<?xml version="1.0" encoding="UTF-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
  <updated>2026-07-05T11:30:09Z</updated>
  <generator>https://nostr.ae</generator>

  <title>Nostr notes by Cyber Security News (RSS Feed)</title>
  <author>
    <name>Cyber Security News (RSS Feed)</name>
  </author>
  <link rel="self" type="application/atom+xml" href="https://nostr.ae/npub13pstz4yme247djhn5cqs8wdrnwq26n5x8cvnt03dlep843la84ns0p5djv.rss" />
  <link href="https://nostr.ae/npub13pstz4yme247djhn5cqs8wdrnwq26n5x8cvnt03dlep843la84ns0p5djv" />
  <id>https://nostr.ae/npub13pstz4yme247djhn5cqs8wdrnwq26n5x8cvnt03dlep843la84ns0p5djv</id>
  <icon>https://cybersecuritynews.com/wp-content/uploads/2025/12/cropped-CSN-Favico-32x32.webp</icon>
  <logo>https://cybersecuritynews.com/wp-content/uploads/2025/12/cropped-CSN-Favico-32x32.webp</logo>




  <entry>
    <id>https://nostr.ae/nevent1qqsy440j7suzkd3xs8v2u7gy507g8f5ayz5q2weaf8kj5649c9qnlzgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw3dqxwf</id>
    
      <title type="html">AWS Cost Explorer Bug Shows Trillion-Dollar Billing Estimates AWS ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsy440j7suzkd3xs8v2u7gy507g8f5ayz5q2weaf8kj5649c9qnlzgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw3dqxwf" />
    <content type="html">
      AWS Cost Explorer Bug Shows Trillion-Dollar Billing Estimates&lt;br/&gt;&lt;br/&gt;AWS customers worldwide were startled after the AWS Billing and Cost Management Console and Cost Explorer began displaying extraordinarily high projected cloud costs. Some organizations reported estimated monthly bills reaching trillions of dollars, triggering budget alerts and prompting concerns over potential unauthorized AWS usage. AWS confirmed the issue through its Health Dashboard and AWS Support […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/aws-cost-explorer-bug/&#34;&gt;https://cybersecuritynews.com/aws-cost-explorer-bug/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/aws-cost-explorer-bug/&#34;&gt;https://cybersecuritynews.com/aws-cost-explorer-bug/&lt;/a&gt;
    </content>
    <updated>2026-07-17T10:15:35Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsrnktse7yvsn3sh3mx9v3pvrm7c3evhjcxh5jd2tgyxaszae7nu2czyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kws53nxx</id>
    
      <title type="html">Top 10 Best Identity Threat Detection and Response (ITDR) ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsrnktse7yvsn3sh3mx9v3pvrm7c3evhjcxh5jd2tgyxaszae7nu2czyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kws53nxx" />
    <content type="html">
      Top 10 Best Identity Threat Detection and Response (ITDR) Solutions in 2026&lt;br/&gt;&lt;br/&gt;Identity has become the primary battleground of enterprise cybersecurity. Attackers increasingly bypass traditional defenses by stealing credentials, hijacking sessions, abusing privileged accounts, and exploiting misconfigurations across Active Directory, cloud platforms, SaaS applications, and non-human identities. Microsoft reported more than 7,000 password attacks per second in 2024, while compromised credentials remain among the most common—and slowest […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/best-identity-threat-detection-and-response-solutions/&#34;&gt;https://cybersecuritynews.com/best-identity-threat-detection-and-response-solutions/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/best-identity-threat-detection-and-response-solutions/&#34;&gt;https://cybersecuritynews.com/best-identity-threat-detection-and-response-solutions/&lt;/a&gt;
    </content>
    <updated>2026-07-17T08:45:50Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqszdz37z8hv84fvda42qll7xx7jeljvmeau2ty00ltrsq70j6rykjczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwz4asa0</id>
    
      <title type="html">Malicious RVTools Installer Abuses Sectigo Certificate to Bypass ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqszdz37z8hv84fvda42qll7xx7jeljvmeau2ty00ltrsq70j6rykjczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwz4asa0" />
    <content type="html">
      Malicious RVTools Installer Abuses Sectigo Certificate to Bypass SmartScreen Warnings&lt;br/&gt;&lt;br/&gt;A trusted tool for VMware administrators has been weaponized. Attackers built a fake version of RVTools, a widely used utility for managing virtual infrastructure, and disguised it with a real digital certificate to slip past Windows security warnings without raising a flag. RVTools is a staple in enterprise environments. IT administrators rely on it daily […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/malicious-rvtools-installer-abuses-sectigo-certificate/&#34;&gt;https://cybersecuritynews.com/malicious-rvtools-installer-abuses-sectigo-certificate/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/malicious-rvtools-installer-abuses-sectigo-certificate/&#34;&gt;https://cybersecuritynews.com/malicious-rvtools-installer-abuses-sectigo-certificate/&lt;/a&gt;
    </content>
    <updated>2026-05-29T06:39:30Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs2ueu479sfufxs2h84c349frgkt6wfdqxh4lvxttfzwudz00mwekgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwu3px2u</id>
    
      <title type="html">Veeam Backup &amp;amp; Replication Tool Vulnerability Enables ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs2ueu479sfufxs2h84c349frgkt6wfdqxh4lvxttfzwudz00mwekgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwu3px2u" />
    <content type="html">
      Veeam Backup &amp;amp; Replication Tool Vulnerability Enables Privilege Escalation Attacks&lt;br/&gt;&lt;br/&gt;Veeam has addressed a high-severity vulnerability in its Backup &amp;amp; Replication platform that could enable attackers to escalate privileges and gain deeper access to enterprise systems. The issue impacts Veeam Backup &amp;amp; Replication version 13.0.1.2067 and all earlier version 13 builds, prompting urgent patching recommendations for affected organizations. The vulnerability, tracked as CVE-2026-32996, affects the […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/veeam-backup-replication-tool-vulnerability/&#34;&gt;https://cybersecuritynews.com/veeam-backup-replication-tool-vulnerability/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/veeam-backup-replication-tool-vulnerability/&#34;&gt;https://cybersecuritynews.com/veeam-backup-replication-tool-vulnerability/&lt;/a&gt;
    </content>
    <updated>2026-05-28T08:37:42Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs9rxu35zuj7d77ytld2ls742ymek6wh2j2lnt558e0dmutuyaf6rqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwdatqve</id>
    
      <title type="html">ODINI Malware Exploits CPU Magnetic Emissions to Breach ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs9rxu35zuj7d77ytld2ls742ymek6wh2j2lnt558e0dmutuyaf6rqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwdatqve" />
    <content type="html">
      ODINI Malware Exploits CPU Magnetic Emissions to Breach Faraday-Shielded Air-Gapped Computers&lt;br/&gt;&lt;br/&gt;ODINI is a sophisticated proof-of-concept malware capable of extracting sensitive information from air-gapped computers protected by Faraday cages. By modulating the targeted computer’s CPU workload to generate low-frequency magnetic fields, this covert channel successfully transmits data through advanced physical isolation barriers. Developed by a team led by Mordechai Guri at Israel’s Ben-Gurion University, the ODINI […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/odini-malware-air-gapped-computers/&#34;&gt;https://cybersecuritynews.com/odini-malware-air-gapped-computers/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/odini-malware-air-gapped-computers/&#34;&gt;https://cybersecuritynews.com/odini-malware-air-gapped-computers/&lt;/a&gt;
    </content>
    <updated>2026-05-11T04:23:34Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqszzakyafr57jsvgefh37e832409rz74vwcg0magak2ey6k86e2zvgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kweqc9lw</id>
    
      <title type="html">Hackers Using Fake “Microsoft Teams” Domains to Attack Users ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqszzakyafr57jsvgefh37e832409rz74vwcg0magak2ey6k86e2zvgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kweqc9lw" />
    <content type="html">
      Hackers Using Fake “Microsoft Teams” Domains to Attack Users Via Malicious Payload&lt;br/&gt;&lt;br/&gt;Cybercriminals are launching a sophisticated new wave of attacks using fake Microsoft Teams domains. According to recent threat intelligence shared by SEAL Org, hackers are actively tricking corporate users into downloading malicious payloads by mimicking the widely used communication platform. As Microsoft Teams remains an essential tool for remote and hybrid work environments, threat actors are […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-using-fake-microsoft-teams-domains-attack-via-malicious-payload/&#34;&gt;https://cybersecuritynews.com/hackers-using-fake-microsoft-teams-domains-attack-via-malicious-payload/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-using-fake-microsoft-teams-domains-attack-via-malicious-payload/&#34;&gt;https://cybersecuritynews.com/hackers-using-fake-microsoft-teams-domains-attack-via-malicious-payload/&lt;/a&gt;
    </content>
    <updated>2026-04-06T09:04:09Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqszduenwz99zt6rxf5cczkx0sjg62n80ykcpl6k407e029cuccj4aszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw3jgqsj</id>
    
      <title type="html">A new Remote Access Trojan (RAT) called ResokerRAT has been found ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqszduenwz99zt6rxf5cczkx0sjg62n80ykcpl6k407e029cuccj4aszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw3jgqsj" />
    <content type="html">
      A new Remote Access Trojan (RAT) called ResokerRAT has been found targeting Windows systems by abusing Telegram’s widely used Bot API to receive commands and send stolen data back to attackers. Unlike traditional malware that relies on custom command-and-control servers, this threat routes all communications through a trusted messaging platform, making it far harder for […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/new-resokerrat-uses-telegram-bot/&#34;&gt;https://cybersecuritynews.com/new-resokerrat-uses-telegram-bot/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/new-resokerrat-uses-telegram-bot/&#34;&gt;https://cybersecuritynews.com/new-resokerrat-uses-telegram-bot/&lt;/a&gt;
    </content>
    <updated>2026-04-06T07:12:12Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqszlxctdpd4lnvg3vwaz40f33k6ryetgrphvxgalg5xm6364jgjuggzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwqdrpf2</id>
    
      <title type="html">METATRON – Open-Source AI Penetration Testing Assistant Brings ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqszlxctdpd4lnvg3vwaz40f33k6ryetgrphvxgalg5xm6364jgjuggzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwqdrpf2" />
    <content type="html">
      METATRON – Open-Source AI Penetration Testing Assistant Brings Local LLM Analysis to Linux&lt;br/&gt;&lt;br/&gt;A new open-source penetration testing framework called METATRON is gaining attention in the security research community for its fully offline, AI-driven approach to vulnerability assessment. Built for Parrot OS and other Debian-based Linux distributions, METATRON combines automated reconnaissance tooling with a locally hosted large language model (LLM), eliminating the need for cloud connectivity, API keys, […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/metatron-ai-penetration-testing/&#34;&gt;https://cybersecuritynews.com/metatron-ai-penetration-testing/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/metatron-ai-penetration-testing/&#34;&gt;https://cybersecuritynews.com/metatron-ai-penetration-testing/&lt;/a&gt;
    </content>
    <updated>2026-04-06T06:38:13Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsr6pjlz2737hh9e8uwy72tdvnrlnhuzl2dh2xtkse9xd0rtjd9acczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw4njshm</id>
    
      <title type="html">36 Malicious npm Strapi Packages Used to Deploy Redis RCE and ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsr6pjlz2737hh9e8uwy72tdvnrlnhuzl2dh2xtkse9xd0rtjd9acczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw4njshm" />
    <content type="html">
      36 Malicious npm Strapi Packages Used to Deploy Redis RCE and Persistent C2 Malware&lt;br/&gt;&lt;br/&gt;A coordinated supply chain attack has been uncovered targeting developers who build applications on Strapi, a widely used open-source content management system. Thirty-six malicious npm packages disguised as legitimate Strapi plugins were published to the npm registry, carrying payloads designed to exploit Redis for remote code execution, steal credentials, and establish persistent command-and-control access on […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/36-malicious-npm-strapi-packages/&#34;&gt;https://cybersecuritynews.com/36-malicious-npm-strapi-packages/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/36-malicious-npm-strapi-packages/&#34;&gt;https://cybersecuritynews.com/36-malicious-npm-strapi-packages/&lt;/a&gt;
    </content>
    <updated>2026-04-06T05:45:36Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsg0g4ksgnssgsvztjtn3y567kz52nm27vg7qjtrqnharaqs7p8rlszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwstrduz</id>
    
      <title type="html">CISA Adds TrueConf Vulnerability to KEV Catalog Following Active ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsg0g4ksgnssgsvztjtn3y567kz52nm27vg7qjtrqnharaqs7p8rlszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwstrduz" />
    <content type="html">
      CISA Adds TrueConf Vulnerability to KEV Catalog Following Active Exploitation&lt;br/&gt;&lt;br/&gt;The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting TrueConf software to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-3502, this security flaw is currently facing active exploitation in the wild. The discovery has prompted federal agencies and private organizations to take immediate defensive action to secure their networks. […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/cisa-trueconf-vulnerability-kev-catalog/&#34;&gt;https://cybersecuritynews.com/cisa-trueconf-vulnerability-kev-catalog/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/cisa-trueconf-vulnerability-kev-catalog/&#34;&gt;https://cybersecuritynews.com/cisa-trueconf-vulnerability-kev-catalog/&lt;/a&gt;
    </content>
    <updated>2026-04-06T03:44:11Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsz8tnjaky05wtka8ctzfjl0cfla0u23vzyw4eqqed65ywly0xcppqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw4tlz7c</id>
    
      <title type="html">2,000&#43; FortiClient EMS Instances Exposed Online Amid Active RCE ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsz8tnjaky05wtka8ctzfjl0cfla0u23vzyw4eqqed65ywly0xcppqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw4tlz7c" />
    <content type="html">
      2,000&#43; FortiClient EMS Instances Exposed Online Amid Active RCE Vulnerability Exploits in the Wild&lt;br/&gt;&lt;br/&gt;The Shadowserver Foundation has issued an urgent warning to FortiClient Enterprise Management Server (EMS) administrators after identifying over 2,000 publicly accessible instances globally, two of which are now confirmed to be actively exploited through critical unauthenticated remote code execution (RCE) vulnerabilities. Two vulnerabilities, CVE-2026-35616 and CVE-2026-21643, both classified as unauthenticated RCE flaws, were exploited in […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/forticlient-ems-instances-exposed-online/&#34;&gt;https://cybersecuritynews.com/forticlient-ems-instances-exposed-online/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/forticlient-ems-instances-exposed-online/&#34;&gt;https://cybersecuritynews.com/forticlient-ems-instances-exposed-online/&lt;/a&gt;
    </content>
    <updated>2026-04-06T03:41:09Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsxvg6lmt33fvrecm3n2k93dxc844qrtqjfszp8gzpk65guktz3rlgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwp3e8l6</id>
    
