Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-28 13:00 PDT
- Video service Vimeo confirms Anodot breach exposed user data
BleepingComputer • 2026-04-28 12:04 • www.bleepingcomputer.com
Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot data anomaly detection company. […]
https://www.bleepingcomputer.com/news/security/video-service-vimeo-confirms-anodot-breach-exposed-user-data/ - Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
The Hacker News • 2026-04-28 11:19 • thehackernews.com
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single “git push” command.
The flaw, tracked as CVE-2026-3854 (CVSS score: 8.7), is a case of command injection that could allow an attacker with push access to a repository to achieve
https://thehackernews.com/2026/04/researchers-discover-critical-github.html - Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
The Hacker News • 2026-04-28 10:39 • thehackernews.com
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot).
“The malware disguises itself as a Minecraft hack called ‘Slinky,'” Brazil-based cybersecurity company ZenoX said in a technical report. “It uses the official game icon to induce voluntary execution,
https://thehackernews.com/2026/04/brazilian-lofygang-resurfaces-after.html - US reportedly charges Scattered Spider hacker arrested in Finland
BleepingComputer • 2026-04-28 08:39 • www.bleepingcomputer.com
A 19-year-old dual United States and Estonian citizen arrested in Finland earlier this month faces federal charges in the U.S. alleging he was a prolific member of the notorious Scattered Spider hacking collective. […]
https://www.bleepingcomputer.com/news/security/us-reportedly-charges-scattered-spider-hacker-arrested-in-finland/ - Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
BleepingComputer • 2026-04-28 07:50 • www.bleepingcomputer.com
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. […]
https://www.bleepingcomputer.com/news/security/checkmarx-confirms-lapsus-hackers-leaked-its-stolen-github-data/ - VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
The Hacker News • 2026-04-28 07:01 • thehackernews.com
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for the threat actors.
The fact that VECT’s locker permanently destroys large files rather than encrypting them means even victims who opt to
https://thehackernews.com/2026/04/vect-20-ransomware-irreversibly.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
