New macOS Malware notnullOSX Targets Crypto Wallets Over $10K
A new macOS malware dubbed notnullOSX is targeting cryptocurrency wallets holding more than $10,000. The threat, linked to a hacker known as 0xFFF (now alh1mik), spreads via fake Google Docs warnings and a malicious Terminal command called ClickFix, then requests Full Disk Access to harvest credentials. It also distributes a counterfeit version of the WallSpace app through a hijacked YouTube channel, and includes a ReplaceApp module that swaps legitimate wallet software like Ledger Live and Trezor with fake copies to capture seed phrases. Security firm Moonlock Lab warns the modular design could expand beyond high‑value victims, putting even hardware wallets at risk.
Operation Masquerade: FBI Disrupts Russian Router Hacking Campaign
The Department of Justice and FBI announced the takedown of a Russian GRU‑run cyber‑espionage operation, dubbed Operation Masquerade, that compromised thousands of home and small‑office routers, primarily TP‑Link devices, across 23 U.S. states and abroad. The attackers, identified as the APT28/Fancy Bear...
Hackers Pose as Non-Profit Developers to Deploy Monero Mining Malware
Since late 2023, the REF1695 hacker group has been embedding Monero‑mining malware in counterfeit software installers that masquerade as non‑profit projects. The scheme uses a fake ISO download, a persuasive ReadMe.txt, and instructions to bypass Windows SmartScreen, delivering a toolkit...
AI Agents and Non-Human Identities Creating Critical Security Gaps, Report
Keeper Security’s new report, presented at RSA 2026, reveals that companies are rapidly deploying AI agents and other non‑human identities (NHIs) without adequate security controls. Nearly half of surveyed firms give AI‑powered tools access to critical data, yet 76% lack...
Missile Alert Phishing Exploits Iran-US-Israel Conflict for Microsoft Logins
Researchers at Cofense uncovered a new phishing campaign that disguises itself as urgent missile‑alert emails tied to the Iran‑Israel conflict. The messages, sent from a spoofed Ministry of Interior address, contain QR codes that lead victims to a counterfeit Microsoft...
Cloudflare Targets WordPress With New AI-Powered EmDash CMS
Cloudflare has unveiled EmDash CMS, a server‑less, AI‑built content platform designed to rival WordPress, which powers over 40% of websites. EmDash isolates each plugin in a Dynamic Worker sandbox, limiting access to declared permissions and addressing the 96% plugin‑related security...
Why Security Researchers and Red Teams Are Turning to Workflow Automation
Security teams are increasingly adopting workflow automation to combat alert fatigue and accelerate investigations. Automated pipelines now enrich indicators of compromise, aggregate threat intelligence, and run continuous recon for red teams and bug bounty hunters. Open‑source, self‑hosted platforms such as...
Fake ChatGPT Ad Blocker Chrome Extension Caught Spying on Users
A counterfeit Chrome extension named “ChatGPT Ad Blocker” was discovered harvesting users' ChatGPT conversations under the guise of removing ads. DomainTools found the malicious add‑on on the Chrome Web Store in February 2026, where it cloned the page’s DOM, stripped...
AI Future: The Leading International AI and Web3 Forum to Take Place in April
AI Future, the flagship event of the global Blockchain Forum, will convene in Moscow on April 14‑15, drawing over 20,000 participants from 100 countries. The two‑day summit features 200 speakers and 250 sponsors, focusing on the intersection of artificial intelligence...
ShinyHunters Hackers Claim Theft of 3M+ Cisco Records, Threaten Public Leak
ShinyHunters, identified as UNC6040, issued a final warning to Cisco, demanding contact before April 3 2026 or face a public data leak. The group alleges it has exfiltrated more than three million Salesforce records, along with GitHub repositories, AWS storage buckets, and...
Storm Infostealer Sold as Service, Targets Browsers, Wallets and Accounts
Storm, a new infostealer discovered by Varonis Threat Labs in early 2026, can decrypt Chrome’s App‑Bound Encryption and harvest credentials, session cookies, crypto wallets, and messaging app accounts from Chrome, Edge, Firefox and other browsers. The malware is offered as...
Why GitHub Developers Are Targeted by Token Giveaway Scams
GitHub developers are increasingly targeted by sophisticated token giveaway scams that masquerade as legitimate project announcements. Attackers exploit developers' public activity, mimicking maintainers, using authentic branding, and leveraging technical language to appear credible. The scams rely on urgency, hidden malicious...
