Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it’s suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The exchange said it fell victim to what it described as…
[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data
In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every employee in your org, there are 40 to 50 automated credentials: service accounts, API…
Nexcorium Mirai Variant Weaponises TBK DVR Vulnerability in Fresh IoT Botnet Push
A newly discovered Mirai malware variant named Nexcorium is actively targeting unpatched Internet of Things (IoT) devices. According to recent threat research from FortiGuard Labs, attackers are exploiting a severe vulnerability in TBK DVR systems to build a massive botnet…
Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access
Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Microsoft Defender to gain higher privileges on compromised systems. The vulnerabilities, called BlueHammer, RedSun, and UnDefend,…
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR…
IT Security News Hourly Summary 2026-04-18 09h : 1 posts
1 posts were published in the last hour 6:11 : That data breach alert might be a trap
That data breach alert might be a trap
Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot. This article has been indexed from WeLiveSecurity Read the original article: That data breach alert might be a trap
Cybersecurity Today Month in Review of March/April 2026
Cybersecurity Today Month-in-Review: RSAC AI Hype, Agentic Risks, Mythos Claims, and Real-World Resilience Jim Love hosts a delayed March month-in-review with panelists David Shipley and Laura Payne, starting with RSAC takeaways: agentic AI everywhere, heightened marketing spectacle, and industry tension…
IT Security News Hourly Summary 2026-04-18 06h : 2 posts
2 posts were published in the last hour 3:31 : PoC Exploit Released for FortiSandbox Vulnerability that Allows Attacker to Execute Commands 3:31 : Nearly 6 Million Internet-Facing FTP Servers Still Exposed in 2026, Censys Warns
PoC Exploit Released for FortiSandbox Vulnerability that Allows Attacker to Execute Commands
A proof-of-concept (PoC) exploit has been publicly released for a critical vulnerability in Fortinet’s FortiSandbox product, tracked as CVE-2026-39808. The flaw allows an unauthenticated attacker to execute arbitrary operating system commands as root, the highest privilege level, without requiring any login…
Nearly 6 Million Internet-Facing FTP Servers Still Exposed in 2026, Censys Warns
According to a recent April 2026 report by security researcher Himaja Motheram at Censys, just under 6 million internet-facing hosts are still running the File Transfer Protocol (FTP). While this marks a significant 40% decline from the 10.1 million servers…
Belgium’s NIS2 Audit Window Opens April 18, 2026. The Rest of the EU Is Right Behind.
Belgium’s NIS2 conformity assessment deadline hits April 18, 2026, and other EU member states are ramping enforcement close behind. See what auditors will demand from your SOC: incident reporting timelines, Article 20 management liability, and automatic documentation. The post Belgium’s…
Threat Brief: Escalation of Cyber Risk Related to Iran (Updated April 17)
Unit 42 details recent Iranian cyberattack activity, sharing direct observations of phishing, hacktivist activity and cybercrime. We include recommendations for defenders. The post Threat Brief: Escalation of Cyber Risk Related to Iran (Updated April 17) appeared first on Unit 42.…
IT Security News Hourly Summary 2026-04-18 00h : 4 posts
4 posts were published in the last hour 22:3 : The Department of Know: Mythos Mayhem, critical infrastructure targeted, NVD changes 21:55 : IT Security News Daily Summary 2026-04-17 21:36 : At RSAC 2026, AI optimism and anxiety — and…
The Department of Know: Mythos Mayhem, critical infrastructure targeted, NVD changes
Link to episode page This week’s Department of Know is hosted by Rich Stroffolino, with guests Andrew Storms, security engineering, Kilo Code, and Eduardo Ortiz-Romeu, VP, global head of cybersecurity, Techtronic Industries. Missed the live show? Check it out on YouTube.…
IT Security News Daily Summary 2026-04-17
156 posts were published in the last hour 21:36 : At RSAC 2026, AI optimism and anxiety — and an MIA U.S. government 21:36 : Friday Squid Blogging: New Giant Squid Video 21:4 : Critical Exploits, AI Shifts, and Major…
At RSAC 2026, AI optimism and anxiety — and an MIA U.S. government
<p>According to its most ardent proponents, AI is well on its way to creating a new, nirvana-like SOC, in which exposure and threat detection windows are measured in seconds, and human operators are liberated from endless alert triage and chronic…
Friday Squid Blogging: New Giant Squid Video
Pretty fantastic video from Japan of a giant squid eating another squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. This article has…
Critical Exploits, AI Shifts, and Major Breaches Redefine Cybersecurity This Week
Weekly summary of Cybersecurity Insider newsletters The post Critical Exploits, AI Shifts, and Major Breaches Redefine Cybersecurity This Week appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Critical Exploits, AI Shifts,…
Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence
Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a threat actor stole $13.7 million in a cyber attack that the…
Man who hacked US Supreme Court filing system sentenced to probation
Nicholas Moore hacked into three U.S. government networks using stolen credentials, and then bragged about it and posted victims’ personal data on Instagram under the handle @ihackedthegovernment. This article has been indexed from Security News | TechCrunch Read the original…
Founder Liquidity Without Compromising on Growth
Founders can access liquidity without exiting by selling shares via secondary deals, reducing financial pressure while staying focused on long-term growth. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
Clothing Retailer Patches Website Flaw Exposing Customer Data
A clothing retailer patched a website flaw that exposed customer data via order links, highlighting risks associated with predictable URL structures. The post Clothing Retailer Patches Website Flaw Exposing Customer Data appeared first on TechRepublic. This article has been indexed…
Anthropic Releases Opus 4.7, Not as ‘Broadly Capable’ as Mythos AI
Anthropic launches Opus 4.7 with improved coding and reasoning, as its more “broadly capable” Mythos AI remains restricted over security concerns. The post Anthropic Releases Opus 4.7, Not as ‘Broadly Capable’ as Mythos AI appeared first on TechRepublic. This article…