Security Articles

GitGuardian's State of Secrets Sprawl 2026 report reveals that hardcoded secret leaks accelerated dramatically in 2025, with 29 million new secrets exposed — a 34% year-over-year increase.

The Hacker News

01 min read

Security•2026-03-30

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Censys researchers uncovered CTRL, a Russian-origin remote access toolkit distributed via malicious LNK files disguised as private key folders.

The Hacker News

01 min read

Security•2026-03-30

Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign

Three China-linked threat clusters conducted a coordinated cyber campaign targeting a Southeast Asian government organization in 2025.

Cloudflare

11 min read

Security•2026-03-30

Cloudflare Client-Side Security: smarter detection, now open to everyone

Cloudflare announces Client-Side Security using a GNN+LLM cascading classifier to detect malicious JavaScript with fewer false positives.

Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack

This article covers Iran-linked hacktivist group Handala Hack Team's recent cyberattacks, including breaching FBI Director Kash Patel's personal email and launching a destructive wiper attack on Fortune 500 company Stryker.

The Hacker News

01 min read

Security•2026-03-28

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

This article covers CVE-2026-3055, a critical memory overread vulnerability (CVSS 9.3) in Citrix NetScaler ADC and Gateway that is under active reconnaissance and exploitation.

The Hacker News

01 min read

Security•2026-03-28

TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

Proofpoint has disclosed a spear-phishing campaign by Russian state-sponsored group TA446 (also known as Callisto, COLDRIVER, Star Blizzard) leveraging the DarkSword iOS exploit kit.

The Hacker News

01 min read

Security•2026-03-28

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

CISA added CVE-2025-53521, a critical F5 BIG-IP APM vulnerability, to its Known Exploited Vulnerabilities catalog after confirmed in-the-wild exploitation.

The Hacker News

21 min read

Security•2026-03-27

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Apple is issuing Lock Screen notifications to iPhones and iPads running outdated iOS versions to warn users about active web-based exploit kits.

The Hacker News

41 min read

Security•2026-03-27

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

This article covers a TeamPCP supply chain attack on the telnyx Python package, hiding malware inside .WAV files via audio steganography.

The Hacker News

21 min read

Security•2026-03-27

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

This article covers a now-patched vulnerability in Open VSX's pre-publish extension scanning pipeline that allowed malicious VS Code extensions to bypass security checks.

The Hacker News

21 min read

Security•2026-03-27

AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion

This article covers two phishing campaigns: one targeting TikTok for Business accounts via AitM techniques, and another using SVG attachments to deliver malware in Venezuela.