Tag: cyber
-
RoningLoader Campaign Uses DLL Side-Loading, Code Injection to Slip Past Defenses
A sophisticated cyber-espionage group known as DragonBreath (APT-Q-27) has been linked to a new RoningLoader malware campaign that uses advanced evasion techniques such as DLL side-loading and code injection to bypass traditional security defenses. Active since at least 2022, DragonBreath has steadily evolved its capabilities. Earlier campaigns were documented by QianXin and Sophos, but recent…
-
Critical Chrome Flaws Let Attackers Execute Arbitrary Code
Google has released an urgent security update for its Chrome browser, resolving multiple dangerous vulnerabilities. The Chrome team promoted version 147 to the stable channel for Windows, Mac, and Linux users on April 7, 2026. This major release patches flaws that could allow attackers to execute arbitrary code and take full control of affected systems.…
-
Silver Fox Campaign Spreads ValleyRAT via Fake Chinese Telegram Language Pack
New analysis of a fake Telegram installer uploaded to MalwareBazaar shows Silver Fox expanding its ValleyRAT operations with a fresh delivery chain that hides behind a Chinese-language pack-decoy and an uncommon ZPAQ-based packer. The MSI is a WiX-built installer (IssueAccentRequest, 4.49 MB) that runs a VBScript custom action as SYSTEM immediately after file extraction, while…
-
Multiple SonicWall Flaws Enable SQL Injection and Privilege Escalation Attacks
Tags: advisory, attack, authentication, credentials, cyber, flaw, injection, mfa, sql, update, vulnerabilitySonicWall has published a critical security advisory addressing four distinct vulnerabilities in its SMA1000 series appliances. These security flaws open the door for attackers to escalate their system privileges, guess user credentials, and bypass essential multi-factor authentication protocols. Administrators must prioritize patching these systems, as there are no temporary workarounds available to prevent potential exploitation.…
-
Palo Alto Cortex XSOAR Flaw in Microsoft Teams Integration Lets Attackers Access Data
Palo Alto Networks has released a high-priority security update to address a serious vulnerability in its Cortex XSOAR and Cortex XSIAM platforms. Tracked as CVE-2026-0234, this security flaw exists within the Microsoft Teams integration. If successfully exploited, it allows an unauthenticated attacker to access and modify protected resources, prompting the vendor to assign the patch…
-
GitLab Addresses Multiple Vulnerabilities Linked to DoS and Code Injection
GitLab has rolled out a crucial security update to fix multiple vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms. Organizations utilizing self-managed GitLab instances are strongly advised by GitLab security experts to apply these updates immediately to prevent potential exploitation. Customers utilizing GitLab Dedicated or the cloud-hosted GitLab.com services are already protected…
-
Meta Business Alerts Abused for Phishing Campaigns
Hackers are weaponizing legitimate Meta Business Manager notifications to sneak phishing emails past security filters and into users’ inboxes. By abusing trusted Meta infrastructure, attackers make their messages appear authentic while quietly funneling victims to credential”‘stealing pages. Because Meta systems generate these invites, the emails come from real Meta domains such as facebookmail.com and pass…
-
Microsoft Confirms Windows 11 Update Breaks Start Menu Search
Microsoft recently addressed a disruptive server-side flaw that completely disabled Start Menu search functionality for some Windows 11 23H2 users. The tech giant quickly acknowledged the incident and deployed an automatic fix behind the scenes. Because the repair happens directly on Microsoft’s servers, users do not need to search for or install any additional software…
-
Russia’s Forest Blizzard Nabs Rafts of Logins Via SOHO Routers
Heard of fileless malware? How about malwareless cyber espionage? Russia’s APT28 is spying on global organizations by modifying just one DNS setting in vulnerable routers. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/russia-forest-blizzard-logins-soho-routers
-
The Expanding Role of Cyberattacks in Modern Conflicts
