A fast, reusable HTML report for lightweight Radar projects: entity distribution, article velocity, and source mix, alongside a clean reading list.
Some sources or steps reported errors. The report still renders with partial data.
Entity Distribution
Top entities by frequency
Article Timeline
Daily volume inferred from article dates
Source Distribution
Share of articles by source
Data Freshness
Collection lag distribution
Entity Extraction Rate
Percentage with matched entities
Source Health
Article count by source (sorted)
Reading List
Click through to the original source
바로가기 메뉴 컨텐츠 바로가기 주메뉴 바로가기 하단정보 바로가기 페이지에서 오류가 발생했습니다. 일시적인 오류일 경우 잠시 후에 다시 시도해 주시기 바랍니다. 만약 문제가 계속 발생되면 사이트관리자에게 연락해 주시기 바랍니다. (3초 후 자동으로 메인 페이지로 이동합니다.) 이전페이지로 홈으로
Anthropic is having a moment in the private markets; SpaceX could spoil the party
Glen Anderson, president of Rainmaker Securities, says the secondary market for private shares has never been more active — with Anthropic the hottest trade around, OpenAI losing ground, and SpaceX's looming IPO poised t...
Lucid blames dip in Q1 sales on seat supplier issue
Lucid said it has resolved the problem and is not changing its guidance for 2026.
Anthropic essentially bans OpenClaw from Claude by making subscribers pay extra
Using OpenClaw with Claude AI is about to get a lot more expensive, thanks to Anthropic's new policy changes. Beginning April 4th at 3PM ET, users will "no longer be able to use your Claude subscription limits for third-...
The anonymous social app that thinks it can work in Saudi Arabia
When Fizz quietly debuted in Saudi Arabia, founder and CEO Teddy Solomon wasn’t expecting the app to catch on like it did.
Friday Squid Blogging: Jurassic Fish Chokes on Squid
Here’s a fossil of a 150-million year old fish that choked to death on a belemnite rostrum : the hard, internal shell of an extinct, squid-like animal. Original paper . As usual, you can also use this squid post to talk ...
Inconsistent Privacy Labels Don't Tell Users What They Are Getting
Data privacy labels are a great idea for mobile apps, but the current versions just aren't good enough.
NASA did eventually solve Artemis II’s Outlook glitch
On Thursday, during Artemis II's journey to the Moon, commander Reid Wiseman ran into a tech issue some of us back on Earth can relate to: Microsoft Outlook wasn't working. In a conversation captured in NASA's Artemis li...
Tesla’s Texas factory workforce reportedly shrunk 22% in 2025
Tesla's headcount fell from 21,191 workers to 16,506 workers in 2025, according to a report, as it grappled with its second straight year of declining sales.
LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed extensions and collect device data. [...]
OpenAI executive shuffle includes new role for COO Brad Lightcap to lead ‘special projects’
In addition to Lightcap's new role, OpenAI CMO Kate Rouch will be stepping away from the company to focus on cancer recovery, with a plan to return when her health allows.
Anthropic buys biotech startup Coefficient Bio in $400M deal: Reports
Anthropic has purchased the stealth biotech AI startup Coefficient Bio in a $400 million stock deal, according to The Information and Eric Newcomer.
OpenAI’s AGI boss is taking a leave of absence
OpenAI is undergoing another round of C-suite changes, according to an internal memo viewed by The Verge. Fidji Simo, OpenAI's CEO of AGI deployment - who was until recently the company's CEO of applications - says in th...
Anthropic ramps up its political activities with a new PAC
With the midterms right around the corner, the new group is positioned to back candidates who support the AI company's policy agenda.
Best iPad apps to boost productivity and make your life easier
There are many iPad apps to help you organize recipes, sync tasks across devices, be more productive, and manage your notes.
AI companies are building huge natural gas plants to power data centers. What could go wrong?
Meta, Microsoft, and Google are all betting big on new natural gas power plants to run their AI data centers. They may regret it.
People would rather have an Amazon warehouse in their backyard than a data center
A new poll shows that the debate over data centers is far from settled.
Lenovo Legion Go 2 suddenly costs $650 more as RAMageddon lays waste to gaming hardware
Remember when we thought the Legion Go 2 was expensive at $1,099 and up? Those were the days - Best Buy is now listing Lenovo's handheld for $1,499 with a Ryzen Z2 or $1,999 with a Z2 Extreme. The latter originally cost ...
Hims & Hers warns of data breach after Zendesk support ticket breach
Telehealth giant Hims & Hers Health is warning that it suffered a data breach after support tickets were stolen from a third-party customer service platform. [...]
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal targeting in the region. The campaign has been attributed to TA41...
The best iPad deals you can get right now
While the best iPad deals usually land during major sale events like Black Friday, many great iPad deals are available outside of those moments. The day-to-day discounts come and go like the changing winds, so there’s of...
