Tag: cyber

Burglar alarm biz burgled: ADT confirms cyber intrusion after ShinyHunters extortion attempt

Apr 27, 2026 2:38 PM

Tags: cyber, extortion

Security giant says attackers grabbed ‘limited set’ of data. Crooks claim 10 million records First seen on theregister.com Jump to article: www.theregister.com/2026/04/27/home_security_giant_adt_gets/
Burglar alarm biz burgled: ADT confirms cyber intrusion after ShinyHunters extortion attempt

Apr 27, 2026 2:38 PM

Tags: cyber, extortion

Security giant says attackers grabbed ‘limited set’ of data. Crooks claim 10 million records First seen on theregister.com Jump to article: www.theregister.com/2026/04/27/home_security_giant_adt_gets/
Fake Income Tax Notices Used to Spread Malware

Apr 27, 2026 2:38 PM

Tags: access, compliance, cyber, cybercrime, exploit, india, malicious, malware, phishing

Cybercriminals are exploiting India’s tax season by launching sophisticated phishing campaigns that impersonate the Income Tax Department to deliver dangerous malware to unsuspecting taxpayers. The malicious operation uses fake assessment notices and tax compliance warnings to trick victims into downloading malware-laden files that grant attackers persistent access to compromised systems. The phishing campaign, which has…
Itron Discloses Data Breach After Hackers Access Internal Systems

Apr 27, 2026 1:39 PM

Tags: access, breach, cyber, cybersecurity, data, data-breach, hacker, infrastructure, technology, unauthorized

Itron, Inc., a leading smart metering and energy infrastructure technology company, has disclosed a cybersecurity incident after an unauthorized third party gained access to certain of its internal systems, according to a Form 8-K filing submitted to the U.S. Securities and Exchange Commission (SEC) on April 13, 2026. Itron was notified on April 13, 2026,…
Itron Discloses Data Breach After Hackers Access Internal Systems

Apr 27, 2026 1:39 PM

Tags: access, breach, cyber, cybersecurity, data, data-breach, hacker, infrastructure, technology, unauthorized

Itron, Inc., a leading smart metering and energy infrastructure technology company, has disclosed a cybersecurity incident after an unauthorized third party gained access to certain of its internal systems, according to a Form 8-K filing submitted to the U.S. Securities and Exchange Commission (SEC) on April 13, 2026. Itron was notified on April 13, 2026,…
Linux ELF Malware Generator Evades ML Detection With Semantic-Preserving Changes

Apr 27, 2026 1:39 PM

Tags: cloud, computing, cyber, detection, Internet, linux, malware, ml, service, windows

As Linux continues to dominate high-performance computing, cloud services, and Internet of Things (IoT) devices, it has become a prime target for cybercriminals. However, while much research has focused on manipulating Windows executables to bypass security, the Linux Executable and Linkable Format (ELF) has largely been ignored. To address this gap, researchers at the Czech…
Researchers Warn macOS textutil, KeePassXC Can Fuel Automation Attacks

Apr 27, 2026 1:39 PM

Tags: attack, automation, cyber, data-breach, macOS, risk, tool, vulnerability

Researchers are warning that widely trusted local tools such as macOS’s textutil and KeePassXC can pose unexpected security risks when used within automated workflows. The issue is not traditional vulnerabilities such as memory corruption or code execution, but how normal features behave when exposed to attacker-controlled input. Many engineering teams treat built-in utilities as safe…
Italy moves to extradite Chinese national to the U.S. over hacking charges

Apr 27, 2026 11:38 AM

Tags: china, cyber, espionage, hacking

Italy plans to extradite Xu Zewei to the U.S. over alleged hacks on COVID-19 research tied to state-backed operations. Italy is moving to extradite Xu Zewei, the Chinese national arrested in 2025 at the request of U.S. authorities on cyber-espionage charges, Bloomberg reported. The case stands out because it ties a single suspect, Xu, to…
North Korean Hackers Target Pharma Firms with Malware-Laced Excel Attacks

Apr 27, 2026 11:38 AM

Tags: attack, cloud, cyber, data, email, hacker, malware, north-korea, powershell, windows

North Korean state-backed hackers are using weaponized Excel-themed files to infect pharmaceutical and life science companies with malware, abusing Windows shortcut files, PowerShell, and cloud storage for stealthy data theft. The campaign begins with highly tailored spear”‘phishing emails sent to drug manufacturers and related life science organizations. Messages typically reference legitimate”‘sounding topics such as ERP…
North Korean Hackers Target Pharma Firms with Malware-Laced Excel Attacks

Apr 27, 2026 11:38 AM

Tags: attack, cloud, cyber, data, email, hacker, malware, north-korea, powershell, windows

North Korean state-backed hackers are using weaponized Excel-themed files to infect pharmaceutical and life science companies with malware, abusing Windows shortcut files, PowerShell, and cloud storage for stealthy data theft. The campaign begins with highly tailored spear”‘phishing emails sent to drug manufacturers and related life science organizations. Messages typically reference legitimate”‘sounding topics such as ERP…
OpenClaw Flaws Expose Systems to Policy Bypass Attacks

