🖋️ GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments IDEs on a developer's machine. The technique has been discovered in an Open VSX extension named "specstudio.codewakatimeactivitytracker," which masquerades as WakaTime, a.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Browser Extensions Are the New AI Consumption Channel That No One Is Talking About 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
While much of the discussion on AI security centers around protecting shadow AI and GenAI consumption, there's a wideopen window nobody's guarding AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI threat surface in your network that isn't on anyone's .📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Google has made Device Bound Session Credentials DBSC generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta. The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned in an upcoming Chrome release. "This project represents a significant.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A critical security vulnerability in Marimo, an opensource Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE202639987 CVSS score 9.3, a preauthenticated remote code execution vulnerability impacting all versions of Marimo prior to and including.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that's designed to stealthily infect all integrated development environments IDEs on a developer's machine. The technique has been discovered in an Open VSX extension named "specstudio.codewakatimeactivitytracker," which masquerades as WakaTime, a.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a popular WordPress slider plugin with more than 800,000 active installations across its free and Pro.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Browser Extensions Are the New AI Consumption Channel That No One Is Talking About 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
While much of the discussion on AI security centers around protecting shadow AI and GenAI consumption, there's a wideopen window nobody's guarding AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI threat surface in your network that isn't on anyone's .📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Details have emerged about a nowpatched security vulnerability in a widely used thirdparty Android software development kit SDK called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data," the Microsoft Defender.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A previously undocumented threat cluster dubbed UAT10362 has been attributed to spearphishing campaigns targeting Taiwanese nongovernmental organizations NGOs and suspected universities to deploy a new Luabased malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rustcompiled libraries within a dynamiclink library DLL to download and.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Google has made Device Bound Session Credentials DBSC generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta. The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned in an upcoming Chrome release. "This project represents a significant.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twice. Quiet escalations more than loud zerodays, but the kind that matter more in.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A critical security vulnerability in Marimo, an opensource Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in question is CVE202639987 CVSS score 9.3, a preauthenticated remote code execution vulnerability impacting all versions of Marimo prior to and including.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a popular WordPress slider plugin with more than 800,000 active installations across its free and Pro.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Qilin, Akira and Dragonforce were responsible for 40 of 672 ransomware incidents reported in March, says Check Point.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Details have emerged about a nowpatched security vulnerability in a widely used thirdparty Android software development kit SDK called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data," the Microsoft Defender.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Chromes Device Bound Session Credentials is designed to block infostealers from harvesting session cookie.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A previously undocumented threat cluster dubbed UAT10362 has been attributed to spearphishing campaigns targeting Taiwanese nongovernmental organizations NGOs and suspected universities to deploy a new Luabased malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua interpreter and Rustcompiled libraries within a dynamiclink library DLL to download and.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 STX RAT Targets Finance Sector With Advanced Stealth Tactics 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
STX RAT Targets Finance Sector With Advanced Stealth Tactics
STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods
🖋️ ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Thursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally trust without thinking twice. Quiet escalations more than loud zerodays, but the kind that matter more in.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Bitcoin Depot Reports $3.6m Crypto Theft After System Breach 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Bitcoin Depot has disclosed a cyberattack that led to the theft of more than 50 Bitcoin, worth 3.66m, after hackers accessed its internal systems.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Bitcoin Depot Reports $3.6m Crypto Theft After System Breach
Bitcoin Depot has disclosed a cyber-attack that led to the theft of more than 50 Bitcoin, worth $3.66m, after hackers accessed its internal systems
📔 Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Qilin, Akira and Dragonforce were responsible for 40 of 672 ransomware incidents reported in March, says Check Point.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity