https://www.darkreading.com/events/black-hat-usa ThreatAft en 2026-08-01T11:00:00.000Z Black Hat USA https://www.bleepingcomputer.com/news/security/linkedin-secretely-scans-for-6-000-plus-chrome-extensions-collects-data/ ThreatAft en 2026-04-03T20:40:22.000Z LinkedIn secretely scans for 6,000+ Chrome extensions, collects data https://therecord.media/fcc-proposes-5-million-fine-robocall ThreatAft en 2026-04-03T20:12:00.000Z FCC proposes $4.5 million fine for voice service provider hosting ‘suspicious’ foreign call traffic https://therecord.media/trueconf-cyberattack-cisa-hackers ThreatAft en 2026-04-03T19:45:00.000Z CISA gives agencies two weeks to patch video conferencing bug exploited by Chinese hackers https://www.reddit.com/r/netsec/comments/1sbn3w3/what_if_hsms_were_as_easy_to_use_as_they_are/ ThreatAft en 2026-04-03T19:22:56.000Z What If HSMs Were as Easy to Use as They Are Powerful? A native macOS app for YubiHSM 2 management https://www.tenable.com/blog/the-developer-credential-economy-exposure-data-is-the-new-front-line-in-the-supply-chain-war ThreatAft en 2026-04-03T18:50:57.000Z The developer credential economy: Why exposure data is the new front line in the supply chain war https://www.reddit.com/r/cybersecurity/comments/1sbm7me/the_axios_supply_chain_attack_used_individually/ ThreatAft en 2026-04-03T18:49:58.000Z The Axios supply chain attack used individually targeted social engineering https://www.reddit.com/r/cybersecurity/comments/1sblspg/i_accidently_let_my_sans_cert_expire_so_i_built_a/ ThreatAft en 2026-04-03T18:34:33.000Z I accidently let my SANS cert expire so I built a tool to track team cert expiry https://www.reddit.com/r/cybersecurity/comments/1sblpgx/hiring_from_a_director_of_cybers_perspective/ ThreatAft en 2026-04-03T18:31:13.000Z Hiring from a director of cyber's perspective. https://therecord.media/european-commission-cyberattack-teampcp ThreatAft en 2026-04-03T18:15:00.000Z EU cyber agency attributes major data breach to TeamPCP hacking group https://www.reddit.com/r/cybersecurity/comments/1sbktww/someone_is_actively_publishing_malicious_packages/ ThreatAft en 2026-04-03T17:59:26.000Z Someone is actively publishing malicious packages targeting the Strapi plugin ecosystem right now https://www.reddit.com/r/cybersecurity/comments/1sbkn6q/is_pki_a_good_longterm_career_in_cybersecurity/ ThreatAft en 2026-04-03T17:52:34.000Z Is PKI a good long-term career in cybersecurity? (Scope, salaries, future with AI) https://www.bleepingcomputer.com/news/security/hims-and-hers-warns-of-data-breach-after-zendesk-support-ticket-breach/ ThreatAft en 2026-04-03T17:41:11.000Z Hims & Hers warns of data breach after Zendesk support ticket breach https://thehackernews.com/2026/04/china-linked-ta416-targets-european.html ThreatAft en 2026-04-03T17:34:00.000Z China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing https://www.reddit.com/r/cybersecurity/comments/1sbk0ep/seeking_arxiv_endorsement_for_cscr/ ThreatAft en 2026-04-03T17:29:24.000Z Seeking Arxiv Endorsement for cs.CR https://www.reddit.com/r/cybersecurity/comments/1sbjppf/has_anybody_used_zip_security_and_now_what_their/ ThreatAft en 2026-04-03T17:18:41.000Z Has anybody used Zip Security and now what their pricing is? https://www.darkreading.com/endpoint-security/apple-patches-darksword-ios-18 ThreatAft en 2026-04-03T17:08:57.000Z Apple Breaks Precedent, Patches DarkSword for iOS 18 https://www.reddit.com/r/cybersecurity/comments/1sbj51g/relearning_pythonbashpowershell/ ThreatAft en 2026-04-03T16:58:07.000Z Relearning Python/Bash/Powershell https://www.reddit.com/r/cybersecurity/comments/1sbj2o6/how_false_are_false_positives_moving_from_a/ ThreatAft en 2026-04-03T16:55:47.000Z How "false" are false positives? Moving from a Hunter to an Architect mindset. https://www.reddit.com/r/cybersecurity/comments/1sbimd3/bots_v2_questions/ ThreatAft en 2026-04-03T16:39:10.000Z BOTS v2 QUESTIONS https://www.bleepingcomputer.com/news/security/die-linke-german-political-party-confirms-data-stolen-by-qilin-ransomware/ ThreatAft en 2026-04-03T16:36:44.000Z Die Linke German political party confirms data stolen by Qilin ransomware https://cyberscoop.com/trump-budget-proposal-would-cut-hundreds-of-millions-more-from-cisa/ ThreatAft en 2026-04-03T16:33:14.000Z Trump budget proposal would cut hundreds of millions more from CISA https://cyberscoop.com/wyden-warns-ssa-chief-trump-voter-database-blatant-voter-suppression/ ThreatAft en 2026-04-03T16:30:24.000Z Wyden warns Social Security chief: Trump’s voter database is ‘blatant voter suppression’ https://www.reddit.com/r/cybersecurity/comments/1sbhdtm/i_just_experienced_my_first_fullblown_malware/ ThreatAft en 2026-04-03T15:53:11.000Z I just experienced my first full-blown malware incident as an IT person https://www.reddit.com/r/cybersecurity/comments/1sbgxd2/infostealers_ulp_urlloginpassword_data_is_burning/ ThreatAft en 2026-04-03T15:36:12.000Z Infostealers ULP (url:login:password) Data Is Burning Out SOC Teams and Killing Automation https://thehackernews.com/2026/04/microsoft-details-cookie-controlled-php.html ThreatAft en 2026-04-03T15:32:00.000Z Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers https://www.darkreading.com/threat-intelligence/teampcp-attacks-hacker-infighting ThreatAft en 2026-04-03T15:11:16.000Z Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting https://www.reddit.com/r/cybersecurity/comments/1sbg683/mssp_recommendations_for_horizon3ai_in_smallscale/ ThreatAft en 2026-04-03T15:08:09.000Z MSSP recommendations for Horizon3.ai in small-scale, dynamic environments https://www.reddit.com/r/netsec/comments/1sbfq4u/claude_code_found_a_linux_vulnerability_hidden/ ThreatAft en 2026-04-03T14:51:20.000Z Claude Code Found a Linux Vulnerability Hidden for 23 Years https://www.reddit.com/r/netsec/comments/1sbfil2/npmsentinel_21_malicious_npm_packages_in_24h/ ThreatAft en 2026-04-03T14:43:18.000Z npm-sentinel: 21 malicious npm packages in 24h including LLM API MITM, encrypted skill backdoors, and Redis weaponization via postinstall https://www.reddit.com/r/cybersecurity/comments/1sbfg2m/21_malicious_npm_packages_found_in_24_hours_4/ ThreatAft en 2026-04-03T14:40:30.000Z 21 malicious npm packages found in 24 hours: 4 novel attack vectors targeting AI coding assistants including LLM API MITM and encrypted skill backdoors https://www.malwarebytes.com/blog/news/2026/04/blocking-children-from-social-media-is-a-badly-executed-good-idea ThreatAft en 2026-04-03T14:37:52.000Z Blocking children from social media is a badly executed good idea https://www.reddit.com/r/cybersecurity/comments/1sbfcxj/new_rowhammer_attacks_give_complete_control_of/ ThreatAft en 2026-04-03T14:37:05.000Z New Rowhammer attacks give complete control of machines running Nvidia GPUs https://www.reddit.com/r/cybersecurity/comments/1sbfcrd/i_feel_behind/ ThreatAft en 2026-04-03T14:36:53.000Z I feel behind https://www.bleepingcomputer.com/news/security/evolution-of-ransomware-multi-extortion-ransomware-attacks/ ThreatAft en 2026-04-03T14:05:15.000Z Evolution of Ransomware: Multi-Extortion Ransomware Attacks https://www.reddit.com/r/cybersecurity/comments/1sbehds/is_this_a_good_roadmap/ ThreatAft en 2026-04-03T14:02:55.000Z Is this a good roadmap? https://therecord.media/massachusetts-emergency-alert-cyberattack ThreatAft en 2026-04-03T14:00:00.000Z Massachusetts emergency communications system impacted by cyberattack https://www.reddit.com/r/netsec/comments/1sbe9tn/using_undocumented_aws_codebuild_endpoints_to/ ThreatAft en 2026-04-03T13:54:42.000Z Using undocumented AWS CodeBuild endpoints to extract privileged tokens from AWS CodeConnections allowing lateral movement and privilege escalation through an organisation's codebase https://www.reddit.com/r/cybersecurity/comments/1sbdtyi/if_youre_running_openclaw_you_probably_got_hacked/ ThreatAft en 2026-04-03T13:36:49.000Z If you're running OpenClaw, you probably got hacked in the last week https://www.reddit.com/r/netsec/comments/1sbds9i/if_youre_running_openclaw_you_probably_got_hacked/ ThreatAft en 2026-04-03T13:34:55.000Z If you're running OpenClaw, you probably got hacked in the last week https://www.darkreading.com/remote-workforce/skull-vibrations-could-be-xr-headset-authentication ThreatAft en 2026-04-03T13:30:00.000Z Picking Up 'Skull Vibrations'? Could Be XR Headset Authentication https://therecord.media/ukraine-warns-russian-hackers-revisiting-old-attacks ThreatAft en 2026-04-03T13:20:00.000Z Ukraine warns Russian hackers are revisiting past breaches to prepare new attacks https://isc.sans.edu/diary/rss/32864 ThreatAft en 2026-04-03T13:18:01.000Z TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd) https://www.darkreading.com/application-security/source-code-leaks-highlight-lack-supply-chain-oversight ThreatAft en 2026-04-03T13:00:00.000Z Source Code Leaks Highlight Lack of Supply Chain Oversight https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-14-6/ ThreatAft en 2026-04-03T13:00:00.000Z The Good, the Bad and the Ugly in Cybersecurity – Week 14 https://www.helpnetsecurity.com/2026/04/03/cisco-imc-vulnerability-cve-2026-20093/ ThreatAft en 2026-04-03T12:59:22.000Z Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093) https://www.darkreading.com/application-security/chainguard-factory-automate-hardening-software-supply-chain ThreatAft en 2026-04-03T12:57:28.000Z Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain https://www.reddit.com/r/cybersecurity/comments/1sbcny3/man_admits_to_locking_thousands_of_windows/ ThreatAft en 2026-04-03T12:48:03.000Z Man admits to locking thousands of Windows devices in extortion plot https://www.securityweek.com/trueconf-zero-day-exploited-in-asian-government-attacks/ ThreatAft en 2026-04-03T12:47:16.000Z TrueConf Zero-Day Exploited in Asian Government Attacks https://www.reddit.com/r/netsec/comments/1sbclqe/characterizing_abusive_ip_proxies/ ThreatAft en 2026-04-03T12:45:18.000Z Characterizing Abusive IP Proxies https://www.securityweek.com/in-other-news-chatgpt-data-leak-android-rootkit-water-facility-hit-by-ransomware/ ThreatAft en 2026-04-03T12:30:53.000Z In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware https://www.securityweek.com/critical-sharefile-flaws-lead-to-unauthenticated-rce/ ThreatAft en 2026-04-03T12:12:22.000Z Critical ShareFile Flaws Lead to Unauthenticated RCE https://www.reddit.com/r/cybersecurity/comments/1sbbpb3/how_to_structure_pcaps/ ThreatAft en 2026-04-03T12:04:20.000Z How to structure PCAPs https://www.darkreading.com/endpoint-security/crowdstrike-falcon-ingest-microsoft-defender-telemetry ThreatAft en 2026-04-03T11:53:15.000Z CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry https://www.reddit.com/r/netsec/comments/1sbbefe/what_16_security_engines_found_in_2900_mcp_servers/ ThreatAft en 2026-04-03T11:50:02.000Z What 16 security engines found in 2,900 MCP servers https://www.helpnetsecurity.com/2026/04/03/windows-secure-boot-certificate-update-2026-expiration/ ThreatAft en 2026-04-03T11:43:26.000Z Windows Security app gets Secure Boot certificate status indicators as 2026 expiration approaches https://www.reddit.com/r/cybersecurity/comments/1sbb7o3/agent_armor_open_source_zero_trust_runtime_for_ai/ ThreatAft en 2026-04-03T11:40:53.000Z Agent Armor: open source zero trust runtime for AI agents — protocol DPI, taint tracking, policy verification (Rust https://www.reddit.com/r/cybersecurity/comments/1sbb5k7/claude_code_leak_exploit_researchers_found_3/ ThreatAft en 2026-04-03T11:37:58.000Z Claude Code Leak -> Exploit? Researchers found 3 shell injection bugs in the leaked source — all using shell:true with unsanitized input https://www.reddit.com/r/cybersecurity/comments/1sbb4u0/anthropic_leak_reveals_cybersecurity_danger_and/ ThreatAft en 2026-04-03T11:36:55.000Z Anthropic leak reveals cybersecurity danger and potential of new model https://www.bleepingcomputer.com/news/microsoft/microsoft-still-working-to-fix-exchange-online-mailbox-access-issues/ ThreatAft en 2026-04-03T11:25:20.000Z Microsoft still working to fix Exchange Online mailbox access issues https://www.reddit.com/r/cybersecurity/comments/1sbasol/microsofts_newest_opensource_project_runtime/ ThreatAft en 2026-04-03T11:19:18.000Z Microsoft's newest open-source project: Runtime security for AI agents https://thehackernews.com/2026/04/unc1069-social-engineering-of-axios.html ThreatAft en 2026-04-03T11:04:00.000Z UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack https://www.reddit.com/r/cybersecurity/comments/1sbah89/crtp_results/ ThreatAft en 2026-04-03T11:02:26.000Z CRTP results https://www.securityweek.com/mobile-attack-surface-expands-as-enterprises-lose-control/ ThreatAft en 2026-04-03T11:00:00.000Z Mobile Attack Surface Expands as Enterprises Lose Control https://thehackernews.com/2026/04/why-third-party-risk-is-biggest-gap-in.html ThreatAft en 2026-04-03T11:00:00.000Z Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture https://www.securityweek.com/react2shell-exploited-in-large-scale-credential-harvesting-campaign/ ThreatAft en 2026-04-03T10:55:13.000Z React2Shell Exploited in Large-Scale Credential Harvesting Campaign https://www.helpnetsecurity.com/2026/04/03/claude-code-leak-github-malware/ ThreatAft en 2026-04-03T10:54:38.000Z Claude Code source leak exploited to spread malware https://www.reddit.com/r/cybersecurity/comments/1sba0kh/what_signals_tell_you_that_a_process_is_about_to/ ThreatAft en 2026-04-03T10:37:36.000Z What signals tell you that a process is “about to break” even if it hasn’t yet? https://www.securityweek.com/t-mobile-sets-the-record-straight-on-latest-data-breach-filing/ ThreatAft en 2026-04-03T10:30:00.000Z T-Mobile Sets the Record Straight on Latest Data Breach Filing https://www.reddit.com/r/cybersecurity/comments/1sb9e56/apple_expands_updates_to_ios_18_devices_affected/ ThreatAft en 2026-04-03T10:02:09.000Z Apple expands updates to iOS 18 devices affected by DarkSword exploit https://www.reddit.com/r/cybersecurity/comments/1sb9amr/trivy_supply_chain_attack_teampcp_cicd_trust/ ThreatAft en 2026-04-03T09:56:51.000Z Trivy Supply Chain Attack (TeamPCP) — CI/CD Trust Abuse, Tag Poisoning, and Credential Theft https://www.securityweek.com/north-korean-hackers-drain-285-million-from-drift-in-10-seconds/ ThreatAft en 2026-04-03T09:46:06.000Z North Korean Hackers Drain $285 Million From Drift in 10 Seconds https://thehackernews.com/2026/04/new-sparkcat-variant-in-ios-android.html ThreatAft en 2026-04-03T09:10:00.000Z New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images https://www.bleepingcomputer.com/news/security/man-admits-to-extortion-plot-locking-coworkers-out-of-thousands-of-windows-devices/ ThreatAft en 2026-04-03T09:04:54.000Z Man admits to locking thousands of Windows devices in extortion plot https://www.wired.com/story/cbp-facility-codes-sure-seem-to-have-leaked-via-online-flashcards/ ThreatAft en 2026-04-03T09:00:00.000Z CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards https://thehackernews.com/2026/04/drift-loses-285-million-in-durable.html ThreatAft en 2026-04-03T08:35:00.000Z Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK https://www.reddit.com/r/netsec/comments/1sb7pr4/new_rce_in_control_web_panel_cve202570951/ ThreatAft en 2026-04-03T08:20:58.000Z New RCE in Control Web Panel (CVE-2025-70951) https://www.reddit.com/r/netsec/comments/1sb7man/a_threat_actor_who_goes_by_the_name_mr_raccoon/ ThreatAft en 2026-04-03T08:14:57.000Z A threat actor who goes by the name "Mr. Raccoon" has claimed to hack Adobe support via 3rd party Indian BPO firm https://www.infosecurity-magazine.com/news/new-phishing-platform-credential/ ThreatAft en 2026-04-03T08:00:00.000Z New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs https://www.bleepingcomputer.com/news/microsoft/microsoft-now-force-upgrades-unmanaged-windows-11-24h2-pcs/ ThreatAft en 2026-04-03T07:55:40.000Z Microsoft now force upgrades unmanaged Windows 11 24H2 PCs https://www.helpnetsecurity.com/2026/04/03/aperion-smartflow-sdk-ai-governance/ ThreatAft en 2026-04-03T07:06:01.000Z APERION releases SmartFlow SDK for secure, on-prem AI governance without cloud reliance https://www.helpnetsecurity.com/2026/04/03/european-commission-cloud-breach/ ThreatAft en 2026-04-03T06:34:00.000Z Trivy supply chain attack enabled European Commission cloud breach https://www.bleepingcomputer.com/news/security/cert-eu-european-commission-hack-exposes-data-of-30-eu-entities/ ThreatAft en 2026-04-03T06:33:34.000Z CERT-EU: European Commission hack exposes data of 30 EU entities https://www.reddit.com/r/cybersecurity/comments/1sb58if/timeline_inconsistencies_in_strategy_review_data/ ThreatAft en 2026-04-03T05:52:12.000Z Timeline inconsistencies in strategy review data and issues of data reliability https://www.reddit.com/r/cybersecurity/comments/1sb54kp/does_anyone_here_work_as_a_security_engineer_at/ ThreatAft en 2026-04-03T05:46:05.000Z Does anyone here work as a security engineer at google India ? https://www.helpnetsecurity.com/2026/04/03/microsoft-ai-agent-governance-toolkit/ ThreatAft en 2026-04-03T05:30:38.000Z Microsoft releases open-source toolkit to govern autonomous AI agents https://www.helpnetsecurity.com/2026/04/03/android-permissions-privacy-risks-research/ ThreatAft en 2026-04-03T05:00:19.000Z Which messaging app takes the most limited approach to permissions on Android? https://www.reddit.com/r/cybersecurity/comments/1sb45bw/first_analysis_detection_pack_for_the_claude_code/ ThreatAft en 2026-04-03T04:52:09.000Z First analysis & detection pack for