      <title type="html">Critical Fortinet FortiClient EMS 0-Day Vulnerability Actively ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsxvg6lmt33fvrecm3n2k93dxc844qrtqjfszp8gzpk65guktz3rlgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwp3e8l6" />
    <content type="html">
      Critical Fortinet FortiClient EMS 0-Day Vulnerability Actively Exploited in the Wild&lt;br/&gt;&lt;br/&gt;Fortinet has issued an emergency hotfix after security researchers disclosed a critical zero-day vulnerability in FortiClient EMS that is already being actively exploited by threat actors. Tracked as CVE-2026-35616 and carrying a CVSSv3 score of 9.1 (Critical), the flaw enables unauthenticated attackers to bypass API authentication and authorization controls entirely, allowing them to execute arbitrary […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/fortinet-forticlient-ems-0-day/&#34;&gt;https://cybersecuritynews.com/fortinet-forticlient-ems-0-day/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/fortinet-forticlient-ems-0-day/&#34;&gt;https://cybersecuritynews.com/fortinet-forticlient-ems-0-day/&lt;/a&gt;
    </content>
    <updated>2026-04-04T13:04:09Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsgcpssdp9l49qjnff8mqkak6azp60ysrf8l4rknkxyg8s6s6m4rcqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwvv3qg8</id>
    
      <title type="html">New Progress ShareFile Bugs Let Attackers Take Over Servers ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsgcpssdp9l49qjnff8mqkak6azp60ysrf8l4rknkxyg8s6s6m4rcqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwvv3qg8" />
    <content type="html">
      New Progress ShareFile Bugs Let Attackers Take Over Servers Without Logging In&lt;br/&gt;&lt;br/&gt;A dangerous attack chain in Progress ShareFile that can allow attackers to take over exposed on-premises servers without first logging in. The issues affect customer-managed ShareFile Storage Zones Controller 5.x deployments, and Progress says customers should upgrade to version 5.12.4 or move to any 6.x release, which is not impacted. According to Progress and WatchTower, […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/progress-sharefile-vulnerability/&#34;&gt;https://cybersecuritynews.com/progress-sharefile-vulnerability/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/progress-sharefile-vulnerability/&#34;&gt;https://cybersecuritynews.com/progress-sharefile-vulnerability/&lt;/a&gt;
    </content>
    <updated>2026-04-04T11:52:18Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqswacvlegdu78fw9z0zq0pr8fltlmfdeufg8fusjr64pf6v5zeegzczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw0wwhza</id>
    
      <title type="html">Hackers Weaponize Claude Code Leak to Spread Vidar and GhostSocks ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqswacvlegdu78fw9z0zq0pr8fltlmfdeufg8fusjr64pf6v5zeegzczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw0wwhza" />
    <content type="html">
      Hackers Weaponize Claude Code Leak to Spread Vidar and GhostSocks Malware&lt;br/&gt;&lt;br/&gt;The cybersecurity community is on high alert following a massive source code leak from Anthropic. On March 31, 2026, the company accidentally exposed the complete source code for Claude Code, its flagship terminal-based coding assistant. The leak occurred due to a packaging error in a public npm package, which inadvertently included a JavaScript source map […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/claude-code-leak-to-spread-vidar-and-ghostsocks-malware/&#34;&gt;https://cybersecuritynews.com/claude-code-leak-to-spread-vidar-and-ghostsocks-malware/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/claude-code-leak-to-spread-vidar-and-ghostsocks-malware/&#34;&gt;https://cybersecuritynews.com/claude-code-leak-to-spread-vidar-and-ghostsocks-malware/&lt;/a&gt;
    </content>
    <updated>2026-04-04T09:32:58Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsgwcn2yu9a07ceu49tu2pzv3vhvlvc5swrf4xx3t8zhev93n2tprgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwttsyvm</id>
    
      <title type="html">Top Node.js Maintainers Targeted in Sophisticated Social ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsgwcn2yu9a07ceu49tu2pzv3vhvlvc5swrf4xx3t8zhev93n2tprgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwttsyvm" />
    <content type="html">
      Top Node.js Maintainers Targeted in Sophisticated Social Engineering Scheme&lt;br/&gt;&lt;br/&gt;A highly coordinated social engineering campaign is actively targeting top open-source developers in the Node.js and npm ecosystem. Following the recent compromise of the popular package Axios, which sees over 100 million weekly downloads, several high-impact software maintainers have reported similar attacks. Security researchers believe this is a strategic shift by advanced threat actors aiming […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/top-node-js-maintainers-targeted-social-engineering-scheme/&#34;&gt;https://cybersecuritynews.com/top-node-js-maintainers-targeted-social-engineering-scheme/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/top-node-js-maintainers-targeted-social-engineering-scheme/&#34;&gt;https://cybersecuritynews.com/top-node-js-maintainers-targeted-social-engineering-scheme/&lt;/a&gt;
    </content>
    <updated>2026-04-04T09:07:39Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqswecnsm6z8f66hxm8qlwene325akj0na5ywae6uytf8zfj2jauujczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwsl49lr</id>
    
      <title type="html">Top 10 Best User Access Management Tools in 2026 User Access ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqswecnsm6z8f66hxm8qlwene325akj0na5ywae6uytf8zfj2jauujczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwsl49lr" />
    <content type="html">
      Top 10 Best User Access Management Tools in 2026&lt;br/&gt;&lt;br/&gt;User Access Management tools centralize control over user permissions and access, providing a unified platform to enforce consistent security policies across diverse systems and applications. They enhance security by implementing role-based access controls, monitoring user activity, preventing unauthorized access, mitigating potential risks, and safeguarding sensitive information. These tools support compliance efforts with detailed audit trails […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/user-access-management-tools/&#34;&gt;https://cybersecuritynews.com/user-access-management-tools/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/user-access-management-tools/&#34;&gt;https://cybersecuritynews.com/user-access-management-tools/&lt;/a&gt;
    </content>
    <updated>2026-04-04T06:10:56Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsd9aa6gm9expnhpmfs5dhptckjtkhemtea26pcaw5vc3qu0n7zgvqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwk3d9ze</id>
    
      <title type="html">Top 10 Best VPN For Chrome in 2026 In ever-changing technology ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsd9aa6gm9expnhpmfs5dhptckjtkhemtea26pcaw5vc3qu0n7zgvqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwk3d9ze" />
    <content type="html">
      Top 10 Best VPN For Chrome in 2026&lt;br/&gt;&lt;br/&gt;In ever-changing technology and networks, privacy is becoming increasingly difficult to achieve. People are so used to using the Internet and IoT devices that the sensitive data they share on the web has become a prime target for hackers or malicious actors. As we all know, data is crucial. Protecting data is vital since even […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/best-vpn-for-chrome/&#34;&gt;https://cybersecuritynews.com/best-vpn-for-chrome/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/best-vpn-for-chrome/&#34;&gt;https://cybersecuritynews.com/best-vpn-for-chrome/&lt;/a&gt;
    </content>
    <updated>2026-04-04T06:05:12Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs9yu8zart0n95qmcfg68dd9qer0y6e7fj6d6h39xxg758sjw0797gzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw95dt4m</id>
    
      <title type="html">LinkedIn Hidden Code Secretly Searches Your Browser for Installed ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs9yu8zart0n95qmcfg68dd9qer0y6e7fj6d6h39xxg758sjw0797gzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw95dt4m" />
    <content type="html">
      LinkedIn Hidden Code Secretly Searches Your Browser for Installed Extensions&lt;br/&gt;&lt;br/&gt;Every time you open LinkedIn in a Chrome-based browser, hidden JavaScript silently scans your computer for installed software without your knowledge, without your consent, and without a single word in LinkedIn’s privacy policy. A revealing investigation conducted by the European advocacy group Fairlinked e.V., under the campaign name “BrowserGate,” has uncovered what researchers describe as […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/linkedin-code-collects-data/&#34;&gt;https://cybersecuritynews.com/linkedin-code-collects-data/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/linkedin-code-collects-data/&#34;&gt;https://cybersecuritynews.com/linkedin-code-collects-data/&lt;/a&gt;
    </content>
    <updated>2026-04-04T04:15:21Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs82e43cwn0g073vdjpsemh4wn63ldkxacud5m8p9r0lwfr9fthtwqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwtx2tl2</id>
    
      <title type="html">Anthropic Officially Ends Claude Subscriptions for Third-Party ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs82e43cwn0g073vdjpsemh4wn63ldkxacud5m8p9r0lwfr9fthtwqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwtx2tl2" />
    <content type="html">
      Anthropic Officially Ends Claude Subscriptions for Third-Party Tools Like OpenClaw&lt;br/&gt;&lt;br/&gt;Anthropic has officially pulled the plug on third-party AI agent access to the Claude subscription, marking a significant shift in how users can leverage its models outside the company’s native ecosystem. According to Anthropic Claude Code exec Boris Cherny, starting today, April 4, at 12 p.m. PT (8 p.m. BST), Claude Pro and Max subscribers […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/claude-ends-openclaw-subscriptions/&#34;&gt;https://cybersecuritynews.com/claude-ends-openclaw-subscriptions/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/claude-ends-openclaw-subscriptions/&#34;&gt;https://cybersecuritynews.com/claude-ends-openclaw-subscriptions/&lt;/a&gt;
    </content>
    <updated>2026-04-04T03:20:56Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs93dtft365x9wjspd98u2xxqg6alvqnr9x3ed0l4x64n93tkf842szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwtxanen</id>
    
      <title type="html">High-Stakes Security: Protecting the Digital Infrastructure of ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs93dtft365x9wjspd98u2xxqg6alvqnr9x3ed0l4x64n93tkf842szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwtxanen" />
    <content type="html">
      High-Stakes Security: Protecting the Digital Infrastructure of the Gaming Industry&lt;br/&gt;&lt;br/&gt;The Growing Profile of Casino Targets The gaming industry has become a primary target for sophisticated cybercriminal groups. This interest is driven not only by the high volume of daily financial transactions but also by the vast repositories of sensitive personal data managed by these organizations. As traditional brick-and-mortar establishments transition into digital ecosystems, the […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/high-stakes-security-protecting-the-digital-infrastructure-of-the-gaming-industry/&#34;&gt;https://cybersecuritynews.com/high-stakes-security-protecting-the-digital-infrastructure-of-the-gaming-industry/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/high-stakes-security-protecting-the-digital-infrastructure-of-the-gaming-industry/&#34;&gt;https://cybersecuritynews.com/high-stakes-security-protecting-the-digital-infrastructure-of-the-gaming-industry/&lt;/a&gt;
    </content>
    <updated>2026-04-03T22:00:57Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsp75n7v5cvwa6t50y8drh28xrnuwxctay4vfr43alrm7nl0furryszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwz8qjn9</id>
    
      <title type="html">14,000&#43; F5 BIG-IP APM Exposed Online as Attackers Actively ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsp75n7v5cvwa6t50y8drh28xrnuwxctay4vfr43alrm7nl0furryszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwz8qjn9" />
    <content type="html">
      14,000&#43; F5 BIG-IP APM Exposed Online as Attackers Actively Exploiting RCE Vulnerability&lt;br/&gt;&lt;br/&gt;A critical security flaw in F5’s BIG-IP Access Policy Manager (APM) is currently under active exploitation, leaving thousands of enterprise networks at risk. The vulnerability, officially tracked as CVE-2025-53521, has sparked urgent warnings across the cybersecurity community after its impact was upgraded from a standard Denial-of-Service (DoS) to a severe Remote Code Execution (RCE) flaw. […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/14000-f5-big-ip-apm-exposed-online/&#34;&gt;https://cybersecuritynews.com/14000-f5-big-ip-apm-exposed-online/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/14000-f5-big-ip-apm-exposed-online/&#34;&gt;https://cybersecuritynews.com/14000-f5-big-ip-apm-exposed-online/&lt;/a&gt;
    </content>
    <updated>2026-04-03T17:02:42Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs8gl39kvkph9rcffls432y0pkdwgl5zdh6fe4mk6yejm9tnt7wwkszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwltqch5</id>
    
      <title type="html">Kimsuky Deploys Malicious LNK Files to Deliver Python-Based ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs8gl39kvkph9rcffls432y0pkdwgl5zdh6fe4mk6yejm9tnt7wwkszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwltqch5" />
    <content type="html">
      Kimsuky Deploys Malicious LNK Files to Deliver Python-Based Backdoor in Multi-Stage Attack&lt;br/&gt;&lt;br/&gt;A North Korean threat group known as Kimsuky has been caught running a cyberattack campaign that uses malicious Windows shortcut files, known as LNK files, to quietly install a Python-based backdoor on victim systems. The attack stays hidden across multiple stages, making it harder for security tools to detect before the final payload reaches the […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/kimsuky-deploys-malicious-lnk-files/&#34;&gt;https://cybersecuritynews.com/kimsuky-deploys-malicious-lnk-files/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/kimsuky-deploys-malicious-lnk-files/&#34;&gt;https://cybersecuritynews.com/kimsuky-deploys-malicious-lnk-files/&lt;/a&gt;
    </content>
    <updated>2026-04-03T14:43:09Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsqej00utaj9c7rxvcu460694kzaegpa96l9nkkedzcxkayj0090agzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwxgru85</id>
    
      <title type="html">Axios Maintainer Confirms The npm Compromise Was via a Targeted ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsqej00utaj9c7rxvcu460694kzaegpa96l9nkkedzcxkayj0090agzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwxgru85" />
    <content type="html">
      Axios Maintainer Confirms The npm Compromise Was via a Targeted Social Engineering Attack&lt;br/&gt;&lt;br/&gt;Two malicious versions of the popular JavaScript HTTP library Axios were briefly published to the npm registry on March 31, 2026. Each version carried a hidden dependency that installed a remote access trojan (RAT) across macOS, Windows, and Linux systems. The attack did not exploit a flaw in the Axios code itself. Instead, it targeted […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/axios-maintainer-confirms-the-npm-compromise/&#34;&gt;https://cybersecuritynews.com/axios-maintainer-confirms-the-npm-compromise/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/axios-maintainer-confirms-the-npm-compromise/&#34;&gt;https://cybersecuritynews.com/axios-maintainer-confirms-the-npm-compromise/&lt;/a&gt;
    </content>
    <updated>2026-04-03T14:22:41Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsxkx0swf0q0w5fg8j9pu86lgupkph6c64z4dvd7a0j6p8futax2vgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwf5ly54</id>
    
      <title type="html">Hackers Abuse Trusted Platforms to Steal Bank Credentials From ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsxkx0swf0q0w5fg8j9pu86lgupkph6c64z4dvd7a0j6p8futax2vgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwf5ly54" />
    <content type="html">
      Hackers Abuse Trusted Platforms to Steal Bank Credentials From Philippine Users&lt;br/&gt;&lt;br/&gt;A coordinated phishing campaign has been quietly targeting banking customers across the Philippines since early 2024, and it remains active today. The attackers are not relying on crude tricks — they are hiding behind widely trusted internet platforms to steal banking credentials and one-time passwords, then using them to drain victims’ accounts within minutes. The […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-abuse-trusted-platforms/&#34;&gt;https://cybersecuritynews.com/hackers-abuse-trusted-platforms/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-abuse-trusted-platforms/&#34;&gt;https://cybersecuritynews.com/hackers-abuse-trusted-platforms/&lt;/a&gt;
    </content>
    <updated>2026-04-03T14:09:26Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsg23we0xlhrf3f0kryr2z9z9w5amq6zr5z4tju8nvhqk9rzqy0wygzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwgkx5fv</id>
    
