Uphill Security

Updates every 30 minutes - Generated via RSS feed on: 2026-04-12 15:00:06 UTC Feedback and suggestions for other sources are welcome.

2026-04-12 #

• 14:20 UTC - [BleepingComputer] Critical Marimo pre-auth RCE flaw now under active exploitation
• 07:45 UTC - [SecurityWeek] Adobe Patches Reader Zero-Day Exploited for Months
• 05:54 UTC - [The Hacker News] CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
• 04:25 UTC - [The Hacker News] Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
• 02:01 UTC - [Have I Been Pwned latest breaches] Hallmark - 1,736,520 breached accounts

2026-04-11 #

• 17:35 UTC - [Latest from TechRadar in Security] '$15K bill destroyed a solo developer’s startup': How hackers are using leaked Google API keys to ‘go wild’ with Gemini AI for free
• 16:56 UTC - [Cyber Security News] OpenAI Warns macOS Users to Update ChatGPT and Codex Immediately
• 14:20 UTC - [BleepingComputer] Over 20,000 crypto fraud victims identified in international crackdown
• 11:50 UTC - [DataBreaches.Net] Brockton Hospital still dealing with aftermath of ransomware attack
• 08:56 UTC - [Cyber Security News] Google Launches Gmail End-to-End Encryption for Android and iOS
• 08:56 UTC - [Cyber Security News] Google Launches Gmail End-to-End Encryption for Android and iOS Users
• 06:52 UTC - [Cyber Security News] Google Unveils Device-Bound Chrome Sessions in Anti-Cookie-Theft Move
• 06:02 UTC - [The Hacker News] Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
• 05:13 UTC - [Cyber Security News] Ransomware Gangs Expand Use of EDR Killers Beyond Vulnerable Drivers, ESET Warns
• 03:40 UTC - [Cyber Security News] Hacker Uses Claude and ChatGPT to Breach Multiple Government Agencies
• 02:10 UTC - [Cyber Security News] Anthropic Launches Claude Beta for Word, Bringing AI-Powered Editing to Microsoft Docs
• 02:08 UTC - [BleepingComputer] ChatGPT rolls out new $100 Pro subscription to challenge Claude

2026-04-10 #

• 21:03 UTC - [Schneier on Security] Friday Squid Blogging: Squid Overfishing in the South Pacific
• 20:02 UTC - [darkreading] Hims Breach Exposes the Most Sensitive Kinds of PHI
• 19:40 UTC - [CyberScoop] Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
• 19:21 UTC - [darkreading] Your Next Breach Will Look Like Business as Usual
• 19:11 UTC - [Rapid7 Cybersecurity Blog] Metasploit Wrap-Up 04/10/2026
• 17:58 UTC - [Cyber Security News] EngageSDK Vulnerability Exposes Millions of Crypto Wallet Users to Cyberattacks
• 17:44 UTC - [Cyber Security News] Hackers Use AiTM Session Hijacking to Redirect Employee Salaries in New Storm-2755 Campaign
• 17:29 UTC - [Cyber Security News] France to Replace Windows with Linux on Government Desktops
• 17:25 UTC - [Latest from TechRadar in Security] No, Elon Musk doesn't want to give you a $5,000 tax refund — it's a scam, here's what to look out for
• 16:20 UTC - [Latest from TechRadar in Security] ‘It’s a potential national security threat’: Proton study finds over 3,500 US legislators’ official emails leaked and exposed on the dark web
• 15:52 UTC - [BleepingComputer] Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
• 15:52 UTC - [darkreading] FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
• 15:45 UTC - [Latest from TechRadar in Security] Microsoft warns worrying security flaw exposed over 50 million Android users, says 'user credentials and financial data were exposed to risk'
• 15:36 UTC - [Graham Cluley] AI and cryptocurrency scams are costing Americans billions, FBI reports
• 15:05 UTC - [darkreading] Orange Business Reimagines Enterprise Voice Communications With Trust and AI
• 14:54 UTC - [Cybersecurity Dive - Latest News] Stryker warns of earnings fallout from March cyberattack
• 14:52 UTC - [Cybersecurity Dive - Latest News] Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign
• 14:52 UTC - [Cybersecurity Dive - Latest News] Nearly 4,000 industrial control devices vulnerable to Iran-linked hacking campaign
• 14:45 UTC - [Latest from TechRadar in Security] Google Chrome rolls out a new tool to try and stop infostealer malware in its tracks
• 14:44 UTC - [SecurityWeek] In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack
• 14:38 UTC - [DataBreaches.Net] Silent Ransom Group leaked another big law firm: Orrick, Herrington & Sutcliffe
• 14:01 UTC - [BleepingComputer] Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
• 13:44 UTC - [SecurityWeek] Juniper Networks Patches Dozens of Junos OS Vulnerabilities
• 13:43 UTC - [Cyber Security News] Hackers Use Fake BTS World Tour Ticket Sites to Scam Fans Across Multiple Countries
• 13:30 UTC - [darkreading] Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
• 13:25 UTC - [Latest from TechRadar in Security] Adobe Reader users beware — experts flag months-old security flaw using booby-trapped PDFs to scope out victims
• 13:23 UTC - [The Hacker News] GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
• 13:16 UTC - [Cyber Security News] Censys Warns 5,219 Rockwell/Allen-Bradley PLCs Are Exposed Amid Iranian APT Activity
• 13:12 UTC - [BleepingComputer] Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitor
• 13:12 UTC - [BleepingComputer] CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
• 13:00 UTC - [All Fortinet Blog | Latest Posts] Shadow AI: The Invisible Risk Growing Inside Your Organization
• 12:55 UTC - [Cyber Security News] Hackers Exploit GitHub Copilot Vulnerability to Exfiltrate Sensitive Data
• 12:55 UTC - [Cyber Security News] Hackers Exploit GitHub Copilot Flaw to Exfiltrate Sensitive Data
• 12:54 UTC - [Cyber Security News] HPE Aruba Private 5G Platform Vulnerability Enables Credential Theft Attacks
• 12:43 UTC - [Cyber Security News] Hackers Impersonate Secure Messaging Apps to Deploy ProSpy in Middle East Espionage Attacks
• 12:41 UTC - [SecurityWeek] Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday
• 12:15 UTC - [Cyber Security News] AI Router Vulnerabilities Allow Attackers to Inject Malicious Code and Steal Sensitive Data
• 12:04 UTC - [Cyber Security News] Hackers Abuse GitHub and GitLab to Host Malware and Credential Phishing Campaigns
• 11:56 UTC - [BleepingComputer] Microsoft: Canadian employees targeted in payroll pirate attacks
• 11:53 UTC - [SecurityWeek] Orthanc DICOM Vulnerabilities Lead to Crashes, RCE
• 11:00 UTC - [The Hacker News] Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
• 10:44 UTC - [SecurityWeek] Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000
• 10:44 UTC - [BleepingComputer] Google rolls out Gmail end-to-end encryption on mobile devices
• 10:41 UTC - [Schneier on Security] Sen. Sanders Talks to Claude About AI and Privacy
• 10:09 UTC - [Cyber Security News] MuddyWater Turns to Russian Malware-as-a-Service in New ChainShell Campaign
• 09:57 UTC - [Latest from TechRadar in Security] Top WordPress Slider plugin hijacked to spread malware — here's what to look out for
• 09:51 UTC - [SecurityWeek] MITRE Releases Fight Fraud Framework
• 09:16 UTC - [Cyber Security News] Multiple TP-Link Vulnerabilities Allow Attackers to Seize Control of the Device
• 09:12 UTC - [SecurityWeek] Critical Marimo Flaw Exploited Hours After Public Disclosure
• 08:25 UTC - [Cyber Security News] CPUID Website Compromised to Deliver Weaponized HWMonitor and CPU-Z Tools
• 08:12 UTC - [Cyber Security News] Trojanized OpenVSX Extension Spreads GlassWorm Across VS Code, Cursor, and Windsurf
• 08:08 UTC - [Cyber Security News] Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action
• 07:58 UTC - [The Hacker News] Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
• 07:50 UTC - [SecurityWeek] Google Rolls Out Cookie Theft Protections in Chrome
• 07:40 UTC - [Cyber Security News] Juniper Networks Default Password Vulnerability Let Attacker Take Full Control of the Device
• 07:40 UTC - [Cyber Security News] DesckVB RAT Uses Obfuscated JavaScript and Fileless .NET Loader to Evade Detection
• 07:39 UTC - [Cyber Security News] React Server Components Vulnerability Enables DoS Attacks
• 07:37 UTC - [The Hacker News] Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
• 07:33 UTC - [SecurityWeek] Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users
• 06:58 UTC - [Cyber Security News] Hackers Use SVG Onload Trick to Hide Magecart Skimmer on Magento Checkout Pages
• 06:40 UTC - [Cyber Security News] Single Line of Code Can jailbreak 11 AI models Including ChatGPT, Claude, and Gemini
• 06:28 UTC - [The Hacker News] Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
• 06:16 UTC - [Cyber Security News] AWS Patches Critical RCE and Escalate Privileges in Research and Engineering Studio
• 02:57 UTC - [Cyber Security News] WhatsApp Introduces Username Feature to Let Users Connect Without Sharing Phone Numbers
• 02:57 UTC - [Cyber Security News] WhatsApp Introduces Username Feature for Connecting Without Sharing Phone Numbers
• 00:00 UTC - [The GreyNoise Blog] Just 21 IP Addresses Are Now Behind Nearly Half of All RDP Scanning on the Internet

2026-04-09 #

• 22:04 UTC - [BleepingComputer] New ‘LucidRook’ malware used in targeted attacks on NGOs, universities
• 21:37 UTC - [BleepingComputer] New VENOM phishing attacks steal senior executives' Microsoft logins
• 21:29 UTC - [CyberScoop] Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
• 21:05 UTC - [CyberScoop] Why is the timeline to quantum-proof everything constantly shrinking?
• 20:50 UTC - [darkreading] Russia's 'Fancy Bear' APT Continues Its Global Onslaught
• 20:13 UTC - [darkreading] 'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
• 19:46 UTC - [BleepingComputer] Healthcare IT solutions provider ChipSoft hit by ransomware attack
• 19:00 UTC - [Microsoft Security Blog] The agentic SOC—Rethinking SecOps for the next decade
• 19:00 UTC - [Microsoft Security Blog] The agentic SOC—Rethinking SecOps for the next decade
• 18:33 UTC - [BleepingComputer] Google Chrome adds infostealer protection against session cookie theft
• 18:20 UTC - [Latest from TechRadar in Security] Breach exposes sensitive LAPD files stored in city attorney system
• 18:05 UTC - [Latest from TechRadar in Security] ‘FlamingChina’ hacker claims to have stolen over 10 petabytes of advanced military data from China’s National Supercomputing Center in possibly the biggest hack of all time
• 17:51 UTC - [Rapid7 Cybersecurity Blog] What Project Glasswing Means for Security Leaders
• 17:26 UTC - [The Hacker News] EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
• 17:26 UTC - [The Hacker News] EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
• 17:25 UTC - [Latest from TechRadar in Security] Mac users beware — experts say this attack 'stood out immediately' by making a major change to try spread malware
• 17:04 UTC - [darkreading] Do Ceasefires Slow Cyberattacks? History Suggests Not
• 16:23 UTC - [The Hacker News] UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
• 16:15 UTC - [BleepingComputer] Smart Slider updates hijacked to push malicious WordPress, Joomla versions
• 15:34 UTC - [CyberScoop] Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’
• 15:25 UTC - [Latest from TechRadar in Security] Now that's different - hackers use miniature SVG images to try and hide credit card stealer
• 15:01 UTC - [Cyber Security News] New ClickFix Campaign Uses macOS Script Editor to Deliver Atomic Stealer
• 15:00 UTC - [Microsoft Security Blog] Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees
• 15:00 UTC - [Microsoft Security Blog] Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees
• 15:00 UTC - [All Fortinet Blog | Latest Posts] Leading by Example in Sustainability: Fortinet Expands Global EPD Certification
• 14:58 UTC - [Cybersecurity Dive - Latest News] NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat
• 14:40 UTC - [Cybersecurity Dive - Latest News] CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog
• 14:27 UTC - [Latest from TechRadar in Security] Closing the implementation gap in America's cyber strategy
• 14:26 UTC - [Latest from TechRadar in Security] UK NHS chief champions Palantir’s 'outstanding results’ in England, pushes for deeper rollout despite growing staff concerns
• 14:23 UTC - [Cyber Security News] Hackers Use ClickFix and Malicious DMG Files to Deliver notnullOSX on macOS
• 14:02 UTC - [BleepingComputer] When attackers already have the keys, MFA is just another door to open
• 13:43 UTC - [SecurityWeek] Apple Intelligence AI Guardrails Bypassed in New Attack
• 13:38 UTC - [Cyber Security News] New STX RAT Uses Hidden Remote Desktop and Infostealer Features to Evade Detection
• 13:30 UTC - [SecurityWeek] Can we Trust AI? No – But Eventually We Must
• 13:30 UTC - [SecurityWeek] Can We Trust AI? No – But Eventually We Must
• 13:21 UTC - [Microsoft Security Blog] Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk
• 13:21 UTC - [Microsoft Security Blog] Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk
• 13:00 UTC - [darkreading] Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?
• 12:57 UTC - [The Hacker News] ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
• 12:46 UTC - [Rapid7 Cybersecurity Blog] What’s New in Rapid7 Products and Services: Q1 2026 in Review
• 12:26 UTC - [SecurityWeek] Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access
• 12:25 UTC - [DataBreaches.Net] Ex-Meta worker investigated for downloading 30,000 private Facebook photos
• 12:25 UTC - [bellingcat] ‘Snoopy’, ‘Adolf’ and ‘Password’: The Hungarian Government Passwords Exposed Online
• 12:25 UTC - [DataBreaches.Net] Lotte Card given notice of $3M penalty, business suspension over massive data breach
• 12:25 UTC - [Latest from TechRadar in Security] French email provider accidentally leaked 40 million records — L’Oreal, Renault, French government data exposed
• 12:23 UTC - [DataBreaches.Net] 86% of businesses refused to pay cyber ransoms in 2025 — Coalition Insurance
• 12:21 UTC - [DataBreaches.Net] Capita under investigation after workers hit by pensions data breach
• 12:20 UTC - [DataBreaches.Net] Madras High Court Dismisses Plea By Cyber Security Expert Seeking Probe Into Star Health Security Lapses
• 12:20 UTC - [BleepingComputer] Webinar: From noise to signal - What threat actors are targeting next
• 12:20 UTC - [DataBreaches.Net] A hacker has allegedly breached one of China’s supercomputers and is attempting to sell a trove of stolen data
• 12:02 UTC - [Cyber Security News] Hackers Use Fake Security Software to Deliver LucidRook Malware in Taiwan Attacks
• 12:00 UTC - [CyberScoop] Don’t just fight fraud, hunt it
• 11:58 UTC - [SecurityWeek] Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities
• 11:31 UTC - [The Hacker News] The Hidden Security Risks of Shadow AI in Enterprises
• 11:26 UTC - [Cyber Security News] Hackers Impersonate Linux Foundation Leader in Slack to Target Open Source Developers
• 11:15 UTC - [The Hacker News] Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
• 11:00 UTC - [SecurityWeek] The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security
• 10:54 UTC - [Cyber Security News] CISA Warns of Critical Ivanti EPMM Code Injection Vulnerability Exploited in Attacks
• 10:51 UTC - [Schneier on Security] On Microsoft’s Lousy Cloud Security
• 10:49 UTC - [Latest from TechRadar in Security] Tame your AI gremlins before the chaos becomes permanent
• 10:40 UTC - [The Hacker News] Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
• 10:33 UTC - [Cyber Security News] GitLab Patches Multiple Vulnerabilities That Enables DoS and Code Injection Attacks
• 10:31 UTC - [BleepingComputer] Eurail says December data breach impacts 300,000 individuals
• 10:23 UTC - [Cyber Security News] Multiple SonicWall Vulnerabilities Enable SQL Injection and Privilege Escalation Attacks
• 10:20 UTC - [Cyber Security News] Palo Alto Cortex Microsoft Teams Integration Vulnerability Enables Data Access for Attackers
• 10:14 UTC - [Cyber Security News] New Phishing Attack Via Google Storage Deploys Remcos RAT
• 09:58 UTC - [Latest from TechRadar in Security] NHS Scotland domains reportedly found serving adult content and illegal sport streams
• 09:44 UTC - [SecurityWeek] Google Warns of New Campaign Targeting BPOs to Steal Corporate Data
• 09:22 UTC - [BleepingComputer] Hackers exploiting Acrobat Reader zero-day flaw since December
• 08:44 UTC - [SecurityWeek] Adobe Reader Zero-Day Exploited for Months: Researcher
• 08:28 UTC - [SecurityWeek] 300,000 People Impacted by Eurail Data Breach
• 08:16 UTC - [Cyber Security News] Hackers Claim to Have Stolen 10 Petabytes of Data from China’s Tianjin Supercomputer Center
• 07:44 UTC - [BleepingComputer] Hackers steal $3.6 million from crypto ATM giant Bitcoin Depot
• 07:28 UTC - [Cyber Security News] Microsoft Suspends Developer Accounts of High-Profile Open-Source Projects
• 07:21 UTC - [Cyber Security News] New RoningLoader Campaign Uses DLL Side-Loading and Code Injection to Evade Detection
• 07:05 UTC - [Cyber Security News] Critical Chrome Vulnerabilities Let Attackers to Execute Arbitrary Code
• 06:46 UTC - [BleepingComputer] Microsoft suspends dev accounts for high-profile open source projects
• 06:41 UTC - [SecurityWeek] $3.6 Million Stolen in Bitcoin Depot Hack
• 06:34 UTC - [Cyber Security News] New Silver Fox Campaign Hides ValleyRAT Inside Fake Telegram Chinese Language Pack Installer
• 05:56 UTC - [Cyber Security News] Hackers Abuse Legitimate Meta Business Manager Notifications to Deliver Phishing Emails
• 01:22 UTC - [SecurityWeek] Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long
• 01:21 UTC - [DataBreaches.Net] Trump’s Personnel Agency Is Asking for Federal Workers’ Medical Records
• 01:00 UTC - [darkreading] Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers
• 01:00 UTC - [darkreading] Russia's Forest Blizzard Nabs Rafts of Logins Via SOHO Routers
• 00:19 UTC - [DataBreaches.Net] OCR Releases Risk Management Video

