Tools, um MCP-Server abzusichern

Thu Apr 02 2026

srcset="https://b2b-contenthub.

CSO Online

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

Wed Apr 01 2026

Developers can spend days using fuzzing tools to find security weaknesses in code.

CSO Online

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

Wed Apr 01 2026

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a new phishing campaign in which the cybersecurity agency itself was impersonated to distribute a remote administration tool known as AGEWHEEZE. As part of the attacks, the threat actors, tracked as UAC-0255, sent emails on March 26 and 27, 2026, posing as CERT-UA to distribute a password-protected ZIP archive...

The Hacker News

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass

Wed Apr 01 2026

Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS) files. The activity, beginning in late February 2026, leverages these scripts to initiate a multi-stage infection chain for establishing persistence and enabling remote access. It's currently not known what lures the threat actors use to trick users into...

The Hacker News

Block the Prompt, Not the Work: The End of "Doctor No"

Wed Apr 01 2026

There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say "No." No to ChatGPT. No to DeepSeek. No to the file-sharing tool the product team swears by. For years, this looked like security. But in 2026, "Doctor No" is no longer just a management headache &...

The Hacker News

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

Wed Apr 01 2026

A multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America and Europe to deliver Windows banking trojans like Casbaneiro (aka Metamorfo) via another malware called Horabot. The activity has been attributed to a Brazilian cybercrime threat actor tracked as Augmented Marauder and Water Saci. The e-crime group was first documented by Trend Micro in...

The Hacker News

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released

Wed Apr 01 2026

Google on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild. The high-severity vulnerability, CVE-2026-5281 (CVSS score: N/A), concerns a use-after-free bug in Dawn, an open-source and cross-platform implementation of the WebGPU standard. "Use-after-free in Dawn in Google Chrome prior...

The Hacker News

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)

Wed Apr 01 2026

For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s next. Threat actors now use malware less frequently in favor of what’s already inside your environment, including abusing trusted tools, native binaries, and legitimate admin utilities to move laterally, escalate privileges, and persist without raising alarms. Most...

The Hacker News

9 ways CISOs can combat AI hallucinations

Wed Apr 01 2026

AI hallucinations are a well-known problem and, when it comes to compliance assessments, these convincing but inaccurate assessments can cause real damage with poor risk assessments, incorrect policy

CSO Online

Security awareness is not a control: Rethinking human risk in enterprise security

Wed Apr 01 2026

Organizations have been responding to phishing, business email compromise, and credential theft in essentially the same manner for over ten years.

CSO Online

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Wed Apr 01 2026

Google has formally attributed the supply chain compromise of the popular Axios npm package to a financially motivated North Korean threat activity cluster tracked as UNC1069. "We have attributed the attack to a suspected North Korean threat actor we track as UNC1069," John Hultquist, chief analyst at Google Threat Intelligence Group (GTIG), told The Hacker News in a statement. "North Korean...

The Hacker News

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Wed Apr 01 2026

Anthropic on Tuesday confirmed that internal code for its popular artificial intelligence (AI) coding assistant, Claude Code, had been inadvertently released due to a human error. "No sensitive customer data or credentials were involved or exposed," an Anthropic spokesperson said in a statement shared with CNBC News. "This was a release packaging issue caused by human error, not a security...

The Hacker News

Enterprise Spotlight: Setting the 2026 IT agenda

Wed Apr 01 2026

IT leaders are setting their operations strategies for 2026 with an eye toward agility, flexibility, and tangible business results.

CSO Online

Attack Surface Management – ein Kaufratgeber

Wed Apr 01 2026

Mit diesen Attack Surface Management Tools sorgen Sie im Idealfall dafür, dass sich Angreifer gar nicht erst verbeißen.

CSO Online

Anthropic employee error exposes Claude Code source

Wed Apr 01 2026

An Anthropic employee accidentally exposed the entire proprietary source code for its AI programming tool, Claude Code, by including a source map file in a version of the tool posted on Anthropic’s op

CSO Online

Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool

Wed Apr 01 2026

As DarkSword spreads, Apple tells WIRED it will enable iOS 18-specific fixes for millions of iPhone owners who remain on that iOS version rather than force them to update to iOS 26.