Apr 27, 2026 11:38 AM

Tags: ai, api, attack, credentials, cyber, cybersecurity, flaw, framework, open-source, unauthorized, update

OpenClaw, a rapidly adopted open-source autonomous AI agent framework, has released critical security updates to address three moderate-severity vulnerabilities. Found in npm package versions before 2026.4.20, these complex flaws expose systems to severe policy bypasses, unauthorized local configuration modifications, and critical API credential leaks. IT administrators and cybersecurity professionals are strongly advised to upgrade their…
Critical Gemini CLI Flaw Raises Supply Chain Security Concerns

Apr 27, 2026 11:38 AM

Tags: cyber, flaw, github, google, malicious, remote-code-execution, supply-chain, tool, update

Google has rolled out urgent security updates for its Gemini CLI and the accompanying GitHub Action to address a critical vulnerability. Tracked as GHSA-wpqr-6v78-jr5g, this flaw exposes continuous integration and continuous deployment (CI/CD) pipelines to Remote Code Execution (RCE) attacks. Improper handling of workspace trust and tool allowlisting allows malicious actors to compromise automated workflows,…
Fast16: Pre-Stuxnet malware that targeted precision engineering software

Apr 27, 2026 11:38 AM

Tags: cyber, malicious, malware, software, stuxnet

Fast16 is a pre-Stuxnet malware that tampered with precision software and spread itself. Evidence suggests links to U.S. operations during early cyber tensions. SentinelOne uncovered Fast16, a sabotage malware used in 2005, years before Stuxnet. The malicious code is written in Lua and targeted high-precision calculation software, altering results and spreading across systems. The malware…
The $700 million question: How cyber risk became a market cap problem

Apr 27, 2026 10:39 AM

Tags: ciso, cyber, incident, risk

Cyber risk used to be the kind of problem you could delegate. Something for the CISO, the IT team, and maybe an external auditor to worry about once a year. That comfort zone is gone. In the last decade, a new reality has set in: a single cyber incident can erase hundreds of millions of…The…
NPM Worm Hits Namastex Packages, Steals Secrets Across Registries

Apr 27, 2026 10:39 AM

Tags: ai, cyber, malicious, malware, pypi, service, worm

A newly uncovered npm malware campaign is targeting packages linked to Namastex Labs, abusing developer trust to steal sensitive secrets and silently spread across both npm and PyPI ecosystems. The malicious activity centers on Namastex.ai, a company that promotes AI consulting services and autonomous agent systems through its Automagik product line. A set of legitimate-looking…
Transforming Raw Alerts into Real Security Outcomes with Seceon

Apr 27, 2026 9:39 AM

Tags: cyber, threat

Cyber threats today are no longer occasional. They are persistent, automated, and intelligently crafted to bypass traditional defenses. Relying only on logs or isolated alerts is no longer enough. Organizations need a platform that can connect behaviors, detect patterns, and deliver real-time intelligence. This is where Seceon aiSIEM plays a critical role by converting scattered…
U.S. utility giant Itron discloses a security breach

Apr 27, 2026 9:39 AM

Tags: access, breach, cyber, cybersecurity, incident, incident response, law, unauthorized

Itron detected unauthorized access to part of its IT environment on April 13, 2026, and launched incident response and notified authorities. Itron disclosed a cyber incident involving unauthorized access to part of its internal IT systems, detected on April 13, 2026. The company activated its incident response plan, engaged external cybersecurity experts, and notified law…
Nessus Agent Windows Flaw Enables SYSTEM-Level Code Execution

Apr 27, 2026 9:39 AM

Tags: access, cyber, flaw, malicious, software, vulnerability, windows

Tenable has disclosed a high-severity security vulnerability in its Nessus Agent software for Windows that could allow attackers to execute malicious code with full SYSTEM-level privileges. The flaw, tracked as CVE-2026-33694, has been patched in the newly released Nessus Agent version 11.1.3. The vulnerability stems from improper link resolution before file access, classified under CWE-59 (>>Link Following<<). On…
ClickFix Attack Swaps PowerShell for Cmdkey, Remote Regsvr32 Payloads

Apr 27, 2026 9:39 AM

Tags: attack, captcha, cyber, cybersecurity, infection, phishing, powershell, windows

A newly identified ClickFix attack variant is raising concerns among cybersecurity researchers after it was observed replacing traditional PowerShell-based delivery with a stealthier technique leveraging native Windows utilities. The infection begins with a familiar ClickFix tactic: a phishing page disguised as a CAPTCHA verification prompt. Victims are instructed to press Win + R, paste a…
Vidar Malware Conceals Payloads in JPEG, TXT Files to Evade Detection