2026-04-08 #

• 23:27 UTC - [Graham Cluley] Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
• 22:34 UTC - [BleepingComputer] Hackers use pixel-large SVG trick to hide credit card stealer
• 22:00 UTC - [Unit 42] Cracks in the Bedrock: Agent God Mode
• 21:46 UTC - [BleepingComputer] Google: New UNC6783 hackers steal corporate Zendesk support tickets
• 20:21 UTC - [darkreading] Threat Actors Get Crafty With Emojis to Escape Detection
• 19:47 UTC - [darkreading] AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties
• 18:55 UTC - [BleepingComputer] New macOS stealer campaign uses Script Editor in ClickFix attack
• 18:15 UTC - [BleepingComputer] CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
• 18:03 UTC - [netbiosX]
• 17:51 UTC - [The Hacker News] New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
• 17:26 UTC - [BleepingComputer] 13-year-old bug in ActiveMQ lets hackers remotely execute commands
• 17:05 UTC - [Latest from TechRadar in Security] 'This creates a layered form of obfuscation': New report says criminals are using emojis to avoid detection
• 16:38 UTC - [CyberScoop] Hack-for-hire spyware campaign targets journalists in Middle East, North Africa
• 16:30 UTC - [The Hacker News] Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
• 15:57 UTC - [Cyber Security News] Microsoft 365 Network-Level Disruption Affecting Exchange Online, Teams, and Core Suite Services
• 15:47 UTC - [Cyber Security News] Hackers Used EvilTokens, ClickFix Campaign to Attack Claude Code Users with AMOS Stealer
• 15:47 UTC - [DataBreaches.Net] Hackers steal and leak sensitive LAPD police documents
• 15:45 UTC - [darkreading] Fraud Rockets Higher in Mobile-First Latin America
• 15:37 UTC - [SecurityWeek] Data Leakage Vulnerability Patched in OpenSSL
• 15:10 UTC - [Latest from TechRadar in Security] Top open source AI platform Flowise hit by maximum-level security issue
• 15:03 UTC - [Cybersecurity Dive - Latest News] US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure
• 14:54 UTC - [Cyber Security News] IBM Identity and Verify Access Vulnerabilities Allow Remote Attacker to Access Sensitive Data
• 14:52 UTC - [Cyber Security News] Hackers Actively Attacking Adobe Reader Users Using Sophisticated 0-Day Exploit
• 14:45 UTC - [Cyber Security News] Anthropic Unveils Claude Mythos Preview With Powerful Zero-Day Detection Capabilities
• 14:43 UTC - [darkreading] Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on Campus
• 14:30 UTC - [SecurityWeek] RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years
• 14:25 UTC - [Latest from TechRadar in Security] US agencies warn Iranian hackers are targeting American critical infrastructure — causing 'disruptive effects within the United States'
• 14:22 UTC - [darkreading] Niobium Introduces The Fog
• 14:15 UTC - [Cybersecurity Dive - Latest News] Iran-linked hackers targeting water, energy in US, FBI and CISA warn
• 14:15 UTC - [Cybersecurity Dive - Latest News] Iran-linked hackers target water, energy in US, FBI and CISA warn
• 14:08 UTC - [darkreading] Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity Teams
• 14:00 UTC - [BleepingComputer] Is a $30,000 GPU Good at Password Cracking?
• 14:00 UTC - [Black Hills Information Security, Inc.] Getting Started In Pentesting – Advice From The BHIS Pentest Lead
• 13:50 UTC - [The Hacker News] APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
• 13:46 UTC - [darkreading] Iranian Threat Actors Disrupt US Critical Infrastructure via Exposed PLCs
• 13:46 UTC - [darkreading] Iranian Threat Actors Disrupt US Critical Infrastructure Via Exposed PLCs
• 13:45 UTC - [Latest from TechRadar in Security] Third-party integration tool Anodot data breach hits Snowflake customers
• 13:45 UTC - [Latest from TechRadar in Security] Snowflake customers suffer data theft attacks after third-party issue, company confirms 'unusual activity'
• 13:39 UTC - [Rapid7 Cybersecurity Blog] FortiGate CVE-2025-59718 Exploitation: Incident Response Findings
• 13:32 UTC - [SecurityWeek] FBI: Cybercrime Losses Neared $21 Billion in 2025
• 13:27 UTC - [DataBreaches.Net] Iowa AG files lawsuit against Change Healthcare over 2024 data breach
• 13:09 UTC - [DataBreaches.Net] Act-of-War Clauses Cloud Cyber Insurance Coverage
• 12:31 UTC - [SecurityWeek] Massachusetts Hospital Diverts Ambulances as Cyberattack Causes Disruption 
• 12:24 UTC - [DataBreaches.Net] Who really runs your VPN — and what that may mean for your privacy
• 12:21 UTC - [DataBreaches.Net] Russians hijacking routers for cyber spying
• 12:03 UTC - [DataBreaches.Net] A string of radio hijacks exposes a deeper broadcast weakness
• 12:03 UTC - [DataBreaches.Net] NL: Dutch healthcare software vendor goes dark after ransomware attack
• 11:58 UTC - [DataBreaches.Net] HK: Man arrested over stolen patient personal data
• 11:52 UTC - [Cyber Security News] Microsoft Confirms Recent Windows 11 Update Breaks Start Menu Search Function
• 11:52 UTC - [Cyber Security News] Microsoft Confirms Recent Windows 11 Update Breaks Start Menu Function
• 11:49 UTC - [SecurityWeek] Evasive Masjesu DDoS Botnet Targets IoT Devices
• 11:30 UTC - [The Hacker News] Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
• 11:20 UTC - [SecurityWeek] Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover
• 11:09 UTC - [Cyber Security News] Google Expands Chrome Lazy Loading to Video and Audio in New Browser Update
• 10:54 UTC - [SecurityWeek] US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking
• 10:45 UTC - [Cyber Security News] Amazon S3 Files, Turns S3 Buckets as File System to Access Your Data
• 10:43 UTC - [Cyber Security News] Docker Vulnerability Let Attackers Bypass Authorization and Gain Host Access
• 10:37 UTC - [Latest from TechRadar in Security] Always-on AI Agents put everything hackers could ever want behind a single attack surface
• 10:36 UTC - [Cyber Security News] AWS and Anthropic Advancing AI-powered Cybersecurity With Claude Mythos
• 10:25 UTC - [Schneier on Security] Python Supply-Chain Compromise
• 10:24 UTC - [Latest from TechRadar in Security] When infrastructure decisions shape growth outcomes
• 10:24 UTC - [Latest from TechRadar in Security] 'This puts organizations at risk of credential theft, data manipulation and broader compromise': UK government, Microsoft warn Russian hackers are hitting TP-Link home routers to hijack internet traffic
• 09:38 UTC - [Latest from TechRadar in Security] 'A new frontier model trained by Anthropic that we believe could reshape cybersecurity': Project Glasswing wants to use AI to prevent AI cyberattacks — but will 'overeager' Claude Mythos do more damage than help?
• 09:16 UTC - [The Hacker News] Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems
• 08:02 UTC - [Cyber Security News] Indian Bank Warns Users of Fake LPG Payment and KYC Update Scams to Steal Banking Info
• 07:47 UTC - [The Hacker News] N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
• 07:40 UTC - [Cyber Security News] Multiple OpenSSL Vulnerabilities Exposes Sensitive Data in RSA KEM Handling
• 07:13 UTC - [Cyber Security News] FBI Disrupts Russian Router Hijacking Operation Compromised Thousands of Users
• 07:00 UTC - [BleepingComputer] Microsoft rolls out fix for broken Windows Start Menu search
• 06:59 UTC - [0day Fans] Given Enough Agents, All Bugs Become Shallow
• 04:23 UTC - [The Hacker News] Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
• 04:15 UTC - [Cyber Security News] Claude Uncovers 13-Year-Old RCE Flaw in Apache ActiveMQ in Just 10 Minutes
• 04:15 UTC - [Cyber Security News] Claude Uncovers 13-Year-Old 0-Day RCE Flaw in Apache ActiveMQ in Just 10 Minutes
• 04:15 UTC - [Cyber Security News] Claude Finds 13-Year-Old 0-Day RCE Vulnerability in Apache ActiveMQ in 10 Minutes
• 03:51 UTC - [Cyber Security News] CUPS Vulnerability Chain Enables Remote Attacker to Execute Malicious Code as Root User
• 03:40 UTC - [Have I Been Pwned latest breaches] My Lovely AI - 106,271 breached accounts
• 02:57 UTC - [SecurityWeek] Iran-Linked Hackers Disrupt US Critical Infrastructure via PLC Attacks
• 02:46 UTC - [Cyber Security News] Fiber Optic Cables Turned Into Hidden Microphones to Secretly Spy on Your Conversations
• 00:05 UTC - [Latest from TechRadar in Security] Microsoft flags China-based hackers using vicious new 'rapid attack' zero-days to launch ransomware at targets across the world

