Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
Ravie LakshmananApr 27, 2026 Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed...
Hacking
Category Added in a WPeMatico Campaign
⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More
Ravie LakshmananApr 27, 2026Cybersecurity / Hacking Everything is dumb again. This week feels broken in a very familiar way. Old...
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren’t Ready for the Remediation Side
Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a powerful cybersecurity-focused AI...
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in...
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Ravie LakshmananApr 27, 2026Malware / Software Supply Chain Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code)...
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users...
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran's...
CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
Ravie LakshmananApr 25, 2026Network Security / Infrastructure Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four...
CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
Ravie LakshmananApr 25, 2026Network Security / Infrastructure Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four...
FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency's Cisco Firepower device running...
NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
Ravie LakshmananApr 24, 2026Espionage / National Security, The Office of Inspector General (OIG) of the U.S. National Aeronautics and Space...
Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
The AI Agent Authority Gap - From Ungoverned to Delegation As discussed in our previous article, AI agents are exposing...
26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in...
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
Ravie LakshmananApr 24, 2026Malware / Threat Intelligence Chinese-speaking individuals are the target of a new campaign that uses a trojanized...
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation...