LinkedIn Phishing Scam Uses Fake Notifications to Hijack Accounts
A new phishing campaign is tricking LinkedIn users with counterfeit notification emails that appear to come from the platform. The emails, sent from a freshly registered khanieteam.com domain, direct victims to a look‑alike site (inedindigital) that harvests login credentials. Cofense's...
Ransomware Groups Exploit Legit IT Tools to Bypass Antivirus
Researchers at Seqrite have identified a "dual‑use dilemma" where ransomware groups repurpose legitimate IT utilities such as IOBit Unlocker and Process Hacker to disable antivirus software. These signed tools allow attackers to create a silent zone, bypassing traditional signature‑based defenses...
ImageMagick Zero-Day Enables RCE on Linux and WordPress Servers
Octagon Networks uncovered a critical ImageMagick zero‑day that enables remote code execution on major Linux distributions and WordPress sites. The flaw, dubbed a “magic byte shift,” lets attackers disguise malicious scripts as harmless images, bypassing file‑extension checks and even secure...
AI Agents Are Democratizing Finance but Also Redefining Risk
AI agents are now moving capital autonomously, turning complex arbitrage strategies into simple commands and democratizing access to sophisticated finance. Users have seen outsized returns, such as a $300 investment growing to over $2.3 million in four months, thanks to rapid,...
Kernel Observability for Data Movement
Modern security stacks rely on user‑space logs, leaving a blind spot at the operating system layer where data actually moves. Kernel‑mediated events—file reads, network writes, process creation—provide a complete, immutable record of every data flow, yet most tools never tap...
OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens
BeyondTrust Phantom Labs uncovered a critical command‑injection flaw in OpenAI's Codex that leveraged hidden Unicode characters in GitHub branch names to steal OAuth tokens. The vulnerability affected the ChatGPT web interface, Codex SDK, and several developer extensions, exposing full repository...
Wave Browser Brings Gaming Tools and Ocean Cleanup Into the Same Tab
Wave Browser launches as a gaming‑focused web browser that bundles multitasking tools such as a sidebar, picture‑in‑picture streaming, and a Memory Saver mode to keep RAM usage low during heavy gaming sessions. The browser embeds utilities like ad blocking, translation,...
15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow
A fifteen‑year‑old integer underflow bug (CVE‑2026‑25075) in strongSwan’s EAP‑TTLS plugin can crash VPN services by requesting an impossible 18 exabyte memory allocation. The flaw affects versions 4.5.0 through 6.0.4 and triggers a two‑phase “ghost” attack that only crashes the charon daemon...
Dark Web Market Lists Alleged 375TB Lockheed Martin Data for $600M
Hackers on the dark‑web marketplace Threat Market claim to have obtained 375 TB of Lockheed Martin data and are offering it for a $600 million buy‑out. The alleged sale, posted via a Telegram account linked to the market and attributed to an APT...
ShinyHunters Walk Away From BreachForums, Leak 300,000-User Database
The ShinyHunters hacker collective announced it is abandoning BreachForums, labeling the platform a waste of time after an FBI seizure in October 2025. Simultaneously, the group released a fresh dump containing data on more than 300,000 BreachForums users, including full...
BianLian Ransomware Spreads via Fake Invoice SVG Images in New Attacks
WatchGuard researchers have uncovered a new BianLian ransomware campaign that distributes malicious SVG invoice images to companies in Venezuela. The SVG files hide XML code that silently contacts a shortened ja.cat URL, redirects through compromised Brazilian domains, and drops a...
Quish Splash QR Code Phishing Campaign Hits 1.6 Million Users
Researchers at 7AI uncovered the "Quish Splash" campaign, which dispatched over 1.6 million phishing emails in less than three weeks. The attackers embedded malicious URLs inside BMP‑format QR‑code images, a technique that slipped past Microsoft Defender and other email filters. By...
New PXA Stealer Malware Targets Banks, Uses Telegram to Exfiltrate Data
CyberProof reports a 8‑10% surge in PXA Stealer attacks on financial institutions during Q1 2026, positioning the malware as the successor to takedown‑prone infostealers like RedLine and Lumma. The campaign spreads through convincing phishing emails that mimic tax forms, legal notices, or...