Apr 27, 2026 8:39 AM

Tags: credentials, cyber, detection, malware

Vidar has evolved from a basic Arkei-based credential stealer into a multi-stage, stealth-focused infostealer that now hides second”‘stage payloads within JPEG and TXT files to evade modern defenses. First observed in 2018, Vidar now operates as a mature Malware”‘as”‘a”‘Service (MaaS) with flexible delivery, multi”‘stage execution, and strong data”‘theft capabilities. Attackers weaponize trending topics and trusted ecosystems,…
Metabase Enterprise RCE Flaw Now Has Public ProofConcept Exploit

Apr 27, 2026 8:39 AM

Tags: cve, cyber, exploit, flaw, rce, remote-code-execution, risk, vulnerability

Security researchers have published a working Proof of Concept (PoC) exploit for a critical vulnerability in Metabase Enterprise. Tracked as CVE-2026-33725, this security flaw allows attackers to achieve Remote Code Execution (RCE) and read arbitrary files on targeted systems. The availability of a public exploit script significantly increases the risk for organizations running unpatched instances…
Fast16 Malware Targets High-Value Systems With Sabotage Capabilities

Apr 27, 2026 8:39 AM

Tags: cyber, framework, malware, service, stuxnet, worm

A previously unknown cyber sabotage framework called fast16, whose core components date back to 2005. This makes it the earliest known sabotage malware of its kind, predating the infamous Stuxnet worm by at least five years. The fast16 framework consists of two primary components: a Lua-powered service binary called svcmgmt.exe and a kernel driver named…
Suspicious Microsoft Store App Vibing.exe Allegedly Harvests Screens and Audio

Apr 27, 2026 8:39 AM

Tags: ai, cyber, data, microsoft, privacy

A recently discovered application called Vibing.exe has raised major privacy and security alarms after researchers caught it stealthily recording user screens and audio. Originally available on the Microsoft Store as an AI productivity interface, the app was pulled in late April 2026 following discoveries that it secretly siphoned data to a remote server. Security analysts…
Attackers Chain CODESYS Vulnerabilities to Backdoor Applications

Apr 27, 2026 7:39 AM

Tags: backdoor, control, cyber, exploit, flaw, network, vulnerability

Nozomi Networks Labs published critical research detailing three new vulnerabilities in the CODESYS Control runtime. When chained together, these security flaws allow an authenticated attacker with low-level privileges to replace a legitimate industrial control application with a backdoored version. Ultimately, this exploit path leads to complete administrative control over the target device and its host…
Attackers Chain CODESYS Vulnerabilities to Backdoor Applications

Apr 27, 2026 7:39 AM

Tags: backdoor, control, cyber, exploit, flaw, network, vulnerability

Nozomi Networks Labs published critical research detailing three new vulnerabilities in the CODESYS Control runtime. When chained together, these security flaws allow an authenticated attacker with low-level privileges to replace a legitimate industrial control application with a backdoored version. Ultimately, this exploit path leads to complete administrative control over the target device and its host…
Attackers Chain CODESYS Vulnerabilities to Backdoor Applications

Apr 27, 2026 7:39 AM

Tags: backdoor, control, cyber, exploit, flaw, network, vulnerability

Nozomi Networks Labs published critical research detailing three new vulnerabilities in the CODESYS Control runtime. When chained together, these security flaws allow an authenticated attacker with low-level privileges to replace a legitimate industrial control application with a backdoored version. Ultimately, this exploit path leads to complete administrative control over the target device and its host…
Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions

Apr 27, 2026 6:38 AM

Tags: attack, cyber, iran, leak, malware, software, stuxnet

What happened SentinelOne has uncovered Fast16, a Lua-based sabotage malware developed and deployed years before Stuxnet that was designed to tamper with high-precision calculation software used in civil engineering, physics, and physical process simulations. The malware was used in an attack in 2005 and was referenced in the ShadowBrokers’ 2016 leak of NSA offensive tools….The…
Black Hat Asia: Privacy and cyber security are inseparable

Apr 27, 2026 5:38 AM

Tags: cyber, data, data-breach, incident, privacy

The separation of privacy and security is no longer tenable in a world where exposed personal data is increasingly the entry point for major cyber incidents, delegates at Black Hat Asia 2026 were told First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642334/Black-Hat-Asia-Privacy-and-cyber-security-are-inseparable
Electricity Is a Growing Area of Cyber-Risk

Apr 26, 2026 5:39 PM

Tags: cyber, risk

IT has long been concerned with ensuring systems receive the right amount of electricity. Cyberattackers are realizing they can manipulate voltage fluctuations for their purposes, too. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/electricity-growing-area-cyber-risk
IRDAI 2026 Cybersecurity Guidelines for Insurance Companies

Apr 25, 2026 2:40 PM

Tags: compliance, cyber, cybersecurity, framework, governance, india, insurance, monitoring

The Insurance Regulatory and Development Authority of India (IRDAI) has introduced significant amendments to its cybersecurity guidelines in 2026, marking a shift from static compliance to continuous cyber resilience. For insurers, IRDAI compliance is no longer just about implementing baseline controls. The updated framework demands stronger governance, tighter oversight, real-time monitoring, and accountability across business……