Tag: cyber
-
Cybersecurity in an Age of Geopolitical Fracture
Why Cyber Risk Is Now Shaped as Much by Nations as by Hackers Wars are becoming more frequent, and are no longer only kinetic. They are just as active in the cyber world, with impacts much larger than can be imagined. This also leads to state-sponsored hacktivists targeting the critical infrastructure of nations. First seen…
-
prompted 2026 Three Phases Of Al Adoption
Author, Creator & Presenter: Chase Hasbrouck, Chief of Forensics/Malware Analysis, United States Army Cyber Command Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/unprompted-2026-three-phases-of-al-adoption/
-
Zimbabwe Boosts Cybersecurity as AI-Driven Cyber Fraud Surges
Zimbabwe is intensifying efforts to reinforce cybersecurity in Zimbabwe as the nation confronts a rise of digital crime. As internet access expands and digital financial services become more embedded in everyday life, authorities warn that these developments are simultaneously exposing weaknesses in Zimbabwe’s cybersecurity systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cyber-fraud-cybersecurity-in-zimbabwe/
-
GitHub and Jira Alerts Hijacked for Trusted-SaaS Phishing
Hackers are abusing GitHub and Jira’s built”‘in notification systems to send phishing emails that appear completely legitimate. Because these emails are sent from the platforms’ own mail servers, they pass standard checks like SPF, DKIM, and DMARC, making them very hard for traditional email gateways to block. The messages are routed via the official mail…
-
New Nginx 1.29.8 and FreeNginx Versions Patch Critical Security Flaws
Web server administrators need to prioritize a crucial update this week. The developers behind Nginx and the community-driven FreeNginx project have released new versions to address critical security flaws and introduce key enhancements. Released on April 7, 2026, Nginx version 1.29.8 brings a mix of important security patches, new directives, and deep technical bug fixes.…
-
Hackers Exploit MSBuild LOLBin to Evade Detection in Fileless Windows Attacks
Cyber attackers are increasingly using Living Off the Land Binaries (LOLBins) to bypass security detection. By leveraging legitimate system tools, these attacks avoid signature-based defenses and operate without dropping traditional malware files. One such LOLBin now gaining attention is MSBuild.exe, a native Windows development tool signed by Microsoft. Originally designed to build and run C# code from XML-based…
-
From Risk Insight to Action: The Decision Simulator – Kovrr
Articles related to cyber risk quantification, cyber risk management, and cyber resilience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/from-risk-insight-to-action-the-decision-simulator-kovrr/
-
Iran-Linked CyberAv3ngers Target Water Utilities, Industrial Controllers
Iran-linked threat group CyberAv3ngers is intensifying attacks on U.S. water utilities and industrial control systems, shifting from noisy hacktivism to sustained disruption of operational technology (OT) environments. CyberAv3ngers operates as a state-directed persona for Iran’s Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC), not as an independent hacktivist crew. U.S. Treasury sanctions in February 2024 named six IRGC-CEC…
-
Basic-Fit Suffers Data Breach Affecting Millions Across Multiple Nations
European fitness operator Basic-Fit has confirmed a significant data breach affecting approximately one million members across its network. The incident heavily impacted users in the Netherlands, which accounted for 200,000 of the compromised accounts. This breach underscores the persistent targeting of consumer lifestyle platforms by threat actors seeking massive datasets. The cyber incident targeted the…
-
Critical Axios Vulnerability Enables Remote Code Execution, PoC Released
A critical security vulnerability has been discovered in Axios, one of the most widely used HTTP client libraries, exposing applications to Remote Code Execution (RCE) and full cloud infrastructure compromise. Tracked as CVE-2026-40175, this flaw carries a critical CVSS 3.1 score of 9.9 and allows attackers to bypass AWS IMDSv2 security controls to exfiltrate sensitive…
-
VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain
Hackers are abusing a stealthy Python backdoor called VIPERTUNNEL, hiding it behind a fake DLL file and a multi”‘stage obfuscated loader to quietly tunnel traffic out of victim networks. A review of persistence mechanisms revealed a sitecustomize.py file in C:\ProgramData\cp49s\Lib\. This special Python module auto”‘loads at interpreter startup and can silently run code without command”‘line input. This script used ctypes to…
-
VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain
Hackers are abusing a stealthy Python backdoor called VIPERTUNNEL, hiding it behind a fake DLL file and a multi”‘stage obfuscated loader to quietly tunnel traffic out of victim networks. A review of persistence mechanisms revealed a sitecustomize.py file in C:\ProgramData\cp49s\Lib\. This special Python module auto”‘loads at interpreter startup and can silently run code without command”‘line input. This script used ctypes to…
-
Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure
Tags: cve, cvss, cyber, data-breach, exploit, flaw, open-source, rce, remote-code-execution, vulnerabilityA critical remote code execution (RCE) vulnerability in the open-source Python notebook platform Marimo was actively exploited less than 10 hours after its public disclosure. The flaw, initially tracked as GHSA-2679-6mx9-h9xc and later assigned CVE-2026-39987, carries a critical CVSS score of 9.3. It allows unauthenticated attackers to gain a full interactive shell on exposed Marimo…
-
Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure
Tags: cve, cvss, cyber, data-breach, exploit, flaw, open-source, rce, remote-code-execution, vulnerabilityA critical remote code execution (RCE) vulnerability in the open-source Python notebook platform Marimo was actively exploited less than 10 hours after its public disclosure. The flaw, initially tracked as GHSA-2679-6mx9-h9xc and later assigned CVE-2026-39987, carries a critical CVSS score of 9.3. It allows unauthenticated attackers to gain a full interactive shell on exposed Marimo…
