Tag: cyber
-
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran’s nuclear program by destroying uranium enrichment centrifuges.According to a new report published by SentinelOne, the previously undocumented cyber sabotage framework dates back to 2005, primarily targeting high-precision calculation software to tamper First seen on thehackernews.com…
-
Wiz founder: Hack yourself with AI, before the bad guys do
At Google Cloud Next, Wiz co-founder Yinon Costica called on security defenders to use AI to steal a march on threat actors, and launched new agentic capabiltiies for cyber teams. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642436/Wiz-founder-Hack-yourself-with-AI-before-the-bad-guys-do
-
TekStream Targets Proactive Security With ImagineX Cyber Buy
Acquisition Adds Advisory, GRC and Vulnerability Services to ImagineX’s MDR Core. TekStream acquired ImagineX’s cyber division to integrate advisory, vulnerability management and GRC with its MDR services, aiming to help CISOs defend against faster, AI-driven attacks by unifying proactive and reactive security into a single operational model. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/tekstream-targets-proactive-security-imaginex-cyber-buy-a-31507
-
AI-Driven Cybersecurity: Transforming Enterprise Security with Intelligent Automation
The rise of cloud computing, remote work, IoT devices, and interconnected systems has significantly expanded the attack surface. At the same time, cyber threats are evolving rapidly”, becoming more sophisticated, automated, and harder to detect. Traditional cybersecurity approaches, which rely heavily on rule-based systems and manual intervention, are no longer sufficient. This is where AI-driven…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
Iran’s cyber threat may be less ‘shock and awe’ than ‘low and slow,’ officials say
Officials and experts believe the most likely threat from Iranian hackers is not a digital shock-and-awe campaign, but something quieter: opportunistic intrusions, dressed up to look bigger than they are. First seen on therecord.media Jump to article: therecord.media/iran-cyber-warfare-haugh
-
ADT says customer data stolen in cyber intrusion
The home security company ADT said cybercriminals breached company systems on Monday and stole a “limited set” of customer and prospective customer information. First seen on therecord.media Jump to article: therecord.media/ADT-data-breach-cyberattack
-
FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency’s Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September 2025 with malware called FIRESTARTER.FIRESTARTER, per CISA and the U.K.’s National Cyber Security Centre (NCSC), is assessed to be a backdoor designed for remote access and…
-
Data Breaches, AI Expansion, and Cloud Security Define This Week’s Cyber Landscape in April 2026
Weekly summary of Cybersecurity Insider newsletters in April 2026 First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/data-breaches-ai-expansion-and-cloud-security-define-this-weeks-cyber-landscape-in-april-2026/
-
NCSC chief warns of ‘perfect storm’ as cyber threats intensify at CyberUK
At this week’s CyberUK conference in Glasgow, National Cyber Security Centre (NCSC) CEO Richard Horne delivered a stark assessment of the evolving cyber threat landscape, warning that organisations are facing a “perfect storm” driven by rapid advances in artificial intelligence and rising geopolitical tensions. In his keynote, Horne highlighted how emerging technologies are fundamentally reshaping…
-
What is a passkey, how does it work and why is it better than a password?
Login method for apps and websites stored on users’ devices provides stronger security and is resistant to phishing and breachesThe UK’s National Cyber Security Centre has called time on the password from now on, you should use a passkey.The NCSC said this week it would no longer recommend using passwords where passkeys were available. They…
-
Users advised to drop passwords and make room for passkeys
In a decisive move that could reshape how users log in online, the National Cyber Security Centre (NCSC) is urging consumers to abandon passwords in favour of passkeys, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/ncsc-passkey-adoption-cybersecurity/
-
The Cyber Express Weekly Roundup: Data Breaches, Malware Campaigns, and Cyber Fraud Investigations
In this week’s edition of The Cyber Express weekly roundup, we explore the latest developments in the world of cybersecurity, focusing on high-profile data breaches, growing malware campaigns, and law enforcement actions against cybercriminals. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/tce-weekly-roundup-april-2026/
-
Hackers Exploit Agent ID Administrator Role to Hijack Service Principals
A severe scoping vulnerability was recently discovered in Microsoft Entra ID’s new Agent Identity Platform. The security flaw allowed users assigned the Agent ID Administrator role to hijack arbitrary service principals across an organization’s tenant, leading to potential privilege escalation. Although the administrative role was designed strictly to manage AI agent identities, a boundary breakdown…
-
GPT-5.5 Bio Bug Bounty Program Aims to Improve AI Safety and Performance
OpenAI has officially launched the GPT-5.5 Bio Bug Bounty program to strengthen safeguards against emerging biological risks. As artificial intelligence models become more advanced, the potential for malicious actors to generate dangerous biological information increases. Advanced persistent threats (APTs) and lone attackers could potentially misuse large language models to accelerate harmful biological research. To address…
-
Claude Desktop Reportedly Adds Browser Access Bridge for Chromium Browsers
A detailed cybersecurity report published by privacy expert Alexander Hanff on April 18, 2026, reveals that Anthropic’s Claude Desktop application for macOS silently installs a Native Messaging bridge across multiple Chromium-based browsers. This unprompted installation establishes out-of-sandbox browser automation hooks that pose significant privacy and security risks, bypassing explicit user consent and standard application security…
-
Claude Desktop Reportedly Adds Browser Access Bridge for Chromium Browsers
A detailed cybersecurity report published by privacy expert Alexander Hanff on April 18, 2026, reveals that Anthropic’s Claude Desktop application for macOS silently installs a Native Messaging bridge across multiple Chromium-based browsers. This unprompted installation establishes out-of-sandbox browser automation hooks that pose significant privacy and security risks, bypassing explicit user consent and standard application security…
-
Fake CAPTCHA Scam Triggers Costly SMS Fraud
Hackers are abusing fake CAPTCHA pages to run a silent but lucrative international SMS fraud scheme, turning routine “prove you’re human” checks into a revenue engine built on international revenue share fraud (IRSF). Attackers set up lookalike and scam domains that eventually redirect victims through a traffic distribution system (TDS) to a fake CAPTCHA page.…
-
Compromised everyday devices power Chinese cyber espionage operations
China-linked threat actors have shifted from individually procured infrastructure to large-scale covert networks, botnets built from compromised routers and other edge … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/ncsc-china-covert-networks-advisory/
-
New Cisco firewall malware can only be killed by pulling the plug
Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/cisco-firepower-firestarter-backdoor/
-
Hackers Exploit Pastebin PowerShell Script to Hijack Telegram Sessions
Hackers are experimenting with a new Telegram”‘focused session stealer that hides in a Pastebin”‘hosted PowerShell script posing as a Windows telemetry update, giving defenders a rare view into how such tools are built and tested. The script does not attempt to grab passwords or browser credentials; instead, it focuses entirely on Telegram’s desktop client data…
-
Xiongmai IP Camera Flaw Lets Attackers Bypass Authentication
Tags: access, authentication, cctv, cyber, cybersecurity, flaw, infrastructure, technology, vulnerabilityA critical security vulnerability has been identified in Hangzhou Xiongmai Technology’s XM530 IP Cameras, putting countless commercial facilities at risk. This severe flaw allows remote attackers to bypass authentication protocols and access sensitive device information easily. The Cybersecurity and Infrastructure Security Agency (CISA) published an official alert regarding the issue on April 23, 2026. Critical…
-
Void Dokkaebi Hackers Spread Malware Through Fake Job Interviews
Void Dokkaebi, also known as Famous Chollima, is expanding its cyber operations by turning fake job interviews into a large-scale malware distribution campaign targeting developers. The campaign begins with attackers posing as recruiters from cryptocurrency or AI companies. Developers are invited to complete coding tests that require cloning and running seemingly legitimate repositories from platforms…
-
China-Linked Cyber Actors Turn to Massive Covert Botnets to Evade Detection
A newly issued cybersecurity advisory highlights an evolution in the tactics, techniques and procedures (TTPs) employed by China-Nexus threat actors. The report, released with support from the UK Cyber League and coordinated by the National Cyber Security Centre (NCSC-UK) alongside international partners, sheds light on how Chinese threat actors are relying on large-scale covert networks of compromised…
-
China-linked threat actors use consumer device botnets to evade detection, warn UK and partners
UK National Cyber Security Centre (NCSC) warns China-linked hackers use hijacked devices as proxy networks to hide activity and evade detection. UK National Cyber Security Centre (NCSC) and global partners warn that China-linked threat actors now rely on large proxy networks built of hacked consumer devices. Groups control routers, cameras, video recorders, and NAS systems…
-
China-Linked Hackers Hide Behind Compromised Routers
Hackers linked to China are increasingly abusing compromised routers and edge devices to build covert networks, enabling stealthy cyber operations that are harder to detect and block. Instead of relying on dedicated servers or purchased hosting, threat actors are now leveraging large-scale botnets made up of hacked small office/home office (SOHO) routers, IoT devices, and…
-
Python Vulnerability Enables OutBounds Write on Windows
A high-severity security vulnerability has been discovered in Python’s asyncio module on Windows, potentially allowing attackers to write data beyond the boundaries of an allocated memory buffer. The flaw, tracked as CVE-2026-3298, was publicly disclosed on April 21, 2026, by Python security developer Seth Larson via the official Python security announcement mailing list. The vulnerability exists in the sock_recvfrom_into() method…
-
Hackers Exploit Ollama Model Uploads to Leak Server Data
Cybersecurity researchers have uncovered a severe, unpatched vulnerability in Ollama, a popular open-source platform used for running large language models locally. Tracked as CVE-2026-5757, this critical flaw exists in Ollama’s model quantization engine. If exploited, it allows an unauthenticated attacker to steal sensitive server data by simply uploading a maliciously crafted AI model file. How…