Featured

Axios NPM Package Breached in North Korean Supply Chain Attack

Application Security, Axios, Featured, North Korea, NPM, supply chain attack, Supply Chain Security /

Axios NPM Package Breached in North Korean Supply Chain Attack 2026-04-01 at 11:46 By Ionut Arghire A long-lived NPM access token was used to bypass the GitHub Actions OIDC-based CI/CD publishing workflow and push backdoored package versions. The post Axios NPM Package Breached in North Korean Supply Chain Attack appeared first on SecurityWeek. This article […]

Axios NPM Package Breached in North Korean Supply Chain Attack Read More »

Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption

Cryptocurrency, Data Protection, Featured, Google, Quantum, research /

Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption 2026-03-31 at 15:43 By Eduard Kovacs Google researchers have shown that breaking the encryption of Bitcoin and Ethereum requires 20x fewer qubits.  The post Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption Read More »

F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild

exploited, F5, Featured, Vulnerabilities, vulnerability /

F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild 2026-03-30 at 10:37 By Ionut Arghire Initially disclosed as a high-severity denial-of-service (DoS), the bug was reclassified as a critical RCE issue. The post F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild appeared first on SecurityWeek. This

F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild Read More »

Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account

cybercrime, Cyberwarfare, Featured, Handala, Iran /

Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account 2026-03-27 at 18:42 By Associated Press The group that it was making available for download emails and other documents from Patel’s account. The post Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account appeared first on

Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account Read More »

RSAC 2026 Conference Announcements Summary (Days 3-4)

Featured, Management & Strategy, RSA Conference, RSAC, RSAC Conference 2026, security products /

RSAC 2026 Conference Announcements Summary (Days 3-4) 2026-03-27 at 12:48 By SecurityWeek News A summary of the announcements made by vendors on the third and fourth days of the RSAC 2026 Conference. The post RSAC 2026 Conference Announcements Summary (Days 3-4) appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

RSAC 2026 Conference Announcements Summary (Days 3-4) Read More »

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

Application Security, Featured, Lapsus$, Malware & Threats, NPM, OSS, PyPI, supply chain attack, TeamPCP /

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI 2026-03-25 at 14:00 By Ionut Arghire The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$. The post From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI appeared

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI Read More »

Stryker Says Malicious File Found During Probe Into Iran-Linked Attack

Featured, Iran, Malware, Malware & Threats, Stryker /

Stryker Says Malicious File Found During Probe Into Iran-Linked Attack 2026-03-24 at 11:30 By Eduard Kovacs The FBI has published an alert describing the malware used by Iranian government hackers. The post Stryker Says Malicious File Found During Probe Into Iran-Linked Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Stryker Says Malicious File Found During Probe Into Iran-Linked Attack Read More »

M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds

cybercrime, Featured, Google, M-Trends, Mandiant, report /

M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds 2026-03-23 at 17:17 By Eduard Kovacs The latest M-Trends report is based on insights from over 500,000 hours of Mandiant incident response investigations in 2025. The post M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds appeared first on SecurityWeek. This article

M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds Read More »

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

Featured, phishing, takedown, Tycoon 2FA /

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown 2026-03-23 at 12:32 By Ionut Arghire Attack volumes are back to pre-disruption levels, and the adversary tactics have remained unchanged. The post Tycoon 2FA Fully Operational Despite Law Enforcement Takedown appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown Read More »

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability

exploited, Featured, Oracle, Oracle Identity Manager, Vulnerabilities, vulnerability, Zero-Day /

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability 2026-03-23 at 09:18 By Eduard Kovacs CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild.  The post Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability appeared first on SecurityWeek. This article is an excerpt from

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability Read More »

Critical Quest KACE Vulnerability Potentially Exploited in Attacks

exploited, Featured, KACE, Quest, Vulnerabilities, vulnerability /

Critical Quest KACE Vulnerability Potentially Exploited in Attacks 2026-03-21 at 13:00 By Eduard Kovacs The vulnerability is tracked as CVE-2025-32975 and it may have been exploited in attacks against the education sector. The post Critical Quest KACE Vulnerability Potentially Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Critical Quest KACE Vulnerability Potentially Exploited in Attacks Read More »

Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation

Aisuru, botnet, cybercrime, disrupted, Featured, IoT, IoT Security, Kimwolf, law enforcement, Tracking & Law Enforcement /

Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation 2026-03-20 at 09:32 By Eduard Kovacs The lesser-known JackSkid and Mossad botnets have also been targeted in the operation. The post Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Aisuru and Kimwolf DDoS Botnets Disrupted in International Operation Read More »

Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury

APT, cyberattack, Cyberwarfare, Epic Fury, Featured, hackers, Iran, Threat Intelligence /

Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury 2026-03-19 at 18:19 By Kevin Townsend Analysis reveals a six-month buildup of Iran-linked cyber infrastructure, including US-based shell companies, designed to weather kinetic strikes and ensure the resilience of its global hacking operations. The post Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury

Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury Read More »

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks

Cisco, exploited, Featured, firewall, InterLock, Ransomware, Vulnerabilities, vulnerability /

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks 2026-03-19 at 11:01 By Eduard Kovacs Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia. The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek. This article is an

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks Read More »

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch

controversy, disputed, Featured, Privacy, View Once, Vulnerabilities, vulnerability, WhatsApp /

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch 2026-03-18 at 12:47 By Eduard Kovacs Meta does not plan on fixing the vulnerability because it involves the use of a modified client application. The post Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch appeared first on SecurityWeek. This article is an excerpt

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch Read More »

Robotic Surgery Giant Intuitive Discloses Cyberattack

data breach, Data Breaches, Featured, healthcare, Intuitive Surgical, robot surgery /

Robotic Surgery Giant Intuitive Discloses Cyberattack 2026-03-17 at 16:01 By Ionut Arghire The company says some of its internal business applications were accessed after an employee fell victim to a phishing attack. The post Robotic Surgery Giant Intuitive Discloses Cyberattack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Robotic Surgery Giant Intuitive Discloses Cyberattack Read More »

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation

Asia, China, China APT, Featured, Military, Nation-State /

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation 2026-03-16 at 14:52 By Ionut Arghire The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months. The post China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation Read More »

Hacking Attempt Reported at Poland’s Nuclear Research Center

Featured, Incident Response, Iran, nuclear, poland /

Hacking Attempt Reported at Poland’s Nuclear Research Center 2026-03-16 at 10:56 By Eduard Kovacs Initial evidence indicates Iran may be behind the attack, but officials admitted it could be a false flag.  The post Hacking Attempt Reported at Poland’s Nuclear Research Center appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Hacking Attempt Reported at Poland’s Nuclear Research Center Read More »

Chrome 146 Update Patches Two Exploited Zero-Days

Chrome, exploited, Featured, Vulnerabilities, vulnerability, Zero-Day /

Chrome 146 Update Patches Two Exploited Zero-Days 2026-03-13 at 09:50 By Ionut Arghire The flaws can be exploited to manipulate data and bypass security restrictions, potentially leading to code execution. The post Chrome 146 Update Patches Two Exploited Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 146 Update Patches Two Exploited Zero-Days Read More »

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

Endpoint Security, Featured, Malware, Malware & Threats /

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload 2026-03-11 at 11:42 By Kevin Townsend The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and eventual data exfiltration. The post ‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload appeared first on SecurityWeek.

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload Read More »

Scroll to Top