-
UK Cyber Security Council Launches Associate Cyber Security Professional Title
The UK Cyber Security Council has unveiled a new Associate Cyber Security Professional title aimed at supporting early”‘career cybersecurity professionals First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/associate-cyber-professional-title/
-
Apache Tomcat Flaws Enable EncryptInterceptor Bypass
Tags: apache, communications, cyber, exploit, flaw, open-source, risk, software, update, vulnerabilityThe Apache Software Foundation has released critical security updates for Apache Tomcat to address three newly disclosed vulnerabilities. Because Apache Tomcat is a widely deployed open-source web server, these flaws pose a significant risk to many enterprise environments. The newly discovered vulnerabilities could allow attackers to compromise encrypted communications, exploit flawed patches, and bypass client…
-
WordPress Plugin Vulnerability Enables Admin Takeover via Auth Bypass
A newly disclosed vulnerability, tracked as CVE-2026-1492, has been identified in the User Registration & Membership plugin for WordPress, exposing websites to critical authentication bypass and privilege escalation risks. Affecting versions up to 5.1.2, the vulnerability allows remote attackers to gain full administrative access without valid credentials. The affected plugin, widely used to manage user registration and membership…
-
EDR Killers Broaden Ransomware Tactics, ESET Warns
Ransomware gangs are rapidly expanding their use of EDR killers, moving beyond vulnerable drivers to a broader mix of scripts, anti”‘rootkits, and driverless techniques. The company’s latest telemetry-backed study tracks almost 90 distinct EDR killers actively used in the wild. It warns that these tools have become a predictable, standard stage in modern ransomware operations. In…
-
MITRE releases a shared fraud-cyber framework built from real attack data
Financial fraud losses in the United States reached $16.6 billion in 2024, up from $4.2 billion in 2020. Behind those numbers is a structural problem: the teams responsible … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/13/mitre-fight-fraud-framework-f3/
-
Elon Musk Announces XChat Launch With Self-Destructing Messages
Elon Musk has officially announced the launch of XChat, a new secure messaging application scheduled to release on iOS devices on April 17. The platform builds upon the existing direct messaging infrastructure of X (formerly Twitter) but introduces a dedicated environment with advanced privacy controls. This launch represents a significant milestone in Musk’s long-term vision…
-
Google Brings EndEnd Encrypted Gmail to Android and iPhone
Google has officially expanded Gmail’s end-to-end encryption (E2EE) feature to Android and iOS devices, empowering organizations and users to protect the confidentiality of email content directly from their mobile devices. This enhancement is part of Gmail’s client-side encryption (CSE) program, enabling stricter compliance controls and preserving data sovereignty across regulated industries. With this new rollout, Gmail users can…
-
WhatsApp’s “EndEnd Encryption by Default” Claim Called Consumer Fraud by Pavel Durov
Telegram founder Pavel Durov has publicly criticized WhatsApp, labeling its >>end-to-end encryption by default<< claim as a massive consumer fraud. He argues that while messages may be encrypted during transit, the default backup settings leave the vast majority of user conversations completely unprotected. In a recent statement on the social media platform X, Durov highlighted…
-
Adobe Fixes Actively Exploited Zero-Day in Acrobat Reader
Adobe has released an emergency security update to address a critical zero-day vulnerability in Acrobat and Reader for Windows and macOS. According to Adobe’s APSB26-43 bulletin, the flaw is currently being exploited in the wild, prompting a Priority 1 rating from the company. Designated as CVE-2026-34621, this vulnerability is an Improperly Controlled Modification of Object…
-
Do Agentic AI solutions fit SME budget constraints
How Can Non-Human Identities (NHIs) Secure Cloud Environments for Small and Medium Enterprises? Have you ever wondered how securing non-human identities can protect your business? For small and medium enterprises (SMEs), managing machine identities and their associated secrets is crucial to maintaining a secure and affordable cyber environment. Understanding this complex topic begins by considering……
-
Saturday Security: AI Could Trigger a Zero-Day Exploit Tsunami
For decades, zero-day vulnerabilities were the cyber equivalent of secret weapons, only nation-states and elite attackers could find and weaponize them. That balance may be gone. On April 7, 2026, Anthropic announced Claude Mythos Preview, an AI model so capable of finding and exploiting vulnerabilities that the company decided it’s too dangerous to… First seen…
-
Google Locks Chrome Sessions to Devices to Stop Cookie Theft
Google has officially launched a major security upgrade to protect users from session hijacking. Starting with Chrome version 146 for Windows users, Device Bound Session Credentials (DBSC) is now publicly available. This new feature aims to stop malware from stealing web cookies and using them to bypass passwords and multi-factor authentication. Support for macOS users…
-
Claude and ChatGPT Exploited in Sweeping Cyber Campaign Against Government Agencies
In a groundbreaking technical report released by Gambit Security researcher Eyal Sela, new details have emerged about a massive cyberattack targeting government infrastructure. A single threat actor successfully leveraged artificial intelligence platforms to breach nine Mexican government agencies. The campaign, which operated from late December 2025 through mid-February 2026, resulted in the exfiltration of hundreds…