Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-30 08:00 PDT
- Anti-DDoS Firm Heaped Attacks on Brazilian ISPs
KrebsOnSecurity • 2026-04-30 07:04 • krebsonsecurity.com
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company’s public image.
https://krebsonsecurity.com/2026/04/anti-ddos-firm-heaped-attacks-on-brazilian-isps/ - What Happens in the First 24 Hours After a New Asset Goes Live
BleepingComputer • 2026-04-30 07:02 • www.bleepingcomputer.com
When a new asset goes live, attackers start scanning within minutes. Sprocket Security shows how automated attacks move from discovery to compromise in under 24 hours. […]
https://www.bleepingcomputer.com/news/security/what-happens-in-the-first-24-hours-after-a-new-asset-goes-live/ - ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
The Hacker News • 2026-04-30 06:55 • thehackernews.com
The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online.
Security is always a moving target. Millions of servers are currently sitting online without any passwords, and
https://thehackernews.com/2026/04/threatsday-bulletin-sms-blaster-busts.html - New Linux ‘Copy Fail’ flaw gives hackers root on major distros
BleepingComputer • 2026-04-30 06:54 • www.bleepingcomputer.com
An exploit has been published for a local privilege escalation vulnerability dubbed “Copy Fail” that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. […]
https://www.bleepingcomputer.com/news/security/new-linux-copy-fail-flaw-gives-hackers-root-on-major-distros/ - New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
The Hacker News • 2026-04-30 05:36 • thehackernews.com
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts.
“The intrusion chain begins with execution of a batch script (‘install_obf.bat’) that disables Windows security controls, dynamically extracts an
https://thehackernews.com/2026/04/new-python-backdoor-uses-tunneling.html - Critical cPanel and WHM bug exploited as a zero-day, PoC now available
BleepingComputer • 2026-04-30 04:40 • www.bleepingcomputer.com
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. […]
https://www.bleepingcomputer.com/news/security/critical-cpanel-and-whm-bug-exploited-as-a-zero-day-poc-now-available/ - EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
The Hacker News • 2026-04-30 04:30 • thehackernews.com
Intro
A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations. By integrating Search Engine Order (SEO)
https://thehackernews.com/2026/04/etherrat-distribution-spoofing.html - Police dismantles 9 crypto scam centers, arrests 276 suspects
BleepingComputer • 2026-04-30 04:21 • www.bleepingcomputer.com
A joint international operation involving U.S. and Chinese authorities arrested at least 276 suspects and shut down nine cryptocurrency investment fraud centers. […]
https://www.bleepingcomputer.com/news/security/police-dismantles-9-crypto-investment-scam-centers-arrests-276-suspects/ - Fast16 Malware
Schneier on Security • 2026-04-30 03:22 • www.schneier.comResearchers have reverse-engineered a piece of malware named Fast16. It’s almost certainly state-sponsored, probably US in origin, and was deployed against Iran years before Stuxnet:
“…the Fast16 malware was designed to carry out the most subtle form of sabotage ever seen in an in-the-wild malware tool: By automatically spreading across networks and then silently manipulating computation processes in ce…
https://www.schneier.com/blog/archives/2026/04/fast16-malware.html - New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
The Hacker News • 2026-04-30 02:24 • thehackernews.com
Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root.
The high-severity vulnerability tracked as CVE-2026-31431 (CVSS score: 7.8) has been codenamed Copy Fail by Xint.io and Theori.
“An unprivileged local user can write four controlled bytes into the page cache of any readable file on a Linux
https://thehackernews.com/2026/04/new-linux-copy-fail-vulnerability.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
