Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-03 08:00 PDT
- Evolution of Ransomware: Multi-Extortion Ransomware Attacks
BleepingComputer • 2026-04-03 07:05 • www.bleepingcomputer.com
Multi-extortion ransomware relies on stolen data to pressure victims with public leaks. Penta Security explains how its D.AMO platform keeps exfiltrated files encrypted and useless to attackers. […]
https://www.bleepingcomputer.com/news/security/evolution-of-ransomware-multi-extortion-ransomware-attacks/ - TeamPCP Supply Chain Campaign: Update 006 – CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)
SANS ISC Diary (full) • 2026-04-03 06:18 • isc.sans.eduThis is the sixth update to the TeamPCP supply chain campaign threat intelligence report, “When the Security Scanner Became the Weapon” (v3.0, March 25, 2026). Update 005Â&#&#x…
https://isc.sans.edu/diary/rss/32864 - Microsoft still working to fix Exchange Online mailbox access issues
BleepingComputer • 2026-04-03 04:25 • www.bleepingcomputer.com
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-still-working-to-fix-exchange-online-mailbox-access-issues/ - Company that Secretly Records and Publishes Zoom Meetings
Schneier on Security • 2026-04-03 04:08 • www.schneier.comWebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes (alternate link) the recordings. It doesn’t use the Zoom record feature, so Zoom can’t do anything about it.
- UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
The Hacker News • 2026-04-03 04:04 • thehackernews.com
The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat actors tracked as UNC1069.
Maintainer Jason Saayman said the attackers tailored their social engineering efforts “specifically to me” by first approaching him under the guise of the founder of a
https://thehackernews.com/2026/04/unc1069-social-engineering-of-axios.html - Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture
The Hacker News • 2026-04-03 04:00 • thehackernews.com
The next major breach hitting your clients probably won’t come from inside their walls. It’ll come through a vendor they trust, a SaaS tool their finance team signed up for, or a subcontractor nobody in IT knows about. That’s the new attack surface, and most organizations are underprepared for it.
Cynomi’s new guide, Securing the Modern Perimeter: The Rise of Third-Party
https://thehackernews.com/2026/04/why-third-party-risk-is-biggest-gap-in.html - Nigerian romance scammer jailed after being caught out by fellow fraudster
Graham Cluley • 2026-04-03 02:38 • www.bitdefender.com
A Nigerian fraudster spent years posing as a woman online, romancing unsuspecting American men out of their savings – until he accidentally tried the same trick on a fellow scammer, who told him to “learn how to do a clean job.”The recovered chat logs helped put him behind bars for 15 years.
Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/nigerian-romance-scammer-jailed - New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
The Hacker News • 2026-04-03 02:10 • thehackernews.com
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems.
The malware has been found to conceal itself within seemingly benign apps, such as enterprise messengers and food delivery services, while
https://thehackernews.com/2026/04/new-sparkcat-variant-in-ios-android.html - Man admits to locking thousands of Windows devices in extortion plot
BleepingComputer • 2026-04-03 02:04 • www.bleepingcomputer.com
A former core infrastructure engineer has pleaded guilty to locking Windows admins out of 254 servers as part of a failed extortion plot targeting his employer, an industrial company headquartered in Somerset County, New Jersey. […]
https://www.bleepingcomputer.com/news/security/man-admits-to-extortion-plot-locking-coworkers-out-of-thousands-of-windows-devices/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
