Latest Cybersecurity News

SecurityWeekApr 1, 20262m5

US Charges Uranium Crypto Exchange Hacker

Jonathan Spalletta exploited smart contract vulnerabilities to steal approximately $55 million in cryptocurrency and cause Uranium to shut down.

Webinar Today: Agentic AI vs. Identity’s Last Mile Problem

SecurityWeek

SecurityWeekApr 1, 20261m5

Webinar Today: Agentic AI vs. Identity’s Last Mile Problem

Join the webcast as we explore what Agentic AI can and cannot solve today, and real world breach scenarios linked to disconnected applications.

TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)

SANS ISC

TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)

This is the fifth update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026). Update 004 covered developments through March 30, including the Databricks investigation, dual ransomware operations, and AstraZeneca dat...

SANS ISCApr 1, 20261m5

Block the Prompt, Not the Work: The End of "Doctor No"

The Hacker NewsApr 1, 20265m5

Block the Prompt, Not the Work: The End of "Doctor No"

70% installed AI extensions after DeepSeek block at U.S. law firm, routing traffic to China servers, exposing compliance risk.

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

The Hacker NewsApr 1, 20263m5

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

Augmented Marauder targets Latin America and Europe since 2020, using dynamic PDF phishing to spread Casbaneiro via Horabot.

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Alerts

CISA AlertsApr 1, 20261m5

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass

The Hacker NewsApr 1, 20263m5

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass

WhatsApp VBS campaign began February 2026, abusing AWS and UAC bypass to gain persistent remote access.

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released

The Hacker NewsApr 1, 20262m5

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released

Chrome patches 21 flaws including exploited CVE-2026-5281 in Dawn, marking fourth zero-day fixed in 2026, reducing active attack risk.

FBI warns against using Chinese mobile apps due to privacy risks

BleepingComputer

Malware & Threats

FBI warns against using Chinese mobile apps due to privacy risks

The U.S. Federal Bureau of Investigation (FBI) warned Americans against using foreign-developed mobile applications, particularly those created by Chinese developers.

BleepingComputerApr 1, 20263m6

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

The Hacker NewsApr 1, 20264m5

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

84% of attacks abuse legitimate tools across 700,000 incidents, expanding internal attack surfaces and evading detection defenses.

Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)

SANS ISC

Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)

Today, most malware are called â€œfilelessâ€ because they try to reduce their footprint on the infected computer filesystem to the bare minimum. But they need to write somethingâ€¦ think about persistence. They can use the registry as an alternative storage location.

SANS ISCApr 1, 20261m5

Are We Training AI Too Late?

Dark Reading