the Claude Code source leak https://www.reddit.com/r/cybersecurity/comments/1sb42qh/adobe_data_breach_2026_via_indian_bpo_support/ ThreatAft en 2026-04-03T04:48:18.000Z Adobe Data Breach 2026 via Indian BPO support firm by "Mr. Raccoon" https://www.helpnetsecurity.com/2026/04/03/thales-digital-trust-trends-report/ ThreatAft en 2026-04-03T04:30:22.000Z Click, wait, repeat: Digital trust erodes one login at a time https://www.helpnetsecurity.com/2026/04/03/new-infosec-products-of-the-month-march-2026/ ThreatAft en 2026-04-03T04:00:58.000Z New infosec products of the month: March 2026 https://www.reddit.com/r/cybersecurity/comments/1sb1o5p/why_are_graphics_drivers_exempted_from_codeql/ ThreatAft en 2026-04-03T02:48:04.000Z Why are graphics drivers exempted from CodeQL? https://www.reddit.com/r/cybersecurity/comments/1sb1cgb/cnssi_and_jsig_rmf_training/ ThreatAft en 2026-04-03T02:32:30.000Z CNSSI and JSIG RMF training? https://www.reddit.com/r/cybersecurity/comments/1sb15mr/georgia_tech_or_rit_for_cybersecurity/ ThreatAft en 2026-04-03T02:23:41.000Z Georgia Tech or RIT for cybersecurity? https://isc.sans.edu/diary/rss/32862 ThreatAft en 2026-04-03T02:00:02.000Z ISC Stormcast For Friday, April 3rd, 2026 https://isc.sans.edu/podcastdetail/9878, (Fri, Apr 3rd) https://www.reddit.com/r/cybersecurity/comments/1sazvie/built_an_offline_ai_pentest_assistant_in_python/ ThreatAft en 2026-04-03T01:24:32.000Z Built an offline AI pentest assistant in Python — local LLM analyzes nmap/whois results and saves findings to MariaDB https://www.reddit.com/r/cybersecurity/comments/1saxz7s/potential_technical_sr_cybersecurity_advisor/ ThreatAft en 2026-04-02T23:58:58.000Z Potential Technical SR. Cybersecurity Advisor interview tommorow any tips? things to go over? https://www.reddit.com/r/Malware/comments/1saxmi2/sophisticated_crystalx_rat_emerges_it_is_written/ ThreatAft en 2026-04-02T23:43:23.000Z Sophisticated CrystalX RAT Emerges - It Is Written in Go https://www.reddit.com/r/cybersecurity/comments/1saxg40/malicious_compliance/ ThreatAft en 2026-04-02T23:35:36.000Z Malicious Compliance https://www.reddit.com/r/cybersecurity/comments/1saxf2r/philosophical_question_best_way_to_handle/ ThreatAft en 2026-04-02T23:34:25.000Z Philosophical Question: Best Way to Handle Phishing on Shared Email? One or the other. https://www.reddit.com/r/netsec/comments/1saxedk/detailed_analysis_of_a_sophisticated_firefox/ ThreatAft en 2026-04-02T23:33:35.000Z Detailed analysis of a sophisticated firefox extension malware found in the wild using browser-xpi-malware-scanner.py https://www.reddit.com/r/cybersecurity/comments/1sax2x7/leapstackvn_data_breach_approximately_100_gb_of/ ThreatAft en 2026-04-02T23:19:44.000Z leapstack.vn: Data Breach Approximately 100 GB of health insurance claims accidentally exposed on an unprotected server | by chum1ng0 | Apr, 2026 https://www.helpnetsecurity.com/2026/04/03/backblaze-cloud-storage-benchmark-2026/ ThreatAft en 2026-04-02T22:15:02.000Z AWS, Wasabi, Cloudflare, and Backblaze go head-to-head in new cloud storage test https://www.reddit.com/r/Malware/comments/1sauzwt/dealing_with_a_rat/ ThreatAft en 2026-04-02T21:54:29.000Z dealing with a RAT https://www.darkreading.com/cybersecurity-operations/geopolitics-ai-cybersecurity-insights-rsac-2026 ThreatAft en 2026-04-02T21:14:27.000Z Geopolitics, AI, and Cybersecurity: Insights From RSAC 2026 https://www.wired.com/story/uncanny-valley-podcast-iran-targets-us-tech-polymarket-pop-up-trump-midterms/ ThreatAft en 2026-04-02T21:04:22.000Z ‘Uncanny Valley’: Iran’s Threats on US Tech, Trump’s Plans for Midterms, and Polymarket’s Pop-up Flop https://www.reddit.com/r/Malware/comments/1satohk/built_a_browserbased_experiment_that_turns_files/ ThreatAft en 2026-04-02T21:03:25.000Z Built a browser-based experiment that turns files into a deterministic “sonic fingerprint” https://cyberscoop.com/ice-using-paragon-spyware-house-democrats-letter/ ThreatAft en 2026-04-02T21:02:02.000Z House Dems decry confirmed ICE usage of Paragon spyware https://www.bleepingcomputer.com/news/security/claude-code-leak-used-to-push-infostealer-malware-on-github/ ThreatAft en 2026-04-02T20:30:55.000Z Claude Code leak used to push infostealer malware on GitHub https://www.darkreading.com/cyberattacks-data-breaches/toying-around-hasbro-attack-remediate ThreatAft en 2026-04-02T20:28:36.000Z Not Toying Around: Hasbro Attack May Take 'Weeks' to Remediate https://www.sentinelone.com/blog/securing-the-supply-chain-how-sentinelones-ai-edr-stops-the-axios-attack-autonomously/ ThreatAft en 2026-04-02T19:50:56.000Z Securing the Supply Chain: How SentinelOne®’s AI EDR Stops the Axios Attack Autonomously https://thehackernews.com/2026/04/hackers-exploit-cve-2025-55182-to.html ThreatAft en 2026-04-02T19:30:00.000Z Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials https://www.reddit.com/r/cybersecurity/comments/1sar44h/what_should_i_do/ ThreatAft en 2026-04-02T19:26:36.000Z What should I do https://www.darkreading.com/cybersecurity-operations/security-bosses-all-in-ai ThreatAft en 2026-04-02T19:12:45.000Z Security Bosses Are All-In on AI. Here's Why https://www.bleepingcomputer.com/news/security/drift-loses-280-million-as-hackers-seize-security-council-powers/ ThreatAft en 2026-04-02T19:03:39.000Z Drift loses $280 million as hackers seize Security Council powers https://www.bleepingcomputer.com/news/security/drift-loses-280-million-north-korean-hackers-seize-security-council-powers/ ThreatAft en 2026-04-02T19:03:39.000Z Drift loses $280 million North Korean hackers seize Security Council powers https://www.reddit.com/r/cybersecurity/comments/1sapwdq/any_good_opensource_vulnerability_scanning_tools/ ThreatAft en 2026-04-02T18:42:00.000Z Any good open-source vulnerability scanning tools? https://www.reddit.com/r/cybersecurity/comments/1saprt3/new_attack_pattern_persistent_prompt_injection/ ThreatAft en 2026-04-02T18:37:26.000Z New attack pattern: persistent prompt injection via npm supply chain targeting AI coding assistants https://www.reddit.com/r/Malware/comments/1sap55k/accidentally_downloaded_a_sketchy_pdf_converter/ ThreatAft en 2026-04-02T18:14:24.000Z Accidentally downloaded a sketchy pdf converter https://www.wired.com/story/heres-what-can-happen-when-the-us-bombs-irans-nuclear-sites/ ThreatAft en 2026-04-02T18:08:08.000Z Here's What Can Happen When the US Bombs Iran's Nuclear Sites https://www.securityweek.com/critical-vulnerability-in-claude-code-emerges-days-after-source-leak/ ThreatAft en 2026-04-02T18:00:55.000Z Critical Vulnerability in Claude Code Emerges Days After Source Leak https://www.reddit.com/r/netsec/comments/1sans8y/sha_pinning_is_not_enough/ ThreatAft en 2026-04-02T17:25:33.000Z SHA Pinning Is Not Enough https://www.reddit.com/r/cybersecurity/comments/1sanrxx/research_we_found_mcp_servers_telling_ai_agents/ ThreatAft en 2026-04-02T17:25:13.000Z [Research] We found MCP servers telling AI agents to act "secretly", skip financial approvals, and hide actions from users. Census of 15,982 packages. https://therecord.media/drift-crypto-confirms-280-million-stolen-north-korea ThreatAft en 2026-04-02T17:25:00.000Z Drift crypto platform confirms $280 million stolen in hack as researchers point finger at North Korea https://therecord.media/french-senate-passes-bill-child-ban-social-media ThreatAft en 2026-04-02T16:48:00.000Z French Senate passes bill that would ban children under 15 from social media https://www.reddit.com/r/netsec/comments/1samfe9/turning_a_raspberry_pi_into_a_poor_mans/ ThreatAft en 2026-04-02T16:36:47.000Z Turning a Raspberry Pi into a "Poor Man's" Enterprise IDS/NSM using Zeek and Suricata https://www.reddit.com/r/netsec/comments/1sam980/red_team_sandbox_with_real_detection/ ThreatAft en 2026-04-02T16:30:34.000Z red team sandbox with real detection https://cyberscoop.com/akira-ransomware-initial-access-to-encryption-in-hours/ ThreatAft en 2026-04-02T16:26:04.000Z Akira ransomware group can achieve initial access to data encryption in less than an hour https://www.reddit.com/r/cybersecurity/comments/1sam1s2/the_meta_sev1_incident_this_week_is_being_written/ ThreatAft en 2026-04-02T16:23:08.000Z The Meta SEV1 incident this week is being written off as a one-off. I think it's a template. https://www.securityweek.com/apple-rolls-out-darksword-exploit-protection-to-more-devices/ ThreatAft en 2026-04-02T16:18:07.000Z Apple Rolls Out DarkSword Exploit Protection to More Devices https://cyberscoop.com/labor-department-cybersecurity-workforce-apprenticeships/ ThreatAft en 2026-04-02T16:14:04.000Z Lawmakers renew push for Labor Department-backed cyber apprenticeship grants https://www.reddit.com/r/cybersecurity/comments/1salrp7/i_have_2_years_in_a_soc_monitoring_web_traffic_s/ ThreatAft en 2026-04-02T16:13:03.000Z I have 2 years in a SOC monitoring web traffic, S+ again or CYSA? https://www.microsoft.com/en-us/security/blog/2026/04/02/threat-actor-abuse-of-ai-accelerates-from-tool-to-cyberattack-surface/ ThreatAft en 2026-04-02T16:00:00.000Z Threat actor abuse of AI accelerates from tool to cyberattack surface https://www.darkreading.com/cybersecurity-operations/rsac-2026-ai-dominates-community ThreatAft en 2026-04-02T15:56:32.000Z RSAC 2026: AI Dominates, But Community Remains Key to Security https://www.microsoft.com/en-us/security/blog/2026/04/02/cookie-controlled-php-webshells-tradecraft-linux-hosting-environments/ ThreatAft en 2026-04-02T15:37:22.000Z Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments https://www.reddit.com/r/cybersecurity/comments/1sakil4/is_macos_actually_more_secure_or_just_less_visible/ ThreatAft en 2026-04-02T15:27:05.000Z Is macOS actually more secure or just less visible? https://www.bleepingcomputer.com/news/security/residential-proxies-evaded-ip-reputation-checks-in-78-percent-of-4b-sessions/ ThreatAft en 2026-04-02T15:21:02.000Z Residential proxies evaded IP reputation checks in 78% of 4B sessions https://thehackernews.com/2026/04/cisco-patches-98-cvss-imc-and-ssm-flaws.html ThreatAft en 2026-04-02T15:21:00.000Z Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise https://cyberscoop.com/medtech-giant-stryker-says-its-back-up-after-iranian-cyberattack/ ThreatAft en 2026-04-02T15:18:52.000Z Medtech giant Stryker says it’s back up after Iranian cyberattack https://www.helpnetsecurity.com/2026/04/02/supply-chain-hacks-data-theft/ ThreatAft en 2026-04-02T15:16:06.000Z Software supply chain hacks trigger wave of intrusions, data theft https://www.reddit.com/r/netsec/comments/1sak51u/the_linkedin_browsergate_attack_how_it_works/ ThreatAft en 2026-04-02T15:13:20.000Z The [LinkedIn browsergate] Attack: How it works https://www.reddit.com/r/cybersecurity/comments/1sajxo5/soc_1_analyst_technical_interview_coming_up_any/ ThreatAft en 2026-04-02T15:05:43.000Z SOC 1 analyst technical interview coming up, any hidden gems? https://isc.sans.edu/diary/rss/32860 ThreatAft en 2026-04-02T14:49:00.000Z Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd) https://www.helpnetsecurity.com/2026/04/02/openssh-10-3-released/ ThreatAft en 2026-04-02T14:45:36.000Z OpenSSH 10.3 patches five security bugs and drops legacy rekeying support https://www.securityweek.com/cybersecurity-ma-roundup-38-deals-announced-in-march-2026/ ThreatAft en 2026-04-02T14:30:00.000Z Cybersecurity M&A Roundup: 38 Deals Announced in March 2026 https://www.infosecurity-magazine.com/news/ncsc-alert-hackers-whatsapp-signal/ ThreatAft en 2026-04-02T14:15:00.000Z NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts https://www.infosecurity-magazine.com/news/storm-infostealer-remotely/ ThreatAft en 2026-04-02T14:15:00.000Z New 'Storm' Infostealer Remotely Decrypts Stolen Credentials