Latest Internet & Cybersecurity News

📅April 16, 2026 at 1:00 AM
Major cybersecurity incidents reported including botnet DDoS attacks, malware threats targeting AI installers, and data breaches at major corporations amid growing AI security concerns.
1

13.5M Device Botnet Launches 2 Tbps DDoS Attacks on FinTech

A new Qrator Labs report reveals the largest DDoS botnet has grown to 13.5 million devices, enabling hackers to launch massive 2 terabit-per-second attacks targeting financial technology firmsSource 4. This represents a significant escalation in distributed denial-of-service attack capabilities threatening critical financial infrastructureSource 4.

2

Fake Claude AI Installer Spreads PlugX Malware on Windows

Cybercriminals have created a fake Claude AI installer mimicking Anthropic to distribute PlugX malware on Windows systemsSource 4. The malware uses DLL sideloading techniques to gain persistent remote access to compromised devices, exploiting user interest in AI toolsSource 4.

3

Apple App Store Hosts Fake Ledger Live App in $9.5M Crypto Theft

Apple approved a counterfeit Ledger Live application on its App Store that allowed scammers to steal $9.5 million from more than 50 cryptocurrency usersSource 4. The fake app bypassed Apple's security review processes, highlighting vulnerabilities in mobile app store vetting proceduresSource 4.

4

ShinyHunters Leak Rockstar Games Data from Snowflake

The ShinyHunters cybercriminal group leaked 7.54 gigabytes of Rockstar Games data stolen from Snowflake analytics systemsSource 4. The attackers confirmed that no player records or personal customer data were compromised in the incidentSource 4.

5

McGraw Hill Data Breach Impacts 45 Million Records via Salesforce Misconfiguration

ShinyHunters claimed responsibility for accessing 45 million records from McGraw Hill through a Salesforce database misconfigurationSource 5. The breach represents part of a broader pattern where the group exploits misconfigurations in enterprise environments rather than sophisticated malware, affecting multiple organizations using SalesforceSource 5.

6

Booking.com Confirms Data Breach Exposing Customer Information

Booking.com disclosed a data breach that exposed customer details to hackers, though no payment data was accessedSource 4. Affected users now face increased risk of targeted phishing scams leveraging their exposed informationSource 4.

7

wolfSSL Vulnerability CVE-2026-5194 Threatens Billions of IoT and Military Devices

A critical vulnerability in wolfSSL (CVE-2026-5194) allows digital ID forgery across billions of connected devices, routers, and military systems worldwideSource 4. Users are urged to update to version 5.9.1 immediately to mitigate the risk of widespread exploitationSource 4.

8

Washington Post Oracle E-Suite Breach Affects 9,700+ Staff and Contractors

The Washington Post disclosed a significant data breach impacting more than 9,700 employees and contractors following a compromise of its Oracle E-Suite external systemsSource 6. The incident demonstrates ongoing vulnerabilities in enterprise software platforms used by major organizationsSource 6.

9

Phishing Campaign Using 4,300 Malicious Domains Targets Travelers

A Russian-speaking threat actor orchestrated an extensive phishing campaign registering over 4,300 malicious domains impersonating travel brands since early 2025Source 6. The coordinated campaign represents a systematic approach to credential theft and fraud targeting the travel industrySource 6.

10

Kyndryl CEO Highlights Dramatically Changed Cybersecurity Landscape Amid AI Boom

Kyndryl CEO Martin Schroeter discussed the company's launch of 'Sovereignty Solutioning' on Fox Business, noting that the cybersecurity world has 'dramatically changed' due to artificial intelligence advancementsSource 1. The executive addressed growing cybersecurity threats coinciding with the rapid expansion of AI technologySource 1.

11

Critical Imunify360 Vulnerability Exposes 56 Million Linux-Hosted Websites to RCE Attacks

A critical Remote Code Execution vulnerability was patched in Imunify360 AV security software protecting approximately 56 million websites worldwideSource 6. Hosting companies must implement urgent security updates to prevent widespread exploitation of their hosted sitesSource 6.

12

Trust Wallet Chrome Extension Supply Chain Attack Results in $7M Crypto Theft

Approximately $7 million in cryptocurrency was stolen through the Trust Wallet Chrome extension in a December 2025 supply chain attack, with malicious code bypassing internal controls via a leaked Chrome Web Store API keySource 2. The company released a patched version and pledged to reimburse affected usersSource 2.

Back to News