Tag: cyber
-
Nation states responsible for ‘nationally significant’ cyber attacks against UK, says NCSC chief
The UK is facing four nationally significant cyber attacks a week, the majority from hostile states, NCSC chief, Richard Horne, will warn at the CyberUK conference First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642032/Nation-states-responsible-for-nationally-significant-cyber-attacks-against-UK-says-NCSC-chief
-
Oracle April 2026 Critical Patch Update Addresses 241 CVEs
Oracle addresses 241 CVEs in its second quarterly update of 2026 with 481 patches, including 34 critical updates. Key takeaways: The second Critical Patch Update (CPU) for 2026 contains fixes for 241 unique CVEs in 481 security updates 34 issues (7.1% of all patches) were assigned a critical severity rating Oracle Communications received the highest…
-
Nation-states want to cause harm, not just steal cash – stop handing your cyber defenses to the cheapest contractor
NCSC boss says China’s whole-of-state cyber machine has become Britain’s peer competitor in cyberspace First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/ncsc_chinas_cyberattacks_uk/
-
Nation-states want to cause harm, not just steal cash – stop handing your cyber defenses to the cheapest contractor
NCSC boss says China’s whole-of-state cyber machine has become Britain’s peer competitor in cyberspace First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/ncsc_chinas_cyberattacks_uk/
-
Nation-states want to cause harm, not just steal cash – stop handing your cyber defenses to the cheapest contractor
NCSC boss says China’s whole-of-state cyber machine has become Britain’s peer competitor in cyberspace First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/ncsc_chinas_cyberattacks_uk/
-
Cyber threats are rising. Your headcount isn’t.
e=4>Security demands keep growing, but your team can’t. For many SLTT and education organizations, limited staff, complex environments, and constant alerts make it difficult to keep up. This webinar shows how you can close the gap by strengthening detection and response without adding complexity, cost, or headcount. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cyber-threats-are-rising-your-headcount-isnt-a-31475
-
Sans Institute preps live systems for Nato cyber exercise
Cyber training body the Sans Institute is preparing live power generation IT and OT systems for Nato’s annual Locked Shields blue team exercise, which this year appears more relevant than ever First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642012/Sans-Institute-preps-live-systems-for-Nato-cyber-exercise
-
BreachLock Named Representative Vendor in the 2026 Gartner Market Guide for Adversarial Exposure Validation
New York, United States, April 21st, 2026, CyberNewswire BreachLock, a global leader in offensive security, today announced it has been named a representative vendor in the2026 Gartner Market Guide for Adversarial Exposure Validation. This recognition marks the first time BreachLock has been identified in the Adversarial Exposure Validation (AEV) category since launching its agentic AI-poweredAdversarial…
-
The Ungoverned Workforce: Cybersecurity Insiders Finds 92% Lack Visibility Into AI Identities
Washington D.C., USA, April 21st, 2026, CyberNewswire Cybersecurity Insiders, in collaboration with Saviynt, has released new research indicating that AI identities are increasingly operating within core enterprise systems, often without established governance or visibility. The study finds that while 71% of CISOs and senior security leaders confirm AI tools have access to core systems such…
-
Bridewell Among First to Achieve Level 2 Defence Cyber Certification
Bridewell has become one of the first organisations to achieve Level 2 Defence Cyber Certification (DCC), marking a significant milestone in efforts to strengthen cyber security across the UK defence supply chain. The Reading-based cyber security services provider is currently one of only two organisations accredited at this level, underscoring its role in supporting critical…
-
Todyl CEO On ‘Elevating The Capabilities’ Of MSPs With New Assurance Marketplace
Todyl is working with three other cyber firms to enable MSPs to better ‘demonstrate the security programs that they have in place,’ through the newly announced Todyl Assurance Marketplace, CEO John Nellen told CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/todyl-ceo-on-elevating-the-capabilities-of-msps-with-new-assurance-marketplace
-
Claude Code, Gemini CLI, and GitHub Copilot Exposed to Prompt Injection via GitHub Comments
Comment and Control prompt injection vulnerabilities discovered in AI agents, including Claude Code Security Review, Google Gemini CLI Action, and GitHub Copilot Agent. The research, spearheaded by Aonan Guan and Johns Hopkins University researchers, highlights critical architectural flaws in how these AI tools process untrusted user input within GitHub workflows. The Architecture of >>Comment and…
-
AI-assisted intruders pwned Vercel via OAuth abuse and a pilfered employee account
CEO suspects silicon sidekick behind ‘surprising velocity’ breach – cyber crims shop stolen data for $2M First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/vercel_ceo_points_to_aidriven/
-
AI-Powered NGate Malware Evades Detection Inside NFC Payment Apps
A new NGate malware variant that hides inside a trojanized version of HandyPay, a legitimate NFC payment relay app for Android, to steal card data and PINs for ATM cash-outs and fraudulent payments. The injected code shows clear signs of being produced with generative AI, highlighting how low”‘skill actors can now weaponize NFC payment apps…
-
Apache Syncope RCE Vulnerability Detailed After Public Exploit Code Release
Tags: apache, cve, cvss, cyber, exploit, flaw, government, identity, open-source, rce, remote-code-execution, vulnerabilitySecurity researchers have released full technical details and a working proof-of-concept (PoC) exploit for CVE-2025-57738, a high-severity remote code execution (RCE) vulnerability in Apache Syncope, a widely deployed open-source identity management platform used across enterprise and government environments. Tracked as CVE-2025-57738 with a CVSS score of 7.2 (HIGH), the flaw exists in how Apache Syncope…
