New Cisco firewall malware can only be killed by pulling the plug
Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security Centre…
Month: April 2026
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran’s nuclear program by destroying uranium…
Government should drop Capita from civil service scheme after it loses Royal Mail role, says union
The Public and Commercial Services (PCS) union has said government should end an outsourcing contract with Capita in its troubled civil service pension after it…
China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks
A newly uncovered APT is relying on legitimate services for command-and-control (C&C) communication and data exfiltration, ESET warns. Tracked as GopherWhisper (PDF) and active since…
The calm before the ransomware storm: What you see is not all there is
A breach claims the systems as well as the confidence that was, in retrospect, a major vulnerability 24 Apr 2026 • , 5 min. read…
Google drafts AI agents to secure systems against AI hackers
Wiz, AI-BOMs, and securing the AI development sprawl Google has expanded its Wiz portfolio to tackle the chaos of AI development and multi-cloud risk. Wiz…
Orienting Intelligence Requirements to the Small Business Space
The discipline of intelligence, particularly in the context of cyber operations, features a number of formal concepts and processes that may appear distracting or irrelevant…
Windows Update gets new controls to reduce forced restarts
Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts.…
Hackers Can Abuse Entra Agent ID Administrator Role to Hijack Service Principals
A critical scope overreach vulnerability was recently identified in the Microsoft Entra Agent Identity Platform. The newly introduced Agent ID Administrator role allowed accounts to…
Hackers Exploit Cisco Firepower N-Day Flaws for Unauthorized Access
A state-sponsored threat actor known as UAT-4356 is actively exploiting known vulnerabilities in Cisco Firepower devices to deploy a sophisticated custom backdoor. UAT-4356 exploited two n-day vulnerabilities, CVE-2025-20333 and CVE-2025-20362m…
Compromised everyday devices power Chinese cyber espionage operations
China-linked threat actors have shifted from individually procured infrastructure to large-scale covert networks, botnets built from compromised routers and other edge devices, the National Cyber…
CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
Ravie LakshmananApr 25, 2026Network Security / Infrastructure Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO…