Latest Internet & Cybersecurity News
ShinyHunters Claim Theft of 3M+ Cisco Records via Salesforce and AWS
Hackers from ShinyHunters claim to have stolen over 3 million Cisco records through Salesforce and AWS vulnerabilities, threatening a public leak if demands are unmet by April 3, 2026. The group has warned of releasing the data publicly.
This follows their pattern of high-profile breaches.
UNC1069 Targets Node.js Maintainers with Fake LinkedIn and Slack Profiles
North Korean group UNC1069 is impersonating identities on LinkedIn and Slack to target Node.js maintainers, spreading malware to compromise open-source packages. The campaign aims to infiltrate supply chains.
Security experts urge vigilance in maintainer communications.
North Korean Hackers Abuse GitHub to Spy on South Korean Firms
FortiGuard Labs uncovered a high-severity spying campaign by North Korean actors using GitHub to target South Korean companies. The operation involves malicious repositories for espionage.
Firms are advised to scan dependencies carefully.
AI Firm Mercor Confirms Breach, Hackers Claim 4TB Stolen Data
Mercor, an AI company, confirmed a data breach linked to a LiteLLM supply chain attack, with hackers claiming 4TB of sensitive data and internal systems stolen. The incident exposes risks in AI supply chains.
Mercor is investigating the full impact.
Microsoft Warns of WhatsApp Attachments Spreading Backdoor Malware
Microsoft reported VBS malware spreading via WhatsApp attachments, installing backdoors on Windows PCs for remote hacker access and system control. Users should avoid suspicious attachments.
The threat targets broad user bases.
Storm Infostealer Sold as Malware-as-a-Service Targeting Browsers and Wallets
Varonis Threat Labs revealed the Storm infostealer, a subscription service bypassing Google Chrome encryption to steal browser data, wallets, and accounts. It operates as MaaS for cybercriminals.
Mitigation includes updated protections.
Chinese Hackers Breach FBI's Secret Surveillance System
Chinese hackers conducted a supply chain attack via a third-party ISP, breaching the FBI's surveillance system, classified as a 'Serious Incident' threatening national security. Detected on February 17, 2026, in Virgin Islands offices.
FBI notified Congress, involving CISA and NSA.
AI-Driven Security Feedback Loop Attack Freezes Financial Trading Floor
A global financial hub's AI security orchestrator was tricked by fake threats, automatically quarantining the primary trading floor and causing a 4-hour market freeze. This highlights risks of autonomous response systems.
Experts warn of weaponized AI defenses.
CloudSweep Ransomware Escalates with Metadata Obfuscation in Phase 40
CloudSweep group advanced to phase 40, using metadata obfuscation by renaming and reindexing backups, hindering automated recovery in healthcare targets. The attack masks intrusions and disrupts data restoration.
Recovery now requires manual intervention.
Austrian Police Warn of Sophisticated ID-Austria Phishing Scam
As thousands of ID-Austria digital IDs near expiry, scammers send fake SMS luring users to phony portals for data theft and remote access installs. Police confirmed frauds with five-figure losses.
Official renewals use secure apps only.
EU Advances Sovereign Cloud Regulations Amid Shadow AI Risks
New EU Sovereign Cloud rules address data sovereignty, while Shadow AI emerges as a top enterprise risk in cybersecurity briefings. These developments urge transitions to post-quantum cryptography.
Organizations must adapt compliance strategies.