      <title type="html">Hackers Use Phorpiex Botnet to Spread Ransomware, Sextortion, and ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsg23we0xlhrf3f0kryr2z9z9w5amq6zr5z4tju8nvhqk9rzqy0wygzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwgkx5fv" />
    <content type="html">
      Hackers Use Phorpiex Botnet to Spread Ransomware, Sextortion, and Crypto-Clipping Malware&lt;br/&gt;&lt;br/&gt;A botnet that has been running since 2011 is back in the spotlight — not because it is new, but because it keeps reinventing itself. Phorpiex, also known as Trik, has grown from a basic spam tool into a full-scale criminal platform capable of delivering ransomware, sending sextortion emails to millions of victims, and silently […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-use-phorpiex-botnet-to-spread-ransomware/&#34;&gt;https://cybersecuritynews.com/hackers-use-phorpiex-botnet-to-spread-ransomware/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-use-phorpiex-botnet-to-spread-ransomware/&#34;&gt;https://cybersecuritynews.com/hackers-use-phorpiex-botnet-to-spread-ransomware/&lt;/a&gt;
    </content>
    <updated>2026-04-03T10:28:10Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsy8ze693grgva7ynma66syucx692cc7e0fz553l9nuejmwfv3qjugzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwrwfk3f</id>
    
      <title type="html">Hackers Use Venom Stealer to Turn ClickFix Lures Into Full Data ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsy8ze693grgva7ynma66syucx692cc7e0fz553l9nuejmwfv3qjugzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwrwfk3f" />
    <content type="html">
      Hackers Use Venom Stealer to Turn ClickFix Lures Into Full Data Exfiltration Pipelines&lt;br/&gt;&lt;br/&gt;A new malware has been quietly spreading across cybercrime networks, and security researchers say it is far more capable than most tools of its kind. Called Venom Stealer, this malware-as-a-service platform does not just harvest credentials — it builds an entire automated attack chain that begins with a simple social engineering trick and ends with […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-use-venom-stealer/&#34;&gt;https://cybersecuritynews.com/hackers-use-venom-stealer/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-use-venom-stealer/&#34;&gt;https://cybersecuritynews.com/hackers-use-venom-stealer/&lt;/a&gt;
    </content>
    <updated>2026-04-03T10:19:34Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqswrgmexfkrmqy8k34wh2w8cyq9fugjhwsvnxruk405l2g8c9hpjjgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw54pwvl</id>
    
      <title type="html">Microsoft Forcing Upgrades to Unmanaged Windows 11, Version 24H2 ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqswrgmexfkrmqy8k34wh2w8cyq9fugjhwsvnxruk405l2g8c9hpjjgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw54pwvl" />
    <content type="html">
      Microsoft Forcing Upgrades to Unmanaged Windows 11, Version 24H2&lt;br/&gt;&lt;br/&gt;Microsoft has officially begun force-upgrading unmanaged Windows 11 version 24H2 devices to version 25H2, marking the final phase of a staged rollout that relies on machine learning to determine device readiness. The move, confirmed in an updated Windows Release Health Dashboard entry, affects all Home and Pro edition devices not managed by IT departments. Starting […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/microsoft-windows-11-24h2/&#34;&gt;https://cybersecuritynews.com/microsoft-windows-11-24h2/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/microsoft-windows-11-24h2/&#34;&gt;https://cybersecuritynews.com/microsoft-windows-11-24h2/&lt;/a&gt;
    </content>
    <updated>2026-04-03T09:19:57Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsfa4s2k648qn4qvffu56xfye3dnkl0dchwchwkks6f0ukwngyyheszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwe80fmd</id>
    
      <title type="html">Multiple TP-Link Vulnerabilities Let Attackers Trigger DoS and ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsfa4s2k648qn4qvffu56xfye3dnkl0dchwchwkks6f0ukwngyyheszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwe80fmd" />
    <content type="html">
      Multiple TP-Link Vulnerabilities Let Attackers Trigger DoS and Crash Routers&lt;br/&gt;&lt;br/&gt;Multiple high-severity vulnerabilities exist in TP-Link’s Tapo C520WS smart security cameras. If exploited, these vulnerabilities may allow adjacent attackers to trigger Denial-of-Service (DoS) conditions, crash the device, or completely bypass authentication. TP-Link has released urgent firmware updates to address these critical security gaps. When a security camera or connected router goes offline due to a […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/tp-link-vulnerabilities-trigger-dos/&#34;&gt;https://cybersecuritynews.com/tp-link-vulnerabilities-trigger-dos/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/tp-link-vulnerabilities-trigger-dos/&#34;&gt;https://cybersecuritynews.com/tp-link-vulnerabilities-trigger-dos/&lt;/a&gt;
    </content>
    <updated>2026-04-03T08:50:19Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs93upy6dlay8xf72ts3hycytsvhekccdh04vc8hx22zspglvs66xszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw8w8vzd</id>
    
      <title type="html">Hackers Compromised 700&#43; Next.js Hosts by Exploiting React2Shell ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs93upy6dlay8xf72ts3hycytsvhekccdh04vc8hx22zspglvs66xszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw8w8vzd" />
    <content type="html">
      Hackers Compromised 700&#43; Next.js Hosts by Exploiting React2Shell Vulnerability&lt;br/&gt;&lt;br/&gt;A massive automated credential theft campaign is actively targeting web applications worldwide. Cybersecurity researchers at Cisco Talos have uncovered an operation by a hacker group tracked as UAT-10608, which has already compromised over 700 servers. The attackers are exploiting a critical security flaw known as React2Shell to gain access and steal highly sensitive data. The […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/700-next-js-hosts-exploited/&#34;&gt;https://cybersecuritynews.com/700-next-js-hosts-exploited/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/700-next-js-hosts-exploited/&#34;&gt;https://cybersecuritynews.com/700-next-js-hosts-exploited/&lt;/a&gt;
    </content>
    <updated>2026-04-03T07:38:26Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsguacdf8ptnttv0udelutsajylrrh5pt0pc87cvss8nwy5algh27qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw2jrqju</id>
    
      <title type="html">CERT-EU Confirms Trivy Supply Chain Attack Led to European ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsguacdf8ptnttv0udelutsajylrrh5pt0pc87cvss8nwy5algh27qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw2jrqju" />
    <content type="html">
      CERT-EU Confirms Trivy Supply Chain Attack Led to European Commission AWS Breach&lt;br/&gt;&lt;br/&gt;The European Commission’s primary web platform, “europa.eu,” recently suffered a severe data breach stemming from a supply-chain compromise involving the popular open-source vulnerability scanner, Trivy. On April 3, 2026, CERT-EU published an official advisory detailing how a threat actor known as TeamPCP exploited the compromised continuous integration and continuous delivery (CI/CD) tool to harvest Amazon […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/european-commission-breach-trivy/&#34;&gt;https://cybersecuritynews.com/european-commission-breach-trivy/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/european-commission-breach-trivy/&#34;&gt;https://cybersecuritynews.com/european-commission-breach-trivy/&lt;/a&gt;
    </content>
    <updated>2026-04-03T07:25:19Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsyku9ltzcjswctphlu8s8dwcyxrksl4cnlvctvs09tlvq088qphngzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw96pnnf</id>
    
      <title type="html">North Korea-Linked Hackers Compromise Axios npm Package in Major ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsyku9ltzcjswctphlu8s8dwcyxrksl4cnlvctvs09tlvq088qphngzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw96pnnf" />
    <content type="html">
      North Korea-Linked Hackers Compromise Axios npm Package in Major Supply Chain Attack&lt;br/&gt;&lt;br/&gt;A North Korea-linked threat group has successfully hijacked one of the most widely used JavaScript libraries on the internet, injecting malware into millions of potential development environments. On March 31, 2026, attackers gained access to the Axios Node Package Manager (npm) package using stolen maintainer credentials, turning a trusted tool into a weapon against unsuspecting […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/north-korea-linked-hackers-compromise-axios-npm-package/&#34;&gt;https://cybersecuritynews.com/north-korea-linked-hackers-compromise-axios-npm-package/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/north-korea-linked-hackers-compromise-axios-npm-package/&#34;&gt;https://cybersecuritynews.com/north-korea-linked-hackers-compromise-axios-npm-package/&lt;/a&gt;
    </content>
    <updated>2026-04-03T06:42:35Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs8hn5fvul45yr6e3rczya0y0htyzwt3u5ca8tyu57lgvq7n6thdmgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwhfyv8u</id>
    
      <title type="html">20 Best Application Performance Monitoring Tools in 2026 ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs8hn5fvul45yr6e3rczya0y0htyzwt3u5ca8tyu57lgvq7n6thdmgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwhfyv8u" />
    <content type="html">
      20 Best Application Performance Monitoring Tools in 2026&lt;br/&gt;&lt;br/&gt;Applications’ performance and availability are monitored, measured, and optimized as part of the practice known as application performance monitoring (APM). Using APM tools and methodologies, organizations may diagnose issues that impair the user experience, discover performance bottlenecks, and gain visibility into how their applications operate. Application performance management (APM) involves monitoring several performance measures, including […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/application-performance-monitoring-tools/&#34;&gt;https://cybersecuritynews.com/application-performance-monitoring-tools/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/application-performance-monitoring-tools/&#34;&gt;https://cybersecuritynews.com/application-performance-monitoring-tools/&lt;/a&gt;
    </content>
    <updated>2026-04-03T05:30:02Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsv0xxgt5p6k5uw8h7p6nlsnmsh5t2g24z3dph2xxwlq6lw4e3ctnszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwc27578</id>
    
      <title type="html">Best VPN For Linux In 2026 Linux users are known for prioritizing ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsv0xxgt5p6k5uw8h7p6nlsnmsh5t2g24z3dph2xxwlq6lw4e3ctnszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwc27578" />
    <content type="html">
      Best VPN For Linux In 2026&lt;br/&gt;&lt;br/&gt;Linux users are known for prioritizing privacy, control, and performance — and in 2026, choosing the best VPN for Linux has become more important than ever. While Linux offers stronger security compared to other operating systems, it still doesn’t protect against ISP tracking, geo-restrictions, public Wi-Fi threats, or advanced surveillance. A reliable Linux VPN encrypts your internet […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/best-vpn-for-linux/&#34;&gt;https://cybersecuritynews.com/best-vpn-for-linux/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/best-vpn-for-linux/&#34;&gt;https://cybersecuritynews.com/best-vpn-for-linux/&lt;/a&gt;
    </content>
    <updated>2026-04-03T05:20:38Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs9050fatlj3xhrau7l6ck6ma2a29kvl5h73retepwpfml2g84pgnqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw9yt80e</id>
    
      <title type="html">How Elite SOCs Cut Escalation Rates by Arming Tier 1 With Better ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs9050fatlj3xhrau7l6ck6ma2a29kvl5h73retepwpfml2g84pgnqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw9yt80e" />
    <content type="html">
      How Elite SOCs Cut Escalation Rates by Arming Tier 1 With Better Threat Intelligence&lt;br/&gt;&lt;br/&gt;In a mature Security Operations Center, escalation is supposed to work like a scalpel, precise, intentional, and reserved for alerts that genuinely demand deeper expertise. But across many teams today, it has become something far less disciplined: a reflex, a pressure valve, a way to pass uncertainty up the chain. The consequences are predictable. Tier […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/reduce-soc-escalation-rates-tier-1-alert-triage/&#34;&gt;https://cybersecuritynews.com/reduce-soc-escalation-rates-tier-1-alert-triage/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/reduce-soc-escalation-rates-tier-1-alert-triage/&#34;&gt;https://cybersecuritynews.com/reduce-soc-escalation-rates-tier-1-alert-triage/&lt;/a&gt;
    </content>
    <updated>2026-04-02T16:58:08Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsxuqdj6w50nyqprqa7ge5mmklsjyyq6z60ns4qw07gdcym8h3nn5czyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkgqh5y</id>
    
      <title type="html">Hackers Clone CERT-UA Site to Trick Victims Into Installing ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsxuqdj6w50nyqprqa7ge5mmklsjyyq6z60ns4qw07gdcym8h3nn5czyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkgqh5y" />
    <content type="html">
      Hackers Clone CERT-UA Site to Trick Victims Into Installing Go-Based RAT&lt;br/&gt;&lt;br/&gt;A threat group recently set up a convincing fake version of Ukraine’s official cybersecurity authority website to trick targets into downloading a dangerous remote access tool. The campaign, now tracked under the identifier UAC-0255, relied on a mix of phishing emails and a cloned government website to push malware onto the computers of government workers, […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-clone-cert-ua-site/&#34;&gt;https://cybersecuritynews.com/hackers-clone-cert-ua-site/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-clone-cert-ua-site/&#34;&gt;https://cybersecuritynews.com/hackers-clone-cert-ua-site/&lt;/a&gt;
    </content>
    <updated>2026-04-02T16:15:03Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs0xl36t60g3zy68djv359w2zgqe9cl8jcwuahme85l0rttmvl2phqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwcpxwm8</id>
    
      <title type="html">New Akira Lookalike Ransomware Campaign Targeting Windows Users ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs0xl36t60g3zy68djv359w2zgqe9cl8jcwuahme85l0rttmvl2phqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwcpxwm8" />
    <content type="html">
      New Akira Lookalike Ransomware Campaign Targeting Windows Users in South America&lt;br/&gt;&lt;br/&gt;A new and dangerous ransomware campaign has surfaced across South America, targeting Windows users with a carefully crafted strain that closely imitates the well-known Akira ransomware. While the two may appear nearly identical on the surface, this new threat is built on an entirely different foundation — one that quietly borrows from another notorious ransomware […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/new-akira-lookalike-ransomware-campaign/&#34;&gt;https://cybersecuritynews.com/new-akira-lookalike-ransomware-campaign/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/new-akira-lookalike-ransomware-campaign/&#34;&gt;https://cybersecuritynews.com/new-akira-lookalike-ransomware-campaign/&lt;/a&gt;
    </content>
    <updated>2026-04-02T16:12:28Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsz4ewl6004nxacqc6akc6xtp8cwh2h3r93l0ehr3u5up77rse99aczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwhu3ca9</id>
    
      <title type="html">Qilin Ransomware Uses Malicious DLL to Kill Almost Every ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsz4ewl6004nxacqc6akc6xtp8cwh2h3r93l0ehr3u5up77rse99aczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwhu3ca9" />
    <content type="html">
      Qilin Ransomware Uses Malicious DLL to Kill Almost Every Vendor’s EDR Solutions&lt;br/&gt;&lt;br/&gt;Qilin ransomware group is deploying a sophisticated, multi-stage infection chain via a malicious msimg32.dll that can disable over 300 endpoint detection and response (EDR) drivers from virtually every major security vendor. As organizations increasingly rely on EDR solutions, which offer far greater behavioral visibility than legacy antivirus, threat actors have adapted by weaponizing EDR killers […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/qilin-ransomware-kill-edr/&#34;&gt;https://cybersecuritynews.com/qilin-ransomware-kill-edr/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/qilin-ransomware-kill-edr/&#34;&gt;https://cybersecuritynews.com/qilin-ransomware-kill-edr/&lt;/a&gt;
    </content>
    <updated>2026-04-02T15:42:35Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs2q60j9387j8wzhv4wcgap277na3dckav24jcmlr45w26a7558esczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwsmgm9c</id>
    
