exploiting trust and harvesting sensitive data. The post 130K Users Compromised by StealTok Campaign That Uses Fake TikTok Downloaders appeared first on eSecurity Planet. This article has been indexed from…
VirtualBox 7.2.8 is out with Linux kernel 7.0 support and crash fixes
Oracle shipped VirtualBox 7.2.8 on April 21, 2026, as a maintenance release covering crashes, networking problems, clipboard issues, and extended Linux kernel compatibility. The update touches the VMM layer, NAT networking, graphics, UEFI, and both Linux and Windows guest support.…
Microsoft Vulnerabilities Drop, But Critical Flaws Double, Report Warns
Microsoft vulnerabilities fall, but critical flaws double, BeyondTrust report highlights rising risk in Microsoft Office, Azure, and cloud systems. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Microsoft Vulnerabilities…
The DevOps Security Paradox: Why Faster Delivery Often Creates More Risk
A few years ago, I was part of a large enterprise transformation program where the leadership team proudly announced that they had successfully implemented DevOps across hundreds of applications. Deployments were faster. Release cycles dropped from months to days. Developers…
The Attack Runs Itself: What Agentic AI Fraud Actually Looks Like
This is part 1 of a two-part series on agentic AI fraud defense. Since joining Arkose Labs, one of the first things I did was go deep on the threat data — what the attack patterns actually look like, how…
Critical SGLang Vulnerability Allows Remote Code Execution via Malicious AI Model Files
A newly disclosed high-severity flaw in SGLang could enable attackers to remotely execute code on affected servers through specially crafted AI model files. The issue, tracked as CVE-2026-5760, has received a CVSS score of 9.8 out of 10, placing…
Microsoft Vulnerabilities Hit Record High, Critical Flaws Decline, Report Find
Microsoft vulnerabilities hit a record high while critical flaws decline, BeyondTrust report reveals rising risks across Windows, Office, and Azure systems. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
More Cisco SD-WAN bugs battered in attacks
CISA gives federal agencies 4 days to patch America’s lead cyber-defense agency has warned that three Cisco Catalyst SD-WAN Manager bugs are under attack, and given federal agencies just four days to patch the security holes.… This article has been…