Hackers have stolen approximately $286 million from Drift Protocol, a leading decentralized perpetual futures exchange on the Solana blockchain, in what security researchers believe may be a North Korea-linked cyberattack. The incident occurred on April 1, 2026, and is already…
Google Brings Lazy Loading to Media Files in New Chrome Release
Google has announced a significant update for its Chrome browser, extending native lazy loading capabilities to audio and video elements. This highly anticipated feature aims to improve web performance, drastically save bandwidth, and offer subtle security benefits by controlling when…
The Google Workspace Blind Spot Every K-12 IT Team Misses
How DeForest School District Gained Visibility into Google Workspace and Transformed Their Security Workflow with Cloud Monitor When you’re responsible for keeping an entire school district’s technology running, “good enough” tools quickly become a problem. For Shelly Broberg, Network and…
How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created, tested, cached, copied, and reused across services, bots, build tools, and now local AI agents. In March 2026, the TeamPCP threat actor proved just…
IT Security News Hourly Summary 2026-04-06 15h : 13 posts
13 posts were published in the last hour 12:36 : GitHub-Backed Malware Spread via LNK Files in South Korea 12:36 : Die Linke Confirms Data Stolen By Qilin 12:36 : Good Progress After Northern Ireland Attack 12:36 : EU Commission…
GitHub-Backed Malware Spread via LNK Files in South Korea
Hackers are abusing Windows shortcut files and GitHub to run a stealthy, multi‑stage malware campaign against organizations in South Korea. The operation chains LNK files, PowerShell, and GitHub APIs to deliver surveillance tools while blending into normal enterprise traffic.The campaign…
Die Linke Confirms Data Stolen By Qilin
The Qilin ransomware group recently targeted the German socialist party Die Linke and is now threatening to release stolen information. This article has been indexed from CyberMaterial Read the original article: Die Linke Confirms Data Stolen By Qilin
Good Progress After Northern Ireland Attack
Efforts to restore Northern Ireland’s school computer network are moving forward steadily after a recent cyber attack forced a total system shutdown. This article has been indexed from CyberMaterial Read the original article: Good Progress After Northern Ireland Attack
EU Commission Breach Exposes Data
The European Commission recently suffered a cloud security breach attributed to the threat group TeamPCP, resulting in the exposure of data from 30 different EU entities. This article has been indexed from CyberMaterial Read the original article: EU Commission Breach…
BKA Identifies REvil Ransomware Leaders
German authorities have officially unmasked two high-ranking members of the notorious REvil ransomware gang after an extensive investigation by the Federal Criminal Police Office. This article has been indexed from CyberMaterial Read the original article: BKA Identifies REvil Ransomware Leaders
NY School Data Incidents Rise 72%
New York state schools experienced a significant surge in cybersecurity issues in 2025, with data incident reports jumping 72% over the previous year. This article has been indexed from CyberMaterial Read the original article: NY School Data Incidents Rise 72%
Fake GitHub CI Update Steals Secrets and Tokens
An automated campaign abusing GitHub’s pull_request_target workflow trigger to steal CI/CD secrets at scale. The attacker, using the handle ezmtebo, fired off more than 475 malicious pull requests (PRs) in just 26 hours, impersonating routine CI configuration updates to trick maintainers. The campaign…
Hackers Use Poisoned Axios Package and Phantom Dependency to Spread Cross-Platform Malware
One of the most widely used JavaScript libraries in the world was turned into a weapon on March 30, 2026, when attackers poisoned the Axios npm package and silently deployed malware on developer machines running Windows, macOS, and Linux. With…
Hackers Compromised ILSpy WordPress Domain to Deliver Malware
A new supply chain attack targeting developers after threat actors compromised the official WordPress domain for ILSpy on April 6, 2026. Instead of providing the legitimate software, the hijacked website began redirecting visitors to a malicious webpage to deliver malware.…
Critical Dgraph Database Vulnerability Let Attackers Bypass Authentication
A maximum-severity vulnerability in Dgraph, a popular open-source graph database. Tracked as CVE-2026-34976, this critical flaw carries a perfect CVSS score of 10.0. It allows unauthenticated remote attackers to bypass all security controls, overwrite entire databases, read sensitive server files,…
Apache Traffic Server Vulnerabilities Let Attackers Trigger DoS Attack
The Apache Software Foundation has released emergency security updates to address two severe vulnerabilities in the Apache Traffic Server (ATS). ATS operates as a high-performance web proxy cache that improves network efficiency and handles massive volumes of enterprise web traffic.…
Google’s Bug Bounty Program Hits All-Time High With $17 Million in 2025 Payouts
Google’s Vulnerability Reward Program (VRP) celebrated its 15th anniversary in 2025 by breaking every payout record in its history. The tech giant awarded a staggering $17 million to external security researchers worldwide, representing a massive 40% surge compared to 2024.…
Guardarian Users Targeted With Malicious Strapi NPM Packages
Hackers published 36 NPM packages posing as Strapi plugins to execute shells, escape containers, and harvest credentials. The post Guardarian Users Targeted With Malicious Strapi NPM Packages appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
North Korean Hackers Pose as Trading Firm to Steal $285M from Drift
North Korean hackers (UNC4736) posed as a trading firm for six months to infiltrate Drift Protocol, using social engineering tactics to steal $285M without suspicion. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More…
North Korea’s Modular Malware Strategy Hides Attribution, Defies Takedowns
North Korea’s cyber program is shifting from monolithic “families” to a modular, portfolio-style malware ecosystem designed to survive exposure, frustrate attribution, and keep operations running under constant pressure. Years of sanctions, coordinated law-enforcement pressure, and rapid public disclosure of campaigns…
Google Wants to Transition to Post-Quantum Cryptography by 2029
Google says that it will fully transition to post-quantum cryptography by 2029. I think this is a good move, not because I think we will have a useful quantum computer anywhere near that year, but because crypto-agility is always a…
North Korean Hackers Target High-Profile Node.js Maintainers
The threat actor behind the Axios supply chain attack has been aiming at other maintainers in its social engineering campaign. The post North Korean Hackers Target High-Profile Node.js Maintainers appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
The Compliance Cliff: Email Encryption and Data Security Unpacked
It usually starts with a question nobody wants to ask out loud: The post The Compliance Cliff: Email Encryption and Data Security Unpacked appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article:…
Critical Claude Code Flaw Silently Bypasses User-Configured Security Rules
Anthropic’s flagship AI coding agent, Claude Code, was recently discovered to contain a critical security flaw that silently bypasses developer-configured safety rules. The vulnerability allows attackers to execute blocked commands, such as data exfiltration scripts, by simply padding them with…