Apple Breaks Precedent, Patches DarkSword for iOS 18
Even organizations with users unwilling or unable to adopt iOS 26 can now protect themselves from a severe mobile OS-cracking tool.
The final days of the Tesla Model X and S are here. All bets are on the Cybercab.
It's a new era for Tesla — and one that will rely on its ability to launch the Cybercab and mass-produce the Optimus robot.
Die Linke German political party confirms data stolen by Qilin ransomware
The Qilin ransomware group has claimed responsibility for an attack against Die Linke ('The Left'), forcing an IT systems outage at the political party, and threatening sensitive data leak. [...]
Europe’s cyber agency blames hacking gangs for massive data breach and leak
CERT-EU blamed the cybercrime group TeamPCP for the recent hack on the European Commission, and said the notorious ShinyHunters gang was responsible for leaking the stolen data online.
Mercedes adds steer-by-wire — and a dang steering yoke — to the EQS
Steer-by-wire, in which a car can be steered electronically rather than through a physical connection between the steering wheel and steering rack, is coming to Mercedes-Benz. The German automaker says it will use the st...
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research T...
Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting
As organizations disclose breaches tied to TeamPCP's supply chain attacks, ShinyHunters and Lapsus$ are getting involved, taking credit, and creating a murky situation for enterprises.
Anker’s small, five-port travel adapter is down to its best price yet
Few things kill the vibe of your relaxing spring break abroad faster than realizing you forgot a way to keep things charged. Anker’s Nano Travel Adapter makes it easy to charge your phone, camera, e-readers, and other de...
I saved a doomed Windows laptop by embracing Linux
Two weeks ago I set aside my M4 MacBook Air and picked up a nine-year-old ThinkPad. It's one of an estimated 200 to 400 million Windows 10 PCs that don't meet Microsoft's requirements for Windows 11. When Microsoft offic...
Evolution of Ransomware: Multi-Extortion Ransomware Attacks
Multi-extortion ransomware relies on stolen data to pressure victims with public leaks. Penta Security explains how its D.AMO platform keeps exfiltrated files encrypted and useless to attackers. [...]
The Facebook insider building content moderation for the AI era
Moonbounce has raised $12 million to grow its AI control engine that converts content moderation policies into consistent, predictable AI behavior.
Where's the Trump phone? We're going to keep talking about it every week. We've reached out, as usual, to ask about the Trump phone's whereabouts. Crickets. Despite recent signs of life, another week has come and gone wi...
How the Apple Watch defined modern health tech
This is Optimizer, a weekly newsletter sent every Friday from Verge senior reviewer Victoria Song that dissects and discusses the latest gizmos and potions that swear they're going to change your life. Opt in for Optimiz...
Picking Up 'Skull Vibrations'? Could Be XR Headset Authentication
"Skull vibration harmonics generated by vital signs" can be used to sign in to VR, AR, and MR headsets, according to emerging research.
This is the sixth update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0; "When the Security Scanner Became the Weapon" &#;x26;#;xc2;&#;x26;#;xa0;(v3.0, March 25, 2026).&#;x26;#;...
Claude Source Code Leak Highlights Big Supply Chain Missteps
Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)
Cisco has fixed ten vulnerabilities affecting its Integrated Management Controller (IMC), the most critical of which (CVE-2026-20093) could allow an unauthenticated, remote attacker to bypass authentication and gain acce...
Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain
The rebuilt Chainguard platform adds deeper security designed to continuously reconcile open source artifacts across containers, libraries, agent skills, and GitHub Actions.
CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry
Once CrowdStrike's nemesis, Microsoft is now a collaborator. A shared interest in Formula 1 helped thaw the years-long fierce rivalry.
Windows Security app gets Secure Boot certificate status indicators as 2026 expiration approaches
Microsoft’s Secure Boot certificates, issued in 2011, are approaching expiration in 2026. To help IT administrators track whether devices have received replacement certificates, Microsoft has added new status indicators ...
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. [...]
Company that Secretly Records and Publishes Zoom Meetings
WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes (alternate link ) the recordings. It doesn’t use the Zoom record feature, so Zoom can’t do anything about ...
UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat actors tracked as UNC1069. Mainta...
Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture
The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS tool their finance team signed up for, or a subcontractor nobody in IT knows about. T...
Claude Code source leak exploited to spread malware
A source code leak involving Anthropic’s Claude Code tool quickly escalated into a cybersecurity threat, as attackers seized on the exposed files to lure developers into downloading malware disguised as “unlocked” versio...
