$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long...
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
Ravie LakshmananApr 05, 2026Malware / DevSecOps Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised...
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
Ravie LakshmananApr 05, 2026Vulnerability / API Security Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS...
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal...
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Ravie LakshmananApr 03, 2026Linux / Server Hardening Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web...
UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
Ravie LakshmananApr 03, 2026Threat Intelligence / Malware The maintainer of the Axios npm package has confirmed that the supply chain compromise...
Why Third-Party Risk Is the Biggest Gap in Your Clients’ Security Posture
The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS...
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Ravie LakshmananApr 03, 2026Mobile Security / Threat Intelligence Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple...
Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that...
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
Ravie LakshmananApr 02, 2026Vulnerability / Threat Intelligence A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection...