2026-04-07 #

• 23:46 UTC - [CyberScoop] Feds quash widespread Russia-backed espionage network spanning 18,000 devices
• 22:45 UTC - [Latest from TechRadar in Security] 'By combining trusted platforms with legitimate tools, the threat actor reduces visibility and increases the likelihood of successful execution': Microsoft warns WhatsApp users to exercise extra caution — or pay the price
• 22:03 UTC - [BleepingComputer] Hackers exploit critical flaw in Ninja Forms WordPress plugin
• 22:00 UTC - [Unit 42] Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox
• 21:20 UTC - [Latest from TechRadar in Security] 'Stolen session cookies render MFA irrelevant': How $900-per-month turnkey malware is putting enterprise-grade account hijacking in the hands of rookie hackers
• 21:00 UTC - [The Cloudflare Blog] Cloudflare targets 2029 for full post-quantum security
• 20:52 UTC - [Cyber Security News] New BPFDoor Variants Use Stateless C2 and ICMP Relays to Evade Detection
• 20:41 UTC - [BleepingComputer] FBI: Americans lost a record $21 billion to cybercrime last year
• 20:15 UTC - [darkreading] Storm-1175 Deploys Medusa Ransomware at 'High Velocity'
• 20:11 UTC - [Cyber Security News] Hackers Exploit Kubernetes Misconfigurations to Move From Containers to Cloud Accounts
• 19:52 UTC - [darkreading] Grafana Patches AI Bug That Could Have Leaked User Data
• 19:46 UTC - [Cyber Security News] Hackers Use Fake Gemini npm Package to Steal Tokens From Claude, Cursor, and Other AI Tools
• 19:39 UTC - [BleepingComputer] Snowflake customers hit in data theft attacks after SaaS integrator breach
• 19:14 UTC - [DataBreaches.Net] Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
• 18:40 UTC - [Cyber Security News] Hackers Exploit Next.js React2Shell Flaw to Steal Credentials From 766 Hosts in 24 Hours
• 18:39 UTC - [SecurityWeek] Anthropic Unveils ‘Claude Mythos’ – A Cybersecurity Breakthrough That Could Also Supercharge Attacks
• 18:02 UTC - [BleepingComputer] US warns of Iranian hackers targeting critical infrastructure
• 18:00 UTC - [CyberScoop] Tech giants launch AI-powered ‘Project Glasswing’ to identify critical software vulnerabilities
• 17:58 UTC - [CyberScoop] Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn
• 17:37 UTC - [Cybersecurity Dive - Latest News] CISA’s vulnerability scans, field support on chopping block in Trump budget
• 17:14 UTC - [Cyber Security News] Hackers Use ClickFix Lure to Drop Node.js-Based Windows RAT With Tor-Powered C2
• 17:07 UTC - [Schneier on Security] Cybersecurity in the Age of Instant Software
• 17:02 UTC - [Krebs on Security] Russia Hacked Routers to Steal Microsoft Office Tokens
• 17:02 UTC - [BleepingComputer] Max severity Flowise RCE vulnerability now exploited in attacks
• 16:55 UTC - [Latest from TechRadar in Security] 'Verify before you act': security expert reveals the simple steps you can take to stay safe from deepfakes
• 16:48 UTC - [The Hacker News] Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
• 16:47 UTC - [CyberScoop] Cybercrime losses jumped 26% to $20.9 billion in 2025
• 16:46 UTC - [Proofpoint Threat Insight] Anthropic Leak and Mercor AI Attack: Takeaways for Enterprise AI Security
• 16:40 UTC - [SecurityWeek] The New Rules of Engagement: Matching Agentic Attack Speed
• 16:36 UTC - [Cyber Security News] Russian Hackers Exploiting Home and Small-office Routers in Massive DNS hijacking Attack
• 16:34 UTC - [SecurityWeek] Trent AI Emerges From Stealth With $13 Million in Funding
• 16:15 UTC - [Latest from TechRadar in Security] I can't think of anything that's off limits to them': FBI slams cybercriminals for attacking schools, hospitals, as crypto fraud soars
• 15:51 UTC - [BleepingComputer] Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
• 15:34 UTC - [SecurityWeek] Critical Flowise Vulnerability in Attacker Crosshairs
• 15:15 UTC - [The Hacker News] Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
• 14:57 UTC - [darkreading] RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever
• 14:55 UTC - [Cyber Security News] Fake Software Installers Used to Drop RATs and Monero Miners in Long-Running Malware Campaign
• 14:54 UTC - [Cybersecurity Dive - Latest News] React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data
• 14:38 UTC - [DataBreaches.Net] 1 Billion Microsoft Users Warned As Angry Hacker Drops 0-Day Exploit
• 14:36 UTC - [darkreading] Human vs. AI: Debates Shape RSAC 2026 Cybersecurity Trends
• 14:36 UTC - [darkreading] Human vs AI: Debates Shape RSAC 2026 Cybersecurity Trends
• 14:35 UTC - [Latest from TechRadar in Security] 'I was not bluffing Microsoft, and I'm doing it again': apparently disgruntled researcher leaks worrying Windows zero-day security flaw
• 14:26 UTC - [darkreading] Lies, Damned Lies, and Cybersecurity Metrics
• 14:23 UTC - [SecurityWeek] Severe StrongBox Vulnerability Patched in Android
• 14:01 UTC - [BleepingComputer] Why Your Automated Pentesting Tool Just Hit a Wall
• 14:00 UTC - [Microsoft Security Blog] SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks
• 14:00 UTC - [Microsoft Security Blog] SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks
• 14:00 UTC - [All Fortinet Blog | Latest Posts] When Cybercrime Becomes an Industry
• 13:58 UTC - [SecurityWeek] GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data
• 13:44 UTC - [CyberScoop] ‘GrafanaGhost’ bypasses Grafana’s AI defenses without leaving a trace
• 13:35 UTC - [bellingcat] When Satellite Imagery Goes Dark: New Tool Shows Damage in Iran and the Gulf
• 13:32 UTC - [Cybersecurity Dive - Latest News] Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface
• 13:19 UTC - [SecurityWeek] Webinar Today: Why Automated Pentesting Alone Is Not Enough
• 13:17 UTC - [Cybersecurity Dive - Latest News] Threat cluster launches extortion campaign using social engineering
• 13:06 UTC - [Rapid7 Cybersecurity Blog] A First Look at Our Speaker Lineup and Agenda for the Rapid7 2026 Global Cybersecurity Summit
• 13:01 UTC - [Cyber Security News] New GPUBreach Attack Enables System-Wide Compromise Up to a Root Shell
• 13:00 UTC - [darkreading] Focusing on the People in Cybersecurity at RSAC 2026 Conference
• 12:51 UTC - [Cyber Security News] From Alert Overload to Rapid Response: Why Threat Intelligence Is a Top Solution for Fast MTTR 
• 12:49 UTC - [Cyber Security News] Critical Android “Zero-Interaction” Vulnerability Enables DoS Attacks
• 12:46 UTC - [The Hacker News] Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
• 12:44 UTC - [Cyber Security News] Threat Actors Abuse LogMeIn Resolve and ScreenConnect in Multi-Stage Phishing Attacks
• 12:32 UTC - [Cyber Security News] BlueHammer PoC for Windows Defender Exploited by Researchers to Escalate Privileges
• 12:17 UTC - [The Hacker News] [Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk
• 12:04 UTC - [Cyber Security News] Flowise AI Agent Builder Injection Vulnerability Exploited in Attacks, 15,000+ Instances Exposed
• 11:31 UTC - [SecurityWeek] GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack 
• 11:30 UTC - [The Hacker News] The Hidden Cost of Recurring Credential Incidents
• 10:52 UTC - [SecurityWeek] Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems
• 10:33 UTC - [Cyber Security News] Iran-Linked Hackers Launch Password Spray Campaign Against Microsoft 365 Tenants in Middle East
• 10:09 UTC - [Latest from TechRadar in Security] Understanding the ‘espionage ecosystem’ threat
• 09:51 UTC - [Latest from TechRadar in Security] Goodnight REvil and GandCrab? Police think they've identified two of the biggest cybercrime bosses around
• 09:45 UTC - [Schneier on Security] Hong Kong Police Can Force You to Reveal Your Encryption Keys
• 09:41 UTC - [netbiosX]
• 09:24 UTC - [SecurityWeek] German Police Unmask REvil Ransomware Leader
• 08:57 UTC - [Graham Cluley] Life imprisonment for Cambodian scam compound operators – but will it make a difference?
• 08:54 UTC - [Latest from TechRadar in Security] Why modern cyber conflict is partly a global skills challenge
• 08:50 UTC - [Cyber Security News] Microsoft Releases New Defender Update for Windows 11, 10, and Server Installation Images
• 08:38 UTC - [The Hacker News] New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips
• 08:29 UTC - [SecurityWeek] White House Seeks to Slash CISA Funding by $707 Million
• 07:49 UTC - [Cyber Security News] Microsoft Warns Storm-1175 Exploits Web-Facing Assets 0-Day Flaws in Medusa Ransomware Attacks
• 07:35 UTC - [Cyber Security News] 50,000 WordPress Sites Exposed to Critical Ninja Forms File Upload RCE Vulnerability
• 07:02 UTC - [Cyber Security News] OpenAI Codex Vulnerability Allows Attackers to Steal GitHub Access Tokens
• 07:02 UTC - [Cyber Security News] OpenAI Codex Command Injection Vulnerability Let Attackers Steal GitHub User Access Tokens
• 06:59 UTC - [Cyber Security News] Hackers Use Fake TradingView Premium Posts on Reddit to Deliver Vidar and AMOS Stealers
• 06:35 UTC - [The Hacker News] China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
• 06:05 UTC - [SecurityWeek] Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack
• 05:56 UTC - [The Hacker News] Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
• 03:30 UTC - [Cyber Security News] Researcher Released Windows Defender 0-Day Exploit Code, Allowing Attackers to Gain Full Access
• 02:44 UTC - [DataBreaches.Net] Jones Day confirms limited breach after phishing attack by Silent Ransom Group
• 00:00 UTC - [0day Fans] LibRaw x3f_load_huffman heap-based buffer overflow vulnerability
• 00:00 UTC - [0day Fans] LibRaw uncompressed_fp_dng_load_raw integer overflow vulnerability
• 00:00 UTC - [0day Fans] LibRaw HuffTable::initval heap-based buffer overflow vulnerability
• 00:00 UTC - [The GreyNoise Blog] Introducing C2 Detection: Know When Your Edge Devices Are Calling Home to Attackers

