WA local gov entity lost $350,000 in phishing attack
A Western Australian council paid approximately $350,000 to an unknown third party, following a phishing attack that allowed a threat actor to fraudulently change a…
Month: April 2026
Axios NPM Package Breached in North Korean Supply Chain Attack
Malicious versions of the highly popular Axios NPM library were distributed to millions in a fresh supply chain attack blamed on North Korean hackers. A…
Free VPNs leak your data while claiming privacy
Free VPNs leak your data while claiming privacy Pierluigi Paganini April 01, 2026 Most free Android VPNs track users, request dangerous permissions, and connect to…
ACSC warns of ongoing targeting of online code repositories
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has issued an updated alert warning of increased targeting of online code repositories, urging Australian organisations…
An analysis of CrystalX commercial RAT with prankware features
Introduction In March 2026, we discovered an active campaign promoting previously unknown malware in private Telegram chats. The Trojan was offered as a MaaS (malware‑as‑a‑service) with…
Enterprise Spotlight: Setting the 2026 IT Agenda
IT leaders are setting their operations strategies for 2026 with an eye toward agility, flexibility, and tangible business results. Download the January 2026 issue of…
Tenable Cloud Security Updates: Custom Policies, AWS ABAC & Explorer
Stop the noise and scale your cloud security. Our latest updates introduce custom policy automation via Explorer, AWS ABAC support for true least privilege, and…
New Windows 11 emergency update fixes preview update install issues
Microsoft released an out-of-band update to fix the March 2026 non-security preview update, which was pulled over the weekend due to installation issues. The optional…
Mercor AI Confirms Data Breach Following Lapsus$ Claims of 4TB Data Theft
Mercor AI has officially confirmed a severe data breach following claims by the notorious Lapsus$ hacking group that they stole 4 terabytes of sensitive company…
Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool
Last week, DarkSword was then posted to open source code repository GitHub, making it all the more accessible. Security firms Malfors and Proofpoint soon after…
Google Cloud’s Vertex AI Hit by Vulnerability Enabling Sensitive Data Access
Artificial intelligence agents are transforming enterprise workflows, but they also introduce dangerous new attack vectors. Security researchers from Palo Alto Networks’ Unit 42 recently uncovered…
Financial groups lay out a plan to fight AI identity attacks
Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A…