주메뉴 바로가기 본문 바로가기 이 누리집은 개인정보보호위원회 누리집입니다. 네이버블로그 페이스북 인스타그램 유튜브 화면 확대 화면 축소 확대수치 글자크기 100% 언어 KOR ENG 개인정보 보호위원회 통합검색 검색 위원회 소식 정책 · 법령 국정과제 심의 · 의결 정보공개 국민참여 기업참여 위원회 소개 누리집안내 인쇄 공유 전체 1182 건 · 현재페이지 1/119 검색 검색 카테...
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems. ...
Man admits to locking thousands of Windows devices in extortion plot
A former core infrastructure engineer has pleaded guilty to locking Windows admins out of 254 servers as part of a failed extortion plot targeting his employer, an industrial company headquartered in Somerset County, New...
Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that took place on April 1, 2026. "Earlier today, a malicious actor gained un...
New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs
A large-scale credential theft campaign targeting senior executives has been linked to a previously unknown automated phishing platform called Venom
Microsoft now force upgrades unmanaged Windows 11 24H2 PCs
Starting this week, Microsoft has begun force-upgrading unmanaged devices running Windows 11 24H2 Home and Pro editions to Windows 11 25H2. [...]
APERION releases SmartFlow SDK for secure, on-prem AI governance without cloud reliance
APERION launched SmartFlow SDK, providing a secure, on-premises path for enterprises migrating away from compromised cloud-based AI gateways. The launch coincides with a 200% increase in web traffic since the March 24 Li...
Trivy supply chain attack enabled European Commission cloud breach
CERT-EU confirmed that ShinyHunters are behind the recent breach of the cloud infrastructure underpinning websites of the European Commission, and that they stole and subsequently leaked approximately 340 GB of data. “An...
CERT-EU: European Commission hack exposes data of 30 EU entities
The European Union's Cybersecurity Service (CERT-EU) has attributed the European Commission cloud hack to the TeamPCP threat group, saying the resulting breach exposed the data of at least 29 other Union entities. [...]
Microsoft releases open-source toolkit to govern autonomous AI agents
AI agents can book travel, execute financial transactions, write and run code, and manage infrastructure without human intervention at each step. Frameworks like LangChain, AutoGen, CrewAI, and Azure AI Foundry Agent Ser...
Which messaging app takes the most limited approach to permissions on Android?
Messaging apps handle sensitive conversations, contacts, and media, and their behavior on a device varies in ways that affect privacy. An analysis of Android versions of Messenger, Signal, and Telegram shows that differe...
Click, wait, repeat: Digital trust erodes one login at a time
Sign-up forms that drag on, login steps that repeat, and access requests that take longer than expected have become a normal part of using digital services. These moments rarely stand out on their own, and over time they...
New infosec products of the month: March 2026
Here’s a look at the most interesting products from the past month, featuring releases from Beazley, Bonfy.AI, Mend.io, Mimecast, NinjaOne, Novee, Intel 471, Singulr AI, Stellar Cyber, Teleport, and Vicarius. Beazley Exp...
ISC Stormcast For Friday, April 3rd, 2026 https://isc.sans.edu/podcastdetail/9878, (Fri, Apr 3rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Amazon hits sellers with ‘fuel surcharge’ as Iran war roils global energy markets
The e-commerce giant called the surcharge "temporary" but couldn't give a date for when the policy would be retired.
AWS, Wasabi, Cloudflare, and Backblaze go head-to-head in new cloud storage test
Cloud storage buyers rarely get vendor-provided performance data that includes the vendor’s own weak spots. Backblaze’s Q1 2026 Performance Stats report, attempts to do exactly that, sharing benchmark results for Backbla...
AO3 is finally out of beta after 17 years
Archive of Our Own (AO3) is officially exiting beta. The Organization for Transformative Works - the nonprofit behind the fanfiction site - announced the update on Thursday, which comes 17 years after AO3's launch in 200...
PSA: Anyone with a link can view your Granola notes by default
If you use the AI-powered note-taking app Granola, you might want to double-check your privacy settings. Though Granola says your notes are "private by default," it makes them viewable to anyone with a link, and also use...
Reddit is moving on from r/all
Reddit is deprecating r/all, one of its feeds that shows popular posts on the platform, as part of "ongoing efforts to simplify Reddit and improve Home feed personalization." Reddit has offered both r/popular and r/all a...
Telehealth giant Hims & Hers says its customer support system was hacked
The U.S. telehealth giant says hackers stole customer support ticket data over the course of several days in February.
The best AirPods deals you can get right now
If you know where to look, you can often score deals on Apple’s ever-expanding AirPods lineup. Both the AirPods Pro 3 and the AirPods 4 (with and without ANC) now consistently receive discounts, as do the AirPods Pro 3. ...
Geopolitics, AI, and Cybersecurity: Insights From RSAC 2026
AI-driven threats, global leadership shifts, and the future of cybersecurity in a rapidly evolving landscape were among the discussions at RSAC 2026 Conference.
Claude Code leak used to push infostealer malware on GitHub
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. [...]
Not Toying Around: Hasbro Attack May Take 'Weeks' to Remediate
The company's 8-K filing notes "unauthorized access" and that it has activated business continuity plans and taken some systems offline.
Artemis II is NASA’s last moon mission without Silicon Valley
Next time around, the pressure will be on SpaceX and Blue Origin.
This bike rack pioneer is selling Bluetooth suction cups to stick bikes to your car
Richard Allen didn't invent the automobile bike rack - his 1967 patent application makes it clear that others came before. But after nearly sixty years selling popular and simple mechanical bike carriers, his company All...
The ABS Challenge System is exposing the worst umpire in baseball
During Wednesday's game between the Tampa Bay Rays and the Milwaukee Brewers, umpire CB Bucknor took a foul ball to the mask and had to be helped off the field. It was the cap to what has been a particularly bad week for...
Gateway Capital announces first close of $25M Fund II
Gateway Capital, the Milwaukee-based venture firm founded by Dana Guthrie, can now begin investment operations for its $25M Fund II.
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, ...
Pinterest said he violated laid-off colleagues’ privacy. Now he’s going public
It was late January, and Pinterest engineer Teddy Martin was on edge about recent layoffs at the company. Martin had just survived a round of cuts, but he and other employees were confused about who was being let go and ...
OpenAI acquires TBPN, the buzzy founder-led business talk show
TBPN, Silicon Valley's cult-favorite tech podcast, will operate independently, even as it's overseen by chief political operative Chris Lehane.
Flipboard’s new ‘social websites’ help publishers and creators tap into the open social web
Flipboard's social websites consolidate profiles and posts from Bluesky, Mastodon, Threads, YouTube, podcasts, blogs, and RSS feeds into a single, shared destination.
Security Bosses Are All-In on AI. Here's Why
CISOs are bullish on AI and have big plans to roll out future tools. We talk to Reddit CISO Frederick Lee and leading analyst Dave Gruber about how AI is working out in the real world, as well as its future promise.
Trump fires US attorney general Pam Bondi
Taking a break from calling Bruce Springsteen a boring loser on Thursday, Donald Trump followed that up with another Truth Social post saying "loyal friend" Pam Bondi will transition to a yet-to-be-announced job in the p...
Drift loses $280 million as hackers seize Security Council powers
The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. [...]
Drift loses $280 million as North Korean hackers seize Security Council powers
The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. [...]
ElevenLabs releases a new AI-powered music-generation app
ElevenMusic lets users create and remix songs using text prompts. The new app suggests ElevenLabs wants to be more than just a voice model company.
Five questions for the guys who made a compass that points to the Times Square Olive Garden
Here's a question almost nobody is asking: how do you get to the Times Square Olive Garden? Well, these beautiful weirdos are answering it - the team that made the Times Square Olive Garden compass. If that's not clear e...
NASA astronauts prove that sending an email really is rocket science
NASA Artemis II commander Reid Wiseman faced the most earthly possible conflict while in outer space: his Outlook wasn't working.
Elon Musk is about to be a very busy boy!
To be honest, I thought Elon Musk would confidentially file for SpaceX's IPO on the 20th of this month, rather than the 1st. But maybe that just means he's moved on to other numbers, and we should all mark our calendars ...
US Bans All Foreign-Made Consumer Routers
This is for new routers ; you don’t have to throw away your existing ones: The Executive Branch determination noted that foreign-produced routers (1) introduce “a supply chain vulnerability that could disrupt the U.S. ec...
Microsoft takes on AI rivals with three new foundational models
MAI released models that can transcribe voice into text as well as generate audio and images after the group's formation six months ago.
Money transfer app Duc exposed thousands of driver’s licenses and passports to the open web
An exposed Amazon-hosted server allowed anyone to access reams of customer data without needing a password.
Google now lets you direct avatars through prompts in its Vids app
Google is adding a way to customize and instruct avatars for video creation in the Vids app.
RSAC 2026: AI Dominates, But Community Remains Key to Security
As AI took center stage at this year's conference, experts debated automation, oversight and the evolving role of human intelligence in cybersecurity — despite the US government's notable absence.
ICE says it bought Paragon’s spyware to use in drug trafficking cases
The acting director of U.S. Immigration and Customs Enforcement told lawmakers that the use of Paragon spyware is necessary to counter terrorists’ “thriving exploitation of encrypted communications platforms.”
Residential proxies evaded IP reputation checks in 78% of 4B sessions
Researchers warn that residential proxies used to route malicious traffic are a big problem for IP reputation systems, as there is no clear distinction between attackers and legitimate users. [...]
Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and g...
Software supply chain hacks trigger wave of intrusions, data theft
After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, ...
