Cybersecurity News from Across the Internet
Critical wolfSSL flaw CVE-2026-5194 allows digital ID forgery across billions of devices, update to version 5.9.1 to fix the issue and reduce risk. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
It’s time once again for Patch Tuesday, and this one is huge. We’ve also got multiple exploits in the wild, which adds another layer of urgency to this month’s release. Take a break from your regularly scheduled activities, and let’s take a look at the latest security patches from Adobe and Microsoft. If you’d rather … Read More “The April 2026 Security Update Review – Zero Day Initiative – Blog” »
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 14 SEC Consult Vulnerability Lab Security Advisory < 20260414-0 > ======================================================================= title: Improper Enforcement of Locked Accounts in WebUI (SSO) product: Kiuwan SAST on-premise (KOP) & cloud/SaaS vulnerable version: <2.8.2509.4 fixed version: 2.8.2509.4 … Read More “SEC Consult SA-20260414-0 :: Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS – Full Disclosure” »
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Apr 14 CyberDanube Security Research 20260408-0 ——————————————————————————- title| Remote Operation Denial of Service product| Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012 vulnerable version| <=V25.30 fixed version| V26.10 CVE number| CVE-2026-27663 impact| Medium homepage| https://siemens.com/… – Read More – Full Disclosure
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Apr 14 CyberDanube Security Research 20260408-1 ——————————————————————————- title| Multiple Vulnerabilities product| Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012 vulnerable version| <=V25.30 fixed version| V26.10 CVE number| CVE-2026-27664 impact| High homepage| https://siemens.com/ found|… – Read More – Full Disclosure
Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities have been described as command injection flaws affecting the Perforce VCS (version control software) driver. Details of the two flaws are below – CVE-2026-40176 (CVSS – Read More – The Hacker News
Kraken exchange faces extortion after a staff member misused access to record internal systems, about 2,000 accounts affected, no funds or systems breached. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A small group of former Black Basta affiliates have targeted more than 100 employees across dozens of organizations to intrude network systems for potential data theft, ransomware deployment and extortion, according to ReliaQuest. The social engineering campaign, which involves mass email bombing and Microsoft Teams help desk impersonation, surged last month and dates back to … Read More “Black Basta’s playbook lives on as former affiliates launch fast-scale intrusion campaign – CyberScoop” »
Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google’s Discover feed and trick users into enabling persistent browser notifications that lead to scareware and financial scams. The campaign, which has been – Read More – … Read More “AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud – The Hacker News” »
A new IANS report claims just 34% of cybersecurity professionals plan to stay put in the next 12 months – Read More –
Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-safe code at a more foundational level. “The new Rust-based DNS parser significantly reduces our security risk by mitigating an entire class of … Read More “Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security – The Hacker News” »
ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Booking.com confirms a data breach exposing customer details to hackers. No payment data accessed, but users face risk of targeted phishing scams now! – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, Messenger, and Threads through advertisements on Meta. “Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real – Read More – The Hacker … Read More “Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads – The Hacker News” »
A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, Messenger, and Threads through advertisements on Meta. “Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real – Read More – The Hacker … Read More “Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads – The Hacker News” »
The AISI has issued its judgement on Anthropic’s Mythos Preview model – Read More –
OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly 400%. The surge in AI-assisted development is creating a “velocity gap” where the density of high-impact vulnerabilities is scaling faster than – Read More – The Hacker News
On March 23, the Senate confirmed Senator Markwayne Mullin as the next homeland security secretary, marking an important step in strengthening leadership during a critical moment for our nation’s security. But only half of the job is done. The Cybersecurity and Infrastructure Security Agency (CISA), the federal government’s main civilian cyber defense agency, still lacks … Read More “Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey – CyberScoop” »
Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with the goal of collecting user data and enabling browser-level abuse by injecting ads and arbitrary JavaScript code into every web page visited. According to Socket, the extensions are … Read More “108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users – The Hacker News” »
The healthcare industry is facing a new age of cybersecurity threat, one that is not predetermined by the current… The post Quantum Threats to PHI: Why Vault Now? appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2026-21643 (CVSS score: 9.1) – An SQL injection vulnerability in Fortinet FortiClient EMS that could allow an unauthenticated attacker to – Read … Read More “CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software – The Hacker News” »
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which carries a CVSS score of 9.4 out of 10.0. It relates to a case of unrestricted file upload that stems from improper validation of – Read More – … Read More “ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers – The Hacker News” »
