SecurityTicks

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories 2026-04-02 at 18:57 By The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring lectures here, just a quick and honest look at the messy reality of keeping systems safe this week. Things are moving

Want to be the IT Crowd for the BBC? An £800M contract beckons 2026-04-02 at 15:11 By SA Mathieson Supplier will need to look after networks, email, tech support, tools and more – plus find cost savings The BBC is looking for a supplier to provide IT for all its workforce and help automate parts

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners 2026-04-02 at 15:10 By A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and cryptocurrency miners since November 2023. “Beyond cryptomining, the threat actor monetizes infections through CPA (Cost Per Action) fraud, directing victims to content locker pages

The State of Trusted Open Source Report 2026-04-02 at 15:10 By In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These insights shed light on what teams

AI search is atomizing our information, warns government digital designer 2026-04-02 at 14:46 By SA Mathieson We must design expecting much of what we publish will be reinterpreted by ‘systems we don’t control’ Those who rely on artificial intelligence to summarize official material may get a misleadingly narrow or incomplete version of it, a senior

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit 2026-04-02 at 14:46 By Apple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of devices to protect users from the risk posed by a recently disclosed exploit kit known as DarkSword. “We enabled the availability of iOS 18.7.7 for more devices on

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action 2026-04-02 at 14:46 By Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with spyware. According to reports from Italian newspaper La Repubblica and news agency ANSA, the

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails 2026-04-02 at 14:46 By The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a new phishing campaign in which the cybersecurity agency itself was impersonated to distribute a remote administration tool known as AGEWHEEZE. As part of the attacks, the threat actors,

Block the Prompt, Not the Work: The End of “Doctor No” 2026-04-02 at 14:46 By There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say “No.” No to ChatGPT. No to DeepSeek. No to

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass 2026-04-02 at 14:46 By Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS) files. The activity, beginning in late February 2026, leverages these scripts to initiate a multi-stage infection chain for establishing persistence