Tag: cyber
-
Vercel Confirms Security Breach Affecting Customer Accounts
Vercel has confirmed a security breach involving unauthorised access to certain internal systems, and the company says the incident affected a limited number of customer accounts and stored data. The cloud platform provider disclosed that it is actively investigating the incident with help from outside incident response experts and has also notified law enforcement. According…
-
Electricity Is a Growing Area of Cyber Risk
IT has long been concerned about ensuring systems receive the right amount of electricity. Cyberattackers are realizing they can manipulate voltage fluctuations for their purposes, too. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/electricity-growing-area-cyber-risk
-
Abwehrmaßnahmen zu Cyberwarfare sollten deutlich gestärkt werden
Armis, das Unternehmen für Cyber-Risikomanagement und Cybersicherheit, appelliert an deutsche Unternehmen, ihre proaktiven Sicherheitsmaßnahmen angesichts der wachsenden Bedrohung durch Cyberwarfare deutlich zu verstärken. Auslöser sind wachsende geopolitische Spannungen sowie die rasanten Fortschritte in Schlüsseltechnologien wie künstliche Intelligenz und Quantencomputing, die völlig neue Angriffsszenarien ermöglichen. Cyberwarfare zielt zunehmend auf kritische Infrastrukturen, IT-Systeme und betriebliche Abläufe, die…
-
If cyber espionage via HDMI worries you, NCSC built a device to stop it
A new cybersecurity device developed by the National Cyber Security Centre (NCSC) should be a helpful solution for protecting governments and businesses from malicious … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/23/ncsc-silentglass-cybersecurity-tool-hdmi-displayport/
-
GitLab Fixes Flaws That Could Allow Attackers to Hijack User Sessions
GitLab has released emergency security patches addressing 11 vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE), including three high-severity flaws that could allow attackers to execute malicious code, forge requests, and steal user session tokens. On April 22, 2026, GitLab released versions 18.11.1, 18.10.4, and 18.9.6 for both CE and EE deployments. GitLab.com has already been…
-
Outlook Mailboxes Abused to Conceal Linux GoGra Backdoor Traffic
The Harvester APT group has quietly expanded its espionage arsenal with a new Linux variant of its GoGra backdoor, one that cleverly hides its command-and-control (C2) traffic within Microsoft Outlook mailboxes, making it significantly harder to detect with traditional network defenses. Researchers from Symantec and Carbon Black Threat Hunter Team discovered the malware. They linked…
-
Chinese hackers are using everyday devices to hack UK firms, warns watchdog
Britain’s cybersecurity agency says companies must step up vigilance to prevent espionage attacks<ul><li><a href=”https://www.theguardian.com/business/live/2026/apr/23/uk-government-borrowing–oil-100-a-barrel-strait-of-hormuz-deadlock-growth-latest-updates”>Business live latest updates</li></ul>British businesses are being urged to step up their vigilance against a China-linked hacking ploy that uses everyday devices for espionage.The UK’s National Cyber Security Centre (NCSC) and agencies in nine other countries have warned of persistent attempts by…
-
Chinese hackers are using everyday devices to hack UK firms, warns watchdog
Britain’s cybersecurity agency says companies must step up vigilance to prevent espionage attacks<ul><li><a href=”https://www.theguardian.com/business/live/2026/apr/23/uk-government-borrowing–oil-100-a-barrel-strait-of-hormuz-deadlock-growth-latest-updates”>Business live latest updates</li></ul>British businesses are being urged to step up their vigilance against a China-linked hacking ploy that uses everyday devices for espionage.The UK’s National Cyber Security Centre (NCSC) and agencies in nine other countries have warned of persistent attempts by…
-
If malware via monitor cables is a matter of national security, this might be the gadget for you
Orgs can now buy UK cyber agency engineered commercial gadget, but details are slim First seen on theregister.com Jump to article: www.theregister.com/2026/04/23/ncscs_first_foray_into_commercial/
-
Malicious npm Package Hijacks Hugging Face for Malware Delivery
Malicious npm package js-logger-pack is now abusing Hugging Face not just as a malware CDN, but also as a live exfiltration backend for stolen data, turning a popular AI platform into part of a full-featured cross”‘platform implant chain. Earlier campaign phases already used Hugging Face as a simple hosting point for those binaries, but the latest builds…
-
Cyber-Attacks Surge 63% Annually in Education Sector
Quorum Cyber report finds higher and further education institutions experienced 63% increase in attacks over a year First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cyberattacks-surge-63-annually/
-
Outlook Mailboxes Used to Conceal Linux GoGra Backdoor Traffic
A newly discovered Linux variant of the GoGra backdoor is being used by the Harvester advanced persistent threat (APT) group to conduct stealthy cyber espionage operations. Harvester, a suspected nation-state-backed group active since at least 2021, is known for targeting South Asia with custom malware and espionage campaigns. The discovery of a Linux version of…
-
Attackers Exploit LMDeploy Flaw in the Wild Within 12 Hours of Advisory
A critical Server-Side Request Forgery (SSRF) vulnerability in LMDeploy’s vision-language module was exploited in active attacks just 12 hours and 31 minutes after its public disclosure, with no proof-of-concept code required. On April 21, 2026, GitHub published security advisory GHSA-6w67-hwm5-92mq, later assigned CVE-2026-33626, a high-severity SSRF flaw (CVSS 7.5) in LMDeploy, an open-source toolkit developed by Shanghai…
-
North Korean Fake IT Workers Infiltrate Firms to Dodge Sanctions
North Korean threat actors are once again leveraging deceptive remote work schemes to infiltrate global organizations, using fake IT worker personas to generate revenue and bypass international sanctions. A recent investigation, triggered by cryptocurrency security researcher ZachXBT, sheds light on the infrastructure and tactics behind this evolving campaign. ZachXBT identified the domain luckyguys[.]site as being…
-
Lazarus Lures Developers With Backdoored Coding Tests
North Korea-linked hackers are using AI-assisted malware and backdoored coding challenges to quietly loot millions in cryptocurrency from Web3 developers. Expel assesses with high confidence that HexagonalRodent is a DPRK state-sponsored subgroup that likely evolved from fraudulent IT worker operations before pivoting fully to malware-driven theft. In just three months, the group exfiltrated data from…
-
Xinference PyPI Breach Exposes Developers to Cloud Credential Theft
A severe supply chain attack has compromised the popular Python package Xinference, exposing developers to massive data theft. Threat actors uploaded malicious versions of the tool to the Python Package Index (PyPI), embedding a heavily obfuscated infostealer into the code. Xinference has over 600,000 total downloads, making this a significant security event for the software…
-
Fake Wallpaper App, YouTube Channel Used to Spread notnullOSX Malware
Hackers are abusing a fake macOS wallpaper app and a hijacked YouTube channel to quietly deliver notnullOSX, a new crypto-focused stealer that targets Macs via ClickFix commands and weaponized DMG installers. The campaign is highly selective, going after victims with crypto holdings above 10,000 USD and using polished lures that closely mimic legitimate apps and workflows.…
-
Fake TradingView AI Site Spreads Needle Stealer Through Phony TradingClaw App
A fake TradingView AI agent website is delivering Needle Stealer malware through a bogus “TradingClaw” assistant that can hijack victims’ browsers, drain financial accounts, and enable follow”‘on attacks. The campaign targets traders seeking automated strategies on TradingView, capitalizing on the current hype around AI trading bots and browser”‘based investing tools. The site imitates legitimate trading…
-
Fake TradingView AI Site Spreads Needle Stealer Through Phony TradingClaw App
A fake TradingView AI agent website is delivering Needle Stealer malware through a bogus “TradingClaw” assistant that can hijack victims’ browsers, drain financial accounts, and enable follow”‘on attacks. The campaign targets traders seeking automated strategies on TradingView, capitalizing on the current hype around AI trading bots and browser”‘based investing tools. The site imitates legitimate trading…
-
Checkmarx KICS Docker Repo Hijacked in Malicious Code Injection Attack
Tags: attack, cloud, credentials, cyber, docker, infrastructure, injection, malicious, software, supply-chain, threatA massive software supply chain attack has targeted the official Checkmarx KICS (Keeping Infrastructure as Code Secure) Docker Hub repository. Discovered on April 22, 2026, by Docker and Socket, the compromise involves trojanized Docker images and malicious VS Code extensions designed to harvest and exfiltrate highly sensitive developer credentials and cloud infrastructure secrets. Threat actors…
-
Apple Patches Privacy Issue Exposing Signal Message Data Through Notifications
Apple recently rolled out iOS 26.4.2 and iPadOS 26.4.2 to patch a critical privacy vulnerability affecting millions of users. Released on April 22, 2026, this vital security update addresses a flaw that could accidentally expose sensitive message data from secure applications, most notably Signal. By downloading this update, users can prevent their private communications from…
-
Tropic Trooper Uses Custom Beacon and VS Code Tunnels for Stealthy Remote Access
A new Tropic Trooper campaign that combines a trojanized PDF reader, a custom AdaptixC2 Beacon listener, and Visual Studio (VS) Code tunnels to gain and maintain remote access to targeted systems. The operation appears to focus on Chinese-speaking individuals in Taiwan, as well as victims in South Korea and Japan. It is attributed to Tropic…
-
Claude Mythos Exposes 271 Zero-Day Security Flaws in Firefox
Mozilla has released Firefox 150, addressing a staggering 271 zero-day vulnerabilities. The security team identified these latent flaws using Anthropic’s early-stage Claude Mythos Preview AI model. This massive cleanup represents a major shift in how tech companies detect and defend against cyber threats. The Firefox team has spent recent months working alongside Anthropic to scan…
-
Vulnerability Management und SBOM-Generierung sind Key beim CRA
Cyber Resilience Act: Effektives Vulnerability Management und automatisierte Erstellung einer Software Bill of Materials werden zentrale Erfolgsfaktoren für die Hersteller vernetzter Produkte. Mit dem Cyber Resilience Act (CRA) hat die Europäische Union erstmals einen verbindlichen Rechtsrahmen für die Cybersicherheit digitaler Produkte geschaffen. Für die Hersteller vernetzter Geräte, Maschinen und Anlagen rückt damit ein Thema… First…
-
Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks
The 2026 InsurSec Report from At-Bay, covering more than 100,000 policy years of claims data, documents a 7% year-over-year rise in overall claim frequency and an all-time … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/23/cyber-insurance-claims-report/
-
NCSC heralds end of passwords for consumers and pushes secure passkeys
UK National Cyber Security Centre is urging consumers to replace passwords and two-factor authentication with passkeys, following a technical study that shows they are more secure and easier to use First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642156/NCSC-heralds-end-of-passwords-for-consumers-and-pushes-secure-passkeys
-
Why Cisco Is Eyeing Buy of Non-Human Identity Startup Astrix
Deal Would Help Cisco Expand Footprint Beyond Authentication, ITDR and ISPM Cisco’s cyber M&A dry spell could soon come to an end, with the company reportedly in talks to acquire New York-based non-human identity startup Astrix Security for between $250 million and $350 million. That would represent at least a 25% premium to the startup’s…