Dark Web Article Contest Offers $10,000 for Exploit Writing on TierOne Forum
A dark‑web forum called TierOne has launched a $10,000 article contest that rewards technical write‑ups on vulnerability exploitation. The prize pool is split into $5,000 for first place, $3,000 for second, and $2,000 for third, with submissions accepted from April 13 to May 14, 2026. The contest covers topics such as remote code execution, IDOR, SSTI, firmware attacks, AI‑assisted exploit discovery and AV/EDR bypass techniques. Organizers require original, detailed articles posted under a specific prefix, mirroring the structure of legitimate bug‑bounty programs but in an illicit environment.
Zimbabwe Boosts Cybersecurity as AI-Driven Cyber Fraud Surges
Zimbabwe is ramping up its cybersecurity defenses as AI‑driven fraud spikes, with deepfake voice cloning and automated phishing tools targeting mobile money users and public services. The government reports cyber‑related losses exceeding $30 million a year and a 40% rise in...
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe released emergency updates to fix a high‑impact Acrobat and Reader flaw identified as CVE‑2026‑34621. The vulnerability, rated 8.6 on the CVSS scale, allows arbitrary code execution via prototype pollution and has been confirmed exploited in the wild. Affected products...
The Cyber Express Weekly Roundup: Major State Threats, Crypto Attacks, and Legal Gaps
The Cyber Express weekly roundup highlights a surge in state‑sponsored DNS hijacking by Russia‑linked APT28, a $285 million theft from the Drift Protocol DeFi exchange, and a looming EU regulatory gap on child‑sexual‑abuse‑material detection. The U.S. Treasury announced a Digital Asset...
Not a Signal Flaw: IPhone Notifications Became a Backdoor for Deleted Messages
A federal FBI investigation revealed that deleted Signal messages can be recovered from an iPhone because iOS stores notification previews in a hidden database, not because of a flaw in Signal’s encryption. Investigators extracted incoming message fragments from a suspect’s...
Iran Crisis Highlights Rising Gulf Cybersecurity Risks to Critical Infrastructure
The recent Iran‑U.S. escalation has exposed Gulf states’ critical infrastructure to heightened cyber threats. Ports, energy facilities, desalination plants and financial hubs are now seen as vulnerable to combined kinetic and digital attacks. The United Arab Emirates is integrating cyber...
Microsoft Recall Flaw Exposes Decrypted User Data, Researchers Find
Microsoft re‑launched its Recall feature with a hardened security stack that includes VBS enclaves, AES‑256‑GCM encryption, Windows Hello, and a Protected Process Light host. Researchers discovered that while the encrypted vault remains secure, the AIXHost.exe process that renders decrypted data...
FCC Proposes Tougher KYC Rules to Crack Down on Illegal Robocalls
The FCC has issued a Further Notice of Proposed Rulemaking to tighten Know‑Your‑Customer (KYC) requirements for voice service providers that originate robocalls. The agency wants carriers to collect full names, addresses, government IDs and usage details, retain records for up...
GitLab Security Update Fixes High-Severity CVE-2026-5173, 11 Other Flaws
GitLab released a critical security update on April 8, 2026 that patches twelve vulnerabilities across its Community and Enterprise editions, including the high‑severity CVE‑2026‑5173. The update bundles three point releases—18.10.3, 18.9.5 and 18.8.9—covering self‑managed installations from version 16.9.6 onward. GitLab.com and Dedicated cloud...
U.S. Treasury Rolls Out Cybersecurity Information Sharing Initiative as Crypto Attacks Rise
The U.S. Treasury’s Office of Cybersecurity and Critical Infrastructure Protection launched a digital‑asset cybersecurity initiative that provides free, high‑quality threat intelligence to eligible U.S. crypto firms. The move responds to a surge in sophisticated attacks that cost the industry over...
Russian Hackers Exploit SOHO Routers for DNS Hijacking Campaign
Russian-linked threat group Forest Blizzard has been hijacking home and small‑office routers since at least August 2025, turning them into covert DNS infrastructure. Microsoft reported over 200 organizations and more than 5,000 consumer devices infected, enabling passive traffic monitoring and targeted...
Signature Healthcare Cyberattack Causes Service Disruptions, Treatment Delays
Signature Healthcare detected a cyberattack on April 6, 2026, prompting the network to shift to emergency downtime procedures. The breach forced the Brockton Hospital to divert ambulances, cancel chemotherapy infusions, and rely on manual workflows, while surgeries and urgent care continued...
Bitcoin Depot Discloses $3.6 Million Crypto Theft Following System Breach
Bitcoin Depot disclosed that on March 23, 2026 attackers siphoned 50.903 Bitcoin, roughly $3.665 million, from its internal settlement wallets after breaching corporate IT systems. The breach was limited to internal credentials and did not affect customer‑facing platforms or data. Bitcoin...
Gov. Tim Walz Deploys National Guard After Winona Cyberattack Disrupts Services
A cyberattack on Winona County began on April 6, crippling the county’s digital infrastructure that supports emergency and municipal services. Governor Tim Walz issued an emergency executive order authorizing the Minnesota National Guard to assist with containment, system stabilization, and recovery....
FBI Takes Down APT28 Network Behind Global DNS Hijacking Attacks
The FBI, in coordination with the Department of Justice, launched Operation Masquerade to dismantle a global network of compromised SOHO routers used by the Russian-linked threat group APT28 for DNS hijacking. The operation reset DNS configurations on thousands of TP‑Link...
Researchers Find a Zero-Day Attack Targeting Adobe Reader Users
Researchers have uncovered a zero‑day vulnerability in Adobe Reader that allows remote code execution through crafted PDF files. The exploit chain leverages a memory‑corruption flaw, runs entirely in memory, and requires no user interaction beyond opening the document. Its multi‑layer...
Iran-Linked Hackers Breach U.S. Industrial Systems, Trigger Disruptions
The FBI, CISA, and NSA issued a joint advisory on April 7, 2026 warning that Iranian‑affiliated APT groups are actively exploiting internet‑exposed programmable logic controllers (PLCs) to disrupt U.S. critical infrastructure. The campaign targets water, wastewater, energy, and government services,...
Child Safety at Risk as EU CSAM Detection Law Lapses, Reporting Concerns Rise
The EU’s temporary legal framework that allowed online platforms to scan private communications for child sexual abuse material (CSAM) expired on April 3, 2026, creating regulatory uncertainty. Major tech firms—including Google, Meta, Microsoft and Snap—have pledged to continue voluntary detection using hash‑matching...
Germany Names Suspected Leader of REvil and GandCrab Ransomware Gangs
German authorities have identified a 31‑year‑old Russian, Daniil Maksimovich Shchukin, as the suspected leader of the REvil and GandCrab ransomware gangs. The BKA says he directed at least 130 attacks in Germany from 2019‑2021, extorting roughly €2 million (about $2.1 million) and...
FortiClientEMS Vulnerabilities Under Active Exploitation, Expose Systems to RCE
Fortinet disclosed two critical vulnerabilities in its FortiClientEMS endpoint management platform that are already being exploited in the wild. CVE-2026-21643 is a SQL injection flaw in the admin interface of version 7.4.4, allowing unauthenticated remote code execution. CVE-2026-35616 is an...
$20 Billion Lost to Cybercrime as AI and Investment Scams Surge: FBI Report
The FBI’s 2025 Internet Crime Report records a historic $20.8 billion in losses from more than one million complaints. Cyber‑enabled fraud accounted for roughly $17.7 billion, with investment scams—especially cryptocurrency schemes—driving $8.6 billion of that damage. AI‑powered scams emerged as a new threat,...
75% of Cyberattacks Start with Phishing Emails, UAE Cyber Council Says
The UAE Cyber Security Council warned that over 75% of cyberattacks now begin with phishing emails, citing a daily global volume of 3.4 billion deceptive messages. Attackers rely on urgent language, brand impersonation, and simple tricks to lure users into revealing...
The Cyber Express Weekly Roundup: Ransomware, and Supply Chain Breaches Surge
The Cyber Express weekly roundup highlights a sharp rise in ransomware incidents and supply‑chain compromises across multiple sectors. High‑profile breaches include a ransomware intrusion at Hasbro, a malicious package update that hit AI startup Mercor via the LiteLLM project, and...
FBI Warns of AVrecon Malware Targeting Network Devices Across 163 Countries
The FBI has issued a warning about AVrecon, a modular malware that compromises home and small‑office routers by exploiting unpatched remote‑code‑execution flaws. The malware was used by the now‑dismantled SocksEscort proxy service, which sold access to roughly 369,000 infected devices...
Intesa Sanpaolo Missed Unauthorized Access for 2 Years, Regulator Reveals
Italy’s data protection authority disclosed that Intesa Sanpaolo failed to detect an insider’s unauthorized access for over two years. A single employee viewed the records of more than 3,500 customers, leading to a €31.8 million (≈ $34.7 million) fine. Regulators said the bank’s...
AI-Fueled Cyberattacks Surge in UAE Amid Rising Regional Tensions
The United Arab Emirates is confronting an unprecedented wave of cyberattacks, with the Cyber Security Council estimating 500,000 to 700,000 incidents each day. Threat actors, including state‑linked groups from Iran, are exploiting artificial‑intelligence tools such as ChatGPT to automate reconnaissance,...
Cybersecurity Is a Calling, Not Just a Career — Dr. Priyanka Sunder (PD) on Women Leading the Charge
Dr. Priyanka Sunder, a two‑decade cybersecurity strategist and award‑winning leader, discusses how women are reshaping governance, risk and compliance (GRC) in the industry. She highlights the shift from compliance check‑boxes to continuous resilience, emphasizing cloud security controls, data localization, and...
Hackers Impersonate Ukrainian CERT to Plant a RAT on Government, Hospital Networks
Ukrainian cyber‑defense agency CERT‑UA was spoofed with an AI‑generated website and phishing emails that distributed a password‑protected ZIP containing the AGEWHEEZE remote‑access Trojan. The Go‑based RAT offered full screen, input and system control and communicated with a command‑and‑control server on...
The Energy Sector Isn’t Ready for Ransomware—And 2025 Proved It
In 2025 the energy and utilities sector endured a record 187 ransomware incidents, many involving full system encryption and data theft. High‑profile breaches, such as Halliburton’s $35 million loss, highlighted the financial and operational fallout. Legacy operational technology, IT‑OT convergence, and...
Nova Scotia Power Data Breach Compromises Data of Over 900,000 Users
Nova Scotia Power disclosed a data breach affecting more than 900,000 current and former customers, exposing names, contact details, birth dates, banking information, driver’s licenses and Social Insurance Numbers. The intrusion began around March 19, 2025 when an employee clicked...
Node.js Fixes Critical Flaws, Patches DoS Risk in Latest Security Update
The Node.js project released a March 2026 security rollout covering its 20.x, 22.x, 24.x and 25.x branches. The update patches a critical TLS handling flaw (CVE-2026-21637) that could trigger remote denial‑of‑service, and a high‑severity HTTP header bug (CVE-2026-21710) that may...
Dutch Finance Ministry Investigates Data Breach in Internal Systems
On March 19, the Dutch Ministry of Finance detected unauthorized access to internal policy‑department systems after a third‑party flagged suspicious activity. The ministry quickly blocked the intrusion and took affected systems offline, while core citizen services such as tax, customs...
Women Shaping the Future of Mobile Cybersecurity in a Digital-First Era
India’s mobile‑first digital economy has turned smartphones into the most exposed point in the technology stack, prompting attackers to target mobile applications directly. Companies are shifting from traditional perimeter defenses to embedded solutions like runtime application self‑protection that monitor behavior...
Android Malware Campaign Targets Indian Users via Fake eChallan Alerts
CERT-In has warned of a coordinated Android malware campaign that lures Indian vehicle owners with fake eChallan and RTO challan SMS alerts. The messages direct users to download malicious APKs such as "RTO Challan.apk," which act as droppers for multi‑stage...
U.S. Shuts Down Websites Behind Iran-Linked Cyber Attacks and Death Threats
The U.S. Justice Department seized four domains—Justicehomeland.org, Handala‑Hack.to, Karmabelow80.org and Handala‑Redwanted.to—allegedly operated by Iran’s Ministry of Intelligence and Security. Investigators say the sites acted as fake hacktivist fronts that claimed cyberattacks, published stolen data and issued death threats against journalists,...
Perseus Android Malware Targets Mobile Banking Users via Fake IPTV Apps
Researchers at ThreatFabric have uncovered a new Perseus Android malware variant that masquerades as IPTV streaming apps to infiltrate smartphones. The strain builds on Cerberus and Phoenix code, leveraging Accessibility Services to stealthily control devices, scan note‑taking apps, and overlay...
Cyble Partners with Optiv to Bring Digital Risk Protection Into MSSP Operations
Cyble has partnered with Optiv to embed its digital risk protection services into Optiv’s managed security service provider operations. The integration feeds Cyble’s open, deep, and dark‑web threat intelligence directly into Optiv’s fusion center, giving analysts a unified view of...