      <title type="html">OpenSSH 10.3 Fixes Shell Injection and Multiple SSH Security ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs2q60j9387j8wzhv4wcgap277na3dckav24jcmlr45w26a7558esczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwsmgm9c" />
    <content type="html">
      OpenSSH 10.3 Fixes Shell Injection and Multiple SSH Security Issues&lt;br/&gt;&lt;br/&gt;The OpenSSH project released version 10.3 and 10.3p1 on April 2, 2026, addressing a shell injection vulnerability and introducing several security-hardening changes that administrators should review before upgrading. The most notable security fix targets a shell injection vulnerability in the -J (ProxyJump) command-line option. Prior to this release, user and host names passed via -J […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/openssh-10-3-release/&#34;&gt;https://cybersecuritynews.com/openssh-10-3-release/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/openssh-10-3-release/&#34;&gt;https://cybersecuritynews.com/openssh-10-3-release/&lt;/a&gt;
    </content>
    <updated>2026-04-02T14:54:30Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsq66tazjz70nw3wf5fzk96k7cadfl33zw4fy0nc9jfs9nzeal73qczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw03ssx9</id>
    
      <title type="html">Hackers Abuse DOCX, RTF, JS, and Python in Stealthy Boeing RFQ ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsq66tazjz70nw3wf5fzk96k7cadfl33zw4fy0nc9jfs9nzeal73qczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw03ssx9" />
    <content type="html">
      Hackers Abuse DOCX, RTF, JS, and Python in Stealthy Boeing RFQ Malware Campaign&lt;br/&gt;&lt;br/&gt;A seemingly routine procurement email has become the entry point for a sophisticated six-stage malware attack targeting industrial suppliers and procurement teams. The campaign, tracked as NKFZ5966PURCHASE, disguises itself as a Boeing Request for Quotation (RFQ) from a person named “Joyce Malave,” luring victims into opening a malicious Word document. Once opened, the file silently […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-abuse-docx-rtf-js-and-python-in-boeing-rfq/&#34;&gt;https://cybersecuritynews.com/hackers-abuse-docx-rtf-js-and-python-in-boeing-rfq/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-abuse-docx-rtf-js-and-python-in-boeing-rfq/&#34;&gt;https://cybersecuritynews.com/hackers-abuse-docx-rtf-js-and-python-in-boeing-rfq/&lt;/a&gt;
    </content>
    <updated>2026-04-02T14:53:54Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqspgl2ws360da552yh4a87qkfuc69fepjnm0s3uzls9xf0re6z0mnszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwc0dvss</id>
    
      <title type="html">CISA Warns of Chrome 0-Day Vulnerability Actively Exploited in ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqspgl2ws360da552yh4a87qkfuc69fepjnm0s3uzls9xf0re6z0mnszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwc0dvss" />
    <content type="html">
      CISA Warns of Chrome 0-Day Vulnerability Actively Exploited in Attacks&lt;br/&gt;&lt;br/&gt;A critical warning has been issued over a newly discovered zero-day vulnerability in Google Chrome, raising serious concerns for users worldwide. This flaw is actively exploited in the wild, allowing attackers to bypass security protections and execute malicious code, and was added to the Known Exploited Vulnerabilities (KEV) catalog on April 1, 2026. The discovery […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/chrome-0-day-flaw-exploited/&#34;&gt;https://cybersecuritynews.com/chrome-0-day-flaw-exploited/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/chrome-0-day-flaw-exploited/&#34;&gt;https://cybersecuritynews.com/chrome-0-day-flaw-exploited/&lt;/a&gt;
    </content>
    <updated>2026-04-02T14:31:00Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqszdm5p8q2hs2w24pmmz05k2r3fegwp49sjrpmmdctuhu9v8g4n97qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwlqv4ka</id>
    
      <title type="html">NoVoice on Google Play with 22 Exploits Attacks Millions of ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqszdm5p8q2hs2w24pmmz05k2r3fegwp49sjrpmmdctuhu9v8g4n97qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwlqv4ka" />
    <content type="html">
      NoVoice on Google Play with 22 Exploits Attacks Millions of Android Users&lt;br/&gt;&lt;br/&gt;A dangerous Android rootkit named NoVoice has been hiding inside over 50 apps on Google Play, compromising more than 2.3 million devices worldwide. Tracked as Operation NoVoice, the malware uses 22 exploits to take full control of a device without raising any alerts, making it one of the most destructive Android threats uncovered in recent […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/novoice-on-google-play/&#34;&gt;https://cybersecuritynews.com/novoice-on-google-play/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/novoice-on-google-play/&#34;&gt;https://cybersecuritynews.com/novoice-on-google-play/&lt;/a&gt;
    </content>
    <updated>2026-04-02T13:50:07Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs0wpenp5tkclft3xt7hzvtn4yd0ad8dynyp3kulf8pvmcgyypry5gzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkqpj2l</id>
    
      <title type="html">Apple Expands iOS 18.7.7 Update to More Devices to Shield Users ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs0wpenp5tkclft3xt7hzvtn4yd0ad8dynyp3kulf8pvmcgyypry5gzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkqpj2l" />
    <content type="html">
      Apple Expands iOS 18.7.7 Update to More Devices to Shield Users from DarkSword Exploit&lt;br/&gt;&lt;br/&gt;Apple has taken the rare step of expanding the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader set of devices on April 1, 2026, pushing critical backported security patches to millions of users still running iOS 18 who remain exposed to DarkSword, a sophisticated, web-delivered exploit chain capable of silently stealing vast amounts […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/apple-expands-ios-18-7-7-update/&#34;&gt;https://cybersecuritynews.com/apple-expands-ios-18-7-7-update/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/apple-expands-ios-18-7-7-update/&#34;&gt;https://cybersecuritynews.com/apple-expands-ios-18-7-7-update/&lt;/a&gt;
    </content>
    <updated>2026-04-02T11:54:43Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs08ld23nyzhx26m7ue6ve9gclpcnlg6y2hhf06slcvv5rmv04t6xczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw46tadn</id>
    
      <title type="html">New ZAP PTK Add-On Maps Browser-Based Security Findings as Native ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs08ld23nyzhx26m7ue6ve9gclpcnlg6y2hhf06slcvv5rmv04t6xczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw46tadn" />
    <content type="html">
      New ZAP PTK Add-On Maps Browser-Based Security Findings as Native Alert Into ZAP&lt;br/&gt;&lt;br/&gt;The OWASP Zed Attack Proxy (ZAP) team has rolled out version 0.3.0 of the OWASP PenTest Kit (PTK) add-on, introducing a transformative workflow upgrade for application security testing. This new release bridges the critical gap between traditional proxy-level scanning and modern client-side execution by mapping in-browser security findings directly into native ZAP alerts. ZAP has […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/zap-ptk-add-on/&#34;&gt;https://cybersecuritynews.com/zap-ptk-add-on/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/zap-ptk-add-on/&#34;&gt;https://cybersecuritynews.com/zap-ptk-add-on/&lt;/a&gt;
    </content>
    <updated>2026-04-02T11:27:45Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqspgfhc2jdthww3hhwxsc2xkl809nvav7jmjq5p9mkxtq87a3s46mszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kww8r9wn</id>
    
      <title type="html">Cisco Smart Software Manager Vulnerability Let Attackers Execute ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqspgfhc2jdthww3hhwxsc2xkl809nvav7jmjq5p9mkxtq87a3s46mszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kww8r9wn" />
    <content type="html">
      Cisco Smart Software Manager Vulnerability Let Attackers Execute Arbitrary Commands&lt;br/&gt;&lt;br/&gt;Cisco has issued an urgent security warning regarding a critical vulnerability in its Smart Software Manager On-Prem (SSM On-Prem) platform. Enterprise organizations widely use this tool to manage their Cisco software licenses locally. Tracked as CVE-2026-20160, the flaw carries a near-perfect CVSS severity score of 9.8 out of 10. If exploited, it allows an unauthenticated, […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/cisco-smart-software-manager-vulnerability/&#34;&gt;https://cybersecuritynews.com/cisco-smart-software-manager-vulnerability/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/cisco-smart-software-manager-vulnerability/&#34;&gt;https://cybersecuritynews.com/cisco-smart-software-manager-vulnerability/&lt;/a&gt;
    </content>
    <updated>2026-04-02T10:13:06Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsgmgg48k5tvt50thpm0ews7vrt22q78lvf7faznsd4mqrpkj3dgzszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwg5gfkt</id>
    
      <title type="html">Oracle Lays Off 30,000 Employees to Ramp Up Investment in AI ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsgmgg48k5tvt50thpm0ews7vrt22q78lvf7faznsd4mqrpkj3dgzszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwg5gfkt" />
    <content type="html">
      Oracle Lays Off 30,000 Employees to Ramp Up Investment in AI Technologies&lt;br/&gt;&lt;br/&gt;Oracle has executed a massive workforce reduction, eliminating between 20,000 and 30,000 employees globally to free up cash flow for its aggressive artificial intelligence infrastructure investments. The layoffs, representing roughly 18% of its workforce, were communicated abruptly via email, highlighting the company’s urgent shift in financial strategy amid mounting debt. On Tuesday morning, up to […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/oracle-lays-off-30000-employees/&#34;&gt;https://cybersecuritynews.com/oracle-lays-off-30000-employees/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/oracle-lays-off-30000-employees/&#34;&gt;https://cybersecuritynews.com/oracle-lays-off-30000-employees/&lt;/a&gt;
    </content>
    <updated>2026-04-02T10:06:55Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsvdnanngnhcegttvlk655j55u6t7ul2433uqmrq243lasrewgqyggzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwwp6fa4</id>
    
      <title type="html">FBI Warns of Chinese Mobile Apps May Expose User Data to ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsvdnanngnhcegttvlk655j55u6t7ul2433uqmrq243lasrewgqyggzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwwp6fa4" />
    <content type="html">
      FBI Warns of Chinese Mobile Apps May Expose User Data to Cyberattacks&lt;br/&gt;&lt;br/&gt;Millions of Americans use mobile apps daily without thinking much about where their data actually goes. The Federal Bureau of Investigation has stepped forward to address that. On March 31, 2026, the FBI released a Public Service Announcement outlining serious data security risks connected to mobile applications developed by foreign companies — particularly those based […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/fbi-warns-of-chinese-mobile-apps/&#34;&gt;https://cybersecuritynews.com/fbi-warns-of-chinese-mobile-apps/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/fbi-warns-of-chinese-mobile-apps/&#34;&gt;https://cybersecuritynews.com/fbi-warns-of-chinese-mobile-apps/&lt;/a&gt;
    </content>
    <updated>2026-04-02T09:35:10Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsz005tq02ffcl3cyj5ppyclqy9sq8usah0749y6emg65g4tkhw53szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwesealm</id>
    
      <title type="html">TA416 Expands Espionage Operations Across Europe With Web Bug ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsz005tq02ffcl3cyj5ppyclqy9sq8usah0749y6emg65g4tkhw53szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwesealm" />
    <content type="html">
      TA416 Expands Espionage Operations Across Europe With Web Bug Recon and Malware Delivery&lt;br/&gt;&lt;br/&gt;TA416 has returned to Europe with a fresh wave of espionage emails aimed at government and diplomatic staff. The campaign mixes quiet reconnaissance with malware delivery, showing how a patient threat actor can test who opens a message before sending a more dangerous follow-up. From mid-2025 into early 2026, the China-aligned group targeted diplomatic missions […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/ta416-expands-espionage-operations-across-europe/&#34;&gt;https://cybersecuritynews.com/ta416-expands-espionage-operations-across-europe/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/ta416-expands-espionage-operations-across-europe/&#34;&gt;https://cybersecuritynews.com/ta416-expands-espionage-operations-across-europe/&lt;/a&gt;
    </content>
    <updated>2026-04-02T09:16:31Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqspkmjr2wl83p2mtgjeqeap2jr9cj06trey9sftpt8ced2gspd6dugzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw3242sm</id>
    
      <title type="html">Microsoft Copilot Terms of Service Label Copilot is for ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqspkmjr2wl83p2mtgjeqeap2jr9cj06trey9sftpt8ced2gspd6dugzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw3242sm" />
    <content type="html">
      Microsoft Copilot Terms of Service Label Copilot is for Entertainment Purposes Only&lt;br/&gt;&lt;br/&gt;Microsoft’s terms of service for its Copilot AI assistant include a notable disclaimer that has sparked renewed scrutiny from security and enterprise communities: the product is intended solely for entertainment purposes. According to the official Copilot terms of use, Microsoft explicitly states that Copilot can make mistakes, may not function as intended, and should not […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/microsoft-copilot-terms-of-service/&#34;&gt;https://cybersecuritynews.com/microsoft-copilot-terms-of-service/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/microsoft-copilot-terms-of-service/&#34;&gt;https://cybersecuritynews.com/microsoft-copilot-terms-of-service/&lt;/a&gt;
    </content>
    <updated>2026-04-02T08:45:20Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqszulqupzluaevt9xjpr2l2txjvt02gcrhscjqvuhm6fdljpruza9szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwydda8j</id>
    
      <title type="html">New WhatsApp Attack Chain Uses VBS Scripts, Cloud Downloads, and ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqszulqupzluaevt9xjpr2l2txjvt02gcrhscjqvuhm6fdljpruza9szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwydda8j" />
    <content type="html">
      New WhatsApp Attack Chain Uses VBS Scripts, Cloud Downloads, and MSI Backdoors&lt;br/&gt;&lt;br/&gt;A new malware campaign is actively using WhatsApp to deliver harmful files directly to Windows users, exploiting the widespread trust placed in everyday messaging apps. The threat actors send malicious Visual Basic Script (VBS) files through WhatsApp messages, knowing that users rarely question attachments from familiar platforms. Once a recipient runs one of these files, […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/new-whatsapp-attack-chain-uses-vbs-scripts/&#34;&gt;https://cybersecuritynews.com/new-whatsapp-attack-chain-uses-vbs-scripts/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/new-whatsapp-attack-chain-uses-vbs-scripts/&#34;&gt;https://cybersecuritynews.com/new-whatsapp-attack-chain-uses-vbs-scripts/&lt;/a&gt;
    </content>
    <updated>2026-04-02T08:24:48Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs2ka7wq7fe7fwenfve54ykwh5734p7r02lmnslmysw7nhjqc7sktqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwdx9dgd</id>
    
      <title type="html">Critical Cisco IMC Vulnerability Let Attackers Bypass ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs2ka7wq7fe7fwenfve54ykwh5734p7r02lmnslmysw7nhjqc7sktqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwdx9dgd" />
    <content type="html">
      Critical Cisco IMC Vulnerability Let Attackers Bypass Authentication&lt;br/&gt;&lt;br/&gt;Cisco has recently disclosed a critical security flaw affecting its Integrated Management Controller (IMC), prompting the release of urgent software updates. The vulnerability, officially tracked as CVE-2026-20093, has been assigned a critical Base CVSS score of 9.8, indicating the highest level of severity. This security weakness is located in the password change functionality of the […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/cisco-imc-vulnerability-2/&#34;&gt;https://cybersecuritynews.com/cisco-imc-vulnerability-2/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/cisco-imc-vulnerability-2/&#34;&gt;https://cybersecuritynews.com/cisco-imc-vulnerability-2/&lt;/a&gt;
    </content>
    <updated>2026-04-02T07:26:41Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs2qvfjk8z6mjqklhtzhr8245yzfryvnp5pn8drdkh5rd5cjsuff4szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwhs929m</id>
    
      <title type="html">Remcos RAT Infection Chain Hides Behind Obfuscated Scripts and ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs2qvfjk8z6mjqklhtzhr8245yzfryvnp5pn8drdkh5rd5cjsuff4szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwhs929m" />
    <content type="html">
      Remcos RAT Infection Chain Hides Behind Obfuscated Scripts and Trusted Windows Binaries&lt;br/&gt;&lt;br/&gt;Cybercriminals are getting better at hiding their tracks, and a recently uncovered Remcos RAT campaign is proof of that. This attack does not rely on a single malicious file dropped onto a system. Instead, it uses a carefully built, multi-stage chain that starts with a simple phishing email and ends with a full, in-memory system […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/remcos-rat-infection-chain-hides-behind-obfuscated/&#34;&gt;https://cybersecuritynews.com/remcos-rat-infection-chain-hides-behind-obfuscated/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/remcos-rat-infection-chain-hides-behind-obfuscated/&#34;&gt;https://cybersecuritynews.com/remcos-rat-infection-chain-hides-behind-obfuscated/&lt;/a&gt;
    </content>
    <updated>2026-04-02T07:06:06Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs0x0zucz27mep6yp76pdlvpvar8wnqvtnfpfx96km3u82ue3z3fuczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwg7pllx</id>
    
      <title type="html">Symantec DLP Agent Vulnerability Let Attackers Escalate ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs0x0zucz27mep6yp76pdlvpvar8wnqvtnfpfx96km3u82ue3z3fuczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwg7pllx" />
    <content type="html">
      Symantec DLP Agent Vulnerability Let Attackers Escalate Privileges&lt;br/&gt;&lt;br/&gt;A high-severity security flaw has been identified in the Symantec Data Loss Prevention (DLP) Agent for Windows. Tracked as CVE-2026-3991, this vulnerability allows a low-privileged local attacker to escalate their system privileges to the highest level. Security researcher Manuel Feifel discovered the flaw, and Broadcom has recently released patches to address the issue. The vulnerability […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/symantec-dlp-agent-vulnerability/&#34;&gt;https://cybersecuritynews.com/symantec-dlp-agent-vulnerability/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/symantec-dlp-agent-vulnerability/&#34;&gt;https://cybersecuritynews.com/symantec-dlp-agent-vulnerability/&lt;/a&gt;
    </content>
    <updated>2026-04-02T06:46:14Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsxd54x2e5kqx9zqh2ju6yy5ddr3r88qgfxyfrew24r5z32cp8tdmczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkw4tex</id>
    
      <title type="html">Starbucks Breach – Attacks Allegedly Claim 10GB of Stolen ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsxd54x2e5kqx9zqh2ju6yy5ddr3r88qgfxyfrew24r5z32cp8tdmczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkw4tex" />
    <content type="html">
      Starbucks Breach – Attacks Allegedly Claim 10GB of Stolen Source Code&lt;br/&gt;&lt;br/&gt;The threat group ShadowByt3s has claimed responsibility for a new cyberattack on Starbucks, allegedly stealing 10GB of proprietary source code and operational firmware. The data was reportedly scraped from a misconfigured Amazon S3 bucket named “sbux-assets” as part of a broader campaign targeting cloud vulnerabilities. A threat actor operating under the moniker “BlackVortex1” posted on […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/starbucks-breach/&#34;&gt;https://cybersecuritynews.com/starbucks-breach/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/starbucks-breach/&#34;&gt;https://cybersecuritynews.com/starbucks-breach/&lt;/a&gt;
    </content>
    <updated>2026-04-02T06:28:12Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsdmhs9teqw6waru6sge0m8dcl0jzn9kfeazjfvefqwfum795zzddgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwshn6rm</id>
    
      <title type="html">10 Best VPN For Privacy In 2026 When it comes to privacy-focused ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsdmhs9teqw6waru6sge0m8dcl0jzn9kfeazjfvefqwfum795zzddgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwshn6rm" />
    <content type="html">
      10 Best VPN For Privacy In 2026&lt;br/&gt;&lt;br/&gt;When it comes to privacy-focused VPNs, several providers stand out in 2026. NordVPN, based in Panama, offers robust security features including Double VPN, Onion over VPN, and an independently audited no-logs policy. Proton VPN, founded by CERN scientists and based in Switzerland, is known for its strong commitment to privacy and its Secure Core servers […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/best-vpn-for-privacy/&#34;&gt;https://cybersecuritynews.com/best-vpn-for-privacy/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/best-vpn-for-privacy/&#34;&gt;https://cybersecuritynews.com/best-vpn-for-privacy/&lt;/a&gt;
    </content>
    <updated>2026-04-02T05:39:50Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsqghpj9gh62ncx68zesfyj9tvuxxvgdc4tf8jc9gcd66uuxncpdfszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw09al2v</id>
    
      <title type="html">Top 20 Best Digital Forensic Tools in 2026 Digital forensic tools ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsqghpj9gh62ncx68zesfyj9tvuxxvgdc4tf8jc9gcd66uuxncpdfszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw09al2v" />
    <content type="html">
      Top 20 Best Digital Forensic Tools in 2026&lt;br/&gt;&lt;br/&gt;Digital forensic tools are specialized software designed to analyze, recover, and investigate data from digital devices. They help uncover crucial evidence in cybercrime investigations and legal proceedings. These tools can extract data from various sources, including computers, smartphones, and storage devices, ensuring comprehensive digital footprints and activities analysis. They offer features like data carving, metadata […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/best-digital-forensic-tools/&#34;&gt;https://cybersecuritynews.com/best-digital-forensic-tools/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/best-digital-forensic-tools/&#34;&gt;https://cybersecuritynews.com/best-digital-forensic-tools/&lt;/a&gt;
    </content>
    <updated>2026-04-02T05:30:02Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsxg74ns2czfu0wjtjwtc2d9l3z5sq3ts0wc73qxvpz5m4ctxxmr2gzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw25kk6q</id>
    
      <title type="html">Vim Modeline Bypass Vulnerability Let Attackers Execute Arbitrary ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsxg74ns2czfu0wjtjwtc2d9l3z5sq3ts0wc73qxvpz5m4ctxxmr2gzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw25kk6q" />
    <content type="html">
      Vim Modeline Bypass Vulnerability Let Attackers Execute Arbitrary OS Commands&lt;br/&gt;&lt;br/&gt;A newly discovered high-severity vulnerability in the popular Vim text editor exposes users to arbitrary command execution on the operating system. Tracked as CVE-2026-34982, the flaw relies on a modeline sandbox bypass that triggers when a victim opens a specially crafted file. Security researchers “dfwjj x” and Avishay Matayev identified a vulnerability chain that affects […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/vim-modeline-bypass-vulnerability/&#34;&gt;https://cybersecuritynews.com/vim-modeline-bypass-vulnerability/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/vim-modeline-bypass-vulnerability/&#34;&gt;https://cybersecuritynews.com/vim-modeline-bypass-vulnerability/&lt;/a&gt;
    </content>
    <updated>2026-04-02T02:31:41Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs22uwa33wfewsnke7aqrlns4gjszesgfhkh9eca42rjjcgdupdmvszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkf3lqu</id>
    
      <title type="html">Public PoC Exploit Released for Nginx-UI Backup Restore ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs22uwa33wfewsnke7aqrlns4gjszesgfhkh9eca42rjjcgdupdmvszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkf3lqu" />
    <content type="html">
      Public PoC Exploit Released for Nginx-UI Backup Restore Vulnerability&lt;br/&gt;&lt;br/&gt;A critical security flaw has been disclosed in the Nginx-UI backup restore mechanism, tracked as CVE-2026-33026. This vulnerability allows threat actors to tamper with encrypted backup archives and inject malicious configurations during the restoration process. With a public Proof-of-Concept (PoC) exploit now available, unpatched deployments are at immediate risk of full system compromise. Cryptographic Flaw […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/nginx-ui-backup-restore-vulnerability/&#34;&gt;https://cybersecuritynews.com/nginx-ui-backup-restore-vulnerability/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/nginx-ui-backup-restore-vulnerability/&#34;&gt;https://cybersecuritynews.com/nginx-ui-backup-restore-vulnerability/&lt;/a&gt;
    </content>
    <updated>2026-04-02T02:29:40Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsgzkarzrwhkehcznkcnw3jf5c0anxwx2a5a6a7fe2k4x4r9um742szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwx83g0t</id>
    
      <title type="html">Microsoft to Remove EXIF Data for Images Shared on Teams In a ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsgzkarzrwhkehcznkcnw3jf5c0anxwx2a5a6a7fe2k4x4r9um742szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwx83g0t" />
    <content type="html">
      Microsoft to Remove EXIF Data for Images Shared on Teams&lt;br/&gt;&lt;br/&gt;In a significant move to enhance corporate privacy and operational security, Microsoft has announced an important update for its Teams platform. As part of the March 2026 feature rollout, Microsoft Teams will now automatically remove EXIF metadata from all images shared across chats and channels. This privacy-by-default measure aims to protect users from unintentionally leaking […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/microsoft-remove-exif-data-teams/&#34;&gt;https://cybersecuritynews.com/microsoft-remove-exif-data-teams/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/microsoft-remove-exif-data-teams/&#34;&gt;https://cybersecuritynews.com/microsoft-remove-exif-data-teams/&lt;/a&gt;
    </content>
    <updated>2026-04-02T02:05:20Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsv30tjvf45cuf3phleusxlwsjhdwszegp37yu42qck58938guskgqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwn4zfrp</id>
    
      <title type="html">Magecart Hackers Uses 100&#43; Domains to Hijack eStores Checkouts ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsv30tjvf45cuf3phleusxlwsjhdwszegp37yu42qck58938guskgqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwn4zfrp" />
    <content type="html">
      Magecart Hackers Uses 100&#43; Domains to Hijack eStores Checkouts and Steal Card Data&lt;br/&gt;&lt;br/&gt;A sophisticated and long-running Magecart campaign has been quietly operating for over 24 months, infecting e-commerce websites across at least 12 countries using more than 100 malicious domains to steal payment card data in real time and banks, not merchants, are bearing the heaviest financial blow. Security researchers at ANY.RUN has uncovered a large-scale Magecart […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/magecart-hijack-estore-checkouts/&#34;&gt;https://cybersecuritynews.com/magecart-hijack-estore-checkouts/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/magecart-hijack-estore-checkouts/&#34;&gt;https://cybersecuritynews.com/magecart-hijack-estore-checkouts/&lt;/a&gt;
    </content>
    <updated>2026-04-01T17:13:13Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs0zktmwc7q77k97guqrs3w9np7fnzymxrh9jq9dast5hk4hec94hszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwlgcdcw</id>
    
      <title type="html">Google Cloud’s Vertex AI platform Vulnerability Allow Attackers ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs0zktmwc7q77k97guqrs3w9np7fnzymxrh9jq9dast5hk4hec94hszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwlgcdcw" />
    <content type="html">
      Google Cloud’s Vertex AI platform Vulnerability Allow Attackers to Access Sensitive Data&lt;br/&gt;&lt;br/&gt;Artificial intelligence agents are rapidly becoming integral to enterprise workflows, but they also introduce new attack surfaces. Security researchers recently uncovered a significant vulnerability within Google Cloud Platform’s Vertex AI Agent Engine. By exploiting default permission scoping, attackers could weaponize deployed AI agents into “double agents” that secretly exfiltrate data and compromise cloud infrastructure. Exploiting […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/google-clouds-vertex-ai-platform-vulnerability/&#34;&gt;https://cybersecuritynews.com/google-clouds-vertex-ai-platform-vulnerability/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/google-clouds-vertex-ai-platform-vulnerability/&#34;&gt;https://cybersecuritynews.com/google-clouds-vertex-ai-platform-vulnerability/&lt;/a&gt;
    </content>
    <updated>2026-04-01T13:06:14Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs24v4cuxk6at90uhlrwhlhwnycx3h8tma8kky2cpu8qhl95heqd3czyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwljd32e</id>
    
      <title type="html">Hackers Actively Exploiting Critical WebLogic RCE Vulnerabilities ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs24v4cuxk6at90uhlrwhlhwnycx3h8tma8kky2cpu8qhl95heqd3czyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwljd32e" />
    <content type="html">
      Hackers Actively Exploiting Critical WebLogic RCE Vulnerabilities in Attacks&lt;br/&gt;&lt;br/&gt;A recent cybersecurity study reveals that threat actors are moving faster than ever to weaponize new software flaws. According to data collected from a high-interaction honeypot, hackers are actively exploiting a newly disclosed, maximum-severity vulnerability in Oracle WebLogic Server. The critical flaw, tracked as CVE-2026-21962, carries a CVSS score of 10.0. It allows unauthenticated attackers […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-exploiting-weblogic-rce-vulnerabilities/&#34;&gt;https://cybersecuritynews.com/hackers-exploiting-weblogic-rce-vulnerabilities/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-exploiting-weblogic-rce-vulnerabilities/&#34;&gt;https://cybersecuritynews.com/hackers-exploiting-weblogic-rce-vulnerabilities/&lt;/a&gt;
    </content>
    <updated>2026-04-01T13:01:53Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsqp484jwuutecf4dl4msqla6aaeprcddex8y7zcysy4c5k243we9czyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw4q0wxe</id>
    
      <title type="html">Russian Hackers Using Remote Access Toolkit “CTRL” for RDP ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsqp484jwuutecf4dl4msqla6aaeprcddex8y7zcysy4c5k243we9czyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw4q0wxe" />
    <content type="html">
      Russian Hackers Using Remote Access Toolkit “CTRL” for  RDP Hijacking&lt;br/&gt;&lt;br/&gt;A newly disclosed Russian-linked remote access toolkit called “CTRL” is being used to hijack Remote Desktop Protocol sessions and steal credentials from Windows systems. According to Censys ARC, the malware is a custom .NET framework that combines phishing, keylogging, reverse tunneling, and persistence into one attack chain. Censys ARC said the toolkit was discovered during […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/ctrl-for-rdp-hijacking/&#34;&gt;https://cybersecuritynews.com/ctrl-for-rdp-hijacking/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/ctrl-for-rdp-hijacking/&#34;&gt;https://cybersecuritynews.com/ctrl-for-rdp-hijacking/&lt;/a&gt;
    </content>
    <updated>2026-04-01T12:58:01Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsd5n9ug0ceyse77truvkk67wlmgt3glrfvzemlar6rl9pfu092dfczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwclh3qf</id>
    
      <title type="html">New Chrome Zero-Day Vulnerability Actively Exploited in Attacks ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsd5n9ug0ceyse77truvkk67wlmgt3glrfvzemlar6rl9pfu092dfczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwclh3qf" />
    <content type="html">
      New Chrome Zero-Day Vulnerability Actively Exploited in Attacks — Patch Now&lt;br/&gt;&lt;br/&gt;Google has released an emergency security update for its Chrome browser, patching a zero-day vulnerability that is already being actively exploited in the wild. The Stable channel has been updated to version 146.0.7680.177/178 for Windows and Mac, and 146.0.7680.177 for Linux, with the rollout expected to reach all users over the coming days and weeks. […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/chrome-zero-day-vulnerability-exploited/&#34;&gt;https://cybersecuritynews.com/chrome-zero-day-vulnerability-exploited/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/chrome-zero-day-vulnerability-exploited/&#34;&gt;https://cybersecuritynews.com/chrome-zero-day-vulnerability-exploited/&lt;/a&gt;
    </content>
    <updated>2026-04-01T12:53:43Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsqvwyxp385lcr9d2vsfvunr8duwycr5huezy0tum0n5u8xyw3kcsczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwmvuyzz</id>
    
