Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-23 17:00 PDT
- Hackers exploit file upload bug in Breeze Cache WordPress plugin
BleepingComputer • 2026-04-23 14:33 • www.bleepingcomputer.com
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. […]
https://www.bleepingcomputer.com/news/security/hackers-exploit-file-upload-bug-in-breeze-cache-wordpress-plugin/ - Bitwarden CLI npm package compromised to steal developer credentials
BleepingComputer • 2026-04-23 12:21 • www.bleepingcomputer.com
The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects. […]
https://www.bleepingcomputer.com/news/security/bitwarden-cli-npm-package-compromised-to-steal-developer-credentials/ - Trigona ransomware attacks use custom exfiltration tool to steal data
BleepingComputer • 2026-04-23 11:59 • www.bleepingcomputer.com
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. […]
https://www.bleepingcomputer.com/news/security/trigona-ransomware-attacks-use-custom-exfiltration-tool-to-steal-data/ - UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
The Hacker News • 2026-04-23 11:16 • thehackernews.com
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts.
“As with many other intrusions in recent years, UNC6692 relied heavily on impersonating IT helpdesk employees, convincing their victim to accept a Microsoft Teams chat invitation from an account
https://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
