Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-16 08:00 PDT
- New ATHR vishing platform uses AI voice agents for automated attacks
BleepingComputer • 2026-04-16 07:09 • www.bleepingcomputer.com
A new cybercrime platform called ATHR can harvest credentials via fully automated voice phishing attacks that use both human operators and AI agents for the social engineering phase. […]
https://www.bleepingcomputer.com/news/security/new-athr-vishing-platform-uses-ai-voice-agents-for-automated-attacks/ - Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
BleepingComputer • 2026-04-16 07:02 • www.bleepingcomputer.com
AI-powered SOC tools promise automation, but most only speed up triage instead of reducing real workload. Tines shows how real gains come from end-to-end workflows that execute actions across systems, not just summarize alerts. […]
https://www.bleepingcomputer.com/news/security/most-ai-socs-are-just-faster-triage-thats-not-enough/ - ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
The Hacker News • 2026-04-16 06:05 • thehackernews.com
You know that feeling when you open your feed on a Thursday morning and it’s just… a lot? Yeah. This week delivered. We’ve got hackers getting creative in ways that are almost impressive if you ignore the whole “crime” part, ancient vulnerabilities somehow still ruining people’s days, and enough supply chain drama to fill a season of television nobody asked for.
Not all bad though. Some
https://thehackernews.com/2026/04/threatsday-bulletin-17-year-old-excel.html - Cisco says critical Webex Services flaw requires customer action
BleepingComputer • 2026-04-16 05:01 • www.bleepingcomputer.com
Cisco has released security updates to patch four critical vulnerabilities, including a fixed improper certificate validation flaw in the company’s cloud-based Webex Services platform that requires further customer action. […]
https://www.bleepingcomputer.com/news/security/cisco-says-critical-webex-services-flaw-requires-customer-action/ - [Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment
The Hacker News • 2026-04-16 04:55 • thehackernews.com
In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching.
For every employee in your org, there are 40 to 50 automated credentials: service accounts, API tokens, AI agent connections, andOAuth grants. When projects end or employees leave, most
https://thehackernews.com/2026/04/webinar-find-and-eliminate-orphaned-non.html - Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
The Hacker News • 2026-04-16 04:27 • thehackernews.com
Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service.
The details of the vulnerabilities are below –CVE-2026-20184 (CVSS score: 9.8) – An improper certificate validation in the integration of single sign-on (SSO)
https://thehackernews.com/2026/04/cisco-patches-four-critical-identity.html - Data breach at edtech giant McGraw Hill affects 13.5 million accounts
BleepingComputer • 2026-04-16 03:35 • www.bleepingcomputer.com
The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company’s Salesforce environment earlier this month. […]
https://www.bleepingcomputer.com/news/security/data-breach-at-edtech-giant-mcgraw-hill-affects-135-million-accounts/ - Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
The Hacker News • 2026-04-16 03:30 • thehackernews.com
A bank approved a Taboola pixel. That pixel quietly redirected logged-in users to a Temu tracking endpoint. This occurred without the bank’s knowledge, without user consent, and without a single security control registering a violation.Read the full technical breakdown in the Security Intelligence Brief. Download now →
The “First-Hop Bias” Blind Spot
Most&
https://thehackernews.com/2026/04/hidden-passenger-how-taboola-routes.html - Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
The Hacker News • 2026-04-16 03:20 • thehackernews.com
A “novel” social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors.
Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage
https://thehackernews.com/2026/04/obsidian-plugin-abuse-delivers.html - Human Trust of AI Agents
Schneier on Security • 2026-04-16 02:41 • www.schneier.comInteresting research: “Humans expect rationality and cooperation from LLM opponents in strategic games.”
Abstract: As Large Language Models (LLMs) integrate into our social and economic interactions, we need to deepen our understanding of how humans respond to LLMs opponents in strategic settings. We present the results of the first controlled monetarily-incentivised laboratory experiment looking at differences in human behaviour in a multi-player p-beauty contest against other humans and LLMs. We use a …
https://www.schneier.com/blog/archives/2026/04/human-trust-of-ai-agents.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
