Tag: ransomware

Weekly Threat Intel: Ransomware Strikes Politics, Supply Chain Attacks Target NPM, LinkedIn's Browser Surveillance

This week brought a convergence of high-profile threats: Qilin ransomware targeting political infrastructure, sophisticated NPM supply chain attacks, and LinkedIn's covert browser surveillance of 6,000+ extensions. Healthcare and phishing campaigns round out a particularly active threat landscape.

Apr 4, 2026BleepingComputer, Cisco Talos, Malwarebytes Labs

ransomwaresupply-chain-attacksdata-breaches

🏴Qilin

🇺🇸Meta Platforms🇺🇸LinkedIn🇺🇸Google

highData Breaches & Incidents

Data Breach Roundup: ShinyHunters Targets Cisco, New Yurei Ransomware Emerges, Storm Infostealer Goes Commercial

Threat actors escalate attacks with ShinyHunters claiming massive Cisco data theft via Salesforce/AWS compromise, while new Yurei ransomware and commercial Storm infostealer emerge in the threat landscape.

Apr 3, 2026Hackread

shinyhuntersciscoyurei-ransomware

🏴ShinyHunters

🇮🇱Circles🇺🇸Google

highIndustry & Policy

Weekly Roundup: Sub-Hour Ransomware, AI Dominance at RSA, and Multi-Channel Malware Campaigns

This week's developments span conference insights and active threats: RSAC 2026 highlighted AI's growing role in cybersecurity amid geopolitical tensions, while researchers documented increasingly rapid ransomware attacks and sophisticated malware campaigns targeting banking credentials and messaging platforms.

Apr 3, 2026Dark Reading, Infosecurity Magazine

ransomwaremalwareartificial-intelligence

🏴Akira

🇺🇸Meta Platforms🇺🇸Reddit

criticalNation-State & APT

CISA Adds Google Dawn CVE to KEV as North Korean APT UNC1069 Claims Axios Supply Chain Attack

CISA confirmed active exploitation of a use-after-free vulnerability in Google Dawn by adding it to the KEV catalog. Meanwhile, Google attributed the recent Axios npm supply chain compromise to North Korean threat group UNC1069, while ransomware operators continue targeting critical infrastructure including water treatment facilities.

Apr 2, 2026Security Affairs, The Record

cisa-kevgoogle-dawnnorth-korea

🇺🇸Google

criticalMalware & Threats

Critical Cisco IMC Auth Bypass, F5 RCE Exposure, and Active Zero-Day Attacks Dominate Threat Landscape

Critical infrastructure faces active attacks via Cisco IMC authentication bypass and F5 BIG-IP RCE vulnerabilities affecting thousands of exposed systems. Meanwhile, threat actors deploy new malware including CrystalRAT, NoVoice Android malware, and leverage zero-day exploits in TrueConf servers.

Apr 2, 2026BleepingComputer, Graham Cluley, Cisco Talos, Malwarebytes Labs

ciscof5-networkszero-day

🏴Qilin🏴Play

🇦🇪Telegram🇺🇸Google🇺🇸Apple

mediumData Breaches & Incidents

Developer Trust Under Fire: GitHub Scams, LinkedIn Phishing, and AI Code Exposure

Social engineering attacks are intensifying against developer communities through GitHub token giveaway scams and LinkedIn credential phishing. Meanwhile, Anthropic suffered a major code exposure incident and ransomware groups continue exploiting legitimate IT tools to evade detection.

Apr 2, 2026Hackread

githublinkedinphishing

🇺🇸LinkedIn

highIndustry & Policy

Healthcare Under Siege: LatAm Government Attacks Rise as CNI Faces Million-Dollar Downtime Costs

Healthcare systems must rehearse ransomware response as Latin American governments experience surging cyberattacks targeting critical sectors. Critical infrastructure providers face potential £5 million downtime costs from operational technology attacks.

Apr 2, 2026Dark Reading, Infosecurity Magazine

ransomwarehealthcarelatin-america

🏴Play

🇺🇸Google

highVulnerabilities & Exploits

Supply Chain Attacks and Malware Campaigns Dominate Weekly Threat Landscape

The TeamPCP supply chain campaign continues expanding with confirmed victims while threat actors leverage WhatsApp, fake installers, and phishing to deploy malware ranging from cryptocurrency miners to banking trojans. Multiple CVE disclosures affecting various open source components require attention.

Apr 2, 2026The Hacker News, SANS ISC, MSRC Security Updates

supply-chainmalwarephishing

🇺🇸Meta Platforms

criticalNation-State & APT

Critical Infrastructure Under Fire: Romanian Attacks, Citrix Zero-Day, and Ransomware Evolution

Romanian government institutions are under sustained cyber attack with thousands of daily attempts, while CISA has issued emergency patching orders for a critical Citrix NetScaler vulnerability. Meanwhile, supply chain attacks are targeting AI development tools and ransomware operators are evolving their data monetization strategies.

Apr 1, 2026Security Affairs, The Record

romaniacitrixnetscaler

highData Breaches & Incidents

Data Breach Roundup: FBI Chief's Gmail Compromised, BreachForums Database Leaked

Iran-linked Handala hackers compromised FBI Director Kash Patel's Gmail account and leaked personal documents, while cybercriminal forum BreachForums suffered its own data breach exposing 300,000 users. Meanwhile, BianLian ransomware operators have adopted SVG-based phishing tactics targeting Venezuelan companies.

Mar 28, 2026Hackread

data-breachesnation-statehandala

🏴BianLian🏴ShinyHunters

🇺🇸Google

criticalVulnerabilities & Exploits

Vulnerability Roundup: TeamPCP Supply Chain Campaign Widens, AI Framework Flaws, and State-Sponsored Activity

A supply chain attack targeting security scanners has expanded beyond initial reports and been added to CISA's Known Exploited Vulnerabilities catalog. Meanwhile, critical vulnerabilities in popular AI frameworks LangChain and LangGraph could expose sensitive data, and state-sponsored groups continue targeted espionage campaigns.

Mar 27, 2026The Hacker News, SANS ISC, MSRC Security Updates

supply-chainransomwareai-security

mediumIndustry & Policy

RSAC 2026 Highlights: EU Leadership, AI-Driven Threats, and Industrial-Scale Identity Abuse

RSA Conference 2026 featured EU officials taking the lead on cybersecurity policy while US government participation remained minimal. Meanwhile, AI emerged as both the dominant attack vector and defensive solution, with researchers warning of industrial-scale identity exploitation campaigns.

Mar 26, 2026Dark Reading, Infosecurity Magazine

rsacartificial-intelligenceransomware

🇺🇸LinkedIn🇺🇸Near Intelligence