Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-09 13:00 PDT
- Healthcare IT solutions provider ChipSoft hit by ransomware attack
BleepingComputer • 2026-04-09 12:46 • www.bleepingcomputer.com
Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. […]
https://www.bleepingcomputer.com/news/security/healthcare-it-solutions-provider-chipsoft-hit-by-ransomware-attack/ - Google Chrome adds infostealer protection against session cookie theft
BleepingComputer • 2026-04-09 11:33 • www.bleepingcomputer.com
Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block info-stealing malware from harvesting session cookies. […]
https://www.bleepingcomputer.com/news/security/google-chrome-adds-infostealer-protection-against-session-cookie-theft/ - EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
The Hacker News • 2026-04-09 10:26 • thehackernews.com
Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk.
“This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data,” the Microsoft Defender
https://thehackernews.com/2026/04/engagelab-sdk-flaw-exposed-50m-android.html - UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
The Hacker News • 2026-04-09 09:23 • thehackernews.com
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook.
“LucidRook is a sophisticated stager that embeds a Lua interpreter and Rust-compiled libraries within a dynamic-link library (DLL) to download and
https://thehackernews.com/2026/04/uat-10362-targets-taiwanese-ngos-with.html - Smart Slider updates hijacked to push malicious WordPress, Joomla versions
BleepingComputer • 2026-04-09 09:15 • www.bleepingcomputer.com
Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version with multiple backdoors. […]
https://www.bleepingcomputer.com/news/security/smart-slider-updates-hijacked-to-push-malicious-wordpress-joomla-versions/ - When attackers already have the keys, MFA is just another door to open
BleepingComputer • 2026-04-09 07:02 • www.bleepingcomputer.com
Stolen credentials turn authentication systems into the attack surface. Token shows how wearable biometric authentication verifies the user—not the session—blocking phishing relays and MFA bypass. […]
https://www.bleepingcomputer.com/news/security/when-attackers-already-have-the-keys-mfa-is-just-another-door-to-open/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
