Aggregator

Submit #778613 / VDB-354651

There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say "No." No to ChatGPT. No to DeepSeek. No to the file-sharing tool the product team swears by. For years, this looked like security. But in 2026, "Doctor No" is no longer just a management headache &

Submit #780538 / VDB-354650

New research from Seqrite explains the ‘dual-use dilemma,’ where ransomware attackers repurpose legitimate IT tools like IOBit Unlocker…

长城杯半决赛三道 Web 赛题审计笔记——从 redis SSRF、ZipSlip 到 glibc iconv 溢出

Submit #780561 / VDB-354649

Submit #780560 / VDB-354648

Submit #780559 / VDB-354647

Submit #780558 / VDB-354646

Submit #780462 / VDB-354645

A multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America and Europe to deliver Windows banking trojans like Casbaneiro (aka Metamorfo) via another malware called Horabot. The activity has been attributed to a Brazilian cybercrime threat actor tracked as Augmented Marauder and Water Saci. The e-crime group was first documented by Trend Micro in

Beginning April 6, 2026, HSBC India will require its internet banking customers to enter their passwords in uppercase letters only. The mandate, communicated via official customer emails, has sparked widespread concern among technical experts regarding the bank’s credential storage practices and overall security posture. The Uppercase Migration According to the bank’s recent communications, customers must […]

The post HSBC India Asks Customers to use All-Uppercase Passwords appeared first on Cyber Security News.

Рассказываем, как рекламные компании торгуют данными о наших перемещениях.

A sophisticated backdoor called EtherRAT is actively targeting organizations across multiple sectors by hiding its command infrastructure inside the Ethereum blockchain — a move that makes it uniquely hard to track and shut down. The malware runs on Node.js and gives attackers full remote control over compromised machines, enabling them to execute commands, steal cryptocurrency […]

The post Hackers Use EtherRAT and EtherHiding to Hide Malware Infrastructure on Ethereum appeared first on Cyber Security News.

本次报告，我们继续对事件进行进一步的追踪披露，并结合360安全大脑的最新威胁情报数据，进一步开展归因分析

Romanian government institutions are facing thousands of cyberattack attempts every day targeting a wide range of public institutions, Defense Minister Radu Miruta said.

Submit #780443 / VDB-354641

Submit #780442 / VDB-354641

Submit #780441 / VDB-354640

March 2026 brought a wave of cyber attacks that reflected how quickly modern threats can move from subtle early signals to serious business impact. ANY.RUN analysts identified and explored several major threats this month, exposing phishing campaigns, stealthy malware, payment-skimming activity, and resilient botnet infrastructure affecting organizations across industries. From Microsoft 365 token abuse and […]

The post Major Cyber Attacks in March 2026: OAuth Phishing, SVG Smuggling, Magecart, and More  appeared first on ANY.RUN's Cybersecurity Blog.