A proof-of-concept (PoC) exploit has been publicly released for a critical vulnerability in Fortinet’s FortiSandbox product, tracked as CVE-2026-39808. The flaw allows an unauthenticated attacker to execute arbitrary operating system commands as root, the highest privilege level, without requiring any login…
Nearly 6 Million Internet-Facing FTP Servers Still Exposed in 2026, Censys Warns
According to a recent April 2026 report by security researcher Himaja Motheram at Censys, just under 6 million internet-facing hosts are still running the File Transfer Protocol (FTP). While this marks a significant 40% decline from the 10.1 million servers…
Belgium’s NIS2 Audit Window Opens April 18, 2026. The Rest of the EU Is Right Behind.
Belgium’s NIS2 conformity assessment deadline hits April 18, 2026, and other EU member states are ramping enforcement close behind. See what auditors will demand from your SOC: incident reporting timelines, Article 20 management liability, and automatic documentation. The post Belgium’s…
Threat Brief: Escalation of Cyber Risk Related to Iran (Updated April 17)
Unit 42 details recent Iranian cyberattack activity, sharing direct observations of phishing, hacktivist activity and cybercrime. We include recommendations for defenders. The post Threat Brief: Escalation of Cyber Risk Related to Iran (Updated April 17) appeared first on Unit 42.…
IT Security News Hourly Summary 2026-04-18 00h : 4 posts
4 posts were published in the last hour 22:3 : The Department of Know: Mythos Mayhem, critical infrastructure targeted, NVD changes 21:55 : IT Security News Daily Summary 2026-04-17 21:36 : At RSAC 2026, AI optimism and anxiety — and…
The Department of Know: Mythos Mayhem, critical infrastructure targeted, NVD changes
Link to episode page This week’s Department of Know is hosted by Rich Stroffolino, with guests Andrew Storms, security engineering, Kilo Code, and Eduardo Ortiz-Romeu, VP, global head of cybersecurity, Techtronic Industries. Missed the live show? Check it out on YouTube.…
IT Security News Daily Summary 2026-04-17
156 posts were published in the last hour 21:36 : At RSAC 2026, AI optimism and anxiety — and an MIA U.S. government 21:36 : Friday Squid Blogging: New Giant Squid Video 21:4 : Critical Exploits, AI Shifts, and Major…
At RSAC 2026, AI optimism and anxiety — and an MIA U.S. government
<p>According to its most ardent proponents, AI is well on its way to creating a new, nirvana-like SOC, in which exposure and threat detection windows are measured in seconds, and human operators are liberated from endless alert triage and chronic…
Friday Squid Blogging: New Giant Squid Video
Pretty fantastic video from Japan of a giant squid eating another squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. This article has…
Critical Exploits, AI Shifts, and Major Breaches Redefine Cybersecurity This Week
Weekly summary of Cybersecurity Insider newsletters The post Critical Exploits, AI Shifts, and Major Breaches Redefine Cybersecurity This Week appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Critical Exploits, AI Shifts,…
Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence
Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a threat actor stole $13.7 million in a cyber attack that the…
Man who hacked US Supreme Court filing system sentenced to probation
Nicholas Moore hacked into three U.S. government networks using stolen credentials, and then bragged about it and posted victims’ personal data on Instagram under the handle @ihackedthegovernment. This article has been indexed from Security News | TechCrunch Read the original…
Founder Liquidity Without Compromising on Growth
Founders can access liquidity without exiting by selling shares via secondary deals, reducing financial pressure while staying focused on long-term growth. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
Clothing Retailer Patches Website Flaw Exposing Customer Data
A clothing retailer patched a website flaw that exposed customer data via order links, highlighting risks associated with predictable URL structures. The post Clothing Retailer Patches Website Flaw Exposing Customer Data appeared first on TechRepublic. This article has been indexed…
Anthropic Releases Opus 4.7, Not as ‘Broadly Capable’ as Mythos AI
Anthropic launches Opus 4.7 with improved coding and reasoning, as its more “broadly capable” Mythos AI remains restricted over security concerns. The post Anthropic Releases Opus 4.7, Not as ‘Broadly Capable’ as Mythos AI appeared first on TechRepublic. This article…
White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology
A White House official said the administration is engaging with advanced AI labs about their models and the security of software. The post White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology appeared first…
We Need a Shared Responsibility Model for AI
Over the past 6-8 months, researchers at my company discovered vulnerabilities across multiple AI tools that allowed external bad actors to steal data, exploit AI browsers, or poison the core memories of AI systems. As we responsibly disclosed these flaws,…
IT Security News Hourly Summary 2026-04-17 21h : 9 posts
9 posts were published in the last hour 19:5 : New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 Apps 19:4 : Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts 18:38 : 7 Best AI Red…
New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 Apps
New research from Zimperium reveals four active Android malware campaigns, RecruitRat, SaferRat, Astrinox, and Massiv, targeting over 800 banking apps globally. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts
A known security flaw in several end-of-life TP-Link Wi-Fi routers is being actively targeted by hackers trying to install Mirai-based botnet malware on vulnerable devices. The vulnerability, tracked as CVE-2023-33538, affects multiple TP-Link models that no longer receive vendor updates,…
7 Best AI Red Teaming Platforms For 2026
Red teaming has always been the closest security discipline to real-world attacker behavior. Unlike scanning or traditional penetration… The post 7 Best AI Red Teaming Platforms For 2026 appeared first on Hackers Online Club. This article has been indexed from…
When Geopolitics Writes Your Compliance Roadmap
Cyber policy has always lagged cyber reality. Regulations arrive after breaches, frameworks emerge after failures, and accountability structures materialize long after the damage lands on someone else’s balance sheet. NCC Group’s fifth edition of its Global Cyber Policy Radar suggests…
The Race to Quantum-Proof the Internet Has Already Begun
The race to quantum-proof the internet is underway as experts warn of “harvest now, decrypt later” risks and slow migration to post-quantum security. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
Hackers are abusing unpatched Windows security flaws to hack into organizations
A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit them. Now, hackers are taking advantage of the vulnerabilities in real life attacks, according to a cybersecurity firm. This article has been…