Critical Infrastructure Under Siege: ZionSiphon & Lotus Wiper Unleashed as Zero-Days and Bank Breaches Rock Global Networks

Destructive 'Lotus Wiper' Malware Strikes Venezuelan Energy Sector

Researchers from Kaspersky have uncovered 'Lotus Wiper,' a new data-wiping malware used in targeted attacks against Venezuela's energy and utilities sector. The malware is purely destructive, designed to render systems inoperable by erasing recovery mechanisms...

Everest Ransomware Claims Attacks on Citizens and Frost Banks

The Everest ransomware gang has listed two major U.S. financial institutions, Citizens Financial Group and Frost Bank, on its dark web leak site. The group claims to have stolen sensitive customer data, including Social Security numbers and financial details,...

'BRIDGE:BREAK' Vulnerabilities Expose Thousands of Serial-to-IP Converters

Researchers at Forescout have discovered 22 vulnerabilities, collectively named 'BRIDGE:BREAK,' in popular serial-to-IP converters from Lantronix and Silex. These devices, which bridge legacy OT/ICS equipment to modern IP networks, are affected by flaws that c...

Ransomware Negotiator Admits to Conspiring with BlackCat Gang

Angelo Martino, a former ransomware negotiator, has pleaded guilty to conspiring with the notorious BlackCat (ALPHV) ransomware gang. Martino abused his position at a crypto brokerage firm, using his insider knowledge of his clients' negotiating strategies and...

Google Patches Critical Prompt Injection Flaw in Antigravity IDE

Google has patched a critical vulnerability in its Antigravity IDE, an AI-powered development environment. The flaw allowed a prompt injection attack to achieve arbitrary code execution, bypassing the IDE's security sandbox. Researchers found that by injecting...

Fake 'TradingClaw' Website Spreads 'Needle Stealer' Malware

A malware campaign is using a sophisticated lure—a fake website for an AI trading tool called 'TradingClaw'—to distribute 'Needle Stealer,' a potent info-stealing malware. The malware aims to harvest sensitive data from victims, including browser data, login s...

ENISA Updates Framework for National Cybersecurity Assessment

The European Union Agency for Cybersecurity (ENISA) has released version 2.0 of its National Capabilities Assessment Framework (NCAF). The updated framework and online tool provide a methodology for EU member states to assess the maturity of their National Cyb...

Microsoft's Massive April Patch Tuesday Fixes Actively Exploited SharePoint Zero-Day and 164 Other Flaws

Update:The new article focuses exclusively on CVE-2026-32201, providing a detailed breakdown of its attack vector, complexity, and user interaction. It offers more specific hunting hints, such as monitoring `/wsa.asmx` or `/wsb.asmx` endpoints and file modifications,...

Vercel Hit by Supply Chain Attack; ShinyHunters Claims Responsibility, Demands $2M

Update:Vercel's ongoing investigation into the supply chain attack has confirmed that a limited subset of customer credentials were compromised. In response, Vercel is actively collaborating with industry partners including Microsoft, GitHub, and npm to conduct furth...

Actively Exploited Microsoft Defender Zero-Days 'RedSun' and 'UnDefend' Remain Unpatched

Update:New reports from Huntress confirm that all three Microsoft Defender zero-days (BlueHammer, RedSun, UnDefend) are actively exploited in the wild. While BlueHammer's exploitation was noted by April 10, proof-of-concept exploits for RedSun (LPE) and UnDefend (DoS...

EU Proposes 'Cybersecurity Act 2.0' to Counter Hybrid Threats and Regulate ICT Suppliers

Update:The European Union Agency for Cybersecurity (ENISA) has launched version 2.0 of its National Capabilities Assessment Framework (NCAF). This updated framework and online tool provide a structured methodology for EU member states to evaluate the maturity of thei...

ShinyHunters Breach at Canada Life Exposes Data of 70,000 Customers

Update:Further analysis of the Canada Life data breach confirms the incident's timeline, with Canada Life officially acknowledging unauthorized access on April 21, 2026, following ShinyHunters' dark web claims on April 17. The exposed personal information now explici...