Posted inTechnology $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of… Posted by admin April 5, 2026
Posted inTechnology Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been… Posted by admin April 5, 2026
Posted inTechnology 36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins… Posted by admin April 5, 2026
Posted inTechnology China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period… Posted by admin April 3, 2026
Posted inTechnology Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and… Posted by admin April 3, 2026
Posted inTechnology Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust,… Posted by admin April 3, 2026
Posted inTechnology UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a… Posted by admin April 3, 2026
Posted inTechnology Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security… Posted by admin April 3, 2026
Posted inTechnology New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store,… Posted by admin April 3, 2026
Posted inTechnology Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials,… Posted by admin April 2, 2026