Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-24 13:00 PDT
- New BlackFile extortion group linked to surge of vishing attacks
BleepingComputer • 2026-04-24 11:26 • www.bleepingcomputer.com
A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality organizations since February 2026. […]
https://www.bleepingcomputer.com/news/security/new-blackfile-extortion-gang-targets-retail-and-hospitality-orgs/ - Microsoft to roll out Entra passkeys on Windows in late April
BleepingComputer • 2026-04-24 11:13 • www.bleepingcomputer.com
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-to-roll-out-entra-passkeys-on-windows-in-late-april/ - New ‘Pack2TheRoot’ flaw gives hackers root Linux access
BleepingComputer • 2026-04-24 10:28 • www.bleepingcomputer.com
A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions. […]
https://www.bleepingcomputer.com/news/security/new-pack2theroot-flaw-gives-hackers-root-linux-access/ - FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
The Hacker News • 2026-04-24 10:06 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency’s Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September 2025 with malware called FIRESTARTER.
FIRESTARTER, per CISA and the U.K.’s National Cyber Security Centre (NCSC), is assessed to be a backdoor designed for remote access and
https://thehackernews.com/2026/04/firestarter-backdoor-hit-federal-cisco.html - NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
The Hacker News • 2026-04-24 07:13 • thehackernews.com
The Office of Inspector General (OIG) of the U.S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities, universities, and private companies, in violation of export control laws.
“For years, NASA employees
https://thehackernews.com/2026/04/nasa-employees-duped-in-chinese.html - DORA and operational resilience: Credential management as a financial risk control
BleepingComputer • 2026-04-24 07:10 • www.bleepingcomputer.com
Article 9 of DORA makes authentication and access control a legal obligation for EU financial entities. Here is what the regulation requires, and what a breach looks like when those controls are missing. […]
https://www.bleepingcomputer.com/news/security/dora-and-operational-resilience-credential-management-as-a-financial-risk-control/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
