Latest news as of 4/3/2026, 6:13:07 PM
The Hacker News
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal targeting in the region. The campaign has been attributed to TA416, a cluster of activity that overlaps with DarkPeony, RedDelta, Red Lich, SmugX, UNC6384, and Vertigo Panda. "This TA416 activity included multiple
Bleeping Computer
Telehealth giant Hims & Hers Health is warning that it suffered a data breach after support tickets were stolen from a third-party customer service platform. [...]
The Hacker News
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team. "Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actor-supplied cookie values to gate execution,
Bleeping Computer
The Qilin ransomware group has claimed responsibility for an attack against Die Linke ('The Left'), forcing an IT systems outage at the political party, and threatening sensitive data leak. [...]
The Register
A practical look at securing identities, devices and applications wherever work happens The shift to hybrid work has reshaped the enterprise perimeter. Users are logging in from home networks, shared spaces and unmanaged devices, while applications span on-prem systems and multiple clouds. Traditional security models were not designed for this level of fragmentation, leaving many organizations struggling to maintain visibility and control without adding friction.… Webinar Promo
Dark Reading
As organizations disclose breaches tied to TeamPCP's supply chain attacks, ShinyHunters and Lapsus$ are getting involved, taking credit, and creating a murky situation for enterprises.
Bleeping Computer
Multi-extortion ransomware relies on stolen data to pressure victims with public leaks. Penta Security explains how its D.AMO platform keeps exfiltrated files encrypted and useless to attackers. [...]
Dark Reading
The rebuilt Chainguard platform adds deeper security designed to continuously reconcile open-source artifacts across containers, libraries, Actions and skills.
Dark Reading
"Skull vibration harmonics generated by vital signs" can be used to sign in to VR, AR, and MR headsets, according to emerging research.
Dark Reading
Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.