Tag: Internet
-
Fiber Optic Cables Turned Into Hidden Microphones to Spy on Private Conversations
Internet users worldwide rely on fiber optic cables for blazing-fast and secure web connections. However, a groundbreaking discovery reveals that these very cables can be turned into covert listening devices. In a newly published 2026 cybersecurity research paper, experts demonstrated how standard telecom optical fibers can secretly capture airborne sounds, allowing attackers to eavesdrop on…
-
ComfyUI Servers Hijacked for Cryptomining, Proxy Botnet Ops
Hackers are aggressively hijacking Internet-exposed ComfyUI servers and converting them into high”‘value cryptomining rigs and proxy botnet nodes, abusing weakly secured AI image-generation setups for long”‘term monetization. More than 1,000 ComfyUI servers are currently reachable on the public Internet, even after filtering out honeypots, giving attackers a small but lucrative attack surface concentrated on GPU”‘rich…
-
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
Tags: attack, cyber, cybersecurity, data, data-breach, finance, hacker, infrastructure, intelligence, Internet, iran, technologyIran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers (PLCs), cybersecurity and intelligence agencies warned Tuesday.”These attacks have led to diminished PLC functionality, manipulation of display data and, in some cases, operational disruption and financial First seen on thehackernews.com Jump to article: thehackernews.com/2026/04/iran-linked-hackers-disrupt-us-critical.html
-
What Anthropic Glasswing reveals about the future of vulnerability discovery
From backlog management to exposure-window risk: The issue, as Williams frames it, is not simply how many vulnerabilities exist, but how they are managed. “Mythos makes one thing painfully clear,” he says. “This is not a prioritization problem. It’s an exposure-window problem.”Traditional vulnerability management has been built around prioritization, ranking issues by severity, exploitability, and…
-
Anthropic: All your zero-days are belong to Mythos
Hasn’t released it to the public, because it would break the internet – in a bad way First seen on theregister.com Jump to article: www.theregister.com/2026/04/07/anthropic_all_your_zerodays_are_belong_to_us/
-
Iran cyber actors disrupting US water, energy facilities, FBI warns
Your PLCs aren’t internet-connected, right? Right?! First seen on theregister.com Jump to article: www.theregister.com/2026/04/07/iran_hackers_disrupting_us_water_energy/
-
US Critical Infrastructure Facing Iranian-Linked OT Threats
CISA: Iran-Linked Groups Actively Exploiting OT Exposure Risks, PLC Programmers. Federal agencies are warning that Iranian-linked actors have begun actively exploiting internet-facing PLCs and misconfigured OT systems across U.S. critical infrastructure, enabling network access, lateral movement and potential disruption amid rising geopolitical tensions. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/us-critical-infrastructure-facing-iranian-linked-ot-threats-a-31360
-
Russia Hacked Routers to Steal Microsoft Office Tokens
Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code. First…
-
Cybercrime losses break the $20 billion mark
Online crime continues to generate rising financial losses, with totals reaching $20.877 billion in 2025. The FBI’s Internet Crime Complaint Center (IC3) report shows a 26% … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/07/online-crime-financial-losses-fbi-report/
-
Cybercrime losses break the $20 billion mark
Online crime continues to generate rising financial losses, with totals reaching $20.877 billion in 2025. The FBI’s Internet Crime Complaint Center (IC3) report shows a 26% … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/07/online-crime-financial-losses-fbi-report/
-
US warns of Iranian hackers targeting critical infrastructure
Iranian-linked hackers are targeting Internet-exposed Rockwell/Allen-Bradley programmable logic controllers (PLCs) on the networks of U.S. critical infrastructure organizations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-warns-of-iranian-hackers-targeting-critical-infrastructure/
-
Russian hackers hijack internet traffic using vulnerable routers
The Russian state cyber group APT28 has been compromising routers to hijack web traffic and spy on victims, the UK’s The National Cyber Security Centre (NCSC) has warned. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/07/russian-hackers-router-hijacking-dns-credential-theft/
-
UK exposes Russian cyber unit hacking home routers to hijack internet traffic
Officials said the activity centers on compromising small office and home office routers and similar network devices exposed to the internet, often because of weak security settings or outdated software. First seen on therecord.media Jump to article: therecord.media/uk-exposes-russian-cyber-unit-hacking-home-routers
-
Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet.”A purpose-built Python scanner continuously sweeps major cloud IP ranges for vulnerable targets, automatically installing malicious nodes via ComfyUI-Manager if no exploitable node is already First seen on thehackernews.com Jump…
-
Cyberattack on telecom giant Rostelecom disrupts internet services across Russia
A “large-scale” distributed denial-of-service (DDoS) attack targeted the network of Russian state-run telecom giant Rostelecom on Monday evening, temporarily disrupting online banking, government platforms and other digital services across dozens of cities. First seen on therecord.media Jump to article: therecord.media/rostelecom-cyberattack-disrupts-russian-internet-access
-
Rheinmetall und Co.: Datenhändler gefährden Rüstungsunternehmen in der Ukraine
Händler bieten im Internet Bewegungsdaten von Millionen Smartphones an – eine Gefahr für Soldaten und Fabriken in der Ukraine. First seen on golem.de Jump to article: www.golem.de/news/rheinmetall-und-co-datenhaendler-gefaehrden-ruestungsunternehmen-in-der-ukraine-2604-207289.html
-
Life imprisonment for Cambodian scam compound operators but will it make a difference?
