23174
🗞 The finest daily news on cybersecurity and privacy. 🔔 Daily releases. 💻 Is your online life secure? 📩 lalilolalo.dev@gmail.com
🖋️ GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs 🖋️Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments IDEs on a developer's machine. The technique has been discovered in an Open VSX extension named "specstudio.codewakatimeactivitytracker," which masquerades as WakaTime, a.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 New Apple Scam Hits Millions of iPhone Users Worldwide, Draining Bank Accounts 🦿Apple warns of a new scam targeting millions of iPhone users. Learn the red flags, how it works, and how to protect your account and finances. The post New Apple Scam Hits Millions of iPhone Users Worldwide, Draining Bank Accounts appeared first on TechRepublic.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
📢 Zephyr Energy hackers swiped £700,000 after redirecting a contractor payment 📢Payment to a Zephyr Energy contractor was siphoned off, but the incident has been contained and new security measures implemented.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📢 Beyond wipers: Iran-backed cyber attacks and the threat to businesses 📢Whats the real risk to business in the US and UK during this critical situation?.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📔 Bitcoin Depot Reports $3.6m Crypto Theft After System Breach 📔Bitcoin Depot has disclosed a cyberattack that led to the theft of more than 50 Bitcoin, worth 3.66m, after hackers accessed its internal systems.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS 🖋️Fortinet has released outofband patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE202635616 CVSS score 9.1, has been described as a preauthentication API access bypass leading to privilege escalation. "An improper access control vulnerability CWE284 in FortiClient EMS may allow an.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers 🖋️Threat actors are increasingly using HTTP cookies as a control channel for PHPbased web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team. "Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actorsupplied cookie values to gate execution,.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 Android Alert: 50 Google Play Apps Linked to ‘NoVoice’ Malware Reached 2.3M Downloads 🦿NoVoice malware was found in 50 Android apps on Google Play, with 2.3 million downloads, by bypassing detection and targeting outdated devices. The post Android Alert 50 Google Play Apps Linked to NoVoice Malware Reached 2.3M Downloads appeared first on TechRepublic.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🖋️ OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability 🖋️A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according to new findings from Check Point. "A single malicious prompt could turn an otherwise ordinary conversation into a covert exfiltration channel, leaking user messages, uploaded files, and other sensitive content," the cybersecurity company said in.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign 🖋️Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian statesponsored threat group known as TA446, which is also tracked by the broader cybersecurity community under the monikers Callisto,.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack 🖋️Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation FBI, and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website that Patel "will now find his name among the list of successfully hacked victims." In a statement.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🌊 AI SOC Guide: Architecture, Capabilities, Pricing, and Migration Playbook 🌊AI SOC guide autonomous triage, humanAI collaboration, compliance automation, and realworld use cases. Built for IT Directors. Discover how. The post AI SOC Guide Architecture, Capabilities, Pricing, and Migration Playbook appeared first on UnderDefense.
📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
🖋️ TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files 🖋️TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. The two versions, 4.87.1 and 4.87.2, published to the Python Package Index PyPI repository on March 27, 2026, concealed their credential harvesting capabilities within a .WAV file. Users are.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech 🦿See what you missed in Daily Tech Insider from March 2327. The post AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech appeared first on TechRepublic.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
📔 UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs 📔The UK government has sanctioned Xinbi, described as the secondlargest illicit online marketplace ever.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🦿 Massive Data Breach Exposes 337K LAPD-Linked Records 🦿A massive breach exposed 337K LAPDlinked files, raising concerns over thirdparty risk, sensitive data exposure, and law enforcement cybersecurity gaps. The post Massive Data Breach Exposes 337K LAPDLinked Records appeared first on TechRepublic.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🦿 Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet 🦿A critical Adobe Acrobat zeroday has been exploited for months via malicious PDFs to steal data and potentially take over systems, with no patch yet available. The post Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet appeared first on TechRepublic.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
📢 AI is raising the stakes for cyber professionals – Claude Mythos just took things to another level 📢AI efficiency gains work both ways, and threat actors are already capitalizing on powerful new tools.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📔 STX RAT Targets Finance Sector With Advanced Stealth Tactics 📔STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 STX RAT Targets Finance Sector With Advanced Stealth Tactics 📔STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants 🖋️Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different payloads to facilitate Redis and PostgreSQL exploitation, deploy reverse shells, harvest credentials, and drop a persistent implant. "Every package contains three files package.json, index.js, postinstall.js, has no description, repository,.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing 🖋️A Chinaaligned threat actor has set its sights on European government and diplomatic organizations since mid2025, following a twoyear period of minimal targeting in the region. The campaign has been attributed to TA416, a cluster of activity that overlaps with DarkPeony, RedDelta, Red Lich, SmugX, UNC6384, and Vertigo Panda. "This TA416 activity included multiple.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Cybercriminals Exploit Tax Season With New Phishing Tactics 📔Taxseason phishing floods deliver RMM malware, credential theft, BEC and taxform scams.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation 🖋️The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added a critical security flaw impacting F5 BIGIP Access Policy Manager APM to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability in question is CVE202553521 CVSS v4 score 9.3, which could allow a threat actor to achieve remote code execution. "When a.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug 🖋️A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr. The vulnerability, CVE20263055 CVSS score 9.3, refers to a case of insufficient input validation leading to memory overread, which an attacker could exploit to leak potentially sensitive information. Per.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack 🖋️Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation FBI, and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website that Patel "will now find his name among the list of successfully hacked victims." In a statement.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits 🖋️Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of webbased attacks and urge them to install the update. The development was first reported by MacRumors. "Apple is aware of attacks targeting outofdate iOS software, including the version on your iPhone. Install this critical update to protect your iPhone," the.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 New Wave of AiTM Phishing Targets TikTok for Business 📔Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🦅 China’s APT41 and the Expanding Enterprise Attack Surface: What Security Teams Must Prepare For 🦅 The modern enterprise attack surface is no longer confined to corporate networks and endpoints it now stretches across cloud workloads, supply chains, remote devices, and even operational technology environments. Within this fragmented landscape, the activities of the APT41 threat group stand out as a signal of how hackers and adversaries are adapting. Known for blending statesponsored espionage with financially motivated operations, APT41 represents a dualpurpose threat model that security teams can no longer afford to treat as an edge case. Understanding APT41s Hybrid Threat Model Unlike many threat actors that operate with a singular objective, China APT41 cyberattacks are notable for their breadth of intent. Active since 2012, the group has consistently targeted industries r...
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
📔 Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google 📔QDay and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its postquantum cryptography migration.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity