Knowledge Hub

TeamPCP Supply Chain Campaign: Update 007 - Cisco Source Code Stolen via Trivy-Linked Breach, Google GTIG Tracks TeamPCP as UNC6780, and CISA KEV Deadline Arrives with No Standalone Advisory, (Wed, Apr 8th)

SANS ISC

TeamPCP Supply Chain Campaign: Update 007 - Cisco Source Code Stolen via Trivy-Linked Breach, Google GTIG Tracks TeamPCP as UNC6780, and CISA KEV Deadline Arrives with No Standalone Advisory, (Wed, Apr 8th)

This is the seventh update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0;"When the Security Scanner Became the Weapon"&#;x26;#;xc2;&#;x26;#;xa0;(v3.0, March 25, 2026).&#;x26;#;xc2;&#;x26;#;xa0;Update 006&#;x26;#;xc2;&#;x26;#;xa0;covered developments thr...

SANS ISCApr 8, 20261m2

Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices

The Hacker News

The Hacker NewsApr 8, 20263m1

Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices

Masjesu botnet drives global DDoS attacks since 2023, with nearly 50% traffic from Vietnam, threatening enterprises and IoT devices.

Fraud Rockets Higher in Mobile-First Latin America

Fraud Rockets Higher in Mobile-First Latin America

Cyber-fraudsters move quickly from compromised devices to account takeover to funds transfer, shifting money before many financial institutions can react.

Data Leakage Vulnerability Patched in OpenSSL

SecurityWeek

SecurityWeekApr 8, 20262m1

Data Leakage Vulnerability Patched in OpenSSL

A total of seven vulnerabilities, most of which can be exploited for DoS attacks, have been patched in OpenSSL.

Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on Campus

Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on Campus

No description available.

RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years

SecurityWeek

SecurityWeekApr 8, 20262m1

RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years

The vulnerability requires authentication for successful exploitation, but another flaw exposes the Jolokia API without authentication.

More Honeypot Fingerprinting Scans, (Wed, Apr 8th)

SANS ISC

More Honeypot Fingerprinting Scans, (Wed, Apr 8th)

One question that often comes up when I talk about honeypots: Are attackers able to figure out if they are connected to a honeypot? The answer is pretty simple: Yes!

SANS ISCApr 8, 20261m2

Niobium Introduces The Fog

Niobium Introduces The Fog

No description available.

Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity Teams

Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity Teams

No description available.

BleepingComputerApr 8, 20265m2

Is a $30,000 GPU Good at Password Cracking?

BleepingComputer

Malware & Threats

Is a $30,000 GPU Good at Password Cracking?

A $30,000 AI GPU doesn't outperform consumer GPUs at password cracking. Specops explains why attackers don't need exotic hardware to break weak passwords.

APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies

The Hacker News