Booking.com has notified some customers that hackers may have accessed information associated with their travel reservations. In notifications shared online by users, the Amsterdam-based online travel platform said an unauthorized third party may have accessed information such as names, email… Read More "Booking.com Says Hackers Accessed User Information"
China’s APT41 and the Expanding Enterprise Attack Surface: What Security Teams Must Prepare For APT41’s hybrid model exposes gaps in enterprise security, targeting cloud, supply chains, and OT with advanced tactics and persistent access. The modern enterprise attack surface is… Read More "Enterprise Risk & Attack Surface"
Ravie LakshmananApr 13, 2026Cybersecurity / Hacking Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in… Read More "Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More"
SSO endpoints are often internet-facing by design, researchers noted, turning the flaw into a remote entry point and making chaining with additional weaknesses possible. AdminCenter flaws allow further escalation Beyond initial access, the research outlined critical issues within WebSphere Liberty’s… Read More "Seven IBM WebSphere Liberty flaws can be chained into full takeover"
A newly identified Android banking trojan capable of hijacking Brazil’s instant payment transfers, targeting one of the country’s most widely used financial systems, has been uncovered by security researchers. The malware, known as PixRevolution, silently monitors victims’ smartphones and redirects… Read More "PixRevolution Malware Hijacks Brazil’s PIX Transfers in Real Time"
OpenAI revealed on Friday that it’s one of many organizations affected by the recent Axios supply chain attack, which cybersecurity experts have attributed to North Korean hackers. Axios is a widely used open source JavaScript HTTP client library for making… Read More "OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack"
Black Hat Asia 2026 Is Coming to Singapore — Here’s What the Threat Landscape Looks Like Ahead of It Black Hat Asia 2026 explores ransomware growth, AI-driven cyber threats, and supply chain risks reshaping global cybersecurity and digital resilience. As… Read More "Black Hat Asia 2026 Cyber Threats And Ransomware Trends"
Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks’ Wendi Whitmorewarned that similar capabilities are weeks or months from proliferation. CrowdStrike’s 2026 Global Threat Report… Read More "Your MTTD Looks Great. Your Post-Alert Gap Doesn’t"
How the flaw works Marimo’s server includes a built-in terminal feature that lets users run commands directly from the browser. That terminal was accessible over the network without any authentication check, while other parts of the same server correctly required… Read More "Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure"
US and Indonesian law enforcement authorities have taken down a large-scale phishing network that has plotted over $20 million in fraud. Spearheaded by the FBI Atlanta field office, the operation targeted W3LL, a phishing kit which enables cybercriminals to impersonate… Read More "FBI Dismantles $20m Phishing Operation W3LL"
