TeamPCP leverages its established infrastructure for a geographically targeted wiper attack in which CanisterWorm deletes data on systems configured for Iran.
Microsoft will update its Edge browser to stop loading stored passwords in memory at startup, following pressure from security researchers and customers, despite initially defending the practice.
The REMUS infostealer is operated like a professional software company, with continuous updates, customer-focused service, and scaling objectives; research shows that underground MaaS operations are adopting modern business practices to ensure persistence and revenue generation.
Two security vulnerabilities (CVE-2023-3153 and CVE-2026-4798) in the Avada Builder WordPress plugin enable attackers to read configuration files with database access credentials or extract password hashes via SQL injection.
Germany’s BKA has identified hacker “UNKN” as Daniil Maksimovich Shchukin – the leader of ransomware gangs REvil and GandCrab. Together with an accomplice, the 31-year-old is believed to have conducted at least 130 cyberattacks in Germany and stolen nearly two million euros.
The npm package node-ipc was compromised with credential-stealing malware; the tampered versions 9.1.6, 9.2.3, and 12.0.1 steal cloud credentials, SSH keys, and sensitive files via DNS exfiltration, likely due to a compromised maintainer account.
Russian military intelligence compromised over 18,000 outdated routers through DNS manipulation to steal Microsoft Office tokens, primarily targeting government organizations worldwide, without using malware—only exploiting known security vulnerabilities.
Microsoft Patch Tuesday April 2026 with 167 vulnerabilities, including the actively exploited SharePoint zero-day CVE-2026-32201, reflects likely volume increase in vulnerability discovery driven by advanced AI capabilities.
A leading hacker from the Scattered Spider group admitted to conducting extensive SMS phishing attacks and SIM swaps that stole at least 8 million dollars from cryptocurrency investors.
An unprotected security vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject a payment card skimmer into WooCommerce checkout pages and steal credit card data and CVV codes.
Microsoft is blocking CVE assignment for a CERT-confirmed Azure Backup vulnerability with privilege escalation potential, despite documentation suggesting a retroactive fix was applied.
Brazilian DDoS protection company Huge Networks allegedly operated a botnet for years carrying out large-scale attacks on other ISPs, uncovered through leaked files and the company founder’s SSH keys.