Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-23 13:00 PDT
- Bitwarden CLI npm package compromised to steal developer credentials
BleepingComputer • 2026-04-23 12:21 • www.bleepingcomputer.com
The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects. […]
https://www.bleepingcomputer.com/news/security/bitwarden-cli-npm-package-compromised-to-steal-developer-credentials/ - Trigona ransomware attacks use custom exfiltration tool to steal data
BleepingComputer • 2026-04-23 11:59 • www.bleepingcomputer.com
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. […]
https://www.bleepingcomputer.com/news/security/trigona-ransomware-attacks-use-custom-exfiltration-tool-to-steal-data/ - UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
The Hacker News • 2026-04-23 11:16 • thehackernews.com
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts.
“As with many other intrusions in recent years, UNC6692 relied heavily on impersonating IT helpdesk employees, convincing their victim to accept a Microsoft Teams chat invitation from an account
https://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.html - New Checkmarx supply-chain breach affects KICS analysis tool
BleepingComputer • 2026-04-23 09:05 • www.bleepingcomputer.com
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. […]
https://www.bleepingcomputer.com/news/security/new-checkmarx-supply-chain-breach-affects-kics-analysis-tool/ - Cosmetics giant Rituals discloses data breach affecting customers
BleepingComputer • 2026-04-23 07:16 • www.bleepingcomputer.com
Dutch cosmetics giant Rituals disclosed a data breach after attackers stole the personal information of an undisclosed number of customers from its “My Rituals” membership database. […]
https://www.bleepingcomputer.com/news/security/cosmetics-giant-rituals-discloses-data-breach-affecting-customers/ - Regular Password Resets Aren’t as Safe as You Think
BleepingComputer • 2026-04-23 07:10 • www.bleepingcomputer.com
Password resets are one of the easiest ways for attackers to bypass security controls. Specops Software shows how helpdesk social engineering turns a seemingly legitimate reset request into full account compromise. […]
https://www.bleepingcomputer.com/news/security/regular-password-resets-arent-as-safe-as-you-think/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