Wired

Iran Threatens to Start Attacking Major US Tech Firms on April 1

Tue Mar 31 2026

Tech giants like Apple, Google, and Microsoft are among those on a target list released by Iran’s Islamic Revolutionary Guard Corps.

Wired

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

Tue Mar 31 2026

Attackers compromised the npm account of the lead maintainer of Axios, a widely used JavaScript HTTP client library, and used it to publish malicious versions of the package that deployed a cross-plat

CSO Online

5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild

Tue Mar 31 2026

A vulnerability misclassified five months ago as a denial-of-service issue in F5 BIG-IP Access Policy Manager (APM) turned out to be a critical pre-authentication remote code execution flaw that is no

CSO Online

Android Developer Verification Rollout Begins Ahead of September Enforcement

Tue Mar 31 2026

Google on Monday said it's officially rolling out Android developer verification to all developers to combat the problem of bad actors distributing harmful apps while "hiding behind anonymity." The development comes ahead of a planned verification mandate that goes into effect in Brazil, Indonesia, Singapore, and Thailand this September, before it expands globally next year. As part of this...

The Hacker News

The US Military’s GPS Software Is an $8 Billion Mess

Tue Mar 31 2026

The GPS Next-Generation Operational Control System was due for completion in 2016. Ten years later, the software for controlling the military’s GPS satellites still doesn’t work.

Wired

TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

Tue Mar 31 2026

A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part of a campaign targeting government entities in Southeast Asia dubbed TrueChaos. The vulnerability in question is CVE-2026-3502 (CVSS score: 7.8), a lack of integrity check when fetching application update code, allowing an attacker to distribute a tampered update,...

The Hacker News

The Broken System That Keeps Shipping Crews Stranded in the Strait of Hormuz

Tue Mar 31 2026

Vessels are increasingly being abandoned during the war on Iran, revealing a hidden failure in the global systems that keep goods—and people—moving.

Wired

Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts

Tue Mar 31 2026

Cybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex AI platform that could allow artificial intelligence (AI) agents to be weaponized by an attacker to gain unauthorized access to sensitive data and compromise an organization's cloud environment. According to Palo Alto Networks Unit 42, the issue relates to how the Vertex AI permission model can be misused...

The Hacker News

OpenAI patches twin leaks as Codex slips and ChatGPT spills

Tue Mar 31 2026

OpenAI has fixed two flaws in its AI stack that could allow AI agents to move sensitive data in unintended ways.

CSO Online

The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority

Tue Mar 31 2026

The cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number of vulnerabilities or tools, but a dramatic increase in speed. Speed of attack, speed of exploitation, and speed of change across modern environments. This is the defining challenge of the new era of digital warfare: the weaponization of Artificial Intelligence. Threat actors...

The Hacker News

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

Tue Mar 31 2026

Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a previously undocumented remote access trojan named AtlasCross RAT. "The operation covers VPN clients, encrypted messengers, video conferencing tools, cryptocurrency trackers, and e-commerce applications, with eleven confirmed delivery domains impersonating...

The Hacker News

8 ways to bolster your security posture on the cheap

Tue Mar 31 2026

As every CISO knows, maintaining a strong cybersecurity posture is costly.

CSO Online

The external pressures redefining cybersecurity risk

Tue Mar 31 2026

Over the last four years, I’ve watched organizations get blindsided by threats that originated in a third-party network.

CSO Online

6 key takeaways from RSA Conference 2026

Tue Mar 31 2026

Writing a conference preview is an act of professional speculation.

CSO Online

Fahndung nach Cyberkriminellen – 130 Firmen attackiert

Tue Mar 31 2026

130 Unternehmen und Institutionen gerieten ins Visier der Hacker.

CSO Online

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Tue Mar 31 2026

The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency that delivers a trojan capable of targeting Windows, macOS, and Linux systems. Versions 1.14.1 and 0.30.4 of Axios have been found to inject "plain-crypto-js" version 4.2.1 as a fake dependency. According to StepSecurity, the two...