New 'Storm' Infostealer Remotely Decrypts Stolen Credentials
This modern infostealer adopted server-side decryption of stolen credentials to bypass security controls
Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)
From its GitHub repo: "Vite (French word for "quick", pronounced /vi?t/, like "veet") is a new breed of frontend build tooling that significantly improves the frontend development experience" [ https://github.com/vitejs/...
OpenSSH 10.3 patches five security bugs and drops legacy rekeying support
OpenSSH 10.3 shipped carrying five security fixes alongside feature additions and a set of behavior changes that will break compatibility with older SSH implementations that do not support rekeying. Rekeying compatibilit...
United’s mobile app now shows TSA wait times at select airports
The TSA wait times feature is one of many new additions to the United app, including automatic rebooking assistance and real-time time weather radar maps.
Tesla’s cheaper vehicles aren’t helping its declining sales
The company's deliveries in the first quarter were just 6% higher than last year, and Tesla now faces a third straight year of falling sales.
Commonwealth Fusion Systems leans on magnets for near-term revenue
Realta Fusion is buying magnets from Commonwealth Fusion Systems, providing a revenue stopgap.
NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts
The UK’s cybersecurity agency offered advice to “high-risk’ individuals” on how to protect against social engineering and cyber-attacks
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
Threat actors are exploiting vacant homes as "drop addresses" to intercept mail and enable fraud. Flare shows how postal services and fake identities are abused to turn mail into a fraud vector. [...]
Diverse teams start with diverse VCs
It is the path of least resistance for a growth-stage company to hire from the familiar Silicon Valley pipelines but if a founder wants a diverse team, that value has to be put into practice from the very first hire.
New Progress ShareFile flaws can be chained in pre-auth RCE attacks
Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable unauthenticated file exfiltration from affected environments. [...]
Apple Expands iOS 18 Security Updates Amid DarkSword Threat
iOS/iPadOS 18.7.7 updates expanded to protect older devices from DarkSword web exploit kit
Medtech giant Stryker fully operational after data-wiping attack
Stryker Corporation, one of the world's leading medical technology companies, says it's fully operational three weeks after many of its systems were wiped out in a cyberattack claimed by the Iranian-linked Handala hackti...
New Red Hat subscription simplifies long-term enterprise Linux support
Red Hat has announced Red Hat Enterprise Linux Extended Life Cycle Premium, a new subscription that provides a predictable 14-year life cycle for major Red Hat Enterprise Linux releases. This stand-alone subscription con...
GitHub Used as Covert Channel in Multi-Stage Malware Campaign
LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration
Researchers Observe Sub-One-Hour Ransomware Attacks
Halcyon says Akira is now capable of carrying out an entire ransomware attack in less than an hour
Bank Trojan 'Casbaneiro' Worms Through Latin America
Augmented Marauder's multipronged banking-Trojan cyber campaigns are targeting Spanish speakers, evading detection, and replicating rapidly.
Beehiiv expands into podcasting, taking aim at Patreon
One way Beehiiv is convincing creators to switch from rivals like Substack and Patreon is by not taking a cut of revenue.
ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring lectures here, just a quick and honest look at the messy reality of keeping system...
Cash App launches ‘pay later’ feature for P2P transfers
Block says that the new feature has strong built-in protections to keep users from so-called debt spirals.
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and cryptocurrency miners since November 2023. "Beyond cryptomining, the threat acto...
The State of Trusted Open Source Report
In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, ve...
DarkSword exploit forces Apple to loosen its patching policy
Apple has extended security updates to a wider range of devices still running iOS 18, aiming to protect users from the DarkSword exploit kit. This is not the first time Apple has backported fixes for older devices based ...
Critical Cisco IMC auth bypass gives attackers Admin access
Cisco has patched several critical and high-severity vulnerabilities, including an Integrated Management Controller (IMC) authentication bypass that enables attackers to gain Admin access. [...]
Possible US Government iPhone Hacking Tool Leaked
Wired writes (alternate source ): Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly sophisticated iPhone hacking toolkit that includes five complete hacking te...
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with spyware. According to reports from Italian newspaper La Repubb...
Microsoft links Classic Outlook issue to email delivery problems
Microsoft is investigating a known issue that prevents some Classic Outlook users from sending emails via Outlook.com. [...]
TrueConf zero-day vulnerability exploited to target government networks
Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers disco...
Most CNI Firms Face Up to £5m in Downtime from OT Attacks
E2e-assure says 80% of critical infrastructure providers could face millions in downtime from cyber-attacks
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severity remote code execution (RCE) vulnerability. [...]
Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
Apple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of devices to protect users from the risk posed by a recently disclosed exploit kit known as DarkSword. "We enabled the avai...
Trust, friction, and ROI: A CISO’s take on making security work for the business
In this Help Net Security interview, John O’Rourke, CISO at PPG, talks about what it means for security to drive business value. He explains how mature security programs reduce friction in sales cycles and M&A processes,...
