Dark Reading
Ransomware Negotiator Pleads Guilty to BlackCat Scheme
A cautionary tale illustrates why the person negotiating should never be involved with any part of the ransom payment process, experts noted.
Senaste 1h
Senaste 6h
Senaste 24h
Senaste 7d
Senaste 30d
Endast lokalt
Analys/ledare
Endast följda källor
Snabbfilter
- 1 källor använder cache
Toppnyheter
Säkerhet
Full coverage
Flera perspektiv på samma ämne.
Dark Reading
The Hacker News
Dark Reading
The Hacker News
Poster
110
Källor
11
Senast uppdaterad
2026-04-22 10:13
NVD (National Vulnerability Database)10
SecurityWeek Vulnerabilities10
CERT-SE10
CISA KEV-katalog10
Microsoft MSRC10
Cisco PSIRT10
CVE-toppar
CVE-2023-273512
CVE-2026-57602
CVE-2009-02381
CVE-2017-201871
CVE-2017-72521
Senaste CVE
CVE-2026-1731
Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk
CVE-2026-32223
CVE-2026-32223 Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability
CVE-2026-26168
CVE-2026-26168 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2026-40372
CVE-2026-40372 ASP.NET Core Elevation of Privilege Vulnerability
CVE-2026-32288
CVE-2026-32288 Unbounded allocation for old GNU sparse in archive/tar
Fel per källa
NVD (National Vulnerability Database)NVD (National Vulnerability Database): 404, message='Not Found', url='https://nvd.nist.gov/feeds/xml/cve/misc/nvd-rss.xml'
Säkerhet
110 artiklar
Dark Reading
A cautionary tale illustrates why the person negotiating should never be involved with any part of the ransom payment process, experts noted.
1 fler källor
The Hacker News
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
2026-04-21 16:31
Dark Reading
Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are unpatched.
The Hacker News
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point,...
The Hacker News
Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data...
Dark Reading
The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to spread ransomware and compromise supply chains.
Dark Reading
The prompt injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and arbitrary code execution.
_NicoElNino_Alamy.png?disable=upscale&width=1200&height=630&fit=crop)
SecurityWeek Vulnerabilities
Angelo Martino of Florida has pleaded guilty to collaborating with the BlackCat cybercrime group while working as a ransomware negotiator. The post Third US Security Expert Admits Helping Ransomware Gang appeared...
SecurityWeek Vulnerabilities
Masquerading as popular cryptocurrency wallets, the apps can hijack recovery phrases and private keys. The post Dozens of Malicious Crypto Apps Land in Apple App Store appeared first on SecurityWeek.
Microsoft MSRC
Acknowledgement added. This is an informational change only.
Microsoft MSRC
Acknowledgement added. This is an informational change only.
Microsoft MSRC
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.
The Hacker News
Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption, regulatory...
The Hacker News
Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. "The threat actors took the...
SecurityWeek Vulnerabilities
Things are improving, but a researcher has still identified over 1,500 Perforce P4 instances allowing attackers to read files on the server. The post Unsecured Perforce Servers Expose Sensitive Data From Major Orgs...
SecurityWeek Vulnerabilities
The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass. The post Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster appeared first on...
Dark Reading
China is spying on India's financial sector, for some reason, and it's not putting much effort into it, judging by some stale TTPs.
The Hacker News
The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still...
SecurityWeek Vulnerabilities
CISA expanded the KEV catalog with eight flaws, but five of them have been flagged as exploited before. The post Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities appeared first on SecurityWeek.
SecurityWeek Vulnerabilities
Data breaches were disclosed by Southern Illinois Dermatology, Saint Anthony Hospital, and North Texas Behavioral Health Authority. The post Data Breaches at Healthcare Organizations in Illinois and Texas Affect...
The Hacker News
Cybersecurity researchers have discovered a vulnerability in Google's agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since patched, combines...