Defense of Democracies’ Mark Montgomery on Warfare Trends, Geopolitical Threats. Cyber operations now support military strategy rather than just acting alone. Mark Montgomery of the Foundation for Defense of Democracies warns that as militaries integrate cyber and kinetic action, private sector enterprises are facing greater exposure to geopolitical threats. First seen on govinfosecurity.com Jump to…
-
Arelion employs NETSCOUT Arbor DDoS protection products
Tags: ai, attack, automation, business, cyber, cyberattack, cybersecurity, ddos, defense, detection, government, infrastructure, intelligence, Internet, mitigation, monitoring, network, risk, router, service, strategy, tactics, technology, threat“As a Tier-1 Internet carrier supporting the majority of global Internet traffic, this continued collaboration reflects our ongoing investment in best-of-breed network security solutions to protect the technology ecosystem. Our partnership combines Arelion’s global network performance and NETSCOUT’s leading Arbor DDoS attack protection solutions to provide world-class experiences for our customers.” Scott Nichols, Chief Commercial…
-
Why Operationalizing AI Security Is the Next Great Enterprise Hurdle
NWN launches an AI-powered security platform to tackle tool sprawl, alert fatigue, and modern cyber threats in the era of agentic enterprises. The post Why Operationalizing AI Security Is the Next Great Enterprise Hurdle appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-nwn-ai-security-platform-tool-sprawl-alert-fatigue/
-
Fraud Rockets Higher in Mobile-First Latin America
Cyber-fraudsters move quickly from compromised devices to account takeover to funds transfer, shifting money before many financial institutions can react. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/fraud-mobile-first-latin-america
-
Fraud Rockets Higher in Mobile-First Latin America
Cyber-fraudsters move quickly from compromised devices to account takeover to funds transfer, shifting money before many financial institutions can react. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/fraud-mobile-first-latin-america
-
Cyber Defense for Education & SLTTs: Doing More with Less Using MDR
e=4>Cyber threats are rising across SLTT and education environments, but most teams are already stretched thin. Learn how organizations are improving detection and response without adding staff or complexity. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cyber-defense-for-education-sltts-doing-more-less-using-mdr-a-31367
-
NWN Adds Managed Security Services With MDR Partnership, Penetration Testing, vCISO
NWN announced the launch Wednesday of a suite of managed security services with the debut of its new NWN Cybersecurity offering, which aims to boost cyber defense for staff-constrained customers with human expertise and AI-enabled assistance, NWN executives told CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/nwn-adds-managed-security-services-with-mdr-partnership-penetration-testing-vciso
-
CIA director quietly elevated agency’s cyber espionage division
The Center for Cyber Intelligence, which had resided within the CIA’s Directorate of Digital Innovation since 2015, was promoted to a full-fledged mission center last October. First seen on therecord.media Jump to article: therecord.media/cia-director-elevated-agency-cyber-espionage-division
-
Check Point Software Celebrates Partner Success at Annual UK Partner Awards
Check Point has announced the winners of its 2026 UK Partner Awards, recognising the achievements of its UK partner ecosystem and their role in helping organisations strengthen cyber resilience. The awards ceremony took place on 19 March 2026 at One Moorgate Place in London, bringing together partners from across the UK to celebrate innovation, collaboration…
-
MIWIC26: Nicole Bucala, CEO of DataBee, A Comcast Company
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2026’s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are…
-
MIWIC26: Nicole Bucala, CEO of DataBee, A Comcast Company
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2026’s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are…
-
Iranian Attackers Are Targeting U.S. Energy, Water Systems, Federal Agencies Say
CISA, the FBI, and other U.S. security agencies are warning that Iran-linked threat groups like CyberAv3ngers are compromising industrial controllers like PLCs to attack critical infrastructure operations in such sectors as water and energy, part of the expanding cyber warfare in the wake of the U.S. and Israeli bombing campaign of the Middle Eastern country.…
-
Anthropic Launches Claude Mythos Preview Focused on Zero-Day Vulnerability Discovery
Anthropic recently unveiled Claude Mythos Preview, a groundbreaking general-purpose language model demonstrating an unprecedented, emergent ability to autonomously discover and exploit zero-day vulnerabilities. In response to these powerful capabilities, the company introduced Project Glasswing, a coordinated defensive initiative aimed at securing critical software infrastructure before cyberattackers can leverage similar tools. This release marks a watershed…
-
Iran”‘linked PLC attacks cause real”‘world disruption at critical US infra sites
Tags: access, advisory, apt, attack, automation, ciso, control, cyber, group, healthcare, infrastructure, iran, switch, threatA recurring Iranian playbook: The advisory linked the current campaign to a pattern of Iranian state-affiliated targeting of US industrial control systems. The authoring agencies have previously reported similar activity by CyberAv3ngers, affiliated with Iran’s Islamic Revolutionary Guard Corps Cyber Electronic Command, which compromised at least 75 Unitronics PLC devices across water, wastewater, and other…
-
Hackers Target Adobe Reader Users With Sophisticated Zero-Day Exploit
Tags: adobe, attack, cyber, exploit, hacker, intelligence, remote-code-execution, threat, vulnerability, zero-daySecurity researchers at EXPMON have uncovered a highly sophisticated, unpatched zero-day vulnerability actively targeting Adobe Reader users. The exploit, first detected in the wild late last month, allows threat actors to silently steal local files, gather sensitive system information, and potentially deploy remote code execution (RCE) attacks against compromised machines. According to the threat intelligence…
-
Hackers Target Adobe Reader Users With Sophisticated Zero-Day Exploit
Tags: adobe, attack, cyber, exploit, hacker, intelligence, remote-code-execution, threat, vulnerability, zero-daySecurity researchers at EXPMON have uncovered a highly sophisticated, unpatched zero-day vulnerability actively targeting Adobe Reader users. The exploit, first detected in the wild late last month, allows threat actors to silently steal local files, gather sensitive system information, and potentially deploy remote code execution (RCE) attacks against compromised machines. According to the threat intelligence…
-
EvilTokens Uses Stolen Microsoft 365 Tokens, AI to Supercharge BEC
EvilTokens is a new Phishing-as-a-Service (PhaaS) platform that turns stolen Microsoft 365 tokens and AI into an end”‘to”‘end factory for Business Email Compromise (BEC) at scale. By combining device-code phishing, custom tooling, and large language models, it enables low- to mid-skill threat actors to run highly tailored BEC operations in minutes rather than days. First…
-
IBM Security Verify Access Flaws Let Remote Attackers Access Sensitive Data
IBM has issued an urgent security bulletin addressing a slew of vulnerabilities impacting IBM Verify Identity Access and IBM Security Verify Access. These flaws span across critical dependencies and internal mechanisms, exposing organizations to risks ranging from remote data theft to complete system compromise. Cybersecurity professionals and administrators must evaluate these threats immediately to secure…
-
Britons warned about Russian hackers targeting internet routers for espionage
Expert stresses importance of staying alert for unusual activity, as hackers could ‘take you to fake sites'<ul><li><a href=”https://www.theguardian.com/politics/live/2026/apr/08/keir-starmer-iran-war-trump-ceasefire-gulf-strait-of-hormuz-labour-conservatives-liberal-democrats-reform-scotland-holyrood-uk-politics-latest-news-updates”>UK politics live latest updates</li></ul>Russian hackers are exploiting commonly sold internet routers to harvest information for espionage purposes, the UK’s cybersecurity agency has said.The hack could allow attackers to obtain users’ credentials, redirect them to fake sites, and…
-
Iranian cyber activity hits US energy, water, and government networks
U.S. government agencies on Tuesday warned American organizations about ongoing cyber activity targeting OT and PLC devices, including those manufactured by Rockwell … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/08/iran-targets-us-critical-infrastructure/