      <title type="html">HSBC India Asks Customers to use All-Uppercase Passwords ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsqvwyxp385lcr9d2vsfvunr8duwycr5huezy0tum0n5u8xyw3kcsczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwmvuyzz" />
    <content type="html">
      HSBC India Asks Customers to use All-Uppercase Passwords&lt;br/&gt;&lt;br/&gt;Beginning April 6, 2026, HSBC India will require its internet banking customers to enter their passwords in uppercase letters only. The mandate, communicated via official customer emails, has sparked widespread concern among technical experts regarding the bank’s credential storage practices and overall security posture. The Uppercase Migration According to the bank’s recent communications, customers must […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hsbc-india-uppercase-passwords/&#34;&gt;https://cybersecuritynews.com/hsbc-india-uppercase-passwords/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hsbc-india-uppercase-passwords/&#34;&gt;https://cybersecuritynews.com/hsbc-india-uppercase-passwords/&lt;/a&gt;
    </content>
    <updated>2026-04-01T12:32:24Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqstmzu6gyypgmya6h06jynl2my2yvlhddqrps7r835vz705a4la3fqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw0fwalq</id>
    
      <title type="html">Hackers Use EtherRAT and EtherHiding to Hide Malware ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqstmzu6gyypgmya6h06jynl2my2yvlhddqrps7r835vz705a4la3fqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw0fwalq" />
    <content type="html">
      Hackers Use EtherRAT and EtherHiding to Hide Malware Infrastructure on Ethereum&lt;br/&gt;&lt;br/&gt;A sophisticated backdoor called EtherRAT is actively targeting organizations across multiple sectors by hiding its command infrastructure inside the Ethereum blockchain — a move that makes it uniquely hard to track and shut down. The malware runs on Node.js and gives attackers full remote control over compromised machines, enabling them to execute commands, steal cryptocurrency […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-use-etherrat-and-etherhiding/&#34;&gt;https://cybersecuritynews.com/hackers-use-etherrat-and-etherhiding/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-use-etherrat-and-etherhiding/&#34;&gt;https://cybersecuritynews.com/hackers-use-etherrat-and-etherhiding/&lt;/a&gt;
    </content>
    <updated>2026-04-01T12:21:06Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsd6lly9ftv2hyvtnan3udp8umr75l3ces0ctffktrwzzj438vyluczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwr57ucf</id>
    
      <title type="html">Hackers Push CrystalX Malware-as-a-Service Through Telegram With ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsd6lly9ftv2hyvtnan3udp8umr75l3ces0ctffktrwzzj438vyluczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwr57ucf" />
    <content type="html">
      Hackers Push CrystalX Malware-as-a-Service Through Telegram With Stealer and RAT Features&lt;br/&gt;&lt;br/&gt;A new and dangerous piece of malware has surfaced and is being marketed openly to cybercriminals through private Telegram channels. Named CrystalX, this Malware-as-a-Service (MaaS) platform combines a remote access trojan (RAT), credential stealer, keylogger, clipboard hijacker, spyware, and an unusual set of prankware tools into one capable package. Discovered in March 2026, the malware […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-push-crystalx-malware-as-a-service/&#34;&gt;https://cybersecuritynews.com/hackers-push-crystalx-malware-as-a-service/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-push-crystalx-malware-as-a-service/&#34;&gt;https://cybersecuritynews.com/hackers-push-crystalx-malware-as-a-service/&lt;/a&gt;
    </content>
    <updated>2026-04-01T11:36:07Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs20tn24nn4zyznncqns9a9hyetx4k25324puu465g46zeud60x27szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwujd7gd</id>
    
      <title type="html">Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs20tn24nn4zyznncqns9a9hyetx4k25324puu465g46zeud60x27szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwujd7gd" />
    <content type="html">
      Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM &amp;amp; AppSec&lt;br/&gt;&lt;br/&gt;New York, New York, April 1st, 2026, CyberNewswire TAC Infosec, a global leader in cybersecurity (NSE: TAC), with presence across 100&#43; countries, announced a historic milestone by crossing 10,000 clients – 6,500&#43; of TAC Security and 3,500&#43; of CyberScope, since April 2024, delivering on its commitment to shareholders to achieve this by 2026. While building […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/tac-security-10000-clients-top-5/&#34;&gt;https://cybersecuritynews.com/tac-security-10000-clients-top-5/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/tac-security-10000-clients-top-5/&#34;&gt;https://cybersecuritynews.com/tac-security-10000-clients-top-5/&lt;/a&gt;
    </content>
    <updated>2026-04-01T10:36:43Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsf6gzm3l8ksza9fmmcr5u6c5xk2cqu49grkx2yukn4fc245utj0lszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwtwfdx5</id>
    
      <title type="html">Windows 11 Emergency Update to Fix Installation Loop Issues ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsf6gzm3l8ksza9fmmcr5u6c5xk2cqu49grkx2yukn4fc245utj0lszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwtwfdx5" />
    <content type="html">
      Windows 11 Emergency Update to Fix Installation Loop Issues&lt;br/&gt;&lt;br/&gt;Microsoft just released an emergency out-of-band update to resolve a persistent installation failure affecting Windows 11 users. Released on March 31, 2026, update KB5086672 specifically targets systems running Windows 11 versions 25H2 and 24H2. This patch addresses a critical setup bug introduced in late March that prevented users from successfully applying recent system improvements and […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/windows-11-emergency-update/&#34;&gt;https://cybersecuritynews.com/windows-11-emergency-update/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/windows-11-emergency-update/&#34;&gt;https://cybersecuritynews.com/windows-11-emergency-update/&lt;/a&gt;
    </content>
    <updated>2026-04-01T09:59:48Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsdg2wahz86hxgfuyt0uxty4ag9mm96udvpe0f3cxgpkyydeyfde6qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwnwfwuv</id>
    
      <title type="html">North Korean Hackers Compromise Widely Used Axios Package to ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsdg2wahz86hxgfuyt0uxty4ag9mm96udvpe0f3cxgpkyydeyfde6qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwnwfwuv" />
    <content type="html">
      North Korean Hackers Compromise Widely Used Axios Package to Infect Windows, macOS, and Linux Systems&lt;br/&gt;&lt;br/&gt;A major software supply chain attack has struck the JavaScript ecosystem after threat actors slipped a malicious dependency into the widely used axios NPM package. The poisoned releases, axios 1.14.1 and 0.30.4, pulled in plain-crypto-js and quietly delivered the WAVESHAPER.V2 backdoor to Windows, macOS, and Linux systems during installation. The incident is serious because axios […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/north-korean-hackers-compromise-widely-used-axios-package/&#34;&gt;https://cybersecuritynews.com/north-korean-hackers-compromise-widely-used-axios-package/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/north-korean-hackers-compromise-widely-used-axios-package/&#34;&gt;https://cybersecuritynews.com/north-korean-hackers-compromise-widely-used-axios-package/&lt;/a&gt;
    </content>
    <updated>2026-04-01T09:00:01Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs8l0zemnd0uw295mhnfyxp2pvv85nrjpwx6ltj0cm7yksraxpwxzqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw5m463y</id>
    
      <title type="html">Hackers Backdoor Telnyx Python SDK on PyPI to Steal Credentials ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs8l0zemnd0uw295mhnfyxp2pvv85nrjpwx6ltj0cm7yksraxpwxzqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw5m463y" />
    <content type="html">
      Hackers Backdoor Telnyx Python SDK on PyPI to Steal Credentials Across Windows, macOS, and Linux&lt;br/&gt;&lt;br/&gt;A threat actor group known as TeamPCP has been caught backdooring the Telnyx Python SDK on PyPI — a popular cloud communications library with over 700,000 downloads in February alone. On March 27, 2026, two malicious versions of the package, 4.87.1 and 4.87.2, were quietly published to the Python Package Index without any matching commits […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-backdoor-telnyx-python-sdk-on-pypi/&#34;&gt;https://cybersecuritynews.com/hackers-backdoor-telnyx-python-sdk-on-pypi/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-backdoor-telnyx-python-sdk-on-pypi/&#34;&gt;https://cybersecuritynews.com/hackers-backdoor-telnyx-python-sdk-on-pypi/&lt;/a&gt;
    </content>
    <updated>2026-04-01T08:48:26Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs9yzs6zzgctekwe6sapcr3asledrfq2v0w2urq76fmp6q0xt9ypvszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw53q7d8</id>
    
      <title type="html">New npm Supply Chain Attack Uses undicy-http to Deploy ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs9yzs6zzgctekwe6sapcr3asledrfq2v0w2urq76fmp6q0xt9ypvszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw53q7d8" />
    <content type="html">
      New npm Supply Chain Attack Uses undicy-http to Deploy Screen-Streaming RAT and Browser Injector&lt;br/&gt;&lt;br/&gt;A malicious npm package named undicy-http has surfaced inside the Node.js developer ecosystem, quietly compromising machines of developers who mistakenly install it. The package impersonates undici, the official HTTP client library bundled with Node.js that handles millions of weekly downloads. Despite sharing a near-identical name, undicy-http contains zero HTTP client functionality. Instead, it launches a two-stage attack capable of stealing […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/new-npm-supply-chain-attack-uses-undicy-http/&#34;&gt;https://cybersecuritynews.com/new-npm-supply-chain-attack-uses-undicy-http/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/new-npm-supply-chain-attack-uses-undicy-http/&#34;&gt;https://cybersecuritynews.com/new-npm-supply-chain-attack-uses-undicy-http/&lt;/a&gt;
    </content>
    <updated>2026-04-01T07:55:34Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsvaxuy2w5vx2xgk39gzd6687mwhx9hmgrx0vz5n693p8g39aq3n5gzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwcek4fa</id>
    
      <title type="html">PNG Vulnerabilities Allow Attackers to Trigger Process Crashes, ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsvaxuy2w5vx2xgk39gzd6687mwhx9hmgrx0vz5n693p8g39aq3n5gzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwcek4fa" />
    <content type="html">
      PNG Vulnerabilities Allow Attackers to Trigger Process Crashes, Leak Sensitive Information&lt;br/&gt;&lt;br/&gt;Two high-severity vulnerabilities have been discovered in libpng, the widely used reference library for reading and writing PNG images. These flaws allow attackers to trigger process crashes, leak sensitive information, and potentially execute arbitrary code by convincing a system to process a crafted PNG file. The vulnerabilities affect any software that parses malformed images, making […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/png-vulnerabilities/&#34;&gt;https://cybersecuritynews.com/png-vulnerabilities/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/png-vulnerabilities/&#34;&gt;https://cybersecuritynews.com/png-vulnerabilities/&lt;/a&gt;
    </content>
    <updated>2026-04-01T07:21:04Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsfy3mrnzuypjvqkcj3zhwtlv9dyetqweytmenf6hq6wsppect92jqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwxeaj7e</id>
    
      <title type="html">XLoader Malware Upgrades Obfuscation Tactics and Hides C2 Traffic ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsfy3mrnzuypjvqkcj3zhwtlv9dyetqweytmenf6hq6wsppect92jqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwxeaj7e" />
    <content type="html">
      XLoader Malware Upgrades Obfuscation Tactics and Hides C2 Traffic Behind Decoy Servers&lt;br/&gt;&lt;br/&gt;A well-known information-stealing malware called XLoader has received significant upgrades in its latest versions, making it considerably harder to detect and analyze than before. Originally derived from a malware family known as FormBook, which first surfaced in 2016, XLoader was rebranded and relaunched in early 2020, and since then, its developers have consistently pushed new […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/xloader-malware-upgrades-obfuscation-tactics/&#34;&gt;https://cybersecuritynews.com/xloader-malware-upgrades-obfuscation-tactics/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/xloader-malware-upgrades-obfuscation-tactics/&#34;&gt;https://cybersecuritynews.com/xloader-malware-upgrades-obfuscation-tactics/&lt;/a&gt;
    </content>
    <updated>2026-04-01T06:46:51Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqszqvtvhxx2qpq2pqevh74dddgxglepp0hlhh79j46ay3fuqj4slhgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwt5hfz8</id>
    
      <title type="html">Mercor AI Confirms Data Breach Following Lapsus$ Claims of 4TB ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqszqvtvhxx2qpq2pqevh74dddgxglepp0hlhh79j46ay3fuqj4slhgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwt5hfz8" />
    <content type="html">
      Mercor AI Confirms Data Breach Following Lapsus$ Claims of 4TB Data Theft&lt;br/&gt;&lt;br/&gt;Mercor AI has officially confirmed a severe data breach following claims by the notorious Lapsus$ hacking group that they stole 4 terabytes of sensitive company data. The incident, stemming from a recent supply chain attack on the open-source LiteLLM project, has exposed proprietary source code, internal databases, and massive amounts of user-verification data. The hacking […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/mercor-ai-data-breach/&#34;&gt;https://cybersecuritynews.com/mercor-ai-data-breach/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/mercor-ai-data-breach/&#34;&gt;https://cybersecuritynews.com/mercor-ai-data-breach/&lt;/a&gt;
    </content>
    <updated>2026-04-01T04:31:16Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs0n6eh60t6su2py5u0epm9vlkup8045qdsdadfe2zm4ylv9la80lczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwaxe4nd</id>
    
      <title type="html">Google Now Allows You to Change your @gmail.com Address in few ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs0n6eh60t6su2py5u0epm9vlkup8045qdsdadfe2zm4ylv9la80lczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwaxe4nd" />
    <content type="html">
      Google Now Allows You to Change your @gmail.com Address in few Simple Steps&lt;br/&gt;&lt;br/&gt;For over two decades, the permanence of a Google Account username has been a strict rule of the digital landscape. Many users found it frustrating to create new accounts and transfer data after outgrowing their childhood email addresses or changing their names. However, Google has recently updated its support documentation to announce that it will […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/google-change-gmail-address/&#34;&gt;https://cybersecuritynews.com/google-change-gmail-address/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/google-change-gmail-address/&#34;&gt;https://cybersecuritynews.com/google-change-gmail-address/&lt;/a&gt;
    </content>
    <updated>2026-04-01T04:04:58Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqspugm6j0tn3y9qme6gelcrl3rf8svj9r0dwzpljjzz7kcnpa5yukczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwcjhht4</id>
    
      <title type="html">Hackers Weaponize Legitimate Windows Tools to Disable Antivirus ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqspugm6j0tn3y9qme6gelcrl3rf8svj9r0dwzpljjzz7kcnpa5yukczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwcjhht4" />
    <content type="html">
      Hackers Weaponize Legitimate Windows Tools to Disable Antivirus Before Ransomware Attacks&lt;br/&gt;&lt;br/&gt;Ransomware attacks have gone far beyond simple malicious code. Today, attackers operate with the precision of a well-planned business, using trusted Windows tools to quietly tear down defenses before ransomware even enters the picture. This shift has made modern ransomware campaigns harder to detect and significantly more damaging. The tools at the center of this […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-weaponize-legitimate-windows-tools/&#34;&gt;https://cybersecuritynews.com/hackers-weaponize-legitimate-windows-tools/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-weaponize-legitimate-windows-tools/&#34;&gt;https://cybersecuritynews.com/hackers-weaponize-legitimate-windows-tools/&lt;/a&gt;
    </content>
    <updated>2026-03-31T13:02:27Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsrptm27p0w0yd9gsut5a7q6rrg0qwpx3sjt7z5ahzlvrhqnld0r0szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw2w4yxn</id>
    
      <title type="html">A new remote access trojan known as ResokerRAT has come to light, ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsrptm27p0w0yd9gsut5a7q6rrg0qwpx3sjt7z5ahzlvrhqnld0r0szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw2w4yxn" />
    <content type="html">
      A new remote access trojan known as ResokerRAT has come to light, using Telegram’s bot API as its core communication channel to silently monitor and control infected Windows machines. What makes this threat stand out is that it does not rely on a traditional command-and-control server. Instead, it misuses a widely trusted messaging platform to […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-deploy-telegram-based-resokerrat/&#34;&gt;https://cybersecuritynews.com/hackers-deploy-telegram-based-resokerrat/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-deploy-telegram-based-resokerrat/&#34;&gt;https://cybersecuritynews.com/hackers-deploy-telegram-based-resokerrat/&lt;/a&gt;
    </content>
    <updated>2026-03-31T12:39:05Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs25nudsx5ya25v7eccsc8y5n00g6vslfce22yy6knm27a5ac4stjczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kws4kxen</id>
    
      <title type="html">Anthropic’s Claude Code Source Code Reportedly Leaked Via Their ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs25nudsx5ya25v7eccsc8y5n00g6vslfce22yy6knm27a5ac4stjczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kws4kxen" />
    <content type="html">
      Anthropic’s Claude Code Source Code Reportedly Leaked Via Their npm Registry&lt;br/&gt;&lt;br/&gt;Anthropic’s proprietary Claude Code CLI tool has had its full TypeScript source code inadvertently exposed through a misconfigured npm package, after a security researcher discovered a leaked .map file referencing the unobfuscated codebase stored on Anthropic’s own cloud infrastructure. On March 31, 2026, researcher Chaofan Shou made the disclosure public, posting: “Claude code source code […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/claude-code-source-code-leaked/&#34;&gt;https://cybersecuritynews.com/claude-code-source-code-leaked/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/claude-code-source-code-leaked/&#34;&gt;https://cybersecuritynews.com/claude-code-source-code-leaked/&lt;/a&gt;
    </content>
    <updated>2026-03-31T11:29:13Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs8zpxy0k590cxa6mcjuh9alnc2cq0mmw3vs9v3yqrk57t3ux932qczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw0p7ulh</id>
    
      <title type="html">CareCloud Data Breach – Hackers Accessed IT Infrastructure and ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs8zpxy0k590cxa6mcjuh9alnc2cq0mmw3vs9v3yqrk57t3ux932qczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw0p7ulh" />
    <content type="html">
      CareCloud Data Breach – Hackers Accessed IT Infrastructure and Stole Patient Data&lt;br/&gt;&lt;br/&gt;A prominent healthcare technology provider has formally disclosed a significant cybersecurity incident involving unauthorized access to its IT infrastructure. An unauthorized actor compromised one of the company’s electronic health record (EHR) systems, raising concerns over possible exposure of sensitive patient data. The security breach initially unfolded on March 16, 2026. The intrusion caused a temporary […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/carecloud-data-breach/&#34;&gt;https://cybersecuritynews.com/carecloud-data-breach/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/carecloud-data-breach/&#34;&gt;https://cybersecuritynews.com/carecloud-data-breach/&lt;/a&gt;
    </content>
    <updated>2026-03-31T10:40:56Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsfyguv7pt5zq9zqgeggft025dwg0ynfpdz3u7avg4uvwqdxlg7vaqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkzty84</id>
    
      <title type="html">Apple New macOS Tahoe Feature Warns Users on ClickFix Attacks ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsfyguv7pt5zq9zqgeggft025dwg0ynfpdz3u7avg4uvwqdxlg7vaqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkzty84" />
    <content type="html">
      Apple New macOS Tahoe Feature Warns Users on ClickFix Attacks&lt;br/&gt;&lt;br/&gt;Apple has introduced a new security mechanism in the macOS Tahoe 26.4 release candidate to protect users against social engineering campaigns known as ClickFix attacks. Discovered by users testing the latest OS build and highlighted in a popular Reddit post on r/MacOSBeta, the undocumented feature actively blocks the execution of potentially malicious commands pasted into […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/clickfix-protection-macos-tahoe-26-4/&#34;&gt;https://cybersecuritynews.com/clickfix-protection-macos-tahoe-26-4/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/clickfix-protection-macos-tahoe-26-4/&#34;&gt;https://cybersecuritynews.com/clickfix-protection-macos-tahoe-26-4/&lt;/a&gt;
    </content>
    <updated>2026-03-31T09:03:54Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsyefj0uj6sz299njwxp0ezgq87wccpnx63ua5n0rc8ulgpe7mz50qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwpmlxux</id>
    
      <title type="html">CISA Warns of Citrix NetScaler Vulnerability Actively Exploited ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsyefj0uj6sz299njwxp0ezgq87wccpnx63ua5n0rc8ulgpe7mz50qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwpmlxux" />
    <content type="html">
      CISA Warns of Citrix NetScaler Vulnerability Actively Exploited in Attacks&lt;br/&gt;&lt;br/&gt;The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical vulnerability affecting Citrix NetScaler products. Identified as CVE-2026-3055, this security flaw has been officially added to CISA’s Known Exploited Vulnerabilities (KEV) catalog following confirmed evidence of active exploitation in the wild. Network defenders and system administrators are urged to take […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/citrix-netscaler-vulnerability-exploited/&#34;&gt;https://cybersecuritynews.com/citrix-netscaler-vulnerability-exploited/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/citrix-netscaler-vulnerability-exploited/&#34;&gt;https://cybersecuritynews.com/citrix-netscaler-vulnerability-exploited/&lt;/a&gt;
    </content>
    <updated>2026-03-31T08:58:33Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsgdg8kk3qwf2vtwzgu732faunsje7jtntngdg36zv9zfu5na7d8jczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw8lwadp</id>
    
      <title type="html">Cybercriminals Abuse IRS and Tax Filing Lures to Push Malware in ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsgdg8kk3qwf2vtwzgu732faunsje7jtntngdg36zv9zfu5na7d8jczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw8lwadp" />
    <content type="html">
      Cybercriminals Abuse IRS and Tax Filing Lures to Push Malware in New Campaigns&lt;br/&gt;&lt;br/&gt;Tax season brings a reliable wave of phishing attacks, but 2026 has already shown a bigger and more organized push than in previous years. Cybercriminals are actively impersonating the Internal Revenue Service (IRS), national tax authorities, and company HR departments to trick people into installing malware or handing over login credentials. Over a hundred campaigns […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/cybercriminals-abuse-irs-and-tax-filing-lures/&#34;&gt;https://cybersecuritynews.com/cybercriminals-abuse-irs-and-tax-filing-lures/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/cybercriminals-abuse-irs-and-tax-filing-lures/&#34;&gt;https://cybersecuritynews.com/cybercriminals-abuse-irs-and-tax-filing-lures/&lt;/a&gt;
    </content>
    <updated>2026-03-31T08:37:40Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsws4a7hejly55l9ama5akqcj4dn5awgwvu7umtdscgzthduwvgyeszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwfwdcmt</id>
    
      <title type="html">Hackers Deploy RoadK1ll Pivoting Malware to Turn Compromised ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsws4a7hejly55l9ama5akqcj4dn5awgwvu7umtdscgzthduwvgyeszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwfwdcmt" />
    <content type="html">
      Hackers Deploy RoadK1ll Pivoting Malware to Turn Compromised Hosts Into Network Relays&lt;br/&gt;&lt;br/&gt;A new piece of malware called RoadK1ll has been found silently converting compromised machines into controllable network relay points. Unlike most malware that arrives loaded with commands and attack tools, RoadK1ll is deliberately lean, built around one goal: giving attackers a reliable and silent path deeper into a network after initial compromise. That narrow focus […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/hackers-deploy-roadk1ll-pivoting-malware/&#34;&gt;https://cybersecuritynews.com/hackers-deploy-roadk1ll-pivoting-malware/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/hackers-deploy-roadk1ll-pivoting-malware/&#34;&gt;https://cybersecuritynews.com/hackers-deploy-roadk1ll-pivoting-malware/&lt;/a&gt;
    </content>
    <updated>2026-03-31T07:41:27Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs2j3af4h4nns6u7hez09u75fahh6z86vrkspkh7ycvd26tyu2gqugzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwm7jghe</id>
    
      <title type="html">Notepad&#43;&#43; v8.9.3 Released Addressing cURL Security Vulnerability ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs2j3af4h4nns6u7hez09u75fahh6z86vrkspkh7ycvd26tyu2gqugzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwm7jghe" />
    <content type="html">
      Notepad&#43;&#43; v8.9.3 Released Addressing cURL Security Vulnerability and Crash Issues&lt;br/&gt;&lt;br/&gt;Notepad&#43;&#43; has officially released version 8.9.3, delivering critical security patches, structural performance enhancements, and resolutions for persistent crash issues. This update finalizes the text editor’s transition to a highly optimized XML parser, addressing multiple recent regressions while fortifying the application’s auto-update mechanism against documented vulnerabilities. Notepad&#43;&#43; v8.9.3 Release The most notable security implementation in version […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/notepad-v8-9-3-released/&#34;&gt;https://cybersecuritynews.com/notepad-v8-9-3-released/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/notepad-v8-9-3-released/&#34;&gt;https://cybersecuritynews.com/notepad-v8-9-3-released/&lt;/a&gt;
    </content>
    <updated>2026-03-31T04:09:17Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsqclhlm2pum3hfapeht8hvf325m56p7gza7a7wqzsdv36cva77azczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwc4l6td</id>
    
      <title type="html">Axios NPM Packages Compromised to Inject Malicious Codes in an ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsqclhlm2pum3hfapeht8hvf325m56p7gza7a7wqzsdv36cva77azczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwc4l6td" />
    <content type="html">
      Axios NPM Packages Compromised to Inject Malicious Codes in an Active Supply Chain Attack&lt;br/&gt;&lt;br/&gt;A sophisticated supply chain attack has targeted Axios, one of the most heavily adopted HTTP clients within the JavaScript ecosystem, by introducing a malicious transitive dependency into the official npm registry. Serving as a critical component across frontend frameworks, backend microservices, and enterprise applications, Axios records approximately 83 million weekly downloads on npm. The compromise […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/axios-npm-packages-compromised/&#34;&gt;https://cybersecuritynews.com/axios-npm-packages-compromised/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/axios-npm-packages-compromised/&#34;&gt;https://cybersecuritynews.com/axios-npm-packages-compromised/&lt;/a&gt;
    </content>
    <updated>2026-03-31T03:39:45Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsxfpds7a2ugrkuyvnq965fk5p8pef6g368q00zqf7lecx4530vrgszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwwqkpp2</id>
    
      <title type="html">Claude AI Discovers Zero-Day RCE Vulnerabilities in Vim and Emacs ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsxfpds7a2ugrkuyvnq965fk5p8pef6g368q00zqf7lecx4530vrgszyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwwqkpp2" />
    <content type="html">
      Claude AI Discovers Zero-Day RCE Vulnerabilities in Vim and Emacs&lt;br/&gt;&lt;br/&gt;Anthropic’s Claude AI successfully discovered zero-day Remote Code Execution (RCE) flaws in both Vim and GNU Emacs. The discoveries highlight a massive paradigm shift in bug hunting, demonstrating that AI models can uncover critical vulnerabilities in legacy software with simple natural-language prompts. The Vim RCE: Compromise Upon File Open The research initiative began with a […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/claude-ai-0-day-rce-vim/&#34;&gt;https://cybersecuritynews.com/claude-ai-0-day-rce-vim/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/claude-ai-0-day-rce-vim/&#34;&gt;https://cybersecuritynews.com/claude-ai-0-day-rce-vim/&lt;/a&gt;
    </content>
    <updated>2026-03-31T03:24:06Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsghhcz62ytg7n40un99l5twvsmxyqvwf2y5mn54jz56gesym7ne6szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwn3t4mk</id>
    
      <title type="html">12 Best AWS Monitoring Tools in 2026 Amazon Web Services (AWS) is ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsghhcz62ytg7n40un99l5twvsmxyqvwf2y5mn54jz56gesym7ne6szyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwn3t4mk" />
    <content type="html">
      12 Best AWS Monitoring Tools in 2026&lt;br/&gt;&lt;br/&gt;Amazon Web Services (AWS) is a cloud computing platform for businesses of all sizes and types. AWS’s architecture is robust and scalable, but dependability, performance, and security must be monitored. These aims guide AWS’s monitoring tools and services, which help you understand your cloud infrastructure and applications, analyze data, identify outliers, and maintain smooth operations. […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/best-aws-monitoring-tools/&#34;&gt;https://cybersecuritynews.com/best-aws-monitoring-tools/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/best-aws-monitoring-tools/&#34;&gt;https://cybersecuritynews.com/best-aws-monitoring-tools/&lt;/a&gt;
    </content>
    <updated>2026-03-30T18:08:15Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsy5tlt9hzdflces3saqx8pqtf3tzq00vjl25l5jdxc5mw22w7ufkgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwtggq35</id>
    
      <title type="html">Exposed Server Reveals TheGentlemen Ransomware Toolkit, Victim ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsy5tlt9hzdflces3saqx8pqtf3tzq00vjl25l5jdxc5mw22w7ufkgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwtggq35" />
    <content type="html">
      Exposed Server Reveals TheGentlemen Ransomware Toolkit, Victim Credentials, and Ngrok Tokens&lt;br/&gt;&lt;br/&gt;A misconfigured server hosted on a Russian bulletproof hosting provider has exposed the complete operational toolkit of a TheGentlemen ransomware affiliate, including harvested victim credentials and plaintext authentication tokens used to establish hidden remote access tunnels. TheGentlemen ransomware group operates as a Ransomware-as-a-Service, or RaaS, operation where affiliates carry out attacks using shared tools and […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/exposed-server-reveals-thegentlemen-ransomware-toolkit/&#34;&gt;https://cybersecuritynews.com/exposed-server-reveals-thegentlemen-ransomware-toolkit/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/exposed-server-reveals-thegentlemen-ransomware-toolkit/&#34;&gt;https://cybersecuritynews.com/exposed-server-reveals-thegentlemen-ransomware-toolkit/&lt;/a&gt;
    </content>
    <updated>2026-03-30T17:30:34Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsq08ujp60c5r8er0gy397udayhctc5vv9r3ly9dw0pfccppt05huczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwpmmxvg</id>
    
      <title type="html">North Korean IT Worker Allegedly Used Stolen Identity and AI ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsq08ujp60c5r8er0gy397udayhctc5vv9r3ly9dw0pfccppt05huczyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwpmmxvg" />
    <content type="html">
      North Korean IT Worker Allegedly Used Stolen Identity and AI Resume in Job Application Scam&lt;br/&gt;&lt;br/&gt;A suspected North Korean operative tried to sneak into a remote job at a cybersecurity firm by using a stolen identity, a fake AI-generated resume, and a VoIP phone number. The case, uncovered in June 2025, shows how North Korea’s state-sponsored IT worker scheme has grown more sophisticated and harder to spot without proper screening. […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/north-korean-it-worker-allegedly-used-stolen-identity/&#34;&gt;https://cybersecuritynews.com/north-korean-it-worker-allegedly-used-stolen-identity/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/north-korean-it-worker-allegedly-used-stolen-identity/&#34;&gt;https://cybersecuritynews.com/north-korean-it-worker-allegedly-used-stolen-identity/&lt;/a&gt;
    </content>
    <updated>2026-03-30T16:52:39Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsd7gptmx4wgat82kgwwlruau9qysfh04shvp0yqlfeg2scnjtu3qgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwv7mlm9</id>
    
      <title type="html">CrySome RAT Emerges as Advanced .NET Malware With AV Killer and ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsd7gptmx4wgat82kgwwlruau9qysfh04shvp0yqlfeg2scnjtu3qgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwv7mlm9" />
    <content type="html">
      CrySome RAT Emerges as Advanced .NET Malware With AV Killer and HVNC Capabilities&lt;br/&gt;&lt;br/&gt;A new and dangerous piece of malware has surfaced in the threat landscape, and it is built to stay hidden, stay running, and stay in control of any system it infects. CrySome RAT is written in C# and targets the .NET ecosystem, giving attackers complete remote control over compromised Windows machines. From stealing passwords and […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/crysome-rat-emerges-as-advanced-net-malware/&#34;&gt;https://cybersecuritynews.com/crysome-rat-emerges-as-advanced-net-malware/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/crysome-rat-emerges-as-advanced-net-malware/&#34;&gt;https://cybersecuritynews.com/crysome-rat-emerges-as-advanced-net-malware/&lt;/a&gt;
    </content>
    <updated>2026-03-30T16:30:44Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsd4yht4udjzstj66rgwe0s4fu0ucl7mt743z4v6sdahpcwsvhaqeqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwx98a3p</id>
    
      <title type="html">New ClickFix Variant Uses Rundll32 and WebDAV to Evade PowerShell ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsd4yht4udjzstj66rgwe0s4fu0ucl7mt743z4v6sdahpcwsvhaqeqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwx98a3p" />
    <content type="html">
      New ClickFix Variant Uses Rundll32 and WebDAV to Evade PowerShell Detection&lt;br/&gt;&lt;br/&gt;A new and more dangerous version of the ClickFix attack technique has been found actively targeting Windows users. Unlike older versions that used PowerShell or mshta to run malicious commands, this new variant takes a different path. It uses rundll32.exe and WebDAV, two built-in Windows components, to quietly deliver and execute harmful payloads without triggering […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/new-clickfix-variant-uses-rundll32/&#34;&gt;https://cybersecuritynews.com/new-clickfix-variant-uses-rundll32/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/new-clickfix-variant-uses-rundll32/&#34;&gt;https://cybersecuritynews.com/new-clickfix-variant-uses-rundll32/&lt;/a&gt;
    </content>
    <updated>2026-03-30T16:01:26Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsgs5vckl7xh9z62wu3g2gwkr44nj3c94pchcqsavv202ksm5gzmrgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwypfq55</id>
    
      <title type="html">New Homoglyph Attack Techniques Help Cybercriminals Spoof Trusted ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsgs5vckl7xh9z62wu3g2gwkr44nj3c94pchcqsavv202ksm5gzmrgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwypfq55" />
    <content type="html">
      New Homoglyph Attack Techniques Help Cybercriminals Spoof Trusted Domains&lt;br/&gt;&lt;br/&gt;Cybercriminals have found a clever way to trick people by swapping real letters in website addresses with characters that look almost the same. These are called homoglyph attacks, and they are becoming a growing problem across the internet. A single character swap — like replacing a Latin “o” with a Greek omicron — can fool […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/new-homoglyph-attack-techniques/&#34;&gt;https://cybersecuritynews.com/new-homoglyph-attack-techniques/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/new-homoglyph-attack-techniques/&#34;&gt;https://cybersecuritynews.com/new-homoglyph-attack-techniques/&lt;/a&gt;
    </content>
    <updated>2026-03-30T14:28:09Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsy0pdfr6q4s4p439kq4g0tcjhsxm0xkfpu502wmjw0l9l499ud76qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwhs3qvv</id>
    
      <title type="html">Open VSX’s New Scanner Vulnerability Allows Malicious Extension ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsy0pdfr6q4s4p439kq4g0tcjhsxm0xkfpu502wmjw0l9l499ud76qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwhs3qvv" />
    <content type="html">
      Open VSX’s New Scanner Vulnerability Allows Malicious Extension Goes Live&lt;br/&gt;&lt;br/&gt;A serious security flaw was recently found in Open VSX, the extension marketplace used by popular code editors like Cursor and Windsurf, as well as the broader VS Code fork ecosystem. The vulnerability was found inside the platform’s newly introduced pre-publish scanning pipeline, a security layer built to check every extension before it becomes available […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/open-vsxs-new-scanner-vulnerability/&#34;&gt;https://cybersecuritynews.com/open-vsxs-new-scanner-vulnerability/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/open-vsxs-new-scanner-vulnerability/&#34;&gt;https://cybersecuritynews.com/open-vsxs-new-scanner-vulnerability/&lt;/a&gt;
    </content>
    <updated>2026-03-30T13:58:51Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsrg4jpy3u0253f5l02p63t8rgxg56ycmaesnn94qu5vw6aewh94ggzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwe3cary</id>
    
      <title type="html">BlankGrabber Stealer Uses Fake Certificate Loader to Hide Malware ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsrg4jpy3u0253f5l02p63t8rgxg56ycmaesnn94qu5vw6aewh94ggzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwe3cary" />
    <content type="html">
      BlankGrabber Stealer Uses Fake Certificate Loader to Hide Malware Delivery Chain&lt;br/&gt;&lt;br/&gt;A Python-based information stealer known as BlankGrabber has been caught using a deceptive certificate loader trick to hide a multi-stage malware delivery chain. First identified in 2023, this threat has grown more complex over time and keeps targeting everyday users through widely used online platforms. BlankGrabber is designed to steal as much sensitive data as […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/blankgrabber-stealer-uses-fake-certificate-loader/&#34;&gt;https://cybersecuritynews.com/blankgrabber-stealer-uses-fake-certificate-loader/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/blankgrabber-stealer-uses-fake-certificate-loader/&#34;&gt;https://cybersecuritynews.com/blankgrabber-stealer-uses-fake-certificate-loader/&lt;/a&gt;
    </content>
    <updated>2026-03-30T13:11:55Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsp2cwmndf4zxnv4da0sfdwxgvgyply33gs9qqadqjvq6aqqzye0pqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwhvcs9q</id>
    
      <title type="html">Stored XSS Bug in Jira Work Management Could Lead to Full ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsp2cwmndf4zxnv4da0sfdwxgvgyply33gs9qqadqjvq6aqqzye0pqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwhvcs9q" />
    <content type="html">
      Stored XSS Bug in Jira Work Management Could Lead to Full Organization Takeover&lt;br/&gt;&lt;br/&gt;A popular collaboration tool within the Atlassian ecosystem is widely used by organizations to track projects, manage approvals, and manage daily tasks. Recently, security researchers at Snapsec uncovered a critical Stored Cross-Site Scripting (XSS) vulnerability within the platform. By exploiting a seemingly low-risk configuration field, the team demonstrated how a low-privileged user could achieve a full […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/stored-xss-bug-in-jira-work-management/&#34;&gt;https://cybersecuritynews.com/stored-xss-bug-in-jira-work-management/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/stored-xss-bug-in-jira-work-management/&#34;&gt;https://cybersecuritynews.com/stored-xss-bug-in-jira-work-management/&lt;/a&gt;
    </content>
    <updated>2026-03-30T12:42:10Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqswttt82mul4jtjatj8x85v4ccu896qyfnvc6n507dpj3vltteyf9czyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw5dx6lj</id>
    
      <title type="html">CanisterWorm Malware Attacking Docker/K8s/Redis to Gain Access ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqswttt82mul4jtjatj8x85v4ccu896qyfnvc6n507dpj3vltteyf9czyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kw5dx6lj" />
    <content type="html">
      CanisterWorm Malware Attacking Docker/K8s/Redis to Gain Access and Steal Secrets&lt;br/&gt;&lt;br/&gt;A financially motivated cybercrime group has been quietly compromising cloud environments since late 2025, and its activities are now drawing serious concern across the security community. The group, known as TeamPCP, operates a self-propagating worm called CanisterWorm that hunts for poorly secured Docker APIs, Kubernetes clusters, Redis servers, and systems vulnerable to the React2Shell flaw. […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/canisterworm-malware-attacking-docker/&#34;&gt;https://cybersecuritynews.com/canisterworm-malware-attacking-docker/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/canisterworm-malware-attacking-docker/&#34;&gt;https://cybersecuritynews.com/canisterworm-malware-attacking-docker/&lt;/a&gt;
    </content>
    <updated>2026-03-30T12:29:26Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs83yu5n0ac3tl2msgw0m6epfqh9v79mtag6qdu4vj6ax3hdaajzcgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkmgvyy</id>
    
      <title type="html">Iran-Linked Botnet Exposed After Open Directory Leak Reveals ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs83yu5n0ac3tl2msgw0m6epfqh9v79mtag6qdu4vj6ax3hdaajzcgzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwkmgvyy" />
    <content type="html">
      Iran-Linked Botnet Exposed After Open Directory Leak Reveals 15-Node Relay Network&lt;br/&gt;&lt;br/&gt;A threat actor with ties to Iran has had their entire working infrastructure exposed after carelessly leaving an open directory on their own staging server, handing researchers a rare look into a live botnet operation. The leak revealed a 15-node relay network, a mass SSH deployment framework, DDoS tooling compiled on victim machines, and a […]&lt;br/&gt;&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/iran-linked-botnet-exposed-after-open-directory-leak/&#34;&gt;https://cybersecuritynews.com/iran-linked-botnet-exposed-after-open-directory-leak/&lt;/a&gt; appeared first on &lt;a href=&#34;https://cybersecuritynews.com&#34;&gt;https://cybersecuritynews.com&lt;/a&gt;.&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/iran-linked-botnet-exposed-after-open-directory-leak/&#34;&gt;https://cybersecuritynews.com/iran-linked-botnet-exposed-after-open-directory-leak/&lt;/a&gt;
    </content>
    <updated>2026-03-19T08:49:01Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsd76k3v73tcxzrlp0w0m3cm9nlu8lztuwehjg436ddpcjnfay9y8qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwugtqpa</id>
    
      <title type="html">Chrome Zero-Day Vulnerabilities Actively Exploited in the Wild to ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsd76k3v73tcxzrlp0w0m3cm9nlu8lztuwehjg436ddpcjnfay9y8qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwugtqpa" />
    <content type="html">
      Chrome Zero-Day Vulnerabilities Actively Exploited in the Wild to Execute Malicious Code&lt;br/&gt;&lt;br/&gt;Google has released an urgent security update for its Chrome browser after confirming that two high-severity zero-day vulnerabilities are being actively exploited in the wild. The stable channel has been updated to version 146.0.7680.75/76 for Windows and macOS, and 146.0.7680.75 for Linux, with the rollout expected to reach users over the coming days and weeks. […]&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/chrome-zero-day-vulnerabilities-actively-exploited/&#34;&gt;https://cybersecuritynews.com/chrome-zero-day-vulnerabilities-actively-exploited/&lt;/a&gt;&lt;br/&gt;.&lt;br/&gt;&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/chrome-zero-day-vulnerabilities-actively-exploited/&#34;&gt;https://cybersecuritynews.com/chrome-zero-day-vulnerabilities-actively-exploited/&lt;/a&gt;
    </content>
    <updated>2026-03-13T07:26:57Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqsqkezey3r9ete20jahcm4gmv98wn68u2wkhnnfvlf8mpk0fkta6aqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwvtammv</id>
    
      <title type="html">OpenSSH GSSAPI Vulnerability Allow Attacker to Crash SSH Child ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqsqkezey3r9ete20jahcm4gmv98wn68u2wkhnnfvlf8mpk0fkta6aqzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwvtammv" />
    <content type="html">
      OpenSSH GSSAPI Vulnerability Allow Attacker to Crash SSH Child Processes&lt;br/&gt;&lt;br/&gt;A significant vulnerability in the GSSAPI Key Exchange patch was applied by numerous Linux distributions on top of their OpenSSH packages. The flaw, tracked as CVE-2026-3497, was uncovered by security researcher Jeremy Brown. It allows an attacker to crash SSH child processes reliably and potentially violates privilege separation boundaries, all with a single crafted network […]&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/openssh-gssapi-vulnerability/&#34;&gt;https://cybersecuritynews.com/openssh-gssapi-vulnerability/&lt;/a&gt;&lt;br/&gt;.&lt;br/&gt;&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/openssh-gssapi-vulnerability/&#34;&gt;https://cybersecuritynews.com/openssh-gssapi-vulnerability/&lt;/a&gt;
    </content>
    <updated>2026-03-13T03:21:00Z</updated>
  </entry>

  <entry>
    <id>https://nostr.ae/nevent1qqs0rdcqtqmt34gd653zh6apuwyf746aw7tmrmrp8qmazec8q2wvf2qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwh0mumz</id>
    
      <title type="html">Meta Launches New Anti-Scam Tools on WhatsApp, Facebook and ...</title>
    
    <link rel="alternate" href="https://nostr.ae/nevent1qqs0rdcqtqmt34gd653zh6apuwyf746aw7tmrmrp8qmazec8q2wvf2qzyzyxpv25n092hek27wnqzqae5wdcpt2wsclpjdd79hlyy7k8l57kwh0mumz" />
    <content type="html">
      Meta Launches New Anti-Scam Tools on WhatsApp, Facebook and Messenger&lt;br/&gt;&lt;br/&gt;Meta has launched a suite of advanced anti-scam tools across WhatsApp, Facebook, and Messenger to combat the growing industrialization of online fraud. These new defenses combine artificial intelligence, behavioral alerts, and global law enforcement partnerships to protect users proactively. To protect users from evolving social engineering tactics, Meta introduced specific warning mechanisms across its ecosystem. […]&lt;br/&gt;The post &lt;a href=&#34;https://cybersecuritynews.com/meta-new-anti-scam-tools/&#34;&gt;https://cybersecuritynews.com/meta-new-anti-scam-tools/&lt;/a&gt;&lt;br/&gt;.&lt;br/&gt;&lt;br/&gt;&lt;br/&gt;&lt;a href=&#34;https://cybersecuritynews.com/meta-new-anti-scam-tools/&#34;&gt;https://cybersecuritynews.com/meta-new-anti-scam-tools/&lt;/a&gt;
    </content>
    <updated>2026-03-13T02:14:01Z</updated>
  </entry>

</feed>