ICYMI: 2026-04-22
Latest Headlines
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
Toxic Combinations: When Cross-App Permissions Stack into Risk
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
AI Tools Are Helping Mediocre North Korean Hackers Steal Millions
Most Serious Cyberattacks Against the UK Now From Russia, Iran and China, Cyber Chief Says
New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention
Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data
North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks
Google Antigravity in Crosshairs of Security Researchers, Cybercriminals
109 Fake GitHub Repositories Used to Deliver SmartLoader and StealC Malware
Malicious Google Ads Target Crypto Users With Wallet Drainers and Seed Phrase Theft
Cybercriminals Exploit French Fintech Accounts to Move Stolen Money Before Detection
Hackers Use Lotus Wiper to Destroy Drives and Delete Files in Energy Sector Attack
Microsoft Warns Jasper Sleet Uses Fake IT Worker Identities to Infiltrate Cloud Environments
Claude Mythos AI Model Uncovers 271 Zero-Day Vulnerabilities in Firefox
New Auraboros RAT Exposes Live Audio Streaming, Keylogging, and Cookie Hijacking in Open C2 Panel
New DinDoor Backdoor Abuses Deno Runtime and MSI Installers to Evade Detection
Kyber ransomware gang toys with post-quantum encryption on Windows
Spain dismantles major $4.7M manga piracy platform, arrests four
Inside Caller-as-a-Service Fraud: The Scam Economy Has a Hiring Process
New npm supply-chain attack self-spreads to steal auth tokens
Microsoft Teams to get efficiency mode on PCs with limited resources
Microsoft traces Universal Print issues to Graph API code change
New GoGra malware for Linux uses Microsoft Graph API for comms
Microsoft releases emergency patches for critical ASP.NET flaw
Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks
– MTZ