Tag: threat
-
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor.The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a popular WordPress slider plugin with more than 800,000 active installations across its…
-
Wie Unternehmen sich gegen die Industrialisierung moderner Cyberangriffe verteidigen können
Neue Analysen der SentinelLABS- und Wayfinder-Teams zeigen, wie Angreifer gezielt die Reibungsflächen zwischen IT-Sicherheit und operativem Betrieb ausnutzen. SentinelOne hat seinen aktuellen Annual Threat Report veröffentlicht [1]ngen. Sie gehen einen Schritt weiter und nutzen systematisch genau jene Identitäts-, Infrastruktur- und Automatisierungssysteme aus, auf denen moderne Unternehmen aufgebaut sind. Im Zeitalter industrialisierter Angriffe stehen Sicherheitsteams vor……
-
DesckVB RAT Uses Fileless .NET Loader to Evade Detection
DesckVB RAT is emerging as a highly active and stealthy malware threat in 2026, leveraging layered obfuscation and fileless execution techniques to bypass traditional security defenses. The attack chain begins with a malicious JavaScript file that hides its true intent through complex encoding and code replication. This script copies its own logic into PowerShell and…
-
What vibe hunting gets right about AI threat hunting, and where it breaks down
In this Help Net Security interview, Aqsa Taylor, Chief Security Evangelist, Exaforce, explains vibe hunting, an AI-driven approach to threat detection that inverts … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/10/aqsa-taylor-exaforce-vibe-hunting/
-
News alert: Mallory launches AI-native platform to cut through alert noise and surface real risk
AUSTIN, Texas, Apr. 9, 2026, CyberNewswire“, Mallory is launching a AI-native threat intelligence platform, purpose-built to answer the questions CISOs and their teams are asking every day: “¢What are the real threat vectors for our organization? “¢What’s actually exploitable… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/news-alert-mallory-launches-ai-native-platform-to-cut-through-alert-noise-and-surface-real-risk/
-
New infosec products of the week: April 10, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Advenica, Intruder, Mallory, and Secureframe. Mallory brings contextual threat … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/10/new-infosec-products-of-the-week-april-10-2026/
-
Malicious password-protected files Blog – Menlo Security
Discover the rising threat of malicious password-protected files, evading defenses via encryption and alternative channels. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/malicious-password-protected-files-blog-menlo-security/
-
Kasada Partners with the Retail and Hospitality ISAC as Title Sponsor of 2026 Cybersecurity Summit
Kasada will headline the 2026 RH-ISAC Cybersecurity Summit, addressing bot-driven fraud, AI-powered cybersecurity threats, and agentic commerce across retail and hospitality sectors. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/kasada-partners-with-the-retail-and-hospitality-isac-as-title-sponsor-of-2026-cybersecurity-summit/
-
Tax Refund Fraud in 2026: How Threat Actors Exploit Identity, Verification, and Cash-Out Channels
How threat actors are executing tax refund fraud schemes, from sourcing identity data to bypassing verification and cashing out fraudulent returns, and what these patterns reveal about evolving fraud ecosystems. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/tax-refund-fraud-in-2026-how-threat-actors-exploit-identity-verification-and-cash-out-channels/
-
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
Tags: access, advisory, ai, attack, authentication, automation, backup, cctv, chatgpt, cisa, communications, compliance, control, credentials, crypto, cve, cyber, cybersecurity, data, data-breach, defense, detection, dns, email, exploit, finance, firewall, flaw, government, group, healthcare, infrastructure, intelligence, international, Internet, iot, iran, kev, leak, linux, malicious, malware, mitigation, mitre, monitoring, network, office, openai, password, radius, resilience, risk, router, service, siem, software, strategy, switch, technology, threat, tool, update, vpn, vulnerability, vulnerability-managementAn Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors. Key takeaways: CyberAv3ngers is a state-directed threat group operating under Iran’s IRGC Cyber-Electronic Command. The U.S. Treasury sanctioned six named officials in February 2024 and the State Department…
-
Hackers have been exploiting an unpatched Adobe Reader vulnerability for months
Tags: access, adobe, attack, ciso, control, data, email, exploit, hacker, incident response, malicious, malware, monitoring, resilience, risk, sans, software, technology, threat, tool, update, vulnerabilityA high risk exploit: Kellman Meghu, chief technology officer at Canadian incident response firm DeepCove Security, called the exploit “a very high risk.”So far it looks as though this particular malware just exfiltrates data, he said. But it implies there is an ability or capability to turn it into a vehicle for remote code execution.…
-
New VENOM phishing attacks steal senior executives’ Microsoft logins
Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called “VENOM” are targeting credentials of C-suite executives across multiple industries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-venom-phishing-attacks-steal-senior-executives-microsoft-logins/
-
Eurail data breach impacted 308,777 people
Hackers breached Eurail in Dec 2025, stole names and passport data, and exposed over 300,000 travelers’ personal information. Threat actors breached Eurail in December 2025 and stole names and passport numbers from its network. The company now notifies 308,777 people that attackers exposed their personal data, raising concerns about identity theft and misuse of sensitive…
-
Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning
Tags: android, attack, awareness, browser, chrome, ciso, communications, compliance, computer, computing, crypto, cryptography, cybersecurity, data, encryption, google, government, group, Hardware, infrastructure, Internet, ml, mobile, regulation, risk, service, strategy, technology, threat, vulnerabilityNational Institute of Standards and Technology (NIST) has set a 2030 deadline for depreciating legacy encryption algorithms ahead of their planned retirement in 2035.Late last month Google brought forward its own post-quantum cryptography (PQC) deadline a year to 2029 because advances in quantum computers mean that legacy encryption and digital signature systems are at greater…
-
In-Memory Loader Drops ScreenConnect
IntroductionIn February 2026, Zscaler ThreatLabz discovered an attack chain where attackers used a fake Adobe Acrobat Reader download to lure victims into installing ConnectWise’s ScreenConnect. While ScreenConnect is a legitimate remote access tool, it can be leveraged for malicious purposes. In this blog post, ThreatLabz examines the various stages of this attack, from the download lure to the…
-
The threat hunter’s gambit
Bill discusses why obsessing over strategy games is actually a secret weapon to outsmart threat actors. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/the-threat-hunters-gambit/
-
Treasury Department announces crypto industry cyber threat sharing initiative
Eligible U.S. digital asset firms and industry organizations “that meet Treasury’s criteria” will be able to receive, at no cost, the same actionable cybersecurity information Treasury regularly shares with traditional U.S. financial institutions. First seen on therecord.media Jump to article: therecord.media/treasury-department-announces-crypto-info-sharing
-
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook.”LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and First seen on thehackernews.com Jump to…
-
NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat
Hackers have disrupted critical U.S. infrastructure by targeting programmable logic controllers, the Cybersecurity and Infrastructure Security Agency warned. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/nerc-cisa-iran-war-cyber-hacking/817079/
-
Trump’s Proposed $707 Million CISA Budget Cut a ‘Gift to Nation-State Actors’
The Trump Administration wants to strip $707 million from CISA as it looks to narrow the scope of the security agency, but cybersecurity experts are saying that such cuts are a strategic mistake at a time when threat groups linked to China, Iran, and other nation-states are increasingly targeting U.S. critical infrastructure. First seen on…
-
The Most Important Cybersecurity Trends in 2026 So Far
In the first quarter of the year, cybersecurity trends have been much of the same, with some new twists. Cyber threats are always evolving, but often have much of the same foundation. The leading 2026 cybersecurity trends so far involve AI, the failure of perimeter defenses, ransomware, and nation-state attacks. Let’s talk about what’s happening…
-
Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action
Austin, Texas, United States, 9th April 2026, CyberNewswire First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/mallory-launches-ai-native-threat-intelligence-platform-turning-global-threat-data-into-prioritized-action/
-
Cryptocurrency ATM giant Bitcoin Depot reports $3.6 million stolen in cyberattack
Bitcoin Depot filed a notice with the Securities Exchange Commission (SEC) explaining that a threat actor “gained access to certain systems and obtained control of credentials associated with the company’s digital asset settlement accounts.” First seen on therecord.media Jump to article: therecord.media/crypto-atm-bitcoin-depot-reports-cyberattack
-
Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action
Austin, Texas, United States, 9th April 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/mallory-launches-ai-native-threat-intelligence-platform-turning-global-threat-data-into-prioritized-action/
-
Attackers Deploy Hidden Magecart Skimmer on Magento Using SVG onload Abuse
Security researchers at Sansec uncovered a large-scale Magecart campaign targeting Magento e-commerce platforms. Nearly 100 online stores were infected with a sophisticated credit card skimmer. To evade security scanners and steal shopper payment data seamlessly, attackers concealed the malicious payload inside an invisible SVG image element. Threat intelligence suggests the attackers likely breached the sites…
-
Russian Hackers Exploit SOHO Routers for DNS Hijacking Campaign
The rise of SOHO router compromise campaigns has exposed a critical weakness in global network security, particularly as threat actors like Forest Blizzard continue to exploit poorly secured home and small-office devices. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/soho-router-compromise-forest-blizzard/
-
Russian Hackers Exploit SOHO Routers for DNS Hijacking Campaign
The rise of SOHO router compromise campaigns has exposed a critical weakness in global network security, particularly as threat actors like Forest Blizzard continue to exploit poorly secured home and small-office devices. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/soho-router-compromise-forest-blizzard/
-
Russian Hackers Exploit SOHO Routers for DNS Hijacking Campaign
The rise of SOHO router compromise campaigns has exposed a critical weakness in global network security, particularly as threat actors like Forest Blizzard continue to exploit poorly secured home and small-office devices. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/soho-router-compromise-forest-blizzard/
-
Webinar: From noise to signal – What threat actors are targeting next
Threat actors often signal their intentions before launching attacks, from dark web chatter to access-broker listings and credential requests. Join our upcoming webinar with Flare Systems to learn how to turn those early warning signs into proactive defensive action before an intrusion begins. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/webinar-from-noise-to-signal-what-threat-actors-are-targeting-next/