North Korean Hackers Pose as Trading Firm to Steal $285M from Drift
Drift Protocol reveals that a North Korean state-linked group spent six months posing as a trading firm to execute a $285 million hack. Read about…
Author: Cybernoz
Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app
Proton Authenticator is a free and open-source two-factor authentication (2FA) app that generates time-based one-time passwords (TOTP) to help secure online accounts. It is available…
A week in security (March 30 – April 5)
Last week on Malwarebytes Labs: Stay safe! We don’t just report on data privacy—we help you remove your personal information Cybersecurity risks should never spread…
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
Ravie LakshmananApr 06, 2026Ransomware / Endpoint Security Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence…
Massachusetts Emergency Cyberattack Hits Patriot Regional
A Massachusetts emergency cyberattack has temporarily disrupted the operations of the Patriot Regional Emergency Communications Center, affecting several small towns in northern Massachusetts. The breach, which began…
North Korea Spent 6 Months To Drain $285M From Drift Protocol In 12 Mins
The message Drift Protocol posted to X on April 1, opened with an unusual disclaimer: “This is not an April Fools joke.” Within hours, the…
Fortinet Rushes Emergency Fixes for Exploited Zero-Day
Fortinet over the weekend rushed emergency fixes for a FortiClient Enterprise Management Server (EMS) vulnerability that has been exploited as a zero-day. Described as an…
Fortinet fixes actively exploited high-severity flaw
CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw Pierluigi Paganini April 06, 2026 Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited…
The Top 3 Cyber Challenges for Mid-Market Businesses
As technology continues to advance at an exponential pace, so does the ever-present threat of cyberattacks. In the digital landscape of 2023, mid-sized businesses find…
New ResokerRAT Uses Telegram Bot API to Control Infected Windows Systems
A new Remote Access Trojan (RAT) called ResokerRAT has been found targeting Windows systems by abusing Telegram’s widely used Bot API to receive commands and…
Threat Actors Weaponize Fake Microsoft Teams Domains to Target Users
Threat actors associated with North Korea are deploying fake Microsoft Teams domains to conduct social engineering attacks and distribute malware. The threat group, identified as…
Residential proxies make a mockery of IP-based defenses
Attack traffic moved through ordinary home and mobile connections in ways that limited the usefulness of IP reputation on its own. GreyNoise observed 4 billion…