A new macOS-focused cyber campaign linked to the North Korean threat actor Sapphire Sleet, highlighting how attackers are increasingly relying on social engineering rather than software vulnerabilities to compromise systems. Rather than exploiting security flaws, the attackers manipulate user trust,…
Apache Syncope RCE Vulnerability Detailed After Public Exploit Code Release
Security researchers have released full technical details and a working proof-of-concept (PoC) exploit for CVE-2025-57738, a high-severity remote code execution (RCE) vulnerability in Apache Syncope, a widely deployed open-source identity management platform used across enterprise and government environments. Tracked as…
$290 Million Kelp DAO Crypto Heist Blamed on North Korea
The hackers targeted LayerZero’s DVN, compromising certain RPCs and DDoSing others to trigger failover to the poisoned infrastructure. The post $290 Million Kelp DAO Crypto Heist Blamed on North Korea appeared first on SecurityWeek. This article has been indexed from…
Bad Apples: Weaponizing native macOS primitives for movement and execution
Cisco Talos documents several macOS living-off-the-land (LOTL) techniques, demonstrating that native pathways for movement and execution remain accessible to those who understand the underlying architecture. This article has been indexed from Cisco Talos Blog Read the original article: Bad Apples:…
Amazon To Invest $5bn In Anthropic In Infrastructure Deal
Amazon commits to further $5bn of investment in Anthropic, under expanded deal to provide cloud infrastructure to AI start-up This article has been indexed from Silicon UK Read the original article: Amazon To Invest $5bn In Anthropic In Infrastructure Deal
They Built a Legendary Privacy Tool. Now They’re Sworn Enemies
There’s a lot of love all over the world for GrapheneOS, the gold standard of mobile security. There’s very little love between the two guys at the center of its history. This article has been indexed from Security Latest Read…
U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco Catalyst, Kentico…
SideWinder Uses Fake Chrome PDF Viewer and Zimbra Clone to Steal Government Webmail Credentials
A well-known advanced persistent threat group called SideWinder has launched a highly targeted phishing campaign against South Asian government organizations, using a fake Chrome PDF viewer and a pixel-perfect clone of the Zimbra email login portal to steal employee credentials.…
Claude Code, Gemini CLI, and GitHub Copilot Vulnerable to Prompt Injection via GitHub Comments
A critical cross-vendor vulnerability class dubbed “Comment and Control” is a new category of prompt injection attacks that weaponizes GitHub pull request titles, issue bodies, and issue comments to hijack AI coding agents and steal API keys and access tokens directly from…
IT Security News Hourly Summary 2026-04-21 12h : 9 posts
9 posts were published in the last hour 9:34 : Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories 9:34 : Tim Cook To Step Down As Apple Chief 9:34 : Grinex crypto exchange shuts down,…
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
Our research on Void Dokkaebi’s operations uncovered a campaign that turns infected developer repositories into malware delivery channels. By spreading through trusted workflows, organizational codebases, and open-source projects, the threat can scale from a single compromise to a broader supply…
Tim Cook To Step Down As Apple Chief
Tim Cook, 65, to hand over chief executive role to hardware chief John Ternus in September, to remain as executive chair This article has been indexed from Silicon UK Read the original article: Tim Cook To Step Down As Apple…
Grinex crypto exchange shuts down, blames Western agencies for $13.7M breach
Grinex exchange collapses after $13.7M breach, blames Western spies as Chainalysis flags possible exit scam and sanctions evasion network links claims. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
PureRAT Hides PE Payloads in PNGs for Fileless Execution
A multi-stage PureRAT campaign that hides portable executable (PE) payloads inside PNG images and executes them almost entirely in memory, making detection and forensics significantly harder for defenders. The campaign combines steganography, PowerShell-based loaders, UAC bypass, process hollowing, and anti-virtualization…
A single platform powers SIM farm proxy networks across 17 countries
Racks of phones and 4G modems, connected to carrier networks and rented out as commercial mobile proxy services, are operating across at least 94 locations in 17 countries. An investigation by infrastructure intelligence firm Infrawatch traced a large portion of…
Vercel Confirms Cyber Incident After Sophisticated Attacker Exploits Third‑Party Tool
Cloud app developer Vercel appears to have suffered a security breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Vercel Confirms Cyber Incident After Sophisticated Attacker Exploits Third‑Party Tool
NI School IT System Restored After Hack
IT system used by schools largely restored and more than 400,000 accounts reconnected after hack that disable service in early April This article has been indexed from Silicon UK Read the original article: NI School IT System Restored After Hack
Adaptavist Group breach spawns imposter emails as ransomware crew claims mega-haul
Fake emails already doing the rounds as ransomware crew boasts about what it allegedly stole UK enterprise software consultancy The Adaptavist Group is investigating a security breach after an intruder logged in with stolen credentials, while a ransomware crew claims…
NGate NFC malware targets Android users through trojanized payment app
NFC-based payment fraud is expanding geographically and operationally. A campaign active since November 2025 is targeting Android users in Brazil using a new variant of the NGate malware family, this time embedded in a trojanized version of HandyPay, a legitimate…
UK Man Pleads Guilty To Crypto Theft
Tyler Buchanan, 24, of Dundee, pleads guilty to US charges of stealing at least $8m in cryptocurrency from people in US, UK, elsewhere This article has been indexed from Silicon UK Read the original article: UK Man Pleads Guilty To…
North Korean Blamed for $290m KelpDAO Crypto Heist
North Korea’s Lazarus Group is pegged for a $290m crypto theft at KelpDAO This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Blamed for $290m KelpDAO Crypto Heist
Claude Desktop Silently Installs Browser Extension Files for Browsers Not Installed
Claude Desktop for macOS installs a Native Messaging manifest file that pre-authorizes Anthropic’s browser extensions across Chromium-based browsers without inf Thank you for being a Ghacks reader. The post Claude Desktop Silently Installs Browser Extension Files for Browsers Not Installed…
Broadband Restored In Orkney Islands After Fibre Repairs
Specialist ship fixes damaged subsea cable linking Orkney islands following damage attributed to rocky seabed in Pentland Firth This article has been indexed from Silicon UK Read the original article: Broadband Restored In Orkney Islands After Fibre Repairs
Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility
Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its services for about 24 hours, starting on April 15. Bluesky is a decentralized,…