-
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal targeting in the region. The campaign has been attributed to TA416, a cluster of activity that overlaps with DarkPeony, RedDelta, Red Lich, SmugX, UNC6384, and Vertigo Panda. “This TA416 activity included multiple
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers from FortiGuard Labs have uncovered a high-severity spying campaign targeting South Korean companies. Discover how North Korean…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team. “Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actor-supplied cookie values to gate execution,
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
AI firm Mercor confirms a breach linked to a LiteLLM supply chain attack, as hackers claim to have stolen 4TB of sensitive data and internal systems.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week in cybersecurity from the editors at Cybercrime Magazine
Sausalito, Calif. – Apr. 3, 2026Daniel Bernard, aka “DB”, Chief Business Officer at CrowdStrike, told Cybercrime Magazine that cybersecurity is a team sport, and that all of us at RSAC Conference 2026 last week were in the right place at the right time.
Looking ahead, DB talked to us about CrowdStrike’s FAL.CON 2026 on Aug. 31 to Sep. 3 in Las Vegas. It’s all about securing the AI revolution. 10,000+ security leaders, innovators, builders, and visionaries will come together for four days at the premier event shaping cybersecurity’s future.
FAL.CON isn’t a spectator sport. It’s high-impact keynotes. Live competition at the Survivor Games. Stress-testing theory at hands-on labs. And experiencing FAL.CON Fest, where the people who defend the digital world celebrate together.
Can’t make it to FAL.CON? The next best event may be in your own backyard. CrowdTour 2026 is CrowdStrike’s global cybersecurity roadshow for defenders to learn, collaborate, and lead in the AI era. Go here for a list of cities globally.
Listen to DB on this Cybercrime Magazine Podcast episode to learn about the latest at CrowdStrike and more about Fal.Con 2026.
Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.
The post FAL.CON 2026: Secure The AI Revolution appeared first on Cybercrime Magazine.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Moscow, Russia, 3rd April 2026, CyberNewswire
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at watchTowr Labs have disclosed a critical exploit chain in the Progress ShareFile Storage Zone Controller. The vulnerabilities, tracked as CVE-2026-2699 and CVE-2026-2701, enable unauthenticated attackers to achieve Remote Code Execution (RCE) and completely compromise vulnerable servers. With roughly 30,000 instances exposed to the public internet, organizations are urged to patch immediately to […]
The post New Progress ShareFile Flaws Expose Servers to Unauthorized Remote Takeover appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has officially initiated an automated, machine-learning-based rollout for Windows 11, version 25H2, targeting unmanaged systems. As part of its ongoing efforts to keep devices secure, similar to routine patch deployments that address critical system vulnerabilities, the tech giant is forcefully upgrading all eligible Home and Pro devices currently running version 24H2. For consumers and […]
The post Microsoft Forces Unmanaged Windows 11 Devices to Upgrade to Version 24H2 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Daniel Rhyne, a 59-year-old former core infrastructure engineer, pleaded guilty on April 1, 2026, to federal hacking and extortion charges. He admitted to locking out administrators and sabotaging systems at his former New Jersey-based employer in an attack that began in November 2023. Rhyne entered his plea before U.S. District Judge Michael A. Shipp in […]
The post Infrastructure Engineer Pleads Guilty to Locking 254 Windows Servers at Former Employer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat actors tracked as UNC1069. Maintainer Jason Saayman said the attackers tailored their social engineering efforts “specifically to me” by first approaching him under the guise of the founder of a
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
