Attack Surface Management – ein Kaufratgeber

Wed Apr 01 2026

Mit diesen Attack Surface Management Tools sorgen Sie im Idealfall dafür, dass sich Angreifer gar nicht erst verbeißen.

CSO Online

Anthropic employee error exposes Claude Code source

Wed Apr 01 2026

An Anthropic employee accidentally exposed the entire proprietary source code for its AI programming tool, Claude Code, by including a source map file in a version of the tool posted on Anthropic’s op

CSO Online

Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool

Wed Apr 01 2026

As DarkSword spreads, Apple tells WIRED it will enable iOS 18-specific fixes for millions of iPhone owners who remain on that iOS version rather than force them to update to iOS 26.

Wired

Iran Threatens to Start Attacking Major US Tech Firms on April 1

Tue Mar 31 2026

Tech giants like Apple, Google, and Microsoft are among those on a target list released by Iran’s Islamic Revolutionary Guard Corps.

Wired

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

Tue Mar 31 2026

Attackers compromised the npm account of the lead maintainer of Axios, a widely used JavaScript HTTP client library, and used it to publish malicious versions of the package that deployed a cross-plat

CSO Online

5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild

Tue Mar 31 2026

A vulnerability misclassified five months ago as a denial-of-service issue in F5 BIG-IP Access Policy Manager (APM) turned out to be a critical pre-authentication remote code execution flaw that is no

CSO Online

Android Developer Verification Rollout Begins Ahead of September Enforcement

Tue Mar 31 2026

Google on Monday said it's officially rolling out Android developer verification to all developers to combat the problem of bad actors distributing harmful apps while "hiding behind anonymity." The development comes ahead of a planned verification mandate that goes into effect in Brazil, Indonesia, Singapore, and Thailand this September, before it expands globally next year. As part of this...

The Hacker News

The US Military’s GPS Software Is an $8 Billion Mess

Tue Mar 31 2026

The GPS Next-Generation Operational Control System was due for completion in 2016. Ten years later, the software for controlling the military’s GPS satellites still doesn’t work.

Wired

TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

Tue Mar 31 2026

A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part of a campaign targeting government entities in Southeast Asia dubbed TrueChaos. The vulnerability in question is CVE-2026-3502 (CVSS score: 7.8), a lack of integrity check when fetching application update code, allowing an attacker to distribute a tampered update,...

The Hacker News

The Broken System That Keeps Shipping Crews Stranded in the Strait of Hormuz

Tue Mar 31 2026

Vessels are increasingly being abandoned during the war on Iran, revealing a hidden failure in the global systems that keep goods—and people—moving.

Wired

Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts

Tue Mar 31 2026

Cybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex AI platform that could allow artificial intelligence (AI) agents to be weaponized by an attacker to gain unauthorized access to sensitive data and compromise an organization's cloud environment. According to Palo Alto Networks Unit 42, the issue relates to how the Vertex AI permission model can be misused...

The Hacker News

OpenAI patches twin leaks as Codex slips and ChatGPT spills

Tue Mar 31 2026

OpenAI has fixed two flaws in its AI stack that could allow AI agents to move sensitive data in unintended ways.

CSO Online

The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority

Tue Mar 31 2026

The cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number of vulnerabilities or tools, but a dramatic increase in speed. Speed of attack, speed of exploitation, and speed of change across modern environments. This is the defining challenge of the new era of digital warfare: the weaponization of Artificial Intelligence. Threat actors...

The Hacker News

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

Tue Mar 31 2026

Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT. "The operation covers VPN clients, encrypted messengers, video conferencing tools, cryptocurrency trackers, and e-commerce applications, with eleven confirmed delivery domains impersonating...

The Hacker News

8 ways to bolster your security posture on the cheap

Tue Mar 31 2026

As every CISO knows, maintaining a strong cybersecurity posture is costly.

CSO Online

The external pressures redefining cybersecurity risk

Tue Mar 31 2026

Over the last four years, I’ve watched organizations get blindsided by threats that originated in a third-party network.

CSO Online

6 key takeaways from RSA Conference 2026

Tue Mar 31 2026

Writing a conference preview is an act of professional speculation.