Tracking drones with the 5G tower down the street
Drone detection in cities is expensive. Dedicated radar installations are cost-prohibitive at scale, cameras have limited range and stop working well at night, and LiDAR systems have the same cost problem as radar. A gro...
Microsoft adds high-volume email sending to Exchange Online
Organizations that rely on Exchange Online for internal communications have long needed a way to send large volumes of automated messages, such as payroll notifications, IT alerts, and security advisories, without runnin...
Your customer passed authentication. So why are they sending money to a scammer?
In this Help Net Security video, Lenny Gusel, Head of Fraud Solutions in North America at Feedzai, explains how customer identity and access management has converged with digital fraud detection, and why treating them as...
ISC Stormcast For Thursday, April 2nd, 2026 https://isc.sans.edu/podcastdetail/9876, (Thu, Apr 2nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Group Pushing Age Verification Requirements for AI Turns Out to Be Sneakily Backed by OpenAI
submitted by /u/EmbarrassedHelp [link] [comments]
If you rent a car with Turo you consent to give them your facial data for a long time. I forget the exact time period but it was unnecessarily long. This was incredibly depressing to go through but I was in a rush and ha...
My gym wants me to download an app to check-in
I go to a gym 5 minutes from my house and In January, they started having members check in using an app and deactivated all the key cards. I didn’t want to download the app, so I would just check in by giving the front d...
Age verifying to protect kids makes no sense
Unless the kids parents work in the Youtube, Google, Roblox backend how are they supposed to know who their kids are talking to? How is sending a picture of my face to Google supposed to stop kids or pedophiles from enga...
I’m in the process of evaluating vendors to do a third-party pen test. So far, Kroll is the only one I vibe with, but they’re pricey. Does anyone have any experience working with them? Did they meet your expectations? su...
CVE-2026-3502 - TrueConf Client Download of Code Without Integrity Check Vulnerability
TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or ins...
Hi guys. I (yes, i know this is dumb, don’t yell at me please) clicked on a link on discord and the dude found out my town, (and said it publicly) I left the server immediately but idk what to do now. Please help, I’m re...
Trump’s birthright citizenship ban may fail — but the administration already got too far
On Wednesday morning, the Supreme Court heard arguments in Trump v. Barbara, a case challenging President Donald Trump's 2025 executive order banning birthright citizenship. Justices seemed skeptical of the administratio...
Is Cybersecurity in a similar boat to CompSci?
I'm currently a CS student with around two years left. I have a lot of fears of leaving school only to find most junior roles gone due to coding agents and just a generally bad and over saturated market. I've heard Cyber...
New CrystalRAT malware adds RAT, stealer and prankware features
A new malware-as-a-service called CrystalRAT is being promoted on Telegram, offering remote access, data theft, keylogging, and clipboard hijacking capabilities. [...]
Minimal now provides easy CVE count details page
Minimal - the open source collection of hardened container images now provides easy visibility in the CVE count for all its supported images. It is visible at https://rtvkiz.github.io/minimal/ submitted by /u/Trick_Face_...
Cybersecurity or embedded systems
Between cybersecurity and embedded systems, which one do you think is more fun, more AI-resistant long term, and more genuinely challenging? submitted by /u/thetrio0 [link] [comments]
De-fi platform Drift suspends deposits and withdrawals after millions in crypto stolen in hack
Blockchain trackers put the cryptocurrency heist in the hundreds of millions of dollars and is already on track to be the largest crypto theft in 2026 so far.
Massachusetts cyberattack hits Pepperell and regional dispatch
A cyberattack disrupted some town and public safety computer systems in Pepperell, Massachusetts, and affected nearby communities tied to its regional dispatch center, though officials said 911 was operating normally Wed...
NASA launches four astronauts toward the Moon on the Artemis II mission
NASA's Artemis II flight, which is set to take four astronauts toward the Moon for the first time in more than 50 years, successfully launched on Wednesday evening. The Artemis II mission, part of NASA's Artemis program ...
Could age verification be bypassed easily by submitting a photo of a famous person?
Title. submitted by /u/Nintendo_Pro_03 [link] [comments]
Anthropic executives said it was an accident and retracted the bulk of the takedown notices.
Are smart contract audits becoming more simulation-driven?
Been noticing an interesting shift in how smart contract security is handled lately. Traditionally, audits felt closer to code review. Expensive, slow, but understandable from a security perspective. Now a lot of workflo...
Thanks. submitted by /u/Inevitable-Move4941 [link] [comments]
Ransomware Will Hit Hospitals. Rehearsals Are Key to Defense
A chief medical information officer describes what hospitals face when they inevitably suffer a ransomware attack—whether it leads to short- or long-term outages.
Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the actively exploited DarkSword exploit kit. [...]
I built a free log analysis tool for detecting suspicious activity. Would love feedback from security professionals. #cybersecurity logsentinol.com submitted by /u/Few-Conversation8525 [link] [comments]
Hey r/cybersecurity , Want to flag a threat model that doesn't get enough attention: embedding inversion on vector databases. A lot of organizations are building retrieval-augmented generation (RAG) systems — essentially...
Coolest (New?) Cyber Security Media Companies
I started listening to Darknet diaries a few months ago and read 404Media pretty often (I'm subbed to their newsletter). I am wondering what other cool / new cyber media companies (or individual creators) are out there. ...
Hackers exploit TrueConf zero-day to push malicious software updates
Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on all connected endpoints. [...]
'NoVoice' Android malware on Google Play infected 2.3 million devices
submitted by /u/rkhunter_ [link] [comments]
Reddit just pasted from my clipboard
Needless to say, probably, but I didn't paste anything. As I was typing a response, a pop-up window said, "Reddit pasted from your clipboard." I don't recall ever seeing that before. submitted by /u/heninthefoxhouse [lin...
The reputation of troubled YC startup Delve has gotten even worse
Delve faces new allegations that it violated the open source license of its customer, Sim.ai, by taking the customers's tool and passing it off as its own.
‘System failure’ paralyzes Baidu robotaxis in China
Passengers in Baidu's robotaxis were trapped for up to two hours.
Am I weird for using an adblocker or are all of my coworkers weird for not using one?
For context, I just started on a small security team of about ten teammates. I'm younger than everyone else. I noticed one of my teammates didn't use an adblocker on his browser when he was screensharing during a casual ...
A new dating app, Sonder, has a deliberately annoying sign-up process (and it’s working)
Sonder profiles are completely unstructured, encouraging users to build something that looks like a mood board or a digital collage. Think MySpace rather than LinkedIn.
Startup funding shatters all records in Q1
The record quarterly fundraise largely fueled four mega-deals into OpenAI, Anthropic, xAI, and Waymo. But it also indicates a generally hot market.
Hasbro says it was hacked, and may take 'several weeks' to recover
submitted by /u/No_Diver_3351 [link] [comments]
Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)
Today, most malware are called “fileless†because they try to reduce their footprint on the infected computer filesystem to the bare minimum. But they need to write something… think about persistence. They can use ...
identity verification without biometrics?
Hi all, I've spent way too much time today trying to find non-PayPal ways to take credit cards online for my business (because I have a client whose university bars them using official cards on PayPal). As far as I can t...
New EvilTokens service fuels Microsoft device code phishing attacks
A new malicious kit called EvilTokens integrates device code phishing capabilities, allowing attackers to hijack Microsoft accounts and provide advanced features for business email compromise attacks. [...]
Start at 6:14:28 This entire presentation from Flock shows that communities need to be prepared for this slick PR doublespeak from these ghouls. Flock's claim of using "end-to-end encryption" is not true in the strict cy...
The Artemis Moon base project is legally dubious
With NASA planning to launch four astronauts on Wednesday on its Artemis II mission, the race to return to the Moon is back on. The current mission will see astronauts aboard the Orion capsule travel around the Moon befo...
Apple releases security fix for older iPhones and iPads to protect against DarkSword attacks
The security update protects a raft of older iPhones and iPads from attacks linked to leaked hacking tools called DarkSword.
Can I work full time for free?
As no one want to hire anybody and very competitive and I'm tired of that! Can I work full time for free? At least I can get a full time experience on my resume then I can get something paid later? Is that possible? If y...
LatAm's Self-Taught Cyber Talent Overlooked Amid Cyberattack Glut
A newly released study exclusively shared with Dark Reading details the unique circumstances that make up Latin America's labor pool, and why organizations may want to expand their talent search.
Meta’s natural gas binge could power South Dakota
Meta's upcoming Hyperion AI data center will be powered by 10 new natural gas plants.
Best Sources for Threat Intelligence
In your opinion, which companies/orgs are providing the best Threat Intel updates and thought leadership and why? Who do you look to as the most reputable source in Threat Intelligence? Not thinking about product here. J...
Background - I have an old android Motorola phone. Once I gave it to my current gf to use. She used it with her sim on it but never logged into her google account on that phone. But that same Motorola phone had messages ...
'NoVoice' Android malware on Google Play infected 2.3 million devices
A new Android malware dubbed NoVoice exploited known vulnerabilities to gain root access and has been distributed through more than 50 apps on Google Play Store, with at least 2.3 million downloads. [...]
This is part of our package about Apple's 50th anniversary. Read more here. The thing about the iPhone is that everyone knew it was going to be a big deal, and then it was an even bigger deal than that. Hell, it's still ...
