Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities
The bugs could allow attackers to modify protected resources and escalate their privileges to administrator.
The post Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
https://www.securityweek.com/palo-alto-networks-sonicwall-patch-high-severity-vulnerabilities/
The bugs could allow attackers to modify protected resources and escalate their privileges to administrator.
The post Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
https://www.securityweek.com/palo-alto-networks-sonicwall-patch-high-severity-vulnerabilities/
SecurityWeek
Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities
The bugs could allow attackers to modify protected resources and escalate their privileges to administrator.
The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security
Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions.
The post The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security appeared first on SecurityWeek.
https://www.securityweek.com/the-hidden-roi-of-visibility-better-decisions-better-behavior-better-security/
Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions.
The post The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security appeared first on SecurityWeek.
https://www.securityweek.com/the-hidden-roi-of-visibility-better-decisions-better-behavior-better-security/
SecurityWeek
The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security
Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions.
Google Warns of New Campaign Targeting BPOs to Steal Corporate Data
Tracked as UNC6783, the threat actor is likely linked to Mr. Raccoon, the hacker behind the alleged theft of Adobe data from a BPO.
The post Google Warns of New Campaign Targeting BPOs to Steal Corporate Data appeared first on SecurityWeek.
https://www.securityweek.com/google-warns-of-new-campaign-targeting-bpos-to-steal-corporate-data/
Tracked as UNC6783, the threat actor is likely linked to Mr. Raccoon, the hacker behind the alleged theft of Adobe data from a BPO.
The post Google Warns of New Campaign Targeting BPOs to Steal Corporate Data appeared first on SecurityWeek.
https://www.securityweek.com/google-warns-of-new-campaign-targeting-bpos-to-steal-corporate-data/
SecurityWeek
Google Warns of New Campaign Targeting BPOs to Steal Corporate Data
Tracked as UNC6783, the threat actor is likely linked to Mr. Raccoon, the hacker behind the alleged theft of Adobe data from a BPO.
Adobe Reader Zero-Day Exploited for Months: Researcher
Reputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability.
The post Adobe Reader Zero-Day Exploited for Months: Researcher appeared first on SecurityWeek.
https://www.securityweek.com/adobe-reader-zero-day-exploited-for-months-researcher/
Reputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability.
The post Adobe Reader Zero-Day Exploited for Months: Researcher appeared first on SecurityWeek.
https://www.securityweek.com/adobe-reader-zero-day-exploited-for-months-researcher/
SecurityWeek
Adobe Reader Zero-Day Exploited for Months: Researcher
Reputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability.
300,000 People Impacted by Eurail Data Breach
In December 2025, hackers stole names and passport numbers from the European travel company’s network.
The post 300,000 People Impacted by Eurail Data Breach appeared first on SecurityWeek.
https://www.securityweek.com/300000-people-impacted-by-eurail-data-breach/
In December 2025, hackers stole names and passport numbers from the European travel company’s network.
The post 300,000 People Impacted by Eurail Data Breach appeared first on SecurityWeek.
https://www.securityweek.com/300000-people-impacted-by-eurail-data-breach/
SecurityWeek
300,000 People Impacted by Eurail Data Breach
In December 2025, hackers stole names and passport numbers from the European travel company’s network.
$3.6 Million Stolen in Bitcoin Depot Hack
A hacker transferred more than 50 bitcoin from the Bitcoin ATM operator’s wallets after stealing credentials.
The post $3.6 Million Stolen in Bitcoin Depot Hack appeared first on SecurityWeek.
https://www.securityweek.com/3-6-million-stolen-in-bitcoin-depot-hack/
A hacker transferred more than 50 bitcoin from the Bitcoin ATM operator’s wallets after stealing credentials.
The post $3.6 Million Stolen in Bitcoin Depot Hack appeared first on SecurityWeek.
https://www.securityweek.com/3-6-million-stolen-in-bitcoin-depot-hack/
SecurityWeek
$3.6 Million Stolen in Bitcoin Depot Hack
A hacker transferred more than 50 bitcoin from the Bitcoin ATM operator’s wallets after stealing credentials.
Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long
Hackers vowed to revive its efforts against America when the time was right — demonstrating how digital warfare has become ingrained in military conflict.
The post Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long appeared first on SecurityWeek.
https://www.securityweek.com/shaky-ceasefire-unlikely-to-stop-cyberattacks-from-iran-linked-hackers-for-long/
Hackers vowed to revive its efforts against America when the time was right — demonstrating how digital warfare has become ingrained in military conflict.
The post Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long appeared first on SecurityWeek.
https://www.securityweek.com/shaky-ceasefire-unlikely-to-stop-cyberattacks-from-iran-linked-hackers-for-long/
SecurityWeek
Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long
Hackers vowed to revive its efforts against America when the time was right — demonstrating how digital warfare has become ingrained in military conflict.
The agentic SOC—Rethinking SecOps for the next decade
In the SOC of the future, autonomous defense moves at machine speed, agents add context and coordination, and humans focus on judgment, risk, and outcomes.
The post The agentic SOC—Rethinking SecOps for the next decade appeared first on Microsoft Security Blog.
https://www.microsoft.com/en-us/security/blog/2026/04/09/the-agentic-soc-rethinking-secops-for-the-next-decade/
In the SOC of the future, autonomous defense moves at machine speed, agents add context and coordination, and humans focus on judgment, risk, and outcomes.
The post The agentic SOC—Rethinking SecOps for the next decade appeared first on Microsoft Security Blog.
https://www.microsoft.com/en-us/security/blog/2026/04/09/the-agentic-soc-rethinking-secops-for-the-next-decade/
Microsoft News
The agentic SOC—Rethinking SecOps for the next decade
In the SOC of the future, autonomous defense moves at machine speed, agents add context and coordination, and humans focus on judgment, risk, and outcomes.
Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees
Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated threat actor, tracked as Storm-2755, compromising Canadian employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts.
The post Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees appeared first on Microsoft Security Blog.
https://www.microsoft.com/en-us/security/blog/2026/04/09/investigating-storm-2755-payroll-pirate-attacks-targeting-canadian-employees/
Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated threat actor, tracked as Storm-2755, compromising Canadian employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts.
The post Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees appeared first on Microsoft Security Blog.
https://www.microsoft.com/en-us/security/blog/2026/04/09/investigating-storm-2755-payroll-pirate-attacks-targeting-canadian-employees/
Microsoft News
Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees
Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated threat actor, tracked as Storm-2755, compromising Canadian employee accounts to gain unauthorized access to employee profiles and divert…
Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk
A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of apps. Microsoft researchers detail how the flaw works, why it matters, and how developers can mitigate similar risks by updating affected SDKs.
The post Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk appeared first on Microsoft Security Blog.
https://www.microsoft.com/en-us/security/blog/2026/04/09/intent-redirection-vulnerability-third-party-sdk-android/
A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of apps. Microsoft researchers detail how the flaw works, why it matters, and how developers can mitigate similar risks by updating affected SDKs.
The post Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk appeared first on Microsoft Security Blog.
https://www.microsoft.com/en-us/security/blog/2026/04/09/intent-redirection-vulnerability-third-party-sdk-android/
Microsoft News
Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk
A severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of apps. Microsoft researchers detail how the flaw works, why it matters, and how developers can mitigate similar risks by updating affected…
[webapps] React Server 19.2.0 - Remote Code Execution
React Server 19.2.0 - Remote Code Execution
https://www.exploit-db.com/exploits/52506
React Server 19.2.0 - Remote Code Execution
https://www.exploit-db.com/exploits/52506
Exploit Database
React Server 19.2.0 - Remote Code Execution
React Server 19.2.0 - Remote Code Execution. CVE-2025-55182 . webapps exploit for Multiple platform
[webapps] RomM 4.4.0 - XSS_CSRF Chain
RomM 4.4.0 - XSS_CSRF Chain
https://www.exploit-db.com/exploits/52505
RomM 4.4.0 - XSS_CSRF Chain
https://www.exploit-db.com/exploits/52505
Exploit Database
RomM 4.4.0 - XSS_CSRF Chain
RomM 4.4.0 - XSS_CSRF Chain. CVE-2025-65027 . webapps exploit for Multiple platform
[webapps] Jumbo Website Manager - Remote Code Execution
Jumbo Website Manager - Remote Code Execution
https://www.exploit-db.com/exploits/52504
Jumbo Website Manager - Remote Code Execution
https://www.exploit-db.com/exploits/52504
Exploit Database
Jumbo Website Manager - Remote Code Execution
Jumbo Website Manager - Remote Code Execution.. webapps exploit for Multiple platform
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk.
