TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
iT4iNT SERVER A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part o…
Showing posts from March, 2026Show all
Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts
iT4iNT SERVER Cybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex AI platform that could allow ar…
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
iT4iNT SERVER The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introdu…
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
iT4iNT SERVER Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortc…
Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign
iT4iNT SERVER Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of what has been de…
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
iT4iNT SERVER Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bure…
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
iT4iNT SERVER A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance ac…
TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
iT4iNT SERVER Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently di…
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
iT4iNT SERVER Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish scanning pipeline to cause t…
We Are At War
iT4iNT SERVER Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politici…
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
iT4iNT SERVER Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploit…
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
iT4iNT SERVER Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension that could have been exploit…
WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites
iT4iNT SERVER Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfil…
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
iT4iNT SERVER The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media report…
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
iT4iNT SERVER The U.S. Federal Communications Commission (FCC) said on Monday that it was banning the import of new, foreign-made consumer routers, c…
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise
iT4iNT SERVER TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, …
Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
iT4iNT SERVER Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sens…
The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills
iT4iNT SERVER Cybersecurity has changed fast. Roles are more specialized, and tooling is more advanced. On paper, this should make organizations more…
Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
iT4iNT SERVER Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack, highli…
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
iT4iNT SERVER Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), …
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
iT4iNT SERVER Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could…
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
iT4iNT SERVER Sansec is warning of a critical security flaw in Magento's REST API that could allow unauthenticated attackers to upload arbitrary …
Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
iT4iNT SERVER Google on Thursday announced a new "advanced flow" for Android sideloading that requires a mandatory 24-hour wait period to i…
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
iT4iNT SERVER Cybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the functionality and infrastructure of a legitimate p…
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
iT4iNT SERVER ThreatsDay Bulletin is back on The Hacker News, and this week feels off in a familiar way. Nothing loud, nothing breaking everything at…
How Ceros Gives Security Teams Visibility and Control in Claude Code
iT4iNT SERVER Security teams have spent years building identity and access controls for human users and service accounts. But a new category of actor…
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
iT4iNT SERVER The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned six individuals and two entities for t…
Claude Code Security and Magecart: Getting the Threat Model Right
iT4iNT SERVER When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – b…
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
iT4iNT SERVER A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate…
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
iT4iNT SERVER The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as …
AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds
iT4iNT SERVER A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the challenge, according …
Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware
iT4iNT SERVER North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim's KakaoTalk desk…
Why Security Validation Is Becoming Agentic
iT4iNT SERVER If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool in one…
DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage
iT4iNT SERVER Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a r…
Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse
iT4iNT SERVER Google is testing a new security feature as part of Android Advanced Protection Mode (AAPM) that prevents certain kinds of apps from us…
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
iT4iNT SERVER China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from …
GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers
iT4iNT SERVER Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a "significant escalatio…
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
iT4iNT SERVER Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said have …
Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries
iT4iNT SERVER A court-authorized international law enforcement operation has dismantled a criminal proxy service named SocksEscort that enslaved thou…
How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs
iT4iNT SERVER Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, mo…
Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload
iT4iNT SERVER The most dangerous phishing campaigns aren’t just designed to fool employees. Many are designed to exhaust the analysts investigating t…
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
iT4iNT SERVER Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from comp…
Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices
iT4iNT SERVER SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code execution on…
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
iT4iNT SERVER Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two…
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
iT4iNT SERVER Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file da…
New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
iT4iNT SERVER Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers …
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
iT4iNT SERVER Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible E…
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
iT4iNT SERVER The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabil…
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
iT4iNT SERVER Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to p…
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
iT4iNT SERVER High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-lon…