China Sits at the Top of America’s Cyber Threat List
The U.S. Intelligence Community’s 2026 Annual Threat Assessment places China at the top of the nation‑state cyber threat list, describing it as the most active and patient actor with persistent footholds inside American networks. Beijing’s strategy focuses on pre‑positioning access...
How a Ukrainian Vishing Ring Stole €2M From EU Citizens — and Nearly Got Away
Latvian and Ukrainian police dismantled a vishing ring that stole about €2 million from EU citizens. The scheme used Ukrainian call‑center operators who impersonated police and bank staff, coerced victims into installing AnyDesk, and moved funds through over 170 money mules...
EU Sanctions Chinese, Iranian Hacking Groups for Device Breaches and Olympic Cyberattacks
On March 16, the European Union Council imposed new cyber sanctions on three entities and two individuals linked to China and Iran. The measures target Integrity Technology Group for compromising over 65,000 devices across six EU states, Anxun Information Technology...
AI Legal Risks: Lisa Fitzgerald on Why Businesses Must Vet AI Use Cases
AI adoption is accelerating, but businesses often overlook legal risks tied to generative tools. Lisa Fitzgerald, partner at Norton Rose Fulbright, warns that feeding confidential or personal data into public AI platforms can trigger cross‑border data transfers, privacy breaches, and...
China Demands Proof After Costa Rica Blames UNC2814 for ICE Cyberattack
Costa Rica’s state electricity and telecom provider ICE suffered a cyberespionage breach that extracted roughly nine gigabytes of internal email data, which officials linked to the China‑affiliated group UNC2814. The attribution, based on intelligence from Google’s Mandiant unit, follows a...
ATM Jackpotting Suspect Added to FBI’s Ten Most Wanted List
The FBI has placed Anibal Alexander Canelon Aguirre, alleged leader of a nationwide ATM jackpotting ring, on its Ten Most Wanted Fugitives list, marking the first cyber‑crime suspect to receive that designation. Investigators say the operation installed malware on ATMs...
Veeam Fixes RCE Bugs in Critical Backup & Replication Platform
Veeam released a critical security patch (version 12.3.2.4465) on March 12, 2026, fixing seven vulnerabilities in its Backup & Replication platform, including the high‑severity CVE‑2026‑21666 and CVE‑2026‑21667 which both score 9.9 on the CVSS scale. The update also resolves additional...
Stryker Says Cyberattack Disrupted Processing, Manufacturing and Shipping
Stryker, the U.S. MedTech leader, confirmed a cyberattack by the Iran‑linked Handala group disrupted its order processing, manufacturing and shipping operations. The breach originated in Stryker’s Microsoft environment but was contained to internal systems, leaving connected medical devices unaffected. The...
India Introduces Bug Bounty Program to Target Gaps in Aadhaar Ecosystem
India’s Unique Identification Authority (UIDAI) launched a formal bug bounty program to harden the Aadhaar ecosystem. A panel of 20 vetted security researchers will probe the official website, myAadhaar portal, and the Secure QR Code app for vulnerabilities. Rewards are...
India Outlines Legal Framework to Protect Children From AI and Online Harm
India’s government announced a comprehensive legal framework to shield children from AI‑driven online harms. Existing statutes such as the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023 are being leveraged to mandate rapid removal of illegal...
Iran’s Fake “Shelter Danger” Calls Part of Psychological Cyber Warfare Playbook
Israel’s National Cyber Directorate warned that Iran‑linked actors are conducting a wave of caller‑ID spoofing attacks, impersonating the Home Front Command’s emergency line. Automated calls and fake text alerts instruct citizens to stay out of bomb shelters or anticipate fuel...
Cyber Risk Management Starts with Understanding the Business: CISO Hannah Suarez Explains Why
In a recent interview, CISO Hannah Suarez stresses that cyber risk management must begin with a deep understanding of the business, not merely compliance checklists. She highlights how startups often accept risk to accelerate growth, while established firms need structured...
Cyberattack Forces Polish Hospital Revert to Paper-Based Operations
The Independent Public Regional Hospital in Szczecin, Poland, was hit by a ransomware‑style cyberattack on the night of March 7‑8, 2026, encrypting key parts of its electronic medical record system. With digital access blocked, the hospital shifted to a fully paper‑based...