https://www.malwarebytes.com/blog/news/2026/04/apple-expands-darksword-patches-to-ios-18-7-7 ThreatAft en 2026-04-02T14:13:44.000Z Apple expands “DarkSword” patches to iOS 18.7.7 https://www.reddit.com/r/cybersecurity/comments/1saijad/canada_salaries/ ThreatAft en 2026-04-02T14:13:11.000Z Canada Salaries https://www.reddit.com/r/netsec/comments/1saibe9/your_terminal_is_lying_to_you_escape_sequence/ ThreatAft en 2026-04-02T14:04:44.000Z Your terminal is lying to you: escape sequence attacks from the 90s that still work. https://www.bleepingcomputer.com/news/security/adversaries-exploit-vacant-homes-to-intercept-mail-in-hybrid-cybercrime/ ThreatAft en 2026-04-02T14:01:11.000Z Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime https://cloud.google.com/blog/topics/threat-intelligence/vsphere-brickstorm-defender-guide/ ThreatAft en 2026-04-02T14:00:00.000Z vSphere and BRICKSTORM Malware: A Defender's Guide https://www.reddit.com/r/cybersecurity/comments/1sahovj/need_cyber_liability_insurance_for_my_healthtech/ ThreatAft en 2026-04-02T13:39:38.000Z Need Cyber Liability Insurance, for my Healthtech startup https://www.reddit.com/r/netsec/comments/1sahl4e/mongoose_preauth_rce_and_mtls_bypass_on_millions/ ThreatAft en 2026-04-02T13:35:22.000Z Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices https://www.bleepingcomputer.com/news/security/new-progress-sharefile-flaws-can-be-chained-in-pre-auth-rce-attacks/ ThreatAft en 2026-04-02T13:33:11.000Z New Progress ShareFile flaws can be chained in pre-auth RCE attacks https://www.infosecurity-magazine.com/news/apple-ios-18-updates-darksword/ ThreatAft en 2026-04-02T13:30:00.000Z Apple Expands iOS 18 Security Updates Amid DarkSword Threat https://www.bleepingcomputer.com/news/security/medtech-giant-stryker-fully-operational-after-data-wiping-attack/ ThreatAft en 2026-04-02T13:28:39.000Z Medtech giant Stryker fully operational after data-wiping attack https://www.helpnetsecurity.com/2026/04/02/red-hat-enterprise-linux-extended-life-cycle-premium/ ThreatAft en 2026-04-02T13:06:22.000Z New Red Hat subscription simplifies long-term enterprise Linux support https://www.sentinelone.com/blog/the-identity-paradox-the-hidden-risks-in-your-valid-credentials/ ThreatAft en 2026-04-02T13:00:03.000Z The Identity Paradox: The Hidden Risks in Your Valid Credentials https://www.darkreading.com/cyberattacks-data-breaches/bank-trojan-casbaneiro-worms-latin-america ThreatAft en 2026-04-02T13:00:00.000Z Bank Trojan 'Casbaneiro' Worms Through Latin America https://www.malwarebytes.com/blog/product/2026/04/vpnsoftwareaudit ThreatAft en 2026-04-02T13:00:00.000Z Malwarebytes Privacy VPN receives full third-party audit https://www.infosecurity-magazine.com/news/researchers-subonehour-ransomware/ ThreatAft en 2026-04-02T13:00:00.000Z Researchers Observe Sub-One-Hour Ransomware Attacks https://www.infosecurity-magazine.com/news/github-covert-multi-stage-malware/ ThreatAft en 2026-04-02T13:00:00.000Z GitHub Used as Covert Channel in Multi-Stage Malware Campaign https://thehackernews.com/2026/04/threatsday-bulletin-pre-auth-chains.html ThreatAft en 2026-04-02T12:45:00.000Z ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories https://www.reddit.com/r/cybersecurity/comments/1sag8h2/days_since_last_openclaw_cve/ ThreatAft en 2026-04-02T12:38:24.000Z Days since last OpenClaw CVE https://www.securityweek.com/cisco-patches-critical-and-high-severity-vulnerabilities/ ThreatAft en 2026-04-02T12:34:10.000Z Cisco Patches Critical and High-Severity Vulnerabilities https://www.reddit.com/r/cybersecurity/comments/1safte6/my_firm_just_open_sourced_its_linux_edr_agent/ ThreatAft en 2026-04-02T12:18:53.000Z My firm just open sourced its Linux EDR agent https://www.reddit.com/r/cybersecurity/comments/1safq3a/we_set_up_vulnerability_scanning_and_now_we_have/ ThreatAft en 2026-04-02T12:14:40.000Z We set up vulnerability scanning and now we have 400+ open findings with no idea what to fix first! https://www.cisa.gov/news-events/alerts/2026/04/02/cisa-adds-one-known-exploited-vulnerability-catalog ThreatAft en 2026-04-02T12:00:00.000Z CISA Adds One Known Exploited Vulnerability to Catalog https://www.reddit.com/r/cybersecurity/comments/1safcv9/til_hackers_stole_81_million_from_bangladesh_bank/ ThreatAft en 2026-04-02T11:58:07.000Z TIL hackers stole $81 million from Bangladesh Bank using just 5 emails to the Federal Reserve. The money passed through 4 countries in under an hour. Most was never recovered. https://www.securityweek.com/250000-affected-by-data-breach-at-nacogdoches-memorial-hospital/ ThreatAft en 2026-04-02T11:57:17.000Z 250,000 Affected by Data Breach at Nacogdoches Memorial Hospital https://www.reddit.com/r/cybersecurity/comments/1saf8mi/howwhere_do_you_consume_threat_research/ ThreatAft en 2026-04-02T11:52:23.000Z How/where do you consume threat research? https://thehackernews.com/2026/04/researchers-uncover-mining-operation.html ThreatAft en 2026-04-02T11:42:00.000Z Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners https://industrialcyber.co/manufacturing/eset-reports-78-of-uk-manufacturers-face-cyber-incidents-as-disruption-becomes-widespread/ ThreatAft en 2026-04-02T11:39:44.000Z ESET reports 78% of UK manufacturers face cyber incidents as disruption becomes widespread https://thehackernews.com/2026/04/the-state-of-trusted-open-source-report.html ThreatAft en 2026-04-02T11:30:00.000Z The State of Trusted Open Source Report https://industrialcyber.co/news/hitachi-digital-services-boosts-ot-it-integration-with-manufacturing-operations-management-platform/ ThreatAft en 2026-04-02T11:20:23.000Z Hitachi Digital Services boosts OT-IT integration with Manufacturing Operations Management platform https://industrialcyber.co/news/dragos-appoints-kaori-nieda-as-country-manager-to-push-market-expansion-in-japan/ ThreatAft en 2026-04-02T11:17:27.000Z Dragos appoints Kaori Nieda as country manager to push market expansion in Japan https://www.helpnetsecurity.com/2026/04/02/apple-ios-18-darksword-security-updates/ ThreatAft en 2026-04-02T11:11:43.000Z DarkSword exploit forces Apple to loosen its patching policy https://www.reddit.com/r/cybersecurity/comments/1saecrr/youre_not_supposed_to_sharefile_with_everyone/ ThreatAft en 2026-04-02T11:07:24.000Z You’re Not Supposed To ShareFile With Everyone (Progress ShareFile Pre-Auth RCE Chain CVE-2026-2699 & CVE-2026-2701) - watchTowr Labs https://www.reddit.com/r/netsec/comments/1saebwi/youre_not_supposed_to_sharefile_with_everyone/ ThreatAft en 2026-04-02T11:06:09.000Z You’re Not Supposed To ShareFile With Everyone (Progress ShareFile Pre-Auth RCE Chain CVE-2026-2699 & CVE-2026-2701) - watchTowr Labs https://www.bleepingcomputer.com/news/security/critical-cisco-imc-auth-bypass-gives-attackers-admin-access/ ThreatAft en 2026-04-02T11:01:14.000Z Critical Cisco IMC auth bypass gives attackers Admin access https://www.reddit.com/r/Malware/comments/1sae4y7/7655_ransomware_claims_in_one_year_group_sector/ ThreatAft en 2026-04-02T10:56:15.000Z 7,655 Ransomware Claims in One Year: Group, Sector, and Country Breakdown https://www.reddit.com/r/netsec/comments/1sae1z6/4_unpatched_cves_in_crewai_chain_prompt_injection/ ThreatAft en 2026-04-02T10:51:47.000Z 4 unpatched CVEs in CrewAI chain prompt injection → sandbox bypass → RCE on host https://www.reddit.com/r/cybersecurity/comments/1sady9s/created_a_simple_web_flasher_for_rayhunter/ ThreatAft en 2026-04-02T10:46:05.000Z created a simple web flasher for RayHunter https://www.reddit.com/r/cybersecurity/comments/1sadw6m/i_built_an_opensource_vulnerability_scanner_that/ ThreatAft en 2026-04-02T10:42:58.000Z I built an open-source vulnerability scanner that orchestrates Nmap, Nikto & Nuclei https://www.securityweek.com/mercor-hit-by-litellm-supply-chain-attack/ ThreatAft en 2026-04-02T10:42:05.000Z Mercor Hit by LiteLLM Supply Chain Attack https://www.reddit.com/r/cybersecurity/comments/1sadnn1/does_having_a_robotstxt_open_an_attack_vector_and/ ThreatAft en 2026-04-02T10:30:02.000Z Does having a robots.txt open an attack vector? And does using `Allow` instead of `Disallow` make any difference security-wise? https://www.wired.com/story/border-patrol-bortac-borstar-use-of-force-midway-blitz/ ThreatAft en 2026-04-02T10:00:00.000Z Unmasking the Paramilitary Agents Behind Trump’s Violent Immigration Crackdown https://www.reddit.com/r/cybersecurity/comments/1sad42z/internship_selection/ ThreatAft en 2026-04-02T09:59:32.000Z Internship selection https://www.securityweek.com/sophisticated-crystalx-rat-emerges/ ThreatAft en 2026-04-02T09:51:07.000Z Sophisticated CrystalX RAT Emerges https://thehackernews.com/2026/04/whatsapp-alerts-200-users-after-fake.html ThreatAft en 2026-04-02T09:51:00.000Z WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action https://www.reddit.com/r/cybersecurity/comments/1sacg2c/mdo_are_ms_antispam_capabilities_in_freefall/ ThreatAft en 2026-04-02T09:19:09.000Z MdO - Are MS antispam capabilities in freefall? https://www.bleepingcomputer.com/news/microsoft/microsoft-links-classic-outlook-bug-to-email-delivery-issues/ ThreatAft en 2026-04-02T09:12:12.000Z Microsoft links Classic Outlook issue to email delivery problems https://www.helpnetsecurity.com/2026/04/02/trueconf-zero-day-vulnerability-cyber-espionage/ ThreatAft en 2026-04-02T08:57:18.000Z TrueConf zero-day vulnerability exploited to target government networks https://www.infosecurity-magazine.com/news/most-cni-firms-5m-downtime-ot/ ThreatAft en 2026-04-02T08:30:00.000Z Most CNI Firms Face Up to £5m in Downtime from OT Attacks https://www.bleepingcomputer.com/news/security/over-14-000-f5-big-ip-apm-instances-still-exposed-to-rce-attacks/ ThreatAft en 2026-04-02T08:25:50.000Z Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks https://www.reddit.com/r/Malware/comments/1sabe7j/your_windows_clipboard_is_unprotected/ ThreatAft en 2026-04-02T08:14:05.000Z Your Windows Clipboard Is Unprotected https://www.reddit.com/r/cybersecurity/comments/1sab8d4/your_windows_clipboard_is_unprotected/ ThreatAft en 2026-04-02T08:04:01.000Z Your Windows Clipboard Is Unprotected https://www.securityweek.com/variance-raises-21-5m-for-compliance-investigation-platform-powered-by-ai-agents/ ThreatAft en 2026-04-02T08:01:49.000Z Variance Raises $21.5M for Compliance Investigation Platform Powered by AI Agents https://www.reddit.com/r/cybersecurity/comments/1sab0a7/the_dow_zero_trust_learning_exchange_is_taking/ ThreatAft en 2026-04-02T07:49:59.000Z The DoW Zero Trust Learning Exchange is taking place next week https://www.reddit.com/r/cybersecurity/comments/1saaogb/i_work_as_an_isso_heres_what_rmf_actually_looks/ ThreatAft en 2026-04-02T07:29:12.000Z I work as an ISSO, here’s what RMF actually looks like https://thehackernews.com/2026/04/apple-expands-ios-1877-update-to-more.html ThreatAft en 2026-04-02T07:09:00.000Z Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit https://www.helpnetsecurity.com/2026/04/02/john-orourke-ppg-security-as-business-strategy/ ThreatAft en 2026-04-02T05:30:40.000Z Trust, friction, and ROI: A CISO’s take on making security work for the business https://www.reddit.com/r/netsec/comments/1sa8nld/cisco_source_code_stolen_by_shinyhunters_via/ ThreatAft en 2026-04-02T05:28:23.000Z Cisco source code stolen by ShinyHunters via Trivy supply-chain attack. AWS keys breached, 300+ repos cloned and more https://www.reddit.com/r/cybersecurity/comments/1sa8ge3/major_cisco_source_code_breach_by_shinyhunters/ ThreatAft en 2026-04-02T05:17:09.000Z Major Cisco Source Code breach by ShinyHunters. Linked to Trivy Supply-chain attack https://www.reddit.com/r/cybersecurity/comments/1sa8alh/sybil_attacks_during_reward_payouts_how_are_you/ ThreatAft en 2026-04-02T05:08:15.000Z