• admin
• Attack
• BitFlips
• abril 7, 2026
• 0 Comentarios

New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips

New academic research has identified multiple RowHammer attacks against high-performance graphics processing units (GPUs) that could be exploited to escalate privileges and, in some cases, even take full control of…

Continue reading

• admin
• ChinaLinked
• Deploy
• abril 7, 2026
• 0 Comentarios

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

Ravie LakshmananApr 07, 2026Vulnerability / Threat Intelligence A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to…

Continue reading

• admin
• Active
• Agent
• abril 7, 2026
• 0 Comentarios

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

Ravie LakshmananApr 07, 2026Artificial Intelligence / Vulnerability Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck. The…

Continue reading

• admin
• Campaign
• IranLinked
• abril 6, 2026
• 0 Comentarios

Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing,…

Continue reading

• admin
• Attacks
• DPRKLinked
• abril 6, 2026
• 0 Comentarios

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

Ravie LakshmananApr 06, 2026Malware / Threat Intelligence Threat actors likely associated with the Democratic People’s Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) infrastructure in multi-stage attacks…

Continue reading

• admin
• 0Day
• Axios
• abril 6, 2026
• 0 Comentarios

Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Ravie LakshmananApr 06, 2026Cybersecurity / Hacking This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much…

Continue reading

• admin
• Close
• Critical
• abril 6, 2026
• 0 Comentarios

How SOCs Close a Critical Risk in 3 Steps

Your attack surface no longer lives on one operating system, and neither do the campaigns targeting it. In enterprise environments, attackers move across Windows endpoints, executive MacBooks, Linux infrastructure, and mobile devices, taking…

Continue reading

• admin
• Attackers
• Credential
• abril 6, 2026
• 0 Comentarios

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created, tested, cached, copied, and reused across services, bots, build tools, and…

Continue reading

• admin
• Disable
• Drivers
• abril 6, 2026
• 0 Comentarios

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

Ravie LakshmananApr 06, 2026Ransomware / Endpoint Security Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised…

Continue reading

• admin
• Attacks
• BKA
• abril 6, 2026
• 0 Comentarios

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

Ravie LakshmananApr 06, 2026Cybercrime / Financial Crime Germany’s Federal Criminal Police Office (aka BKA or the Bundeskriminalamt) has unmasked the real identity of the main threat actors associated with the…

Continue reading