Acalvio ShadowPlex Review: Deception-Based Preemptive Cybersecurity
Acalvio ShadowPlex is an AI‑powered, agentless deception platform that projects decoys, breadcrumbs, and honeytokens across endpoints, cloud, OT, and identity layers to detect attacker intent early. The solution feeds high‑confidence alerts into existing SOC workflows via integrations with SIEM, SOAR,...
Best Klaviyo Alternatives for Revenue Growth and Advanced Analytics
Klaviyo remains a leading CRM for e‑commerce, but its cost and complexity can deter startups. The article highlights three cost‑effective alternatives—Maestra, Brevo, and Omnisend—that deliver advanced analytics and multi‑channel performance tracking. Each platform offers customizable attribution, granular revenue dashboards, and...
Understanding Wiz’s Approach to Securing the AI Supply Chain
The AI supply chain’s layered, multi‑cloud nature creates visibility gaps and unique vulnerabilities that traditional software‑security tools can’t fully address. Wiz proposes an AI‑CNAPP framework that unifies asset discovery, cloud‑posture management, workload protection, and continuous risk assessment across the entire...
All AI and Security Teams Need Transparent Data Pipelines
Organizations that rely on opaque AI data sources expose themselves to integrity risks, compliance gaps, and trust deficits. Without auditable pipelines, security teams cannot verify data quality, leading to hallucinations and regulatory violations such as under the EU AI Act....
OVHcloud Founder Denies Massive 590TB Data Breach Claims
OVHcloud founder Octave Klaba denied a purported 590 TB data breach alleged by a user on BreachForums. The poster claimed to have exfiltrated data from 1.6 million OVH Fresh customers and up to 6 million active websites, yet only supplied a trivial email‑and‑phone sample....
Gcore Radar Report Reveals 150% Surge in DDoS Attacks Year-on-Year
Gcore’s Q3‑Q4 2025 Radar report shows a 150% year‑on‑year jump in DDoS incidents, with attack counts climbing to 1.3 million in Q4 2025. Peak traffic surged to 12 Tbps, a six‑fold rise over the previous year, while network‑layer attacks now represent 82% of all...
Playnance Introduces Participation-First Model for Social Gaming with New Protocol Launch
Playnance launched its Democratic Social Gaming Protocol, a participation‑first system that links player activity to economic outcomes via the GCOIN token. The blockchain‑backed architecture promises transparent, verifiable reward distribution, moving away from traditional profit‑centric models. Over one million users now...
North Korean Hacker Lands Remote IT Job, Caught After VPN Slip
A North Korean hacker answered a generic help‑wanted ad, passed standard background checks, and was hired for a remote IT role handling sensitive Salesforce data on August 15, 2025. Ten days later, a login from an unmanaged device in St. Louis,...
Global Crackdown Dismantles 4 Botnets Behind Major DDoS Attacks
International law enforcement agencies, led by the US DOJ and FBI, dismantled four major botnets—Aisuru, KimWolf, JackSkid and Mossad—that had compromised over three million IoT devices. At their peak, the networks could generate 30 terabits per second of traffic, powering some...
Hacker Group LAPSUS$ Claims Alleged AstraZeneca Data Breach
LAPSUS$ has posted a claim that it exfiltrated roughly 3 GB of AstraZeneca data, including source code, cloud‑infrastructure configurations, and employee‑related records. The group shared sample files that appear to contain authentic GitHub Enterprise user exports and contractor onboarding logs, suggesting...
CISO Whisperer Names 11 Vendors Leading the Shift From Tools to Outcomes at RSA Conference 2026
The CISO Whisperer has identified 11 cybersecurity vendors at RSA Conference 2026 that exemplify the industry’s move from reactive tools to outcome‑driven, AI‑powered operations. Companies such as Daylight Security, Reclaim Security and CyCognito showcase models that turn detection into automated...
SpyCloud’s 2026 Identity Exposure Report Reveals Explosion of Non-Human Identity Theft
SpyCloud’s 2026 Identity Exposure Report reveals a sharp rise in non‑human identity theft, with 18.1 million API keys and tokens and 6.2 million AI‑tool credentials exposed in 2025. Phishing records surged 400 % YoY, delivering 28.6 million compromised identities, while 8.6 billion session cookies were...
