Tag: cyber
-
Researchers Uncover SIM Farm-as-a-Service Operation Spanning 87 Panels in 17 Nations
Infrastructure intelligence firm Infrawatch has exposed a globally distributed SIM Farm-as-a-Service ecosystem powered by a single Belarus-based software platform called ProxySmart, identifying 87 exposed control panels across 17 countries and at least 94 physical phone-farm locations. A SIM farm is a physical rack of smartphones or 4G/5G USB modems, each loaded with active SIM cards…
-
French Fintech Accounts Used to Launder Stolen Funds Before Detection
Cybercriminals are turning French freelancer fintech accounts into high-speed money laundering channels, moving stolen funds within minutes often before banks or victims realise anything is wrong. Fintech platforms like Revolut, Wise and N26 allow fast, remote account opening, light-touch digital KYC, and access to SEPA instant transfers, invoicing, cards, and sometimes crypto all packaged for…
-
Critical Bamboo Data Centre and Server Flaw Enables Command Injection Attacks
Atlassian has disclosed a critical OS Command Injection vulnerability (CVE-2026-21571) in Bamboo Data Centre and Server, with a CVSS score of 9.4, enabling authenticated attackers to execute commands on affected systems remotely. The flaw, tracked as CVE-2026-21571, was published as part of Atlassian’s April 21, 2026, Security Bulletin, the company’s monthly disclosure of patched vulnerabilities across…
-
Critical Bamboo Data Centre and Server Flaw Enables Command Injection Attacks
Atlassian has disclosed a critical OS Command Injection vulnerability (CVE-2026-21571) in Bamboo Data Centre and Server, with a CVSS score of 9.4, enabling authenticated attackers to execute commands on affected systems remotely. The flaw, tracked as CVE-2026-21571, was published as part of Atlassian’s April 21, 2026, Security Bulletin, the company’s monthly disclosure of patched vulnerabilities across…
-
Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang
A former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCat First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/former-ransomware-negotiator/
-
Lotus Wiper Hits Energy Sector in Destructive Cyberattack
Hackers have deployed a new destructive malware, dubbed Lotus Wiper , in a targeted cyberattack against energy and utilities organizations in Venezuela, aiming not to extort money but to destroy data and disrupt operations permanently. Artifacts from the Lotus Wiper attack chain were uploaded to a public malware-sharing resource in mid-December 2025 from a machine in Venezuela,…
-
Critical Spring Authorization Server Issue Exposes Systems to XSS and SSRF Attacks
A critical vulnerability, tracked as CVE-2026-22752, has been disclosed in Spring Security Authorization Server, affecting organizations running Dynamic Client Registration endpoints. The flaw allows attackers to inject malicious client metadata, potentially leading to Stored Cross-Site Scripting (XSS), Privilege Escalation, and Server-Side Request Forgery (SSRF) attacks. The vulnerability was responsibly reported by security researcher Kelvin Mbogo and officially disclosed…
-
CyberSmart Partners with Renaissance to Deliver Complete Cyber Confidence for SMEs
Irish reseller Renaissance has announced a strategic partnership with CyberSmart, a UK-based cybersecurity provider focused on delivering continuous protection, compliance, and cyber risk management for small and medium-sized enterprises (SMEs). This collaboration brings CyberSmart’s cybersecurity solutions to a wider market, spanning real-time threat detection, vulnerability management, compliance assurance, and cybersecurity awareness training. Designed for simplicity…
-
Microsoft warns of fake IT worker identities infiltrating cloud environments
Microsoft is warning that North Korea”‘aligned group Jasper Sleet is abusing remote hiring to slip fake IT workers into cloud environments by posing as legitimate staff and then abusing trusted access. Since the pandemic, many companies hire globally, verify identities online, and onboard staff fully remotely. Jasper Sleet, tracked by Microsoft as a North Korean…
-
Anthropic bets on EPSS for the coming bug surge
Tags: ai, cisco, ciso, cloud, crowdstrike, cve, cvss, cyber, data, exploit, flaw, government, Hardware, healthcare, infrastructure, network, update, vulnerabilitySecurity leaders weigh promise versus reality: Security vendors are increasingly incorporating EPSS scores into their systems.According to Roytman, EPSS has been incorporated into more than 120 security vendors’ products, including CrowdStrike, Cisco, Palo Alto Networks, Qualys, and Tenable platforms.”I do not think other CISOs realize how broadly EPSS has been adopted, but that adoption is…
