Multiple Zero-Days Under Active Attack: Google, Citrix, and TrueConf Race to Patch Critical Flaws as CISA Issues Urgent Alerts

ShinyHunters Threatens to Leak Cisco Data, Claims Breach of Salesforce and AWS

The data extortion group ShinyHunters has issued a final ultimatum to networking giant Cisco, demanding contact by April 3, 2026, before it begins leaking a massive trove of allegedly stolen data. The group claims to have exfiltrated over three million Salesfo...

Unpatched Windows Zero-Day 'BlueHammer' Exploit Leaked, Allows SYSTEM-Level Access

A security researcher has publicly released a proof-of-concept (PoC) exploit for an unpatched Windows zero-day vulnerability dubbed "BlueHammer." The leak, which occurred after a dispute with the Microsoft Security Response Center (MSRC), exposes a local privi...

REF1695 Campaign Spreads RATs and Cryptominers via Fake Software Installers

A long-running threat campaign, dubbed REF1695, has been active since November 2023, using counterfeit software installers to deliver a variety of malicious payloads. According to Elastic Security Labs, the operation uses ISO file lures to distribute malware i...

Immigration Law Platform DocketWise Discloses Breach Affecting Over 116,000 People

DocketWise, a cloud-based case management platform for immigration lawyers, has reported a data breach that exposed the highly sensitive personal information of 116,666 individuals. The breach, discovered in October 2025, occurred when an unauthorized actor ga...

NightSpire Ransomware Claims Attack on French Org, Threatens to Leak Audit Data

The NightSpire ransomware group has claimed responsibility for a cyberattack against Association OCACIA, a French organization. On April 3, 2026, the group announced the breach on its leak site, threatening to publish sensitive internal documents if its ransom...

T-Mobile Confirms Insider Data Breach, States Only One Customer Affected

T-Mobile USA has clarified that a recent data breach notification was the result of an isolated insider threat incident, not a large-scale attack. A vendor employee improperly accessed the account information of a single customer, exposing their name, address,...

LinkedIn Accused of Secretly Scanning for 6,000+ Browser Extensions

A new report from the user association Fairlinked e.V. alleges that LinkedIn is secretly scanning visitors' browsers for the presence of over 6,000 installed browser extensions. The practice, dubbed "BrowserGate," reportedly involves injecting hidden JavaScrip...

European Commission Confirms Data Breach After ShinyHunters Claims 350GB Theft

Update:CERT-EU has officially attributed the European Commission's data breach to the TeamPCP hacking group, clarifying previous claims by ShinyHunters. The incident, which occurred on March 19, 2026, involved the exfiltration of approximately 92GB of compressed data...

Chinese Hackers Exploit TrueConf Zero-Day in 'Operation TrueChaos'

Update:The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2026-3502, the TrueConf zero-day exploited in 'Operation TrueChaos,' to its Known Exploited Vulnerabilities (KEV) catalog. This designation mandates that all Federal Civi...