SecurityWeek Vulnerabilities
The hackers targeted LayerZero’s DVN, compromising certain RPCs and DDoSing others to trigger failover to the poisoned infrastructure. The post $290 Million Kelp DAO Crypto Heist Blamed on North Korea appeared first...
Microsoft MSRC
Information published.
The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN...
Dark Reading
Stolen OAuth tokens, which are at the root of these breaches, "are the new attack surface, the new lateral movement," a researcher notes.
Dark Reading
The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say.
The Hacker News
A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as CVE-2026-5760, carries a CVSS...
SecurityWeek Vulnerabilities
Forescout researchers discovered 20 new vulnerabilities in Lantronix and Silex products and described theoretical attack scenarios. The post Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking...
Dark Reading
Strangers can infer limited info about you without knowing or messaging you, which could theoretically aid certain kinds of malicious activity.
Microsoft MSRC
Added acknowledgements. This is an informational change only.
Microsoft MSRC
Added Security Only packages to Windows Server 2012 security updates. This is an informational change only.
The Hacker News
Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted download path is briefly swapped to deliver malware. Browser extensions act...
SecurityWeek Vulnerabilities
Tyler Buchanan admitted in court to hacking into various companies, defrauding them, and stealing cryptocurrency from multiple individuals. The post British Scattered Spider Hacker Pleads Guilty in the US appeared...
SecurityWeek Vulnerabilities
The machine emulator has been abused in at least two different campaigns distributing ransomware and remote access tools. The post Hackers Abuse QEMU for Defense Evasion appeared first on SecurityWeek.
The Hacker News
The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for...
SecurityWeek Vulnerabilities
A pro-Iran hacker group has taken credit for the attack on Bluesky, which appears to have lasted 24 hours. The post Bluesky Disrupted by Sophisticated DDoS Attack appeared first on SecurityWeek.
The Hacker News
Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture that could pave the way for remote code execution and have a cascading effect on the...
SecurityWeek Vulnerabilities
The Senate approved a short-term renewal until April 30 of a controversial surveillance program used by U.S. spy agencies. The post Senate Extends Surveillance Powers Until April 30 After Chaotic Votes in House...
SecurityWeek Vulnerabilities
The continued use of the half-century-old protocol exposes enterprises and end users to various types of attacks. The post Half of the 6 Million Internet-Facing FTP Servers Lack Encryption appeared first on SecurityWeek.
SecurityWeek Vulnerabilities
Vercel confirmed suffering a breach after a hacker claiming to be part of ShinyHunters offered to sell stolen data for $2 million. The post Next.js Creator Vercel Hacked appeared first on SecurityWeek.
SecurityWeek Vulnerabilities
In-the-wild exploitation has been ongoing for a year, but no successful payload execution has been observed. The post Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers appeared first on SecurityWeek.
The Hacker News
Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by...
The Hacker News
Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to "certain" internal Vercel systems. The incident stemmed from the compromise of Context.ai, a...
CISA KEV-katalog
Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by...
CISA KEV-katalog
Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems. | Åtgärd: Please...
1 fler källor
CISA KEV-katalog
Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload arbitrary data to path relative locations. | Åtgärd: Apply mitigations per vendor...
CISA KEV-katalog
PaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentication on affected installations via the SecurityRequestFilter class. | Åtgärd: Apply mitigations...
CISA KEV-katalog
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that could allow attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access...
CISA KEV-katalog
Quest KACE Systems Management Appliance (SMA) contains an improper authentication vulnerability that could allow attackers to impersonate legitimate users without valid credentials. | Åtgärd: Apply mitigations per...
CISA KEV-katalog
JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for...
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
SecurityWeek Vulnerabilities
Threat actors are reusing Tycoon 2FA tools across other phishing kits following the platform’s disruption. The post Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks appeared first on SecurityWeek.
The Hacker News
In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your...
The Hacker News
Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The...
The Hacker News
Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo...
Dark Reading
Industry and ad hoc coalitions appear poised to help fill the gap created by NIST's decision to cut back on CVE data enrichment.
Dark Reading
In embracing device code phishing, attackers trick victims into handing over account access by using a service's legitimate new-device login flow.
SecurityWeek Vulnerabilities
A White House official said the administration is engaging with advanced AI labs about their models and the security of software. The post White House Chief of Staff to Meet With Anthropic CEO Over Its New AI...
SecurityWeek Vulnerabilities
CoChat is fundamentally an AI collaboration platform designed for teamwork and to bring visibility and governance into enterprise AI shadows. The post CoChat Launches AI Collaboration Platform to Combat Shadow AI...
Dark Reading
AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones.
Microsoft MSRC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.
1 fler källor
Microsoft MSRC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.
Microsoft MSRC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.
Microsoft MSRC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.
1 fler källor
Microsoft MSRC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.
Microsoft MSRC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.
Microsoft MSRC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.
Microsoft MSRC
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.
The Hacker News
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three...
Dark Reading
The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, and a hybrid OT-security role.
CERT-SE
Bland veckans läsning i veckobrevet finns råd för ökad säkerhet inom OT, som Nationellt cybersäkerhetscenter (NCSC) nyligen publicerat. Utöver det hittar du information om ett antal sårbarheter och rapporter att läsa.
SecurityWeek Vulnerabilities
Other noteworthy stories that might have slipped under the radar: ShinyHunters targets Rockstar Games, ShowDoc vulnerability exploited in the wild, and EPA to boost cybersecurity budget to $19 million. The post In...
The Hacker News
Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9...
SecurityWeek Vulnerabilities
Kamerin Stokes sold stolen credentials through an online marketplace even after pleading guilty to his role in the DraftKings attack. The post Another DraftKings Hacker Sentenced to Prison appeared first on SecurityWeek.
SecurityWeek Vulnerabilities
Thursday’s discussion comes as leaders on Capitol Hill grapple with the dizzying pace of global developments in which technology plays a central role. The post Lawmakers Gathered Quietly to Talk About AI. Angst and...
SecurityWeek Vulnerabilities
The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April. The post Recent Apache ActiveMQ Vulnerability Exploited in the Wild appeared first on SecurityWeek.
SecurityWeek Vulnerabilities
Kejia Wang and Zhenxing Wang compromised the identities of dozens of US persons to help land jobs at over 100 companies. The post Two North Korean IT Worker Scheme Facilitators Jailed in the US appeared first on...
Microsoft MSRC
Information published.
SecurityWeek Vulnerabilities
The malware is configured to operate on systems associated with Israeli water treatment and desalination plants. The post ZionSiphon Malware Targets ICS in Water Facilities appeared first on SecurityWeek.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
SecurityWeek Vulnerabilities
An indirect prompt injection could be chained with a sandbox bypass and Cursor’s remote tunnel feature for shell access to machines. The post Cursor AI Vulnerability Exposed Developer Devices appeared first on...
The Hacker News
The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it...
SecurityWeek Vulnerabilities
Authorities in 21 countries participated in a coordinated action against DDoS-for-hire services. The post 53 DDoS Domains Taken Down by Law Enforcement appeared first on SecurityWeek.
The Hacker News
An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000...
The Hacker News
A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To that end, the agency...
Dark Reading
The National Institute of Standards and Technology is carving a new path for vulnerability remediation by changing the way it prioritizes software flaws.
Dark Reading
Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials and sensitive data from Macs.
Dark Reading
A benign looking update Dragon Boss pushed out in March 2025 established persistence via scheduled tasks and arranged for future payloads to be excluded from Windows Defender.
Cisco PSIRT
A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability...
The Hacker News
Cybersecurity researchers have warned of an active malicious campaign that's targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. "PowMix...
SecurityWeek Vulnerabilities
Securing national resilience now depends on faster, deeper partnerships with the private sector. The post Government Can’t Win the Cyber War Without the Private Sector appeared first on SecurityWeek.
Dark Reading
Threat actors know how to bypass security systems outside of traditional IT environments. Implementing 2FA could provide a needed extra security barrier in the physical world.