Cambodia has taken a dramatic step in its fight against scam compounds that have imprisoned innocent people, and forced them to work as virtual slaves defrauding victims via the internet around the world with romance scams and dodgy investment schemes. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/life-imprisonment-cambodian-scam-operators
-
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate “high-velocity” attacks and break into susceptible internet-facing systems.”The threat actor’s high operational tempo and proficiency in identifying exposed perimeter assets have proven successful, with recent First seen on thehackernews.com Jump…
-
Why AI Bot Protection and Control Are Essential for Application Security
Tags: ai, api, application-security, automation, control, infrastructure, Internet, tool, vulnerabilityAI-driven automation is no longer emerging. It is already integrated and accepted as internet traffic. From AI assistants and crawlers to enterprise automation tools, websites are now routinely accessed by non-human actors operating at scale. Vulnerabilities or weaknesses in your application infrastructure, including risky APIs, are no longer difficult to find, as agentic AI tools,……
-
Censys Raises $70M to Advance AI-Driven Threat Intelligence
Internet Intelligence Platform Targets Real-Time Cybethreat Defense. Censys raised $70 million to expand its AI-driven cybersecurity platform, focusing on real-time visibility into internet infrastructure. Co-founder and CEO Zakir Durumeric said faster attacks and evolving tactics require automated defenses powered by high-quality data and global intelligence. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/censys-raises-70m-to-advance-ai-driven-threat-intelligence-a-31349
-
North Korean hackers abuse LNKs and GitHub repos in ongoing campaign
GitHub as C2: Researchers also highlighted the campaign’s use of GitHub as a C2 layer. Rather than communicating with suspicious-looking or newly registered domains, the malware interacts with GitHub repositories and APIs to receive instructions and exfiltrate data.”The fact that this shortcut file creates a chain that ultimately reaches out to a GitHub repository, and…
-
North Korean hackers abuse LNKs and GitHub repos in ongoing campaign
GitHub as C2: Researchers also highlighted the campaign’s use of GitHub as a C2 layer. Rather than communicating with suspicious-looking or newly registered domains, the malware interacts with GitHub repositories and APIs to receive instructions and exfiltrate data.”The fact that this shortcut file creates a chain that ultimately reaches out to a GitHub repository, and…
-
Banning Routers Won’t Secure the Internet
Washington’s push to ban foreign-made Wi-Fi routers may sound tough on cybersecurity, but like earlier bans on foreign drones and telecom gear it risks becoming security theater that ignores the real problem: Millions of unpatched devices already sitting on American networks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/banning-routers-wont-secure-the-internet/
-
Internet-Connected Coffee Machine Reportedly Led to Corporate Data Breach
What happened An internet-connected coffee machine reportedly led to a significant corporate data breach after attackers used the device as an entry point into a secure network. A digital forensics investigator identified only as TR examined the incident after a client suspected a rival had infiltrated its systems. Instead of finding malware, the investigator found…The…
-
Supply Chain Attacks Surge in March 2026
Tags: access, ai, api, attack, authentication, awareness, cloud, container, control, corporate, credentials, crypto, data-breach, github, group, hacking, identity, infrastructure, Internet, kubernetes, least-privilege, linux, LLM, macOS, malicious, malware, mfa, network, north-korea, open-source, openai, phishing, pypi, software, startup, supply-chain, threat, tool, update, vulnerability, windowsIntroductionThere was a significant increase in software supply chain attacks in March 2026. There were five major software supply-chain attacks that occurred including the Axios NPM package compromise, which has been attributed to a North Korean threat actor. In addition, a hacking group known as TeamPCP was able to compromise Trivy (a vulnerability scanner), KICS…
-
Security lapse lets researchers view React2Shell hackers’ dashboard
Tags: access, attack, breach, credentials, data-breach, exploit, hacker, Internet, risk, update, vulnerabilityIndustrial scale: “This is all about neglect and efficiency,” Gene Moody, field CTO at patch management provider Action1, told CSO . “React2Shell quickly met all the criteria attackers look for: public disclosure, reliable exploitation, and internet-facing exposure. That combination effectively guaranteed widespread abuse. Since then, multiple campaigns have automated the full [attack] lifecycle [of], scanning,…
-
Internet Bug Bounty program hits pause on payouts
This article first appeared on InfoWorld. First seen on csoonline.com Jump to article: www.csoonline.com/article/4154216/internet-bug-bounty-program-hits-pause-on-payouts-2.html