Cybersecurity News - Page 4

As part of the breach, multiple AWS access keys were stolen and later used for unauthorized activity across a limited number of Cisco cloud accounts.

Attackers leveraged the update channel of TrueConf to deliver malware, more specifically a payload linked to the Havoc C&C framework.

The hackers hijacked the npm account of the library's developer and inserted a malicious dependency into the package configuration.

He now faces up to 10 years in prison on a computer fraud charge and up to 20 years if convicted of money laundering.

The investigation began when the researchers examined activity linked to the Stately Taurus group that leveraged USB-based malware called USBFect, aka HIUPAN.

The leak reportedly includes personal messages dating back to 2010 and 2019, as well as images allegedly taken from Patel’s account.

The flaw, tracked as CVE-2026-21643, allows unauthenticated attackers to execute arbitrary code on vulnerable systems.

The CTRL toolkit is custom-built using the .NET framework and consists of multiple executables designed to carry out various actions.

Defused Cyber said it observed authentication method fingerprinting activity targeting NetScaler deployments.

Recipients are urged to download a “protected” archive and install so-called security software.