A joint report from the Cloud Security Alliance (CSA), the SANS Institute and the Open Worldwide Application Security Project (OWASP) concludes that in the near term, organizations are “likely to be overwhelmed” by threat actors using AI to find and exploit vulnerabilities faster than defenders can patch them. While those organizations can use AI tools … Read More “Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos – CyberScoop” »
OpenAI rotates macOS certificates after downloading a compromised Axios version, urging users to update apps before revoked certificates are blocked in May 2026. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
OpenAI updated its security certificates and is requiring all macOS users to update to the latest versions after determining its products, along with many others, were impacted by a widespread supply-chain attack that briefly infected a popular open-source library in late March, the company said in a blog post Friday. The artificial intelligence vendor said … Read More “OpenAI’s Mac apps need updates thanks to the Axios hack – CyberScoop” »
Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to be the target of a malware family called JanelaRAT. A modified version of BX RAT, JanelaRAT is known to steal financial and cryptocurrency data associated with specific financial entities, as well as track mouse inputs, log keystrokes, take screenshots, and … Read More “JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025 – The Hacker News” »
The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an off-the-shelf toolkit called W3LL to steal thousands of victims’ account credentials and attempt more than $20 million in fraud. In tandem, authorities detained the alleged developer, who has& – Read … Read More “FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts – The Hacker News” »
BITTER APT spreads ProSpy and ToSpy via Signal, Google, and Zoom lures, targeting journalists through LinkedIn and iMessage spearphishing. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Security researchers warn of Mirax, an emerging Android banking trojan using MaaS, remote access and residential proxies to target European users – Read More –
Attackers are abusing Microsoft 365 mailbox rules to hide activity, exfiltrate data and retain access after account compromise, researchers warn – Read More –
OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings where the gap between a quiet shift and a … Read More “⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More – The Hacker News” »
Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks’ Wendi Whitmorewarned that similar capabilities are weeks or months from proliferation. CrowdStrike’s 2026 Global Threat Report puts average eCrime breakout time at 29 minutes. Mandiant’s M-Trends 2026 – Read More – … Read More “Your MTTD Looks Great. Your Post-Alert Gap Doesn’t – The Hacker News” »
Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Ghost APIs are deprecated endpoints left active, exposing systems to attack. Learn how they differ from shadow APIs and why they create hidden security risks – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The W3LL phishing kit has been associated with fraud attempts totaling $20m – Read More –
Undisclosed number of names, contact and reservation details are accessed in latest cybercrime attempt Business live – latest updates The accommodation reservation website Booking.com has suffered a data breach with “unauthorised parties” gaining access to customers’ details. The platform said it “noticed some suspicious activity involving unauthorised third parties being able to access some of … Read More “Booking.com warns customers of hack that exposed their data – Data and computer security | The Guardian” »
The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. “The threat actor used … Read More “North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware – The Hacker News” »
The UK Cyber Security Council has unveiled a new Associate Cyber Security Professional title aimed at supporting early‑career cybersecurity professionals – Read More –
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious Axios library on March 31, but noted that no user data or internal system was compromised. “Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps,” OpenAI said in a … Read More “OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident – The Hacker News” »
UK, US and Canadian authorities have identified over 20,000 victims of approval phishing scams that trick users into handing over full crypto wallet access – Read More –
A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
FBI Atlanta and Indonesian National Police dismantle W3LLSTORE phishing market linked to $20M fraud, seizing domains and detaining developer. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an attacker to run malicious code on affected installations. It has been described … Read More “Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 – The Hacker News” »
Unknown threat actors compromised CPUID (“cpuid[.]com”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with … Read More “CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads – The Hacker News” »
Signal messages may persist in iPhone notification data, enabling FBI access even after deletion, a court case reveals. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The fraud landscape has been changed by AI and cryptocurrency in a way that should concern organisations and individuals alike. Read more in my article on the Fortra blog. – Read More – GRAHAM CLULEY
Google adds Device Bound Session Credentials (DBSC) to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies and is now sold by its successor Penlink after the two firms merged in July 2023 – Read … Read More “Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data – The Hacker News” »
ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