April Fools’ Day 2026: the best and cringiest pranks
Welcome to the worst day on the internet! As Chaim Gartenberg pointed out years ago, brands and a holiday dedicated to hoaxes are rarely a winning combo. If you’re a company with any kind of social media, internet, or AI...
Kia’s compact EV3 is coming to the US this year, with 320 miles of range
At the New York International Auto Show on Wednesday, Kia announced that its compact electric SUV, the EV3, will be available in the US "in late 2026." The EV3 has been available overseas since 2024, when it launched in ...
Has AI actually made a noticeable impact in your cybersecurity work?
I keep hearing all this hype about AI "revolutionizing cybersecurity ," but Im really curious about what it’s actually doing on the ground. For folks working in SOCs, data security or threat monitoring: Have you ever see...
The Shokz OpenRun Pro 2 are now at their lowest price in months
As the days get warmer, it’s tempting to take your workouts outside. Bone conduction headphones let you listen while staying aware of your surroundings, making them ideal for runs, walks, and more. Through April 7th, Sho...
Cameo partners with TikTok to boost popularity
Cameo launched a new TikTok integration that allows U.S. creators to offer personalized videos through the app.
Is “Hackback” Official US Cybersecurity Strategy?
The 2026 US “ Cyber Strategy for America ” document is mostly the same thing we’ve seen out of the White House for over a decade, but with a more aggressive tone. But one sentence stood out: “We will unleash the private ...
Cyberattacks Intensify Pressure on Latin American Governments
Cyber threats across Latin America are increasingly targeting government systems, from disruptive attacks in Puerto Rico to a surge of probes against Colombia’s health sector.
Google fixes fourth Chrome zero-day exploited in attacks in 2026
submitted by /u/rkhunter_ [link] [comments]
WhatsApp notifies hundreds of users who installed a fake app made by government spyware maker
The Meta-owned company said it identified around 200 users who were tricked into installing a fake version of WhatsApp that was actually Italian-made spyware.
I tested a living room full of cheap Ikea speakers against Sonos and Bose
Ikea's $10 Kallsup Bluetooth speaker is fun and colorful and sounds better than its price suggests. It's not mind-blowing (it is a $10 speaker, after all), and there are no features to speak of, other than the ability to...
Cybercriminals take aim at Hasbro, weeks of recovery ahead
Hasbro, an American toy maker with more than 5,000 employees, confirmed a cyberattack and proactively took certain systems offline. The intrusion was detected on March 28, and the company promptly activated its incident ...
Snapchat’s ‘Reals’ joke mocks Instagram’s many ripoffs
It's April Fools' Day, and Snap is using the occasion to "announce" that it's switching the name of Snapchat's Spotlight feed, the app's Instagram Reels-like feed of shortform vertical videos, to "Reals." In a video feat...
CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a new phishing campaign in which the cybersecurity agency itself was impersonated to distribute a remote administration tool known as AGE...
So we took OreNPMGuard and turned it into Opensource OreWatch — multi-ecosystem, local-first, fed by automated threat intel instead of static lists that go stale in a week. It runs in the background and catches all the b...
Cognichip wants AI to design the chips that power AI, and just raised $60M to try
The firm says it can reduce the cost of chip development by more than 75% and cut the timeline by more than half.
The Trump administration’s antitrust honeymoon is over
"It's not personal, Sonny, it's strictly business." That quote was first delivered by mob boss Michael Corleone in The Godfather, but last Monday, it became the title of a speech by the Justice Department's acting antitr...
The company has also lined up an unusually large number of 21 banks to manage the mega IPO, internally codenamed “Project Apex."
Google Introduces Android Dev Verification Amid Openness Debate
Android requires dev identity verification for sideloaded apps; phased global rollout from September
Venom Stealer MaaS Platform Commoditizes ClickFix Attacks
A new service on the cybercrime market provides automated capabilities to create persistent information-stealing social engineering attacks.
Hasbro says it was hacked, and may take ‘several weeks’ to recover
The American toy-making giant noted that it was continuing to "implement measures to secure its business operations," suggesting that the hackers may still be in the company's systems.
North Korean hackers linked to Axios npm supply chain compromise
The software supply chain attack that resulted in the compromise of npm packages of Axios, an extremely popular HTTP client library, is believed to be the work of financially-motivated North Korean attackers. Links to UN...
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS) files. The activity, beginning in late February 2026, leverages these scripts to ini...
Routine Access Is Powering Modern Intrusions, a New Threat Report Finds
Modern intrusions increasingly start with valid credentials and routine access, not exploits. Blackpoint Cyber's upcoming threat report shows how VPN abuse, RMM tools, and social engineering drive most incidents. [...]
StrictlyVC San Francisco brings leaders from TDK Ventures, Replit, and more together on April 30. Space is limited. Register here for your pass.