2026-04-06 #

• 23:54 UTC - [BleepingComputer] German authorities identify REvil and GangCrab ransomware bosses
• 23:54 UTC - [BleepingComputer] German authorities identify REvil and GandCrab ransomware bosses
• 22:00 UTC - [Unit 42] Understanding Current Threats to Kubernetes Environments
• 21:44 UTC - [BleepingComputer] New GPUBreach attack enables system takeover via GPU rowhammer
• 21:38 UTC - [darkreading] AI-Assisted Supply Chain Attack Targets GitHub
• 21:12 UTC - [CyberScoop] Fortinet customers confront actively exploited zero-day, with a full patch still pending
• 20:55 UTC - [darkreading] Axios Attack Shows Social Complex Engineering Is Industrialized
• 20:55 UTC - [darkreading] Axios Attack Shows How Complex Social Engineering Is Industrialized
• 20:55 UTC - [darkreading] Axios Attack Shows Complex Social Engineering Is Industrialized
• 20:47 UTC - [DataBreaches.Net] Maine House advances McCabe bill to strengthen cybersecurity at Maine hospitals
• 20:47 UTC - [DataBreaches.Net] Microsoft links Medusa ransomware affiliate to zero-day attacks
• 20:24 UTC - [darkreading] Fortinet Issues Emergency Patch for FortiClient Zero-Day
• 19:40 UTC - [Latest from TechRadar in Security] 'Your login credentials may already be slipping into the hands of a cybercriminal': Hackers target LinkedIn accounts with devious new phishing attacks — here's how to stay safe
• 19:19 UTC - [BleepingComputer] Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
• 19:19 UTC - [BleepingComputer] Microsoft fixes Classic Outlook bug causing email delivery issues
• 19:09 UTC - [Schneier on Security] New Mexico’s Meta Ruling and Encryption
• 18:37 UTC - [The Hacker News] Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
• 17:45 UTC - [BleepingComputer] Microsoft removes Support and Recovery Assistant from Windows
• 17:21 UTC - [CyberScoop] pcTattleTale stalkerware maker sentence includes fine, supervised release
• 16:56 UTC - [BleepingComputer] Microsoft links Medusa ransomware affiliate to zero-day attacks
• 16:37 UTC - [Cyber Security News] CISA Warns of Fortinet 0-Day Vulnerability Actively Exploited in Attacks
• 16:35 UTC - [BleepingComputer] Drift $280M crypto theft linked to 6-month in-person operation
• 16:34 UTC - [Microsoft Security Blog] Inside an AI‑enabled device code phishing campaign
• 16:34 UTC - [Microsoft Security Blog] Inside an AI‑enabled device code phishing campaign
• 16:31 UTC - [DataBreaches.Net] Two Breaches, One Quarter: Valley Family Health Care’s Challenging Start to 2026
• 16:25 UTC - [Cyber Security News] Top 12 Enterprise AI Gateways Ranked for Security and Ease of Integration
• 16:24 UTC - [The Hacker News] DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
• 16:10 UTC - [Latest from TechRadar in Security] SparkCat malware returns to target Android and iOS users, hiding in innocent apps to try and steal your details
• 16:02 UTC - [BleepingComputer] CISA orders feds to patch exploited Fortinet EMS flaw by Friday
• 16:00 UTC - [Microsoft Security Blog] Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations
• 15:32 UTC - [SecurityWeek] Google DeepMind Researchers Map Web Attacks Against AI Agents
• 15:31 UTC - [darkreading] Automated Credential Harvesting Campaign Exploits React2Shell Flaw
• 15:26 UTC - [Cyber Security News] Trojanized PyPI AI Proxy Uses Stolen Claude Prompt to Exfiltrates Data
• 15:05 UTC - [Cyber Security News] Hackers Drain $286 Million From Drift Protocol in Suspected North Korea-Linked Exploit
• 15:05 UTC - [Latest from TechRadar in Security] One of the largest corporate espionage and data breach scandals in digital history': New "BrowserGate" report claims LinkedIn secretly scans user browsers for installed extensions and collects device data
• 14:38 UTC - [Cybersecurity Dive - Latest News] Hims & Hers says limited data stolen in social engineering attack
• 14:34 UTC - [Cyber Security News] New GitHub Actions Attack Chain Uses Fake CI Updates to Exfiltrate Secrets and Tokens
• 14:20 UTC - [Cybersecurity Dive - Latest News] Critical flaw in FortiClient EMS under exploitation
• 14:20 UTC - [Latest from TechRadar in Security] This devious VENOM phishing campaign targets business executives by name — so watch what you click on
• 14:07 UTC - [darkreading] Shadow AI in Healthcare is Here to Stay
• 14:07 UTC - [darkreading] Shadow AI in Healthcare Is Here to Stay
• 14:06 UTC - [Cyber Security News] DPRK Cyber Program Uses Modular Malware Strategy to Evade Attribution and Survive Takedowns
