UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
Ravie LakshmananMar 11, 2026DevSecOps / AI Security A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm…
Latest Cybersecurity News — Page 112
View all →Two Zero-Days and Critical RCE Bugs Fixed – The Cyber Express
The Microsoft Patch Tuesday March 2026 release introduces security updates addressing 79 vulnerabilities, including two publicly disclosed zero-day vulnerabilities and several high-risk issues tied to remote code execution. The monthly security rollout includes fixes…
Finland Warns Russia and China Cyber Espionage Ops Targeting Tech Sector – The Cyber Express
Finland is facing a growing intelligence challenge as Russia and China cyberespionage targeting Finland continues to expand across the country’s technology sector, research institutions, and…
An Attacker’s Blunder Gave Us a Look Into Their Operations
Figure 8: Threat actor starts to rely on automated workflows The threat actor also appeared to be interested in other AI tools to help with…
BeatBanker Trojan Spreads via Phishing, Deploys Crypto Miner and RAT on Targeted Devices
BeatBanker is a new Android malware campaign targeting users in Brazil, combining banking fraud, crypto‑mining, and, in its latest wave, full device takeover via a…
12 ways attackers abuse cloud services to hack your enterprise
“Instead of abusing local binaries like PowerShell or WMI [Windows Management Instrumentation] to evade detection, adversaries now leverage native cloud administrative tools, APIs, identity systems,…
How to Fight Back in the Age of Synthetic Media
The Rise of CopyCop: When Influence Operations Go Fully Digital The latest Insikt Group report exposes one of the most expansive Russian influence operations to…
The Dangers of Storing Unencrypted Passwords
This is an offshoot of our other blog, “Huntress Threat Advisory: Active Exploitation of SonicWall VPNs,” which allowed initial access and was followed by the…
Microsoft .NET 0-Day Vulnerability Enables Denial-of-Service Attacks
Microsoft .NET 0-Day Vulnerability An emergency security update has been released to address a newly disclosed .NET Framework vulnerability, tracked as CVE-2026-26127. This security flaw…
Microsoft Active Directory Flaw Allows Attackers to Escalate Privileges
Microsoft has released a critical security update addressing a high-severity elevation of privilege vulnerability in Active Directory Domain Services (AD DS). This flaw, patched during…
How Malicious Hackers Try to Infiltrate Your IT Team
In the ever-evolving landscape of cyber threats, a new and insidious danger is emerging, shifting focus from external attacks to internal infiltration. While our last…
Gogs Vulnerability Enables Attackers to Silently Overwrite Large File Storage Objects
Gogs Vulnerability Overwrite Large File Storage Objects A critical security flaw has been discovered in a popular open-source, self-hosted Git service, allowing attackers to overwrite…