CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access
CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access Pierluigi Paganini April 03, 2026 CrystalX RAT, a new...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
Randall Munroe’s XKCD ‘Amperage’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink *** This is a Security...
Meet Vespasian. It Sees What Static Analysis Can’t.
Praetorian is excited to announce the release of Vespasian, a probabilistic API endpoint discovery, enumeration, and analysis tool. Vespasian...
A core infrastructure engineer pleads guilty to federal charges in insider attack
Critically, he argued that the use of various tools should be instantly flagged as concerning. “Instrument Task Scheduler, PsExec, PsPasswd,...
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal...
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Ravie LakshmananApr 03, 2026Linux / Server Hardening Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web...
AI Security Risks: Proofpoint CSO Ryan Kalember, Live at RSAC 2026
Watch the Fireside Below, or Click HERE:Tech Edge hosted a fireside chat on March 25 at RSA Conference 2026 in...
15 Top Cybersecurity CEOs On The Future Of AI Agents: RSAC 2026
CRN speaks with CEOs at leading cybersecurity vendors—including CrowdStrike, SentinelOne and Netskope—about where they see AI agents heading next and...
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
While the immediate threat is the social engineering campaign delivering Vidar, the leaked source code itself presents a distinct and...
Android Alert: 50 Google Play Apps Linked to ‘NoVoice’ Malware Reached 2.3M Downloads
Image: Luis Andrés Villalón Vega/Unsplash Hackers didn’t sneak past Google Play’s defenses. They walked right through the front door. Downloaded...
FBI Declares Surveillance System Breach a ‘Major Incident’
Image: Kim Raff/NYT/Redux The Federal Bureau of Investigation has formally classified a China-linked breach of one of its internal surveillance...
AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech
Image created with ChatGPT From record AI funding and multimodal model launches to malware campaigns, robotaxi failures, and fresh waves...