Tag: attack
-
AI Threats Aren’t Waiting
I’ve spent nearly 30 years in cybersecurity. I’ve seen a lot of “game changers” come and go. Mythos is different. When Anthropic’s model chained 32 steps of a corporate network attack, start to finish, in hours, I wasn’t shocked. I was sobered. Because I’ve been telling enterprises for years: your flat network isn’t… First seen…
-
CISA urges security teams to view environments following axios compromise
A suspected North Korea-linked actor is behind a supply chain attack on the widely used library. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa–security-teams-environments-axios-compromise/818081/
-
macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets
Data from browsers, cryptocurrency wallets, 200+ extensions hoovered up First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/macos_clickfix_attacks_deliver_applescript/
-
macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets
Data from browsers, cryptocurrency wallets, 200+ extensions hoovered up First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/macos_clickfix_attacks_deliver_applescript/
-
Ransomware negotiator admits role in attacks he was hired to resolve
A Florida man, formerly employed as a ransomware negotiator, pleaded guilty to conspiring to carry out ransomware attacks against US companies. Prosecutors say Angelo Martino, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/21/ransomware-negotiator-blackcat-alphv-group/
-
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023.Angelo Martino, 41, of Land O’Lakes, Florida, teamed up with the operators of the BlackCat ransomware starting in April 2023 to assist the e-crime gang in extracting higher amounts as ransoms.”Working as a negotiator…
-
The Gentlemen Ransomware Expands With Rapid Affiliate Growth
Gentlemen RaaS expands quickly with multi-platform attacks and SystemBC-linked infections First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/gentlemen-ransomware-rapid/
-
CISA flags new SD-WAN flaw as actively exploited in attacks
CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager vulnerability it flagged as actively exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-new-sd-wan-flaw-as-actively-exploited-in-attacks/
-
SerialIP Devices Hide Thousands of Old & New Bugs
The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/serial-ip-devices-thousands-of-bugs
-
Phishing and MFA exploitation: Targeting the keys to the kingdom
In 2025, attackers increasingly targeted weaknesses in multi-factor authentication (MFA) workflows, and phishing attacks leveraged valid, compromised credentials to launch lures from trusted accounts. The trends focused entirely on trust, or the lack thereof, in everyday business operations. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/phishing-and-mfa-exploitation-targeting-the-keys-to-the-kingdom/
-
Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/actively-exploited-apache-activemq-flaw-impacts-6-400-servers/
-
Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/actively-exploited-apache-activemq-flaw-impacts-6-400-servers/
-
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
Tags: access, ai, attack, breach, credentials, cybersecurity, exploit, identity, supply-chain, threat, zero-dayThe cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn’t changed: stolen credentials.Identity-based attacks remain a dominant initial access vector in breaches today. Attackers obtain valid credentials through credential stuffing First seen on thehackernews.com Jump…
-
PureRAT Hides PE Payloads in PNGs for Fileless Execution
A multi-stage PureRAT campaign that hides portable executable (PE) payloads inside PNG images and executes them almost entirely in memory, making detection and forensics significantly harder for defenders. The campaign combines steganography, PowerShell-based loaders, UAC bypass, process hollowing, and anti-virtualization checks to remain stealthy on compromised systems. The attack begins with a weaponized .LNK file…
-
Former ransomware negotiator pleads guilty to BlackCat attacks
41-year-old Angelo Martino, a former employee of cybersecurity incident response company DigitalMint, has pleaded guilty to targeting U.S. companies in BlackCat (ALPHV) ransomware attacks in 2023. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/former-ransomware-negotiator-pleads-guilty-to-blackcat-attacks/
-
Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility
Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its services for about 24 hours, starting on April 15. Bluesky is a decentralized, open-source microblogging social media platform similar to X (formerly Twitter). It allows users to post…
-
Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility
Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its services for about 24 hours, starting on April 15. Bluesky is a decentralized, open-source microblogging social media platform similar to X (formerly Twitter). It allows users to post…
-
GitHub Issue Alerts Exploited in OAuth Phishing Scam Targeting Developers
Hackers are abusing GitHub’s own issue-notification emails to phish developers and silently take over their repositories using malicious OAuth applications, effectively turning trusted DevOps tooling into a supply-chain attack vector. Developers are now prime targets because compromising their accounts gives attackers direct access to source code CI/CD pipelines, and production workflows, making this a textbook supply-chain attack…
-
Bluesky, Fast-Growing X Alternative, Hit by Sophisticated DDoS Attack
A service disruption at Bluesky last week exposed the growing challenges faced by fast-expanding social media platforms, after the company confirmed that a “sophisticated” distributed denial-of-service (DDoS) incident was behind widespread outages. The Bluesky cyberattack began late on April 15, 2026, and quickly escalated, interrupting core functions across the app and leaving users unable to…
-
CISA Warns Compromised Axios npm Package Fueled Major Supply Chain Attack
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a severe software supply chain compromise affecting the widely used Axios node package manager (npm). Axios is a highly popular JavaScript library that developers rely on to handle HTTP requests in both Node.js and browser environments. Because of its massive global adoption…
-
Vercel Employee’s AI Tool Access Led to Data Breach
Stolen OAuth tokens, which are at the root of these breaches, are the new attack surface, the new lateral movement, a researcher noted. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/vercel-employees-ai-tool-access-data-breach
-
Vercel’s security breach started with malware disguised as Roblox cheats
The attack, which originated at Context.ai, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions. First seen on cyberscoop.com Jump to article: cyberscoop.com/vercel-security-breach-third-party-attack-context-ai-lumma-stealer/
-
The MCP Disclosure Is the AI Era’s ‘Open Redirect’ Moment
The MCP flaw reveals a systemic AI security gap, exposing enterprise systems to supply chain attacks and forcing a shift toward data-layer governance. The post The MCP Disclosure Is the AI Era’s ‘Open Redirect’ Moment appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-mcp-ai-security-vulnerability-data-layer-governance/
-
The Gentlemen ransomware now uses SystemBC for bot-powered attacks
A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an investigation into a Gentlemen ransomware attack carried out by a gang affiliate. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-gentlemen-ransomware-now-uses-systembc-for-bot-powered-attacks/
-
SerialIP Devices Hide Thousands of Old and New Bugs
The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/serial-ip-devices-thousands-of-bugs
-
2026’s Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable
From the FBI breach to the DarkSword iPhone exploit, these are the biggest cyber attacks and security failures that have shaped 2026 so far. The post 2026’s Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-top-cyberattacks-2026-so-far/
-
2026’s Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable
From the FBI breach to the DarkSword iPhone exploit, these are the biggest cyber attacks and security failures that have shaped 2026 so far. The post 2026’s Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-top-cyberattacks-2026-so-far/