AttackFeed by Joe Wagner https://validator.w3.org/feed/docs/rss2.html ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories  – The Hacker News DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea  – The Hacker News BrowserGate: LinkedIn Tracks 6,000+ Browser Extensions on Users’ PCs  – Hackread – Cybersecurity News, Data Breaches, AI and More pcTattleTale stalkerware maker sentence includes fine, supervised release  – CyberScoop Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS  – The Hacker News Missile Alert Phishing Exploits Iran-US-Israel Conflict for Microsoft Logins  – Hackread – Cybersecurity News, Data Breaches, AI and More ⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More  – The Hacker News 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants  – The Hacker News Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps  – The Hacker News $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation  – The Hacker News Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers  – The Hacker News Why Security Researchers and Red Teams Are Turning to Workflow Automation  – Hackread – Cybersecurity News, Data Breaches, AI and More UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles  – Hackread – Cybersecurity News, Data Breaches, AI and More Cloudflare Targets WordPress With New AI-Powered EmDash CMS  – Hackread – Cybersecurity News, Data Breaches, AI and More A Vulnerability in Fortinet FortiClientEMS Could Allow for Arbitrary Code Execution  – Cyber Security Advisories – MS-ISAC North Korean Hackers Pose as Trading Firm to Steal $285M from Drift  – Hackread – Cybersecurity News, Data Breaches, AI and More How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers  – The Hacker News Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools  – The Hacker News BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks  – The Hacker News Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab  – Krebs on Security Fake ChatGPT Ad Blocker Chrome Extension Caught Spying on Users  – Hackread – Cybersecurity News, Data Breaches, AI and More North Korean Hackers Abuse GitHub to Spy on South Korean Firms  – Hackread – Cybersecurity News, Data Breaches, AI and More China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing  – The Hacker News AI Future: The Leading International AI and Web3 Forum to Take Place in April  – Hackread – Cybersecurity News, Data Breaches, AI and More AI Firm Mercor Confirms Breach as Hackers Claim 4TB of Stolen Data  – Hackread – Cybersecurity News, Data Breaches, AI and More Wyden warns Social Security chief: Trump’s voter database is ‘blatant voter suppression’  – CyberScoop Trump budget proposal would cut hundreds of millions more from CISA  – CyberScoop Wyden warns Social Security chief: Trump’s voter database is ‘blatant voter suppression’  – CyberScoop New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs – Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials  – The Hacker News ShinyHunters Hackers Claim Theft of 3M+ Cisco Records, Threaten Public Leak  – Hackread – Cybersecurity News, Data Breaches, AI and More House Dems decry confirmed ICE usage of Paragon spyware  – CyberScoop Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise  – The Hacker News Microsoft Warns of WhatsApp Attachments Spreading Backdoor on Windows PCs  – Hackread – Cybersecurity News, Data Breaches, AI and More Lawmakers renew push for Labor Department-backed cyber apprenticeship grants  – CyberScoop Nigerian romance scammer jailed after being caught out by fellow fraudster  – GRAHAM CLULEY Akira ransomware group can achieve initial access to data encryption in less than an hour  – CyberScoop Why Third-Party Risk Is the Biggest Gap in Your Clients’ Security Posture  – The Hacker News Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK  – The Hacker News New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images  – The Hacker News [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability  – Full Disclosure [KIS-2026-06] MetInfo CMS Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility  – Full Disclosure SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) – Vienna Symphonic Library  – Full Disclosure SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI  – Full Disclosure Medtech giant Stryker says it’s back up after Iranian cyberattack  – CyberScoop UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack  – The Hacker News New ‘Storm’ Infostealer Remotely Decrypts Stolen Credentials – Multiple Vulnerabilities in Cisco Products Could Allow for Arbitrary Code Execution  – Cyber Security Advisories – MS-ISAC Multiple Vulnerabilities in Progress ShareFile Could Allow for Remote Code Execution  – Cyber Security Advisories – MS-ISAC