Sonatype Discovers Two Malicious npm Packages
Sonatype Security Research has identified a potential compromise of a trusted npm maintainer account that has now published two...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
Speagle Malware Hijacks Cobra DocGuard to Steal Data via Compromised Servers
Ravie LakshmananMar 19, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have flagged a new malware dubbed Speagle that hijacks the...
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known...
Android devices ship with firmware-level malware
In late February 2026, SophosLabs analysts identified multiple detections on Android devices for malicious activity associated with the Keenadu backdoor....
How can Agentic AI help your business stay ahead
Are Businesses Truly Prepared for the Challenges Presented by Machine Identities? Cybersecurity is constantly evolving, and one of the...
When Do We Actually Need a Kubernetes Platform Team?
Many teams start by running Kubernetes with a few enthusiastic engineers and some shared clusters. As those clusters become...
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Cisco FMC and Cisco SCC Firewall Management to its Known Exploited Vulnerabilities catalog Pierluigi...
Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376
Russian APT targets Ukraine via Zimbra XSS flaw CVE-2025-66376 Pierluigi Paganini March 19, 2026 Russian APT exploits a critical XSS...
DarkSword emerges as powerful iOS exploit tool in global attacks
DarkSword emerges as powerful iOS exploit tool in global attacks Pierluigi Paganini March 19, 2026 DarkSword, a new iOS exploit...
News alert: SpyCloud study reveal stolen tokens, session data fuel surge in non-human identity attacks
AUSTIN, Texas, Mar. 19, 2026, CyberNewswire—SpyCloud, the leader in identity threat protection, today released its annual 2026 Identity Exposure...
Jeremy Snyder talks AI Governance on Security Weekly – FireTail Blog
The speed of AI adoption is unlike any tech shift we’ve seen before. While the transition to SaaS and...
PowerShell Is a Security Risk – Here’s How to Fix It
If you run a Windows environment, you already know how critical PowerShell is. It’s the backbone of modern administration, used for...
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
Ravie LakshmananMar 19, 2026Cybersecurity / Hacking News ThreatsDay Bulletin is back on The Hacker News, and this week feels off...
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
Ravie LakshmananMar 19, 2026Malware / Mobile Security Cybersecurity researchers have disclosed a new Android malware family called Perseus that's being...
Copyright Lures Mask a Multi‑Stage PureLog Stealer Attack on Key Industries
The infection begins when the victim manually executes a file disguised as a legal notice: Dokumentation über Verstöße gegen Rechte...
