Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-07 03:00 PDT
- Hong Kong Police Can Force You to Reveal Your Encryption Keys
Schneier on Security • 2026-04-07 02:45 • www.schneier.comAccording to a new law, the Hong Kong police can demand that you reveal the encryption keys protecting your computer, phone, hard drives, etc.—even if you are just transiting the airport.
In a security alert dated March 26, the U.S. Consulate General said that, on March 23, 2026, Hong Kong authorities changed the rules governing enforcement of the National Security Law. Under the revised framework, police can require individuals to provide passwords or other assistance to access personal electronic de…
https://www.schneier.com/blog/archives/2026/04/hong-kong-police-can-force-you-to-reveal-your-encryption-keys.html - Life imprisonment for Cambodian scam compound operators – but will it make a difference?
Graham Cluley • 2026-04-07 01:57 • www.bitdefender.com
Cambodia has taken a dramatic step in its fight against scam compounds that have imprisoned innocent people, and forced them to work as virtual slaves defrauding victims via the internet around the world with romance scams and dodgy investment schemes.Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/life-imprisonment-cambodian-scam-operators - New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips
The Hacker News • 2026-04-07 01:38 • thehackernews.com
New academic research has identified multiple RowHammer attacks against high-performance graphics processing units (GPUs) that could be exploited to escalate privileges and, in some cases, even take full control of a host.
The efforts have been codenamed GPUBreach, GDDRHammer, and GeForge.
GPUBreach goes a step further than GPUHammer, demonstrating for the first time that
https://thehackernews.com/2026/04/new-gpubreach-attack-enables-full-cpu.html - 172: SuperBox
Darknet Diaries • 2026-04-07 00:00 • darknetdiaries.comWhat if there was a device which gave you endless movies and TV shows without ads? Ok great sign me up! In this episode we interview “D3ada55”, who found such a device, but as she gazed into it, she discovered it gazing back at her.
Sponsors
Support for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known a…
https://darknetdiaries.com/episode/172/ - China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
The Hacker News • 2026-04-06 23:35 • thehackernews.com
A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate “high-velocity” attacks and break into susceptible internet-facing systems.
“The threat actor’s high operational tempo and proficiency in identifying exposed perimeter assets have proven successful, with recent
https://thehackernews.com/2026/04/china-linked-storm-1175-exploits-zero.html - Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
The Hacker News • 2026-04-06 22:56 • thehackernews.com
Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings from VulnCheck.
The vulnerability in question is CVE-2025-59528 (CVSS score: 10.0), a code injection vulnerability that could result in remote code execution.
“The CustomMCP node allows users to input configuration settings for connecting
https://thehackernews.com/2026/04/flowise-ai-agent-builder-under-active.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