"This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data," the Microsoft Defender
https://thehackernews.com/2026/04/engagelab-sdk-flaw-exposed-50m-android.html
Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk.
"This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data," the Microsoft Defender
https://thehackernews.com/2026/04/engagelab-sdk-flaw-exposed-50m-android.html
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook.
"LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and
https://thehackernews.com/2026/04/uat-10362-targets-taiwanese-ngos-with.html
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook.
"LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and
https://thehackernews.com/2026/04/uat-10362-targets-taiwanese-ngos-with.html
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
Thursday. Another week, another batch of things that probably should've been caught sooner but weren't.
This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twice. Quiet escalations more than loud zero-days, but the kind that matter more in
https://thehackernews.com/2026/04/threatsday-bulletin-hybrid-p2p-botnet.html
Thursday. Another week, another batch of things that probably should've been caught sooner but weren't.
This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twice. Quiet escalations more than loud zero-days, but the kind that matter more in
https://thehackernews.com/2026/04/threatsday-bulletin-hybrid-p2p-botnet.html
The Hidden Security Risks of Shadow AI in Enterprises
As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows, they also operate outside the visibility of security teams, bypassing controls and creating new blind spots in what is known as shadow AI. While similar to the phenomenon of
https://thehackernews.com/2026/04/the-hidden-security-risks-of-shadow-ai.html
As AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows, they also operate outside the visibility of security teams, bypassing controls and creating new blind spots in what is known as shadow AI. While similar to the phenomenon of
https://thehackernews.com/2026/04/the-hidden-security-risks-of-shadow-ai.html
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025.
The finding, detailed by EXPMON's Haifei Li, has been described as a highly-sophisticated PDF exploit. The artifact ("Invoice540.pdf") first appeared on the VirusTotal platform on November 28, 2025. A second
https://thehackernews.com/2026/04/adobe-reader-zero-day-exploited-via.html
Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025.
The finding, detailed by EXPMON's Haifei Li, has been described as a highly-sophisticated PDF exploit. The artifact ("Invoice540.pdf") first appeared on the VirusTotal platform on November 28, 2025. A second
https://thehackernews.com/2026/04/adobe-reader-zero-day-exploited-via.html
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA), according to findings from Access Now, Lookout, and SMEX.
Two of the targets included prominent Egyptian journalists and government critics, Mostafa
https://thehackernews.com/2026/04/bitter-linked-hack-for-hire-campaign.html
An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA), according to findings from Access Now, Lookout, and SMEX.
Two of the targets included prominent Egyptian journalists and government critics, Mostafa
https://thehackernews.com/2026/04/bitter-linked-hack-for-hire-campaign.html
Russia's 'Fancy Bear' APT Continues Its Global Onslaught
Victims don't need to match the cybercrime group's technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable.
https://www.darkreading.com/threat-intelligence/russias-fancy-bear-apt-continues-global-onslaught
Victims don't need to match the cybercrime group's technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable.
https://www.darkreading.com/threat-intelligence/russias-fancy-bear-apt-continues-global-onslaught
Dark Reading
Russia's 'Fancy Bear' APT Continues Its Global Onslaught
Victims don't need to match the cybercrime group's technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable.