German authorities identify REvil and GandCrab ransomware bosses The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021.

German authorities identify REvil and GandCrab ransomware bosses www.bleepingcomputer.com/news/securit...

Scammers are raking in millions by impersonating US government officials Cybercriminals are posing as local law enforcement and even senior U.S. officials to coax Americans into disclosing personal information and bank details.

Scammers are raking in millions by impersonating US government officials www.politico.com/news/2026/04...

BlueHammer Windows Zero-Day: Privilege Escalation Risk A newly exposed Windows zero-day known as BlueHammer has become a serious concern because it can let an attacker move from a limited...

BlueHammer Windows Zero-Day: Privilege Escalation Risk socradar.io/blog/blueham...

North Korean Hackers Target High-Profile Node.js Maintainers The threat actor behind the Axios supply chain attack has been aiming at other maintainers in its social engineering campaign.

North Korean Hackers Target High-Profile Node.js Maintainers www.securityweek.com/north-korean...

Cisco fixes critical IMC auth bypass present in many products The Integrated Management Controller (IMC) flaw gives attackers admin access and remote control over servers even when main OS is shut down.

Cisco fixes critical IMC auth bypass present in many products www.csoonline.com/article/4154...

Claude Code Leak: What You Need to Know This post explains what likely happened in the alleged Claude Code leak, why it matters operationally, and what defenders can do now...

Claude Code Leak: What You Need to Know socradar.io/blog/claude-...

FBI shuts down 3 India-based call centers posing as Social Security, tied to $50M stolen from Americans. How they worked About 660 Americans reported losses tied to the operation, but many more may not have come forward.

FBI shuts down 3 India-based call centers posing as Social Security, tied to $50M stolen from Americans. How they worked finance.yahoo.com/economy/poli...

February 2026: ShinyHunters Attacks Hit Odido, CarGurus, Panera Bread, and Figure February 2026 brought a fresh wave of data breach disclosures, and the pattern was hard to miss. Extortion-driven attacks continued to spread...

February 2026: ShinyHunters Attacks Hit Odido, CarGurus, Panera Bread, and Figure socradar.io/blog/major-c...

Axios npm Hijack 2026: Everything You Need to Know – IOCs, Impact & Remediation On March 31, 2026, a threat actor hijacked the npm account of the lead Axios maintainer and published two malicious versions of one of the world’s most

Axios npm Hijack 2026: Everything You Need to Know – IOCs, Impact & Remediation socradar.io/blog/axios-n...

New Google tool allow users to scrub more personal data to keep them safe from online thieves Google is rolling out a new feature called “Results about you” to help users scrub more sensitive information such as social security and driver’s license numbers from internet se…

New Google tool allow users to scrub more personal data to keep them safe from online thieves nypost.com/2026/03/28/u...

ShadowPrompt: Zero-Click Prompt Injection Chain in Anthropic’s Claude Chrome Extension A vulnerability chain nicknamed ShadowPrompt affected Anthropic’s official Claude Google Chrome extension. Simply visiting a malicious webpage could allow an

ShadowPrompt: Zero-Click Prompt Injection Chain in Anthropic’s Claude Chrome Extension socradar.io/blog/shadowp...

Google warns quantum computers could hack encrypted systems by 2029 Banks, governments and tech providers urged to upgrade security because current systems will soon be obsolete

Google warns quantum computers could hack encrypted systems by 2029 www.theguardian.com/technology/2...

Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave Socket and Wiz confirm widespread credential theft and worm‑like propagation, with cached malicious Trivy artifacts still circulating across mirror infrastructure despite takedowns.

Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave www.csoonline.com/article/4149...

Coruna framework: an exploit kit and ties to Operation Triangulation Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-38606 is an updated version of the Operation…

Coruna framework: an exploit kit and ties to Operation Triangulation securelist.com/coruna-frame...

TeamPCP's Checkmarx GitHub Actions Attack: What You Need to Know Checkmarx GitHub Actions were compromised in TeamPCP's expanding supply chain campaign. Full breakdown: attack timeline, MITRE TTPs,...

TeamPCP's Checkmarx GitHub Actions Attack: What You Need to Know socradar.io/blog/teampcp...

