Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-02 13:00 PDT
- Drift loses $280 million as hackers seize Security Council powers
BleepingComputer • 2026-04-02 12:03 • www.bleepingcomputer.com
The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. […]
https://www.bleepingcomputer.com/news/security/drift-loses-280-million-as-hackers-seize-security-council-powers/ - US Bans All Foreign-Made Consumer Routers
Schneier on Security • 2026-04-02 10:28 • www.schneier.comThis is for new routers; you don’t have to throw away your existing ones:
The Executive Branch determination noted that foreign-produced routers (1) introduce “a supply chain vulnerability that could disrupt the U.S. economy, critical infrastructure, and national defense” and (2) pose “a severe cybersecurity risk that could be leveraged to immediately and severely disrupt U.S. critical infrastructure and directly harm U.S. persons.”
More https://www.schneier.com/blog/archives/2026/04/us-bans-all-foreign-made-consumer-routers.html
- Residential proxies evaded IP reputation checks in 78% of 4B sessions
BleepingComputer • 2026-04-02 08:21 • www.bleepingcomputer.com
Researchers warn that residential proxies used to route malicious traffic are a big problem for IP reputation systems, as there is no clear distinction between attackers and legitimate users. […]
https://www.bleepingcomputer.com/news/security/residential-proxies-evaded-ip-reputation-checks-in-78-percent-of-4b-sessions/ - Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
The Hacker News • 2026-04-02 08:21 • thehackernews.com
Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges.
The vulnerability, tracked as CVE-2026-20093, carries a CVSS score of 9.8 out of a maximum of 10.0.
“This
https://thehackernews.com/2026/04/cisco-patches-98-cvss-imc-and-ssm-flaws.html - Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)
SANS ISC Diary (full) • 2026-04-02 07:49 • isc.sans.eduFrom its GitHub repo: “Vite (French word for “quick”, pronounced /vi?t/, like “veet”) is a new breed of frontend build tooling that significantly improves the frontend development experience” [https://github.com/vitejs/vite].
- Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
BleepingComputer • 2026-04-02 07:01 • www.bleepingcomputer.com
Threat actors are exploiting vacant homes as “drop addresses” to intercept mail and enable fraud. Flare shows how postal services and fake identities are abused to turn mail into a fraud vector. […]
https://www.bleepingcomputer.com/news/security/adversaries-exploit-vacant-homes-to-intercept-mail-in-hybrid-cybercrime/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
