Latest Cybersecurity News

Helping Romance Scam Victims Require a Proactive, Empathic Approach

Dark Reading

Dark ReadingApr 24, 20261m4

Helping Romance Scam Victims Require a Proactive, Empathic Approach

People targeted by confidence schemes find getting help is a lonely road. Experts want law enforcement, financial and government institutions to work together and protect them.

Firestarter malware survives Cisco firewall updates, security patches

BleepingComputerApr 24, 20264m5

Firestarter malware survives Cisco firewall updates, security patches

Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or Firepower Threat Defense (FTD) software.

Windows Update gets new controls to reduce forced restarts

BleepingComputerApr 24, 20263m9

Windows Update gets new controls to reduce forced restarts

Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts.

New BlackFile extortion group linked to surge of vishing attacks

BleepingComputerApr 24, 20263m5

New BlackFile extortion group linked to surge of vishing attacks

A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality organizations since February 2026.

Microsoft to roll out Entra passkeys on Windows in late April

BleepingComputerApr 24, 20263m5

Microsoft to roll out Entra passkeys on Windows in late April

Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April.

New ‘Pack2TheRoot’ flaw gives hackers root Linux access

BleepingComputerApr 24, 20263m5

New ‘Pack2TheRoot’ flaw gives hackers root Linux access

A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions.

FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches

The Hacker News

The Hacker NewsApr 24, 20265m4

FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches

FIRESTARTER backdoor hit Cisco ASA in Sept 2025, persists after patching CVE-2025-20333, risking continued federal network access.

US Busts Myanmar Ring Targeting US Citizens in Financial Fraud

Dark Reading

Dark ReadingApr 24, 20261m4

US Busts Myanmar Ring Targeting US Citizens in Financial Fraud

Some 29 people were charged, including a Cambodian senator, and authorities seized more than 500 Web domains tied to fake investment sites.

Glasswing Secured the Code. The Rest of Your Stack Is Still on You

Dark Reading

Dark ReadingApr 24, 20261m4

Glasswing Secured the Code. The Rest of Your Stack Is Still on You

Forgotten integrations, shadow IT, SaaS, and now shadow AI and agents are everywhere, and attackers don't need sophisticated AI models to take advantage.

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions

SecurityWeek

SecurityWeekApr 24, 20264m4

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions

It targeted high-precision calculation software to tamper with results and packed a self-propagation mechanism.

In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device

SecurityWeek

SecurityWeekApr 24, 20265m4

In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device

Other noteworthy stories that might have slipped under the radar: Supreme Court hacker sentenced, Lovable exposed user data, Google expands enterprise security.

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software

The Hacker News