Sybil attacks during reward payouts: How are you guys closing the detection-to-block gap? https://www.helpnetsecurity.com/2026/04/02/5g-drone-detection-system-research/ ThreatAft en 2026-04-02T05:00:14.000Z Tracking drones with the 5G tower down the street https://www.reddit.com/r/cybersecurity/comments/1sa7tfz/what_are_your_thoughts_about_ai/ ThreatAft en 2026-04-02T04:43:06.000Z What are your thoughts about AI https://www.reddit.com/r/cybersecurity/comments/1sa7q4j/5_years_of_experience_at_microsoft_as_a_appsec/ ThreatAft en 2026-04-02T04:38:03.000Z 5 years of experience at Microsoft as a AppSec Engineer. What can I do next to become as resilient as possible? https://www.helpnetsecurity.com/2026/04/02/exchange-online-high-volume-email-hve/ ThreatAft en 2026-04-02T04:30:47.000Z Microsoft adds high-volume email sending to Exchange Online https://www.securityweek.com/linx-security-raises-50-million-for-identity-security-and-governance/ ThreatAft en 2026-04-02T04:04:19.000Z Linx Security Raises $50 Million for Identity Security and Governance https://www.helpnetsecurity.com/2026/04/02/customer-identity-fraud-detection-video/ ThreatAft en 2026-04-02T04:00:54.000Z Your customer passed authentication. So why are they sending money to a scammer? https://www.reddit.com/r/cybersecurity/comments/1sa5qmt/ombs_latest_effort_to_empower_cios_reduce_shadow/ ThreatAft en 2026-04-02T02:59:58.000Z OMB’s latest effort to empower CIOs, reduce shadow IT | Federal News Network https://www.reddit.com/r/cybersecurity/comments/1sa4l1b/securitygovernance_question_installing_endpoint/ ThreatAft en 2026-04-02T02:07:18.000Z Security/governance question: Installing endpoint monitoring agent on admin systems without change control or documentation https://isc.sans.edu/diary/rss/32858 ThreatAft en 2026-04-02T02:00:02.000Z ISC Stormcast For Thursday, April 2nd, 2026 https://isc.sans.edu/podcastdetail/9876, (Thu, Apr 2nd) https://www.reddit.com/r/cybersecurity/comments/1sa26fg/i_feel_like_a_huge_fraud/ ThreatAft en 2026-04-02T00:19:36.000Z I feel like a huge fraud. https://www.reddit.com/r/cybersecurity/comments/1sa1st1/experience_with_kroll/ ThreatAft en 2026-04-02T00:02:59.000Z Experience with Kroll? https://www.recordedfuture.com/research/latin-america-and-the-caribbean-cybercrime-landscape ThreatAft en 2026-04-02T00:00:00.000Z Latin America and the Caribbean Cybercrime Landscape https://www.elastic.co/security-labs/higher-order-detection-rules ThreatAft en 2026-04-02T00:00:00.000Z Prioritizing Alerts Triage with Higher-Order Detection Rules https://www.elastic.co/security-labs/how-we-caught-the-axios-supply-chain-attack ThreatAft en 2026-04-02T00:00:00.000Z How we caught the Axios supply chain attack https://www.elastic.co/security-labs/linux-rootkits-2-caught-in-the-act ThreatAft en 2026-04-02T00:00:00.000Z Hooked on Linux: Rootkit Detection Engineering https://therecord.media/whatsapp-warns-users-of-fake-app-used-for-spyware ThreatAft en 2026-04-01T23:52:00.000Z WhatsApp warns users of fake app used to distribute spyware https://www.reddit.com/r/cybersecurity/comments/1sa12gv/is_cybersecurity_in_a_similar_boat_to_compsci/ ThreatAft en 2026-04-01T23:31:32.000Z Is Cybersecurity in a similar boat to CompSci? https://www.bleepingcomputer.com/news/security/new-crystalrat-malware-adds-rat-stealer-and-prankware-features/ ThreatAft en 2026-04-01T23:17:09.000Z New CrystalRAT malware adds RAT, stealer and prankware features https://www.reddit.com/r/cybersecurity/comments/1sa0ghw/minimal_now_provides_easy_cve_count_details_page/ ThreatAft en 2026-04-01T23:05:40.000Z Minimal now provides easy CVE count details page https://www.reddit.com/r/cybersecurity/comments/1sa0dth/cybersecurity_or_embedded_systems/ ThreatAft en 2026-04-01T23:02:37.000Z Cybersecurity or embedded systems https://www.reddit.com/r/cybersecurity/comments/1sa02np/massachusetts_cyberattack_hits_pepperell_and/ ThreatAft en 2026-04-01T22:50:04.000Z Massachusetts cyberattack hits Pepperell and regional dispatch https://www.reddit.com/r/cybersecurity/comments/1s9z3m3/are_smart_contract_audits_becoming_more/ ThreatAft en 2026-04-01T22:09:41.000Z Are smart contract audits becoming more simulation-driven? https://www.darkreading.com/cybersecurity-operations/ransomware-hospitals-preparation-key-defense ThreatAft en 2026-04-01T22:04:43.000Z Ransomware Will Hit Hospitals. Rehearsals Are Key to Defense https://www.bleepingcomputer.com/news/security/apple-expands-ios-18-updates-to-more-iphones-to-block-darksword-attacks/ ThreatAft en 2026-04-01T21:50:49.000Z Apple expands iOS 18 updates to more iPhones to block DarkSword attacks https://www.reddit.com/r/cybersecurity/comments/1s9ym2h/logsentinol/ ThreatAft en 2026-04-01T21:50:45.000Z LogSentinol https://www.malwarebytes.com/blog/ai/2026/04/wikipedias-ai-agent-row-likely-just-the-beginning-of-the-bot-ocalypse ThreatAft en 2026-04-01T21:49:55.000Z Wikipedia’s AI agent row likely just the beginning of the bot-ocalypse https://www.reddit.com/r/cybersecurity/comments/1s9ybbu/embedding_inversion_attacks_make_hosted_vector/ ThreatAft en 2026-04-01T21:39:12.000Z Embedding inversion attacks make hosted vector databases a real data exposure risk, here's an encrypted alternative https://www.reddit.com/r/cybersecurity/comments/1s9ya0j/coolest_new_cyber_security_media_companies/ ThreatAft en 2026-04-01T21:37:54.000Z Coolest (New?) Cyber Security Media Companies https://www.bleepingcomputer.com/news/security/hackers-exploit-trueconf-zero-day-to-push-malicious-software-updates/ ThreatAft en 2026-04-01T21:35:47.000Z Hackers exploit TrueConf zero-day to push malicious software updates https://www.reddit.com/r/cybersecurity/comments/1s9y5ic/novoice_android_malware_on_google_play_infected/ ThreatAft en 2026-04-01T21:33:05.000Z 'NoVoice' Android malware on Google Play infected 2.3 million devices