Latest IT News, Cybersecurity Alerts & Tech Innovations
ComfyUI Botnet Campaign Hijacks AI Servers for Crypto Mining
Attackers are exploiting internet-exposed ComfyUI stable diffusion servers to build cryptocurrency mining botnets through automated Python scanners.
OneDrive Drops Local Recycle Bin for Cloud File Deletions
Microsoft changes OneDrive deletion behavior to bypass local Recycle Bin, requiring web-based recovery for cloud files.
Medusa Ransomware Exploits Zero-Days Within Days
Medusa ransomware operators weaponize fresh vulnerabilities and encrypt victim networks within days of initial compromise.
German Police ID Russian Leaders of REvil Ransomware Gang
German Federal Police identified two Russian nationals as leaders of GandCrab and REvil ransomware operations that caused billions in damages worldwide.
GPUBreach Attack Exploits GDDR6 Memory for System Takeover
Researchers demonstrate GPUBreach attack that triggers Rowhammer bit-flips in GPU GDDR6 memory to escalate privileges and compromise systems.
Microsoft Fixes Classic Outlook Email Sending Bug
Microsoft resolved a known issue preventing Classic Outlook users from sending emails through Outlook.com accounts on April 6, 2026.
Iran-Linked Hackers Target Microsoft 365 in Israel and UAE
Iran-nexus threat actors launched password-spraying attacks against Microsoft 365 environments in Israel and UAE during March 2026.
Microsoft Removes Support and Recovery Assistant Tool
Microsoft deprecated and removed the Support and Recovery Assistant command-line utility from Windows updates starting March 10, 2026.
Storm-1175 Deploys Zero-Day Exploits in Medusa Ransomware Attacks
Microsoft warns that China-based Storm-1175 cybercriminal group is deploying zero-day and n-day exploits in high-velocity Medusa ransomware campaigns targeting organizations worldwide.
Drift Protocol Loses $280M in Sophisticated DeFi Hack
Drift Protocol suffered a $280 million hack through a long-term infiltration operation that established operational presence within the ecosystem.
UAT-10608 Hackers Target Next.js Apps with React2Shell Tool
Threat group UAT-10608 exploits vulnerable Next.js applications using React2Shell automation to steal credentials and system secrets.
Fake Court Traffic Violation Texts Target US Drivers
Scammers impersonate state courts nationwide with fake traffic violation texts containing malicious QR codes to steal payment data.
Fortinet Patches Critical FortiClient EMS Zero-Day Under Attack
Fortinet released emergency patches for CVE-2026-35616, a critical FortiClient EMS vulnerability actively exploited by attackers worldwide.
CVE-2025-55182 Exploited in Mass Credential Theft Campaign
Attackers exploit React2Shell vulnerability in Next.js applications to steal credentials through automated large-scale campaign targeting web developers.
Axios HTTP Client Targeted by North Korean Social Engineering
Axios HTTP client maintainers reveal detailed post-mortem of sophisticated North Korean social engineering attack targeting their development team.
Windows 11 April 2026 Update Brings Performance Boosts
Microsoft prepares Windows 11 April 2026 update featuring enhanced performance optimizations and system-wide usability improvements for enterprise users.
LinkedIn Caught Scanning Browser Extensions via Hidden Scripts
Security researchers discovered LinkedIn deploys hidden JavaScript to scan visitors' browser extensions and collect device fingerprinting data without disclosure.
Hims & Hers Health Discloses Data Breach via Third-Party Platform
Telehealth company Hims & Hers Health suffered a data breach when attackers stole customer support tickets from a third-party service platform.
Google Home App Adds Workspace Account Support
Google Home app now supports paid Google Workspace accounts for complete smart home management integration.
Progress ShareFile RCE Flaws Enable Pre-Auth Server Takeover
Critical Progress ShareFile vulnerabilities allow attackers to chain exploits for unauthenticated remote code execution and arbitrary file uploads.
Microsoft and CrowdStrike End Rivalry Through F1 Partnership
Microsoft and CrowdStrike have transformed their competitive relationship into collaboration, with Formula 1 serving as the catalyst for their partnership.