The Hacker News

Fortinet hit by another exploited cybersecurity flaw

Mon Mar 30 2026

Yet another critical flaw in a Fortinet product has come to light as attackers continue to target the company, this time by actively exploiting a critical SQL injection vulnerability in the cybersecur

CSO Online

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

Mon Mar 30 2026

A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according to new findings from Check Point. "A single malicious prompt could turn an otherwise ordinary conversation into a covert exfiltration channel, leaking user messages, uploaded files, and other sensitive content," the cybersecurity company said in...

The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

Mon Mar 30 2026

A new campaign has leveraged the ClickFix social engineering tactic as a way to distribute a previously undocumented malware loader referred to as DeepLoad. "It likely uses AI-assisted obfuscation and process injection to evade static scanning, while credential theft starts immediately and captures passwords and sessions even if the primary loader is blocked," ReliaQuest researchers Thassanai...

The Hacker News

⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More

Mon Mar 30 2026

Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods are showing up in new places, and research that stopped being theoretical right around the time defenders stopped paying attention. There's a bit of everything this week. Persistence plays, legal wins, influence ops, and at least one thing that looks boring...

The Hacker News

3 SOC Process Fixes That Unlock Tier 1 Productivity

Mon Mar 30 2026

What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest delays do not come from the threat alone. They come from fragmented workflows, manual triage steps, and limited visibility early in the investigation. Fixing those process gaps can help Tier 1 move faster, reduce unnecessary escalations, and improve how the entire SOC responds under pressure...

The Hacker News

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Mon Mar 30 2026

Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders. The CTRL toolkit, according to Censys, is custom-built using .NET and includes various executables" to facilitate credential phishing, keylogging, Remote Desktop Protocol (RDP) hijacking, and reverse tunneling...

The Hacker News

LangChain path traversal bug adds to input validation woes in AI pipelines

Mon Mar 30 2026

Security researchers are warning that applications using AI frameworks without proper safeguards can expose sensitive information in basic, yet critical, non-AI ways.

CSO Online

Leak reveals Anthropic’s ‘Mythos,’ a powerful AI model aimed at cybersecurity use cases

Mon Mar 30 2026

Anthropic didn’t intend to introduce Mythos this way.

CSO Online

The State of Secrets Sprawl 2026: 9 Takeaways for CISOs

Mon Mar 30 2026

Secrets sprawl isn't slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian's State of Secrets Sprawl 2026 report analyzed billions of commits across public GitHub and uncovered 29 million new hardcoded secrets in 2025 alone, a 34% increase year over year and the largest single-year jump ever recorded. This year's findings reveal three core trends: AI has...

The Hacker News

APIs are the new perimeter: Here’s how CISOs are securing them

Mon Mar 30 2026

Recent breaches suggest attackers are shifting beyond traditional endpoints to target application programming interfaces (APIs).

CSO Online

Why Kubernetes controllers are the perfect backdoor

Mon Mar 30 2026

In my years securing cloud-native environments, I’ve noticed a recurring blind spot.

CSO Online

Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign

Mon Mar 30 2026

Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of what has been described as a "complex and well-resourced operation." The campaigns have led to the deployment of various malware families, including HIUPAN (aka USBFect, MISTCLOAK, or U2DiskWatch), PUBLOAD, EggStremeFuel (aka RawCookie), EggStremeLoader (aka Gorem RAT), MASOL...

The Hacker News

Data Security Posture Management: Die besten DSPM-Tools

Mon Mar 30 2026

Data Security Posture Management erfordert nicht nur die richtigen Tools, sondern auch eine entsprechende Vorbereitung.

CSO Online

Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack

Sat Mar 28 2026

Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation (FBI), and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website that Patel "will now find his name among the list of successfully hacked victims." In a statement...

The Hacker News

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

Sat Mar 28 2026

A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr. The vulnerability, CVE-2026-3055 (CVSS score: 9.3), refers to a case of insufficient input validation leading to memory overread, which an attacker could exploit to leak potentially sensitive information. Per...

