Latest Cybersecurity News and Articles
18 April 2026
Threat actors are reusing Tycoon 2FA tools across other phishing kits following the platform’s disruption.
The post Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks appeared first on SecurityWeek.
18 April 2026
Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western intelligence agencies for a $13.74 million hack.
The exchange said it fell victim to what it described as a large-scale cyber attack that bore hallmarks of foreign intelligence agency involvement. This attack led to the theft of over 1
18 April 2026
Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42.
The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability affecting
17 April 2026
A White House official said the administration is engaging with advanced AI labs about their models and the security of software.
The post White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology appeared first on SecurityWeek.
17 April 2026
CoChat is fundamentally an AI collaboration platform designed for teamwork and to bring visibility and governance into enterprise AI shadows.
The post CoChat Launches AI Collaboration Platform to Combat Shadow AI appeared first on SecurityWeek.
17 April 2026
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Apr. 17, 2026 – Listen to the podcast episode Kerem Albayrak from north London threatened to wipe 319 million accounts unless Apple gave him iTunes gift cards worth $100,000 (£76,000), BBC reported in a
The post He Pled Guilty To Blackmailing Apple. What Really Happened. appeared first on Cybercrime Magazine.
17 April 2026
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems.
The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse (
17 April 2026
Other noteworthy stories that might have slipped under the radar: ShinyHunters targets Rockstar Games, ShowDoc vulnerability exploited in the wild, and EPA to boost cybersecurity budget to $19 million.
The post In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested appeared first on SecurityWeek.
17 April 2026
Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9 million accounts in 2025.
The new policy updates relate to contact and location permissions in Android, allowing third-party apps to access the contact lists and a user's location in
17 April 2026
Kamerin Stokes sold stolen credentials through an online marketplace even after pleading guilty to his role in the DraftKings attack.
The post Another DraftKings Hacker Sentenced to Prison appeared first on SecurityWeek.
17 April 2026
Thursday’s discussion comes as leaders on Capitol Hill grapple with the dizzying pace of global developments in which technology plays a central role.
The post Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed appeared first on SecurityWeek.
17 April 2026
The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April.
The post Recent Apache ActiveMQ Vulnerability Exploited in the Wild appeared first on SecurityWeek.
17 April 2026
Kejia Wang and Zhenxing Wang compromised the identities of dozens of US persons to help land jobs at over 100 companies.
The post Two North Korean IT Worker Scheme Facilitators Jailed in the US appeared first on SecurityWeek.
17 April 2026
The malware is configured to operate on systems associated with Israeli water treatment and desalination plants.
The post ZionSiphon Malware Targets ICS in Water Facilities appeared first on SecurityWeek.
17 April 2026
An indirect prompt injection could be chained with a sandbox bypass and Cursor’s remote tunnel feature for shell access to machines.
The post Cursor AI Vulnerability Exposed Developer Devices appeared first on SecurityWeek.
17 April 2026
The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions.
"CVEs that do not meet those criteria will still be listed in the NVD but will not
17 April 2026
Authorities in 21 countries participated in a coordinated action against DDoS-for-hire services.
The post 53 DDoS Domains Taken Down by Law Enforcement appeared first on SecurityWeek.
17 April 2026
An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000 cybercriminals.
The ongoing effort, dubbed Operation PowerOFF, disrupted access to the DDoS-for-hire services, took down the technical infrastructure supporting them, and obtained access to
16 April 2026
A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
To that end, the agency has added the vulnerability, tracked as CVE-2026-34197 (CVSS score: 8.8), to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian
16 April 2026
Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025.
"PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to the C2 server, to evade the network signature detections," Cisco Talos