-
PureRAT Hides PE Payloads in PNGs for Fileless Execution
A multi-stage PureRAT campaign that hides portable executable (PE) payloads inside PNG images and executes them almost entirely in memory, making detection and forensics significantly harder for defenders. The campaign combines steganography, PowerShell-based loaders, UAC bypass, process hollowing, and anti-virtualization checks to remain stealthy on compromised systems. The attack begins with a weaponized .LNK file…
-
The thin gray line: Handala, CyberAv3ngers and Iran’s proxy ops
A state of perpetual interference: To understand how proxy insurgent groups such as Handala fit within Iran’s modern-day intelligence ecosystem, we first need to look at the historical development of the country’s intelligence operations.In 1953, the United States and Britain (via conduit operations of the CIA and MI6, respectively) instigated a coup in Iran that…
-
Vercel Confirms Cyber Incident After Sophisticated Attacker Exploits Third”‘Party Tool
Cloud app developer Vercel appears to have suffered a security breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/vercel-cyber-incident-threat-actor/
-
Vercel Confirms Cyber Incident After Sophisticated Attacker Exploits Third”‘Party Tool
Cloud app developer Vercel appears to have suffered a security breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/vercel-cyber-incident-threat-actor/
-
GitHub Issue Alerts Exploited in OAuth Phishing Scam Targeting Developers
Hackers are abusing GitHub’s own issue-notification emails to phish developers and silently take over their repositories using malicious OAuth applications, effectively turning trusted DevOps tooling into a supply-chain attack vector. Developers are now prime targets because compromising their accounts gives attackers direct access to source code CI/CD pipelines, and production workflows, making this a textbook supply-chain attack…
-
CISA Alerts Defenders to Exploited Cisco Catalyst SD-WAN Manager Security Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning to network defenders regarding the active exploitation of Cisco Catalyst SD-WAN Manager. On April 20, 2026, CISA officially added three distinct security flaws affecting the platform to its Known Exploited Vulnerabilities (KEV) catalog. Cisco Catalyst SD-WAN Manager is a critical administrative console used…
-
6,000+ Publicly Exposed Apache ActiveMQ Instances Found Vulnerable to CVE-2026-34197
Over 6,000 internet-facing Apache ActiveMQ servers are currently affected by a critical security flaw, leaving enterprise networks wide open to attack. The Shadowserver Foundation, a prominent nonprofit security research organization, reported finding exactly 6,364 vulnerable IP addresses during its daily network scans on April 19, 2026. This vulnerability, officially tracked as CVE-2026-34197, stems from an…
-
Gentlemen RaaS Hits Windows, Linux, and ESXi With New C-Based Locker
Gentlemen is a fast”‘growing ransomware”‘as”‘a”‘service (RaaS) operation now targeting Windows, Linux, NAS, BSD, and VMware ESXi with a new locker written in C for hypervisor environments. Its multi”‘platform design and strong defense”‘evasion features make it a high”‘impact threat to corporate networks worldwide. The Gentlemen RaaS emerged around mid”‘2025 and quickly built an affiliate ecosystem by…
-
Gentlemen RaaS Hits Windows, Linux, and ESXi With New C-Based Locker
Gentlemen is a fast”‘growing ransomware”‘as”‘a”‘service (RaaS) operation now targeting Windows, Linux, NAS, BSD, and VMware ESXi with a new locker written in C for hypervisor environments. Its multi”‘platform design and strong defense”‘evasion features make it a high”‘impact threat to corporate networks worldwide. The Gentlemen RaaS emerged around mid”‘2025 and quickly built an affiliate ecosystem by…
-
12 Fraudulent Browser Extensions Disguised as TikTok Downloaders Compromise 130K Users
LayerX security researchers have uncovered a massive, highly coordinated campaign involving at least 12 malicious browser extensions on the Google Chrome and Microsoft Edge marketplaces. Disguised as legitimate TikTok video downloaders, these extensions secretly track user activity and harvest sensitive data. The operation has successfully compromised over 130,000 users, with approximately 12,500 installations still active…
-
AI-Driven Exploitation Could Shrink Defenders’ Patch Window
AI-powered cyberattacks are entering a new phase, with frontier AI models now capable of autonomously discovering and exploiting software vulnerabilities at unprecedented speed. Unit 42’s hands-on testing reveals that modern AI models are no longer مجرد coding assistants. Instead, they demonstrate the reasoning ability of full-spectrum security researchers. According to recent findings from Unit 42,…
-
Lovable AI App Builder Hit by Reported API Flaw Exposing Thousands of Projects
The popular AI application builder, Lovable, is currently facing a massive data breach due to an unpatched API vulnerability. Security researchers have revealed that a critical flaw exposes sensitive project data, source code, and user credentials for any project created on the platform before November 2025. According to a detailed public disclosure by security researcher…
-
Malicious GGUF Models Could Trigger Remote Code Execution on SGLang Servers
Security researchers have uncovered a critical vulnerability in SGLang, a widely used framework for running large language models, that allows threat actors to compromise inference servers. Tracked as CVE-2026-5760, this flaw enables Remote Code Execution (RCE) when a server loads a maliciously crafted GGUF model file. By simply hosting a weaponized model on platforms like…
-
CISA Warns Compromised Axios npm Package Fueled Major Supply Chain Attack
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a severe software supply chain compromise affecting the widely used Axios node package manager (npm). Axios is a highly popular JavaScript library that developers rely on to handle HTTP requests in both Node.js and browser environments. Because of its massive global adoption…