Latest Internet & Cybersecurity News
Iran Restores Limited Internet Access After 47-Day Outage
As of April 17, 2026, Iran began restoring limited domestic internet access after a 47-day disconnection, restricting to sites on its National Information Network. This follows heightened cyber risks from Iran-aligned actors targeting OT/ICS amid regional tensions.
Cyber Av3ngers Targets Rockwell Automation OT/ICS Equipment
Iran-linked CL-STA-1128 (Cyber Av3ngers) shifted to exploiting Rockwell Automation's FactoryTalk and Allen-Bradley PLCs on 5,600 global IPs. CISA issued an advisory on April 7 confirming these exploits.
CISA Adds Apache ActiveMQ RCE to Known Exploited Vulnerabilities
CISA flagged a 13-year-old Apache ActiveMQ remote code execution vulnerability as actively exploited, discovered via AI-driven methods. Organizations urged to patch immediately.
Cisco Patches Critical Bugs in Webex and ISE
Cisco addressed critical vulnerabilities in Webex and Identity Services Engine (ISE), with ISE bugs potentially granting attackers broad network access. Experts highlight ISE risks as particularly severe.
Vishing Attacks Surge Against Okta Identity Systems
Attackers increasingly use vishing to target Okta, bypassing MFA for SSO data access. This rise enables widespread compromise of connected services.
Black Basta Affiliates Use Teams Phishing on Executives
Suspected ex-Black Basta actors impersonate helpdesks via Microsoft Teams to deploy remote monitoring tools on executives. Ransomware deployment follows initial access.
OpenAI macOS App Hit by Axios Supply Chain Attack
OpenAI's macOS app-signing certificates compromised in Axios supply chain attack; company revoking and rotating them precautionary. Potential for malicious app distribution.
CGrabber Infostealer Spread via GitHub User Attachments
Novel CGrabber malware abuses GitHub attachments to target browsers, apps, and extensions stealthily. Wide compatibility heightens infection risks.
Ransomware Group CioP Exploits Oracle Vulnerabilities for Broadcom Attacks
CioP ransomware targets Broadcom via Oracle E-Business Suite flaws. Part of broader supply chain and vendor breach fallout.
SteelC Malware Hides in Blender 3D Models
New campaign embeds SteelC malware in Blender files, exploiting auto-run to deploy payloads. Targets creative software users globally.
Shai-Hulud Malware Compromises 500 NPM Packages
Supply chain