-
March 2026 Cyber Threat Landscape Fueled by Ransomware, Breaches, and Access Markets
Tags: access, attack, breach, cyber, cybersecurity, data, data-breach, intelligence, ransomware, threatThe 2026 threat landscape continued to intensify in March, with ransomware attacks, expanding data breach activity, and a growing underground market for compromised access shaping the global cybersecurity environment. According to analysis from CRIL (Cyble Research & Intelligence Labs), organizations worldwide faced a highly active and coordinated threat ecosystem throughout the month. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/march-2026-threat-landscape/
-
Auraboros RAT Adds Live Audio, Keylogging, and Cookie Theft via Open C2 Panel
A fully exposed command-and-control (C2) panel for a previously undocumented remote access trojan (RAT) framework dubbed Auraboros, supporting live audio streaming, intensive keylogging, browser credential theft, and multi-cookie hijacking all accessible over the internet with zero authentication. Further inspection revealed “Auraboros C2 Station,” a polished single-page dashboard that immediately loads victim data and live controls without…
-
Anthropic investigates report of rogue access to hack-enabling Mythos AI
‘Handful’ of people allegedly gain unauthorised access to model adept at detecting cybersecurity vulnerabilities<ul><li><a href=”https://www.theguardian.com/business/live/2026/apr/22/uk-inflation-increase-fuel-prices-oil-falls-trump-ceasefire-extended-business-live-news-updates”>Business live latest updates</li></ul>The AI developer Anthropic has confirmed it is investigating a report that unauthorised users have gained access to its Mythos model, which it has warned <a href=”https://www.theguardian.com/technology/2026/apr/08/anthropic-ai-cybersecurity-software”>poses risks to cybersecurity.The US startup made the statement after Bloomberg reported…
-
DinDoor Backdoor Exploits Deno and MSI Installers to Slip Past Detection
DinDoor is a newly documented backdoor that abuses the Deno JavaScript runtime and MSI installer files to execute attacker”‘controlled code while sidestepping traditional detection controls quietly. Hiding behind trusted runtimes and common Windows tooling gives threat actors a flexible way to deploy fileless or low”‘footprint malware into enterprise environments. Instead of shipping a conventional compiled…
-
UK Faces a Cyber ‘Perfect Storm’ Driven by Tech Advances and Nation State Threats, NCSC Warns
The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-faces-a-cyber-perfect-storm-ncsc/
-
Namastex npm Packages Spread TeamPCP-Style CanisterWorm Malware
Compromised Namastex npm packages are delivering a new TeamPCP-style CanisterWorm variant that targets developer secrets, browser and wallet data, and then attempts to spread across npm and PyPI ecosystems using canister-backed exfiltration infrastructure. The campaign closely mirrors the original CanisterWorm, reinforcing concerns that TeamPCP is continuing to refine its supply chain tooling against real-world development…
-
Amazon, Anthropic Expand Alliance With 5GW Compute Push to Power Claude
Amazon and Anthropic have announced a massive expansion of their strategic partnership. The tech giants signed a new agreement to secure up to 5 gigawatts (GW) of compute capacity for training and deploying the Claude AI model. This aggressive push highlights the immense infrastructure required to securely and efficiently support rapidly advancing generative AI technologies.…
-
Hackers Tie Iranian Espionage to CastleRAT and ChainShell
A direct operational link between Iran’s MuddyWater espionage group and the Russian TAG-150 CastleRAT malware-as-a-service (MaaS) platform, showing how state and criminal ecosystems are now tightly intertwined. Investigators recovered 15 malware samples, including at least two CastleRAT “builds” and a PowerShell script named reset.ps1 that deploys a previously undocumented JavaScript/Node.js agent dubbed ChainShell. On this server, two native…
-
Microsoft-Signed Binary Helps Deliver LOTUSLITE in India Spy Campaign
Microsoft-signed developer tooling is being abused to quietly deploy a new LOTUSLITE backdoor variant against India’s banking sector, in what researchers link to the China”‘nexus Mustang Panda espionage cluster with moderate confidence. The backdoor retains its espionage profile, offering remote shell access, file operations, and session management rather than any obvious monetization features. Communications are…
-
Microsoft Issues Emergency .NET 10.0.7 Update to Patch Elevation of Privilege Vulnerability
Microsoft has issued an emergency out-of-band security update to address a severe vulnerability within the .NET framework. The critical release of .NET 10.0.7 patches an Elevation of Privilege flaw that inadvertently surfaced after a recent routine system update. Out-of-band patches bypass normal release schedules and indicate a pressing threat, meaning organizations relying on ASP.NET Core…
-
French Authorities Confirm Data Breach Amid Hackers’ Data Leak Allegations
Tags: breach, cyber, data, data-breach, government, hacker, identity, infrastructure, intelligence, leak, security-incident, threatThe French National Agency for Secure Documents (ANTS) has officially confirmed a severe data breach affecting its central government portal. This critical infrastructure system manages the issuance of national identity cards, passports, vehicle registration certificates, and driver’s licenses nationwide. Recent threat intelligence reports suggest this security incident represents a massive compromise that could impact up…
-
French Authorities Confirm Data Breach Amid Hackers’ Data Leak Allegations
Tags: breach, cyber, data, data-breach, government, hacker, identity, infrastructure, intelligence, leak, security-incident, threatThe French National Agency for Secure Documents (ANTS) has officially confirmed a severe data breach affecting its central government portal. This critical infrastructure system manages the issuance of national identity cards, passports, vehicle registration certificates, and driver’s licenses nationwide. Recent threat intelligence reports suggest this security incident represents a massive compromise that could impact up…
-
UK could face ‘hacktivist attacks at scale’, says head of security agency
Officials warn a conflict situation could cause disruption similar to recent major ransomware incidentsThe UK could face “hacktivist attacks at scale” if it becomes embroiled in a conflict and the impact could be similar to recent high-profile <a href=”https://www.theguardian.com/technology/2023/sep/14/who-is-behind-latest-wave-of-ransomware-attacks”>ransomware incidents, according to the head of the country’s online security agency.Richard Horne, chief executive of the…
-
Shadow AI, deepfakes, and supply chain compromise are rewriting the financial sector threat playbook
Financially motivated attacks continued to drive the bulk of cyber incidents against banks, insurers, and payment processors in 2025. Approximately 90% of breaches affecting … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/22/financial-sector-cyber-threats-report/
-
A Cybersecurity Lifeline for Lean IT Teams: Introducing C.R.E.W.
<div cla “Too small to target” is a dangerous cybersecurity myth, while “Where do I start?,” is a legitimate cyber defense question. Imagine leaving your office unlocked overnight”, not because you don’t have anything valuable, but because you assume no one would bother breaking in. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/a-cybersecurity-lifeline-for-lean-it-teams-introducing-c-r-e-w/
-
Pentagon Cyber Leaders Back $1.5T Budget Request
Overhaul, Restructuring Puts Cyber at Core of Digital Warfare. Defense officials told House lawmakers the newly-released budget request positions cyber as a core warfighting domain, funding expanded offensive operations, AI-driven capabilities and a major Cyber Command overhaul as adversaries shift from espionage to pre-positioned disruptive attacks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/pentagon-cyber-leaders-back-15t-budget-request-a-31476
-
Nation states responsible for ‘nationally significant’ cyber attacks against UK, says NCSC chief
The UK is facing four nationally significant cyber attacks a week, the majority from hostile states, NCSC chief, Richard Horne, will warn at the CyberUK conference First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642032/Nation-states-responsible-for-nationally-significant-cyber-attacks-against-UK-says-NCSC-chief
-
Oracle April 2026 Critical Patch Update Addresses 241 CVEs
Oracle addresses 241 CVEs in its second quarterly update of 2026 with 481 patches, including 34 critical updates. Key takeaways: The second Critical Patch Update (CPU) for 2026 contains fixes for 241 unique CVEs in 481 security updates 34 issues (7.1% of all patches) were assigned a critical severity rating Oracle Communications received the highest…