Author: PulauWin

Help Net Security

Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited

April 5, 2026 add comment
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Financial groups lay out a plan to fight AI identity attacks Generative AI tools... Read more »

⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More

April 4, 2026 add comment
Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods are showing up in new places,... Read more »
The Hacker News

Why Third-Party Risk Is the Biggest Gap in Your Clients’ Security Posture

April 4, 2026 add comment
The next major breach hitting your clients probably won’t come from inside their walls. It’ll come through a vendor they trust, a SaaS tool their finance team signed up for, or a... Read more »
Internet Security

Qilin ransomware group claims the hack of German political party Die Linke

April 4, 2026 add comment
Qilin ransomware claims it stole data from Germany’s Die Linke and threatens to leak it; the party confirmed the incident, but not a breach. The Qilin ransomware group claims... Read more »
The Hacker News

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

April 4, 2026 add comment
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft... Read more »
Internet Security

U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog

April 4, 2026 add comment
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw... Read more »
Help Net Security

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

April 4, 2026 add comment
Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation of active exploitation came... Read more »
The Hacker News

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

April 4, 2026 add comment
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal targeting in the region. The campaign has been attributed to TA416,... Read more »
Internet Security

European Commission breach exposed data of 30 EU entities, CERT-EU says

April 4, 2026 add comment
CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commission cloud breach to... Read more »
Security of TechRepublic

FBI Declares Surveillance System Breach a ‘Major Incident’

April 3, 2026 add comment
China-linked hackers breached an FBI surveillance system, exposing sensitive investigation data and prompting a “major incident” classification. The post FBI Declares Surveillance System Breach a ‘Major Incident’ appeared first... Read more »
Subscribe to our Newsletter