Fake Windsurf IDE Extension Uses Solana Blockchain to Steal Developer Data
Bitdefender uncovered a counterfeit Windsurf IDE extension that pretends to be the legitimate REditorSupport tool for the R language. The malicious plug‑in drops native node files and uses a PowerShell task named UpdateApp to maintain persistence. Uniquely, it communicates via...
Computer Vision Frameworks: Features And Future Trends
Computer vision frameworks provide developers with pre‑built algorithms for image processing, model training, and deployment across platforms. They integrate deep learning libraries like PyTorch and TensorFlow, offering features such as pre‑trained models, data augmentation, and visualization tools. Frameworks are categorized...
New .NET AOT Malware Hides Code as a Black Box to Evade Detection
Researchers at Howler Cell have identified a new .NET Ahead‑of‑Time (AOT) compiled malware that strips metadata, turning the malicious binary into a black‑box that evades traditional security scanners. The infection chain begins with a phishing ZIP, delivering a downloader that...
Orchid Security Recognized by Gartner® as a Representative Vendor of Guardian Agents
Orchid Security has been named a Representative Vendor in Gartner’s inaugural Market Guide for Guardian Agents, which focuses on managing identities and access for AI agents with zero‑trust policies. The guide warns that AI agents expand “identity dark matter,” creating...
GitGuardian Reports an 81% Surge of AI-Service Leaks as 29M Secrets Hit Public GitHub
GitGuardian’s 2026 State of Secrets Sprawl report reveals an 81% year‑over‑year surge in AI‑service credential leaks, pushing total exposed secrets on public GitHub to roughly 29 million. AI‑assisted coding, exemplified by Claude Code, shows a 3.2% leak rate—about twice the platform...
New Vidar 2.0 Infostealer Spreads via Fake Game Cheats on GitHub, Reddit
Cybersecurity firm Acronis TRU uncovered a large‑scale campaign distributing the Vidar 2.0 infostealer through fake game‑cheat files hosted on GitHub and promoted on Reddit and Discord. The malware, rewritten in C for greater speed and stealth, is sold as Malware‑as‑a‑Service for $130‑$750...
Kevuru Games Outlines the Shift Toward Flexible Art Production in the Games Industry
Kevuru Games asserts that art outsourcing has evolved into a core component of modern game development, driven by larger project scopes, longer production cycles, and heightened visual expectations. The global games market, valued at $188.8 billion in 2025, is projected to...
Gaming Clans Become Growth Engine for Playnance Ecosystem
Playnance announced a strategic partnership with KGeN, linking its Web3 entertainment platform to KGeN’s network of over 53 million verified gamers. The collaboration taps more than 30,000 gaming clans spread across 60 countries, giving Playnance direct access to tightly‑connected community leaders. Through...
AI-HealthTech Innovator Humata Health Partners with AccuKnox for Zero Trust CNAPP
AI‑HealthTech firm Humata Health announced a partnership with security specialist AccuKnox to embed Zero‑Trust CNAPP and Application Security Posture Management into its SaaS platform. The solution, deployed on‑premises, satisfies HIPAA requirements and integrates with Azure DevOps and GitLab for automated...
Hackers Use Cloudflare Human Check to Hide Microsoft 365 Phishing Pages
Security researchers have uncovered a new phishing technique that leverages Cloudflare's Turnstile human‑verification widget to conceal fraudulent Microsoft 365 login pages. The malicious sites present a Turnstile challenge, then use the visitor's IP to identify security professionals or bots and serve...
Maintaining Security and Protecting Smart Home Devices From Hackers
Smart home devices boost convenience and energy savings but are increasingly targeted by cybercriminals. Common flaws include weak default passwords, lack of updates, and unsegmented Wi‑Fi networks that let attackers move laterally. Recent incidents, such as a robot vacuum breach...
New PixRevolution Malware Steals Brazil’s PIX Transfers in Real Time
Brazil’s instant payment platform PIX, handling billions of transactions monthly, is being targeted by a new Android malware called PixRevolution. The threat uses an agent‑in‑the‑loop model, displaying a fake loading screen while a human or AI operator swaps the recipient’s...
Iran-Linked Handala Hackers Claim Major Hacks on Stryker and Verifone
Iran‑linked Handala Hack Team announced cyberattacks on medical‑device maker Stryker and payment‑technology firm Verifone on March 11. Stryker confirmed a network disruption in its Microsoft‑based environment but reported no ransomware or data loss, while Verifone said it found no evidence of...