CSO Online

Fahndung nach Cyberkriminellen – 130 Firmen attackiert

Tue Mar 31 2026

130 Unternehmen und Institutionen gerieten ins Visier der Hacker.

CSO Online

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Tue Mar 31 2026

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency that delivers a trojan capable of targeting Windows, macOS, and Linux systems. Versions 1.14.1 and 0.30.4 of Axios have been found to inject "plain-crypto-js" version 4.2.1 as a fake dependency. According to StepSecurity, the two...

The Hacker News

Fortinet hit by another exploited cybersecurity flaw

Mon Mar 30 2026

Yet another critical flaw in a Fortinet product has come to light as attackers continue to target the company, this time by actively exploiting a critical SQL injection vulnerability in the cybersecur

CSO Online

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

Mon Mar 30 2026

A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according to new findings from Check Point. "A single malicious prompt could turn an otherwise ordinary conversation into a covert exfiltration channel, leaking user messages, uploaded files, and other sensitive content," the cybersecurity company said in...

The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

Mon Mar 30 2026

A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad. "It likely uses AI-assisted obfuscation and process injection to evade static scanning, while credential theft starts immediately and captures passwords and sessions even if the primary loader is blocked," ReliaQuest researchers Thassanai...

The Hacker News

⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More

Mon Mar 30 2026

Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods are showing up in new places, and research that stopped being theoretical right around the time defenders stopped paying attention. There's a bit of everything this week. Persistence plays, legal wins, influence ops, and at least one thing that looks boring...

The Hacker News

3 SOC Process Fixes That Unlock Tier 1 Productivity

Mon Mar 30 2026

What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest delays do not come from the threat alone. They come from fragmented workflows, manual triage steps, and limited visibility early in the investigation. Fixing those process gaps can help Tier 1 move faster, reduce unnecessary escalations, and improve how the entire SOC responds under pressure...

The Hacker News

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Mon Mar 30 2026

Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders. The CTRL toolkit, according to Censys, is custom-built using .NET and includes various executables" to facilitate credential phishing, keylogging, Remote Desktop Protocol (RDP) hijacking, and reverse tunneling...

The Hacker News

LangChain path traversal bug adds to input validation woes in AI pipelines

Mon Mar 30 2026

Security researchers are warning that applications using AI frameworks without proper safeguards can expose sensitive information in basic, yet critical, non-AI ways.

CSO Online

Leak reveals Anthropic’s ‘Mythos,’ a powerful AI model aimed at cybersecurity use cases

Mon Mar 30 2026

Anthropic didn’t intend to introduce Mythos this way.

CSO Online

The State of Secrets Sprawl 2026: 9 Takeaways for CISOs

Mon Mar 30 2026

Secrets sprawl isn't slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian's State of Secrets Sprawl 2026 report analyzed billions of commits across public GitHub and uncovered 29 million new hardcoded secrets in 2025 alone, a 34% increase year over year and the largest single-year jump ever recorded. This year's findings reveal three core trends: AI has...

The Hacker News

APIs are the new perimeter: Here’s how CISOs are securing them

Mon Mar 30 2026

Recent breaches suggest attackers are shifting beyond traditional endpoints to target application programming interfaces (APIs).

CSO Online

Why Kubernetes controllers are the perfect backdoor

Mon Mar 30 2026

In my years securing cloud-native environments, I’ve noticed a recurring blind spot.

CSO Online

Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign

Mon Mar 30 2026

Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of what has been described as a "complex and well-resourced operation." The campaigns have led to the deployment of various malware families, including HIUPAN (aka USBFect, MISTCLOAK, or U2DiskWatch), PUBLOAD, EggStremeFuel (aka RawCookie), EggStremeLoader (aka Gorem RAT), MASOL...

The Hacker News

Data Security Posture Management: Die besten DSPM-Tools

Mon Mar 30 2026

Data Security Posture Management erfordert nicht nur die richtigen Tools, sondern auch eine entsprechende Vorbereitung.

CSO Online

Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack

Sat Mar 28 2026

Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation (FBI), and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website that Patel "will now find his name among the list of successfully hacked victims." In a statement...

The Hacker News

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

Sat Mar 28 2026

A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr. The vulnerability, CVE-2026-3055 (CVSS score: 9.3), refers to a case of insufficient input validation leading to memory overread, which an attacker could exploit to leak potentially sensitive information. Per...

The Hacker News

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

Sat Mar 28 2026

Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian state-sponsored threat group known as TA446, which is also tracked by the broader cybersecurity community under the monikers Callisto,...

The Hacker News

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

Sat Mar 28 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2025-53521 (CVSS v4 score: 9.3), which could allow a threat actor to achieve remote code execution. "When a...

The Hacker News

European Commission data stolen in a cyberattack on the infrastructure hosting its web sites

Fri Mar 27 2026

The European Commission is continuing to investigate the theft of data from its cloud infrastructure earlier this week.

CSO Online

Iranian Hackers Breached Kash Patel’s Email—but Not the FBI’s

Fri Mar 27 2026

Plus: Apple makes big claims about the effectiveness of its Lockdown Mode anti-spyware feature, Russia moves to implement homegrown encryption for 5G, and more.

Wired

Lloyds Bank reveals how IT bug exposed transaction data

Fri Mar 27 2026

Lloyds Banking Group has identified the glitch that led to some of its customers being able to see details of other customers’ transactions on March 12.

CSO Online

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Fri Mar 27 2026

Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based attacks and urge them to install the update. The development was first reported by MacRumors. "Apple is aware of attacks targeting out-of-date iOS software, including the version on your iPhone. Install this critical update to protect your iPhone," the...

The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Fri Mar 27 2026

TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a .WAV file. Users are...

The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Fri Mar 27 2026

Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) extension to pass the vetting process and go live in the registry. "The pipeline had a single boolean return value that meant both 'no scanners are configured' and 'all scanners failed to run,'" Koi...

The Hacker News

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Fri Mar 27 2026

Attackers have exploited a critical Langflow RCE within hours of disclosure, prompting the US Cybersecurity and Infrastructure Security Agency (CISA) to formally flag it for urgent remediation.

CSO Online

AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion

Fri Mar 27 2026

Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a report from Push Security. Business accounts associated with social media platforms are a lucrative target, as they can be weaponized by bad actors for malvertising and distributing malware. "TikTok has been historically abused to distribute...

The Hacker News

We Are At War

Fri Mar 27 2026

Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it.  Introduction: One tech power to rule them all is a thing of the past  The relative safety, peace and prosperity that much of the world has enjoyed since 1945 was not accidental. It emerged from the ashes...

The Hacker News

Cyberangriff auf die Linke

Fri Mar 27 2026

Die Hackergruppe “Qilin” steht möglicherweise hinter dem Angriff.

CSO Online

Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware

Fri Mar 27 2026

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. "Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon Russian businesses;...

The Hacker News

8 steps CISOs can take to empower their teams

Fri Mar 27 2026

Many leaders know empowered teams deliver better results, but not all leaders understand how to get there.

CSO Online

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Fri Mar 27 2026

Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation history. Both LangChain and LangGraph are open-source frameworks that are used to build applications powered by Large Language Models (LLMs). LangGraph is built on the foundations of...

The Hacker News

Was ist Social Engineering?

Fri Mar 27 2026

Mit Social-Engineering-Techniken manipulieren Cyberkriminelle die menschliche Psyche.

CSO Online

Google: The quantum apocalypse is coming sooner than we thought

Fri Mar 27 2026

Google isn’t just responsible for the encryption of a big chunk of the communications on the internet.

CSO Online

How Trump’s Plot to Grab Iran's Nuclear Fuel Would Actually Work

Thu Mar 26 2026

Experts say that an American ground operation targeting nuclear sites in Iran would be incredibly complicated, put troops’ lives at great risk—and might still fail.

Wired

The CISO’s guide to responding to shadow AI

Thu Mar 26 2026

Move over shadow IT; shadow AI is the new risk on the scene.

CSO Online

China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks

Thu Mar 26 2026

A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting and maintaining stealthy access mechanisms within critical environments, has been attributed to Red Menshen, a threat cluster that's also tracked as Earth Bluecrow,...

