Signed software abused to deploy antivirus-killing scripts

A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.
SecurityWeek

New DeepLoad Malware Dropped in ClickFix Attacks

The new DeepLoad malware has been distributed in ClickFix attacks to steal user credentials and install a rogue browser extension.
DataBreachToday

Breach Roundup: German Police Expose REvil, GandCrab Boss

This week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused ...

Check Point: Market Prices Stagnation, But Partial Transition Can Drive Upside

Check Point Software is undervalued due to market mispricing of its transition potential amid a shifting cybersecurity ...

Your Windows 11 PC is slower than it should be. Here’s what to check

Everything running on your PC uses system resources, so why tax it with unnecessary processes and programs you no longer need ...
SecurityWeek

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

The Medusa ransomware group is operating at a fast pace by leveraging zero-days and quickly exploiting new bugs and breached ...
The Hacker News

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

Augmented Marauder targets Latin America and Europe since 2020, using dynamic PDF phishing to spread Casbaneiro via Horabot.
The Hacker News

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Russian CTRL toolkit spread via malicious LNK files in February 2026, routing C2 through FRP-tunneled RDP to evade detection.
DataBreachToday

Bug Management in the Mythos Era: 'Assume You're Unpatched'

Thanks to Anthropic's Mythos presaging a world in which zero-day exploits are common, one cybersecurity expert says the new ...

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines

Updated: Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios ...