WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites
Ravie LakshmananMar 26, 2026Malware / Web Security Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels...
Hacking
Category Added in a WPeMatico Campaign
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
Ravie LakshmananMar 25, 2026Cybercrime / Dark Web The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian...
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
Ravie LakshmananMar 25, 2026Browser Security / Threat Intelligence Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that...
The Kill Chain Is Obsolete When Your AI Agent Is the Threat
In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber...
Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
The Hacker NewsMar 25, 2026Cybercrime / Ransomware The U.S. Department of Justice (DoJ) said a Russian national has been sentenced...
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Cybersecurity researchers are calling attention to an active device code phishing campaign that's targeting Microsoft 365 identities across more than...
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
Ravie LakshmananMar 25, 2026Network Security / Data Protection The U.S. Federal Communications Commission (FCC) said on Monday that it was...
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise
TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named...
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
Ravie LakshmananMar 24, 2026Endpoint Security / Social Engineering A large-scale malvertising campaign active since January 2026 has been observed targeting...
Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive...
5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
On February 25, 2026, Gartner published its inaugural Market Guide for Guardian Agents, marking an important milestone for this emerging...
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known...
The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills
The Hacker NewsMar 24, 2026Security Operations / Network Security Cybersecurity has changed fast. Roles are more specialized, and tooling is more...
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
Ravie LakshmananMar 24, 2026Cybercrime / Network Security A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years...
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware...