U.S. State and Local Government Under Ransomware: 2025–2026 Trend Analysis U.S. state and local government organizations remain under growing pressure from ransomware, making the issue a major cybersecurity and public service concern

U.S. State and Local Government Under Ransomware: 2025–2026 Trend Analysis socradar.io/blog/us-stat...

LiteLLM PyPI Package With 95 Million Downloads Compromised by TeamPCP Hackers Versions 1.82.7 and 1.82.8 of the package, which route requests across various LLM providers and have over 95 million monthly downloads, were found to contain a sophisticated backdoor.

LiteLLM PyPI Package With 95 Million Downloads Compromised by TeamPCP Hackers cybersecuritynews.com/litellm-pack...

Russian Citizen Sentenced to Federal Prison for Hacking into U.S. Companies and Enabling Major Cybercrime Groups to Extort Tens of Millions of Dollars www.justice.gov/usao-sdin/pr...

Tycoon2FA phishing platform returns after recent police disruption The Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels.

Tycoon2FA phishing platform returns after recent police disruption www.bleepingcomputer.com/news/securit...

Open Source Intelligence (OSINT): Is Tsurugi Linux The Best Operating System For OSINT Investigations? – Hackers Arise In this article, we will explore what Tsurugi Linux is, how to install it, and the features it offers for OSINT investigations

Open Source Intelligence (OSINT): Is Tsurugi Linux The Best Operating System For OSINT Investigations? hackers-arise.com/open-source-...

GitHub - elder-plinius/V3SP3R: AI Flipper control AI Flipper control. Contribute to elder-plinius/V3SP3R development by creating an account on GitHub.

Talk to your Flipper Zero like it's your partner-in-hacking. Vesper turns your pocket hacking tool into an AI-powered command center.

github.com/elder-pliniu...

CISA urges US orgs to secure Microsoft Intune systems after Stryker breach CISA warned U.S. organizations to follow Microsoft guidance to strengthen the Intune endpoint management tool after a cyberattack exploited it to wipe medical technology giant Stryker's systems.

CISA urges US orgs to secure Microsoft Intune systems after Stryker breach www.bleepingcomputer.com/news/securit...

Authorities disrupt world’s largest IoT DDoS botnets responsible for record breaking attacks targeting victims worldwide

www.justice.gov/usao-ak/pr/a...

Mythical Beasts and where to find them: Mapping the global spyware market and its threats to national security and human rights The Mythical Beasts project pulls back the curtain on the connections between 435 entities across forty-two countries in the global spyware market.

Mythical Beasts and where to find them: Mapping the global spyware market and its threats to national security and human rights www.atlanticcouncil.org/in-depth-res...

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover DarkSword exploit targets iOS 18.4–18.7 using 6 flaws and 3 zero-days, enabling rapid data theft from iPhones across multiple countries.

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover thehackernews.com/2026/03/dark...

Cybercriminals scale up, government sector hit hardest - Help Net Security Government agencies faced the highest volume of cyberattack campaigns in 2025, according to new findings from HPE Threat Labs.

Cybercriminals scale up, government sector hit hardest www.helpnetsecurity.com/2026/03/18/g...

Stryker Cyberattack: What You Need to Know This is a practical “what do you need to know” breakdown of the Stryker cyberattack, written to answer the questions security leaders, IT teams...

Stryker Cyberattack: What You Need to Know socradar.io/blog/stryker...

CISA Flags Year-Old Wing FTP Vulnerability as Exploited Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application.

CISA Flags Year-Old Wing FTP Vulnerability as Exploited www.securityweek.com/cisa-flags-y...

Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact Broadcom, Bechtel, Estée Lauder, and Abbott Technologies are the only major companies that have yet to issue a public statement.

Oracle EBS Hack: Only 4 Corporate Giants Still Silent on Potential Impact www.securityweek.com/oracle-ebs-h...

Dark Web Profile: DieNet Every kinetic spike in the Iran-Israel confrontation is now mirrored by a surge of cyber activity. In this environment, DieNet has emerged as the...

Dark Web Profile: DieNet

By early 2026, as the U.S.-Israeli campaign against Iran escalated, DieNet recorded 59 distinct attack claims in just two days...

socradar.io/blog/dark-we...