• 14:03 UTC - [Latest from TechRadar in Security] Backups won’t save you from this version of ransomware
• 14:02 UTC - [BleepingComputer] Why Simple Breach Monitoring is No Longer Enough
• 13:49 UTC - [darkreading] OWASP GenAI Security Project Gets Update, New Tools Matrix
• 13:34 UTC - [Latest from TechRadar in Security] Your marketing stack is an attack surface – is security watching?
• 13:33 UTC - [Latest from TechRadar in Security] AI agents can only be trusted as Junior Engineers
• 13:00 UTC - [The Hacker News] Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps
• 13:00 UTC - [All Fortinet Blog | Latest Posts] FortiOS 8.0: Redefining Secure Networking in the AI and Quantum Era
• 12:46 UTC - [The Hacker News] ⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
• 12:43 UTC - [Cyber Security News] North Korean IT Worker Unmasked After Refusing to Insult Kim Jong Un in Job Interview
• 12:10 UTC - [Latest from TechRadar in Security] Top museums hit by apparent cyberattack on Vivaticket — Louvre and other institutions affected
• 11:45 UTC - [The Hacker News] How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
• 11:40 UTC - [SecurityWeek] Guardarian Users Targeted With Malicious Strapi NPM Packages
• 11:29 UTC - [Cyber Security News] Google’s Bug Bounty Program Hits All-Time High With $17 Million in 2025 Payouts
• 11:21 UTC - [DataBreaches.Net] NYS school data incidents rose 72% in 2025, with 44 reported on Long Island
• 11:21 UTC - [DataBreaches.Net] Two data security incidents affected immigration law firms and their clients
• 11:21 UTC - [DataBreaches.Net] Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
• 11:21 UTC - [Cyber Security News] Apache Traffic Server Vulnerabilities Let Attackers Trigger DoS Attack
• 11:21 UTC - [DataBreaches.Net] Researchers didn’t want to glamorize cybercrims. So they roasted them.
• 11:20 UTC - [DataBreaches.Net] Fitness tracking under scrutiny as Strava military data leak exposes personnel
• 11:20 UTC - [DataBreaches.Net] Moscow, Idaho, clinics reopen after Gritman cyber incident
• 11:15 UTC - [Cyber Security News] Critical Dgraph Database Vulnerability Let Attackers Bypass Authentication
• 11:12 UTC - [Cyber Security News] Hackers Compromised ILSpy WordPress Domain to Deliver Malware
• 11:02 UTC - [SecurityWeek] North Korean Hackers Target High-Profile Node.js Maintainers
• 10:52 UTC - [Schneier on Security] Google Wants to Transition to Post-Quantum Cryptography by 2029
• 10:30 UTC - [Latest from TechRadar in Security] Uffizi galleries confirms it was hit by cyberattack — but claims nothing was stolen
• 10:25 UTC - [Latest from TechRadar in Security] Time for an upgrade? Report warns outdated operating systems could be the 'unnecessary risk' your business forgot about
• 10:20 UTC - [Latest from TechRadar in Security] Building private AI: control, compliance and competitive edge
• 10:07 UTC - [The Hacker News] Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
• 09:58 UTC - [Cyber Security News] Hackers Use Poisoned Axios Package and Phantom Dependency to Spread Cross-Platform Malware
• 09:37 UTC - [SecurityWeek] Fortinet Rushes Emergency Fixes for Exploited Zero-Day
• 09:16 UTC - [Cyber Security News] Critical Claude Code Flaw Silently Bypasses Developer-Configured Security Rules
• 09:11 UTC - [Latest from TechRadar in Security] 'Skipping a beat on resilience investment isn’t an option any more': IT incidents can cost firms huge amounts - here's how to stay on top of issues
• 09:04 UTC - [Cyber Security News] Hackers Using Fake “Microsoft Teams” Domains to Attack Users Via Malicious Payload
• 07:12 UTC - [Cyber Security News] New ResokerRAT Uses Telegram Bot API to Control Infected Windows Systems
• 06:59 UTC - [The Hacker News] BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
• 06:38 UTC - [Cyber Security News] METATRON – Open-Source AI Penetration Testing Assistant Brings Local LLM Analysis to Linux
• 05:45 UTC - [Cyber Security News] 36 Malicious npm Strapi Packages Used to Deploy Redis RCE and Persistent C2 Malware
• 03:44 UTC - [Cyber Security News] CISA Adds TrueConf Vulnerability to KEV Catalog Following Active Exploitation
• 03:41 UTC - [Cyber Security News] 2,000+ FortiClient EMS Instances Exposed Online Amid Active RCE Vulnerability Exploits in the Wild
• 02:52 UTC - [Cyber Security News] Google DeepMind Researchers Warn Hackers Can Hijack AI Agents Through Malicious Web Content
• 02:07 UTC - [Krebs on Security] Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