The Hacker News

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

Sat Mar 28 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2025-53521 (CVSS v4 score: 9.3), which could allow a threat actor to achieve remote code execution. "When a...

The Hacker News

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

Sat Mar 28 2026

Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian state-sponsored threat group known as TA446, which is also tracked by the broader cybersecurity community under the monikers Callisto,...

The Hacker News

European Commission data stolen in a cyberattack on the infrastructure hosting its web sites

Fri Mar 27 2026

The European Commission is continuing to investigate the theft of data from its cloud infrastructure earlier this week.

CSO Online

Iranian Hackers Breached Kash Patel’s Email—but Not the FBI’s

Fri Mar 27 2026

Plus: Apple makes big claims about the effectiveness of its Lockdown Mode anti-spyware feature, Russia moves to implement homegrown encryption for 5G, and more.

Wired

Lloyds Bank reveals how IT bug exposed transaction data

Fri Mar 27 2026

Lloyds Banking Group has identified the glitch that led to some of its customers being able to see details of other customers’ transactions on March 12.

CSO Online

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Fri Mar 27 2026

Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based attacks and urge them to install the update. The development was first reported by MacRumors. "Apple is aware of attacks targeting out-of-date iOS software, including the version on your iPhone. Install this critical update to protect your iPhone," the...

The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Fri Mar 27 2026

TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a .WAV file. Users are...

The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Fri Mar 27 2026

Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) extension to pass the vetting process and go live in the registry. "The pipeline had a single boolean return value that meant both 'no scanners are configured' and 'all scanners failed to run,'" Koi...

The Hacker News

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Fri Mar 27 2026

Attackers have exploited a critical Langflow RCE within hours of disclosure, prompting the US Cybersecurity and Infrastructure Security Agency (CISA) to formally flag it for urgent remediation.

CSO Online

AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion

Fri Mar 27 2026

Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a report from Push Security. Business accounts associated with social media platforms are a lucrative target, as they can be weaponized by bad actors for malvertising and distributing malware. "TikTok has been historically abused to distribute...

The Hacker News

We Are At War

Fri Mar 27 2026

Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it.  Introduction: One tech power to rule them all is a thing of the past  The relative safety, peace and prosperity that much of the world has enjoyed since 1945 was not accidental. It emerged from the ashes...

The Hacker News

Cyberangriff auf die Linke

Fri Mar 27 2026

Die Hackergruppe “Qilin” steht möglicherweise hinter dem Angriff.

CSO Online

Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware

Fri Mar 27 2026

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. "Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon Russian businesses;...

The Hacker News

8 steps CISOs can take to empower their teams

Fri Mar 27 2026

Many leaders know empowered teams deliver better results, but not all leaders understand how to get there.

CSO Online

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Fri Mar 27 2026

Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation history. Both LangChain and LangGraph are open-source frameworks that are used to build applications powered by Large Language Models (LLMs). LangGraph is built on the foundations of...

The Hacker News

Was ist Social Engineering?

Fri Mar 27 2026

Mit Social-Engineering-Techniken manipulieren Cyberkriminelle die menschliche Psyche.

CSO Online

Google: The quantum apocalypse is coming sooner than we thought

Fri Mar 27 2026

Google isn’t just responsible for the encryption of a big chunk of the communications on the internet.

CSO Online

How Trump’s Plot to Grab Iran's Nuclear Fuel Would Actually Work

Thu Mar 26 2026

Experts say that an American ground operation targeting nuclear sites in Iran would be incredibly complicated, put troops’ lives at great risk—and might still fail.

Wired

The CISO’s guide to responding to shadow AI

Thu Mar 26 2026

Move over shadow IT; shadow AI is the new risk on the scene.

CSO Online

China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks

Thu Mar 26 2026

A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting and maintaining stealthy access mechanisms within critical environments, has been attributed to Red Menshen, a threat cluster that's also tracked as Earth Bluecrow,...

The Hacker News