A newly discovered malware, NWHStealer, is targeting Windows users through a sophisticated campaign that uses fake VPN websites, gaming mods, and hardware utility tools as bait. This article has been indexed from CyberMaterial Read the original article: NWHStealer Malware Campaign…
Fiverr Exposed User Files to Google Search
Fiverr, a popular online marketplace for freelance services, has encountered a significant data exposure incident. This article has been indexed from CyberMaterial Read the original article: Fiverr Exposed User Files to Google Search
McGraw Hill data breach affects 13.5 million accounts
“A significant data breach has occurred at McGraw Hill, impacting 13.5 million user accounts. This article has been indexed from CyberMaterial Read the original article: McGraw Hill data breach affects 13.5 million accounts
Bluesky down as users face access issues
Bluesky, a social media platform, is currently experiencing an outage that has left many users unable to access their accounts. This article has been indexed from CyberMaterial Read the original article: Bluesky down as users face access issues
IT Security News Hourly Summary 2026-04-16 15h : 7 posts
7 posts were published in the last hour 12:32 : Artemis Emerges From Stealth With $70 Million in Funding 12:13 : Google Play is changing how Android apps access your contacts and location 12:13 : Textbook titan McGraw Hill on…
Artemis Emerges From Stealth With $70 Million in Funding
The startup is leveraging AI to prevent AI-powered attacks across applications, users, machines, and cloud workloads. The post Artemis Emerges From Stealth With $70 Million in Funding appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Google Play is changing how Android apps access your contacts and location
Google’s new set of Google Play policy updates and account transfer feature strengthen user privacy and protect businesses from fraud. Google is also expanding features for managing new contact and location policy changes to support a smoother, more predictable app…
Textbook titan McGraw Hill on ransomware crew’s reading list after 13.5M records exposed
Publisher claims misconfigured Salesforce-hosted page leaked data Textbook giant McGraw Hill has landed on a ransomware crew’s leak site after an alleged Salesforce-linked misconfiguration spilled 13.5 million records into the wild.… This article has been indexed from The Register –…
Splunk Enterprise Update Patches Code Execution Vulnerability
The flaw allows low-privileged users to upload files to a temporary directory to achieve remote code execution. The post Splunk Enterprise Update Patches Code Execution Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking endpoint. This occurred without the bank’s knowledge, without user consent, and without a single security control registering a violation. Read the full technical breakdown in the Security…
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
A “novel” social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors. Dubbed…
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below –…
Cybersecurity Risks of Hiring a Virtual Assistant and How to Protect Your Business
Virtual assistants boost productivity but add cybersecurity risks. Poor access control, weak devices, and credential sharing can expose sensitive business data. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
31 High-Impact Vulnerabilities Exploited in March as Interlock Hits Cisco FMC Zero-Day
March 2026 turned out to be one of the more active months for vulnerability exploitation this year. Security researchers tracked 31 high-impact vulnerabilities that were actively used against real-world systems, touching products from more than 20 major vendors including Cisco,…
Nginx-ui Vulnerability Actively Exploited in Attack – Enables Full Server Takeover
A critical authentication bypass vulnerability in Nginx UI, tracked as CVE-2026-33032 with a maximum CVSS score of 9.8, is currently being actively exploited in the wild. This flaw allows unauthenticated remote attackers to gain complete control over affected Nginx web…
Cisco Webex Services Vulnerability Let Remote Attacker Impersonate Any User
Cisco has issued a critical security advisory warning of a severe vulnerability in its cloud-based Webex Services. Tracked as CVE-2026-20184, this flaw carries a maximum Common Vulnerability Scoring System (CVSS) base score of 9.8 out of 10 According to the…
Hackers Abuse n8n AI Workflow Automation to Deliver Malware Through Trusted Webhooks
Cybercriminals have found a new way to sneak malware past traditional security filters by hijacking a legitimate AI workflow automation tool called n8n. Rather than building their own infrastructure from scratch, these threat actors are turning a productivity platform into…
Fake Proton VPN Sites and Gaming Mods Spread NWHStealer in New Windows Malware Campaign
A newly identified information-stealing malware called NWHStealer is quietly making its way onto Windows systems through a well-disguised campaign that uses fake VPN websites, gaming mods, and hardware utility tools as bait. The attackers are not relying on spam emails…
Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest
Researchers found more than 80 high-impact cloud and AI vulnerabilities during the event, which had a $5 million prize pool. The post Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest appeared first on SecurityWeek. This article…
n8n Webhooks Under Threat as Attackers Orchestrate Malware Delivery via Phishing
A security researcher has identified a critical flaw in the open-source workflow orchestration platform n8n, which is increasingly embedded in enterprise and AI-driven operations, that highlights the fragility of modern automation ecosystems. The vulnerability, CVE-2026-21858, has been assigned the…
Researchers Say Fiverr Left User Files Open to Google Search
Private Fiverr user documents, including tax records and IDs, were reportedly found in Google search results due to a storage configuration issue. Read more about the findings and the company’s response to the data exposure. This article has been indexed…
Fake ProtonVPN, game mod sites spread NWHStealer in new Windows malware campaign
Multiple ongoing malware campaigns are distributing a powerful information-stealing trojan, tracked as NWHStealer, through fake VPN installers, gaming mods, and system tools. Unlike typical phishing campaigns, these attacks exploit users’ trust in popular software. Threat actors are disguising malicious payloads as…
“Implementing NIS-2 is an organizational stress test”
Many companies still do not fully have NIS-2 on their radar. Yet it is no longer just about a registration requirement. In this interview, Dr. Matthias Zuchowski, regulatory expert at G DATA CyberDefense, explains what companies need to do now,…
OpenAI updates Agents SDK, adds sandbox for safer code execution
OpenAI’s updated Agents SDK helps developers build agents that inspect files, run commands, edit code, and handle tasks within controlled sandbox environments. The update provides standardized infrastructure for OpenAI models, a model-native harness that lets agents work with files and…