The Hacker News

A $20 Billion Crypto Scam Market Faces a New Government Crackdown

Thu Mar 26 2026

The Telegram-based Xinbi Guarantee black market sells services that help prop up scam operations. British officials just hit the highly lucrative marketplace with sweeping sanctions.

Wired

Using a VPN May Subject You to NSA Spying

Thu Mar 26 2026

US lawmakers are pressing Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surveillance.

Wired

[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks

Thu Mar 26 2026

Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under control. But one question usually stays unanswered: Would your defenses actually stop a real attack? That’s where things get shaky. A control exists, so it’s assumed to work. A detection rule is active, so it’s expected to catch something. But very...

The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Thu Mar 26 2026

Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page. The flaw "allowed any website to silently inject prompts into that assistant as if the user wrote them," Koi Security researcher Oren Yomtov said in a report shared with The Hacker News. "No clicks, no...

The Hacker News

Databricks pitches Lakewatch as a cheaper SIEM — but is it really?

Thu Mar 26 2026

Databricks has previewed a new open agentic Security Information and Event Management software (SIEM) named Lakewatch that signals its first deliberate step beyond data warehousing into security analy

CSO Online

Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception

Thu Mar 26 2026

Unmasking impostors is something the art world has faced for decades, and there are valuable lessons from the works of Elmyr de Hory that can apply to the world of defensive cybersecurity. During the 1960s, de Hory gained infamy as a premier forger, passing off counterfeit masterworks of Picasso, Matisse, and Renoir to unsuspecting collectors and renowned museums. Over the next several decades,...

The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

Thu Mar 26 2026

Some weeks in security feel loud. This one feels sneaky. Less big dramatic fireworks, more of that slow creeping sense that too many people are getting way too comfortable abusing things they probably shouldn’t even be touching. There’s a little bit of everything in this one, too. Weird delivery tricks, old problems coming back in slightly worse forms, shady infrastructure doing...

The Hacker News

GitHub phishers use fake OpenClaw tokens to drain crypto wallets

Thu Mar 26 2026

Threat actors are actively exploiting OpenClaw’s viral popularity to run a phishing campaign that targets developers on GitHub with lures of free crypto tokens.

CSO Online

Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks

Thu Mar 26 2026

The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was used in the Operation Triangulation campaign back in 2023, according to new findings from Kaspersky. "When Coruna was first reported, the public evidence wasn't sufficient to link its code to Triangulation — shared...

The Hacker News

Anduril Wants to Own the Future of War Tech. Mishaps, Delays, and Challenges Abound

Thu Mar 26 2026

From drones to missiles to submarines, the $30.5 billion defense startup wants to transform how the tools of war are made. It’s not all going as planned.

Wired

WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites

Thu Mar 26 2026

Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate data, effectively bypassing security controls. "Instead of the usual HTTP requests or image beacons, this malware uses WebRTC data channels to load its payload and exfiltrate stolen payment data," Sansec said in a report published this week. The attack,...

The Hacker News

10 essenzielle Maßnahmen für physische Sicherheit

Thu Mar 26 2026

Wenn physische Security nur immer so simpel umzusetzen wäre… Foto: Leremy | shutterstock.

CSO Online

New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert

Wed Mar 25 2026

A new critical vulnerability that is similar to the widely-exploited CitrixBleed and CitrixBleed2 holes should be patched in NetScaler devices immediately, say experts.

CSO Online

Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service

Wed Mar 25 2026

Cisco’s widely deployed Catalyst 9300 Series enterprise switches have four security vulnerabilities, two of which could be chained to cause a denial-of-service outage, infrastructure security company

CSO Online

LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

Wed Mar 25 2026

The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday. According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident of the city of Taganrog. The suspect is said to have been detained for creating and managing a criminal site that allowed stolen...

The Hacker News

GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data

Wed Mar 25 2026

Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan (RAT), which deploys an information-stealing Google Chrome extension masquerading as an offline version of Google Docs. "It logs keystrokes, dumps cookies and session tokens, captures screenshots, and...

The Hacker News

When Satellite Data Becomes a Weapon

Wed Mar 25 2026

As war reshapes the Gulf, the satellite infrastructure the world relies on to see conflict clearly is being delayed, spoofed, and privately controlled—and nobody is sure who is responsible.

Wired