2026-04-05 #

• 19:44 UTC - [BleepingComputer] Traffic violation scams switch to QR codes in new phishing texts
• 18:45 UTC - [BleepingComputer] New FortiClient EMS flaw exploited in attacks, emergency patch released
• 18:25 UTC - [Latest from TechRadar in Security] 'The most powerful weapon is not always a missile': How Iranian "Charming Kitten" hackers used old Cold War methods to steal tech secrets and plant malware on Apple and Windows users
• 18:25 UTC - [The Hacker News] $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
• 14:17 UTC - [BleepingComputer] Hackers exploit React2Shell in automated credential theft campaign
• 14:02 UTC - [DataBreaches.Net] How often do threat actors default on promises to delete data?
• 11:07 UTC - [0day Fans] Site-DOM-XSS using Cookie Injection: The AI Hackers are Coming Faster than You Think
• 05:07 UTC - [The Hacker News] 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
• 04:32 UTC - [The Hacker News] Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

2026-04-04 #

• 20:30 UTC - [BleepingComputer] Axios npm hack used fake Teams error fix to hijack maintainer account
• 19:52 UTC - [DataBreaches.Net] The breach lasted 25 minutes. How long will the litigation last?
• 15:50 UTC - [DataBreaches.Net] Hong Kong Hospital Authority apologises for data breach involving 56,000 patients
• 15:50 UTC - [DataBreaches.Net] Claude Code leak used to push infostealer malware on GitHub
• 15:50 UTC - [DataBreaches.Net] ‘Serious cyberattack’ impacts phones, public safety systems in several Massachusetts towns
• 15:50 UTC - [DataBreaches.Net] UK: School IT system targeted in cyber attack ahead of exam season
• 15:50 UTC - [DataBreaches.Net] Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk