Fixed Intel

Latest Cybersecurity News

Stay informed with real-time threat intelligence, vulnerability disclosures, and expert analysis from the cybersecurity community.

AllMalware & Threats472Vulnerabilities241Data Breaches20Ransomware0APT & Threat Actors0Cloud Security0MENA Cybersecurity0Compliance & Frameworks0Tools & Tutorials0Industry News1129
BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
The Hacker News
Industry News

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

BKA identified REvil leaders tied to 130 German attacks causing €35.4M damage, exposing key ransomware figures.

The Hacker NewsApr 6, 20263m5
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
Krebs on Security
Data Breaches

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and…

Krebs on SecurityApr 6, 20266m5
Vulnerabilities

ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)

SANS ISC
Vulnerabilities

ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)

No description available.

SANS ISCApr 6, 20261m5
Traffic violation scams switch to QR codes in new phishing texts
BleepingComputer
Malware & Threats

Traffic violation scams switch to QR codes in new phishing texts

Scammers are sending fake "Notice of Default" traffic violation text messages impersonating state courts across the U.S., pressuring recipients to scan a QR code that leads to a phishing site demanding a $6.99 payment while stealing personal and financial information.

BleepingComputerApr 5, 20263m5
New FortiClient EMS flaw exploited in attacks, emergency patch released
BleepingComputer
Malware & Threats

New FortiClient EMS flaw exploited in attacks, emergency patch released

Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks.

BleepingComputerApr 5, 20262m5
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
The Hacker News
Industry News

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

$285M stolen after six-month DPRK social engineering campaign began fall 2025, exposing Drift’s contributors and cloud assets.

The Hacker NewsApr 5, 20268m5
Hackers exploit React2Shell in automated credential theft campaign
BleepingComputer
Malware & Threats

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps.

BleepingComputerApr 5, 20263m5
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
The Hacker News
Industry News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

36 npm packages disguised as Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.

The Hacker NewsApr 5, 20267m5
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
The Hacker News
Industry News

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

CVE-2026-35616 (CVSS 9.1) exploited since March 31, 2026, affects FortiClient EMS 7.4.5–7.4.6, enabling privilege escalation.

The Hacker NewsApr 5, 20263m5
Axios npm hack used fake Teams error fix to hijack maintainer account
BleepingComputer
Malware & Threats

Axios npm hack used fake Teams error fix to hijack maintainer account

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineering campaign believed to have been conducted by North Korean threat actors.

BleepingComputerApr 4, 20266m5
Device code phishing attacks surge 37x as new kits spread online
BleepingComputer
Malware & Threats

Device code phishing attacks surge 37x as new kits spread online

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37 times this year.

BleepingComputerApr 4, 20264m5
European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack
SecurityWeek
Industry News

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Hackers stole over 300GB of data from the Commission’s AWS environment, including personal information.

SecurityWeekApr 4, 20263m5