Cybersecurity Articles

204/69 Friday, April 10, 2026 Researchers from CloudSEK have uncovered hardcoded Google API keys embedded in 22 popular Android applications, totaling 32 keys and impacting over 500 million users. These keys could potentially be abused to access Gemini AI services without authorization. The findings align with research from Quokka, which identified over 35,000 similar keys […]

203/69 Friday, April 10, 2026 A report from Microsoft Threat Intelligence reveals that the hacking group known as Forest Blizzard (also called Fancy Bear) has been conducting large-scale attacks by compromising home and small office (SOHO) routers to build an infrastructure for cyber espionage. This activity has been tracked since August 2025 and has continued […]

202/69 Friday, April 10, 2026 Cybersecurity researchers have uncovered a campaign targeting nearly 100 online stores running Magento, where attackers use a highly stealthy technique by embedding credit card–stealing code inside 1×1 pixel SVG image files. These images are virtually invisible to users and difficult for traditional security scanners to detect. The attack leverages a […]

201/69 Thursday, April 9, 2026 Trellix has revealed details about the Masjesu botnet, which is specifically designed to carry out Distributed Denial-of-Service (DDoS) attacks. Active since 2023, the botnet operators promote their services via Telegram in both Chinese and English, claiming the capability to launch attacks reaching hundreds of gigabits per second. Analysis shows that […]

200/69 Thursday, April 9, 2026 A widespread system outage has disrupted banking and payment services across Russia, preventing users from making card payments, withdrawing cash from ATMs, or accessing mobile banking applications for several hours. The incident affected major banks including Sberbank, VTB Bank, Alfa-Bank, T-Bank, and Gazprombank, impacting multiple regions, including Moscow, with a […]

199/69 Thursday, April 9, 2026 Security researchers from Elastic Security Labs have uncovered a malware campaign linked to the threat group REF1695, active since late 2023. The attackers distribute malware through fake software installers packaged as ISO files. A key tactic in this campaign is the use of social engineering via a ReadMe.txt file, which […]

198/69 Wednesday, April 8, 2026 Researchers have disclosed a new attack technique called GPUBreach, which induces bit-flips in GPU memory (GDDR6) to escalate privileges and ultimately take control of a system. The method builds upon the concept of RowHammer, where intentional memory corruption is used to manipulate data. In this case, attackers target GPU memory […]

197/69 Wednesday, April 8, 2026 The Shadowserver Foundation has revealed that more than 14,000 F5 BIG-IP APM systems remain exposed on the internet and are vulnerable to exploitation through a critical flaw, CVE-2025-53521 (CVSS 9.8). This vulnerability is a Remote Code Execution (RCE) issue that is currently being actively exploited in the wild. The flaw […]

196/69 Wednesday, April 8, 2026 Germany’s Federal Criminal Police Office (BKA) has successfully identified the individuals behind the notorious global ransomware operations GandCrab and REvil, which caused widespread damage between 2019 and 2021. The primary suspects are Daniil Maksimovich Shchukin (alias “UNKN”) and Anatoly Sergeevitsch Kravchuk, both Russian nationals. Investigations revealed that the pair were […]

195/69 Tuesday, April 7, 2026 Cybercriminals are evolving their smishing (SMS phishing) tactics by using QR codes instead of malicious links in messages that impersonate traffic fines. Victims are tricked into scanning the QR code, which directs them to a phishing website where they are prompted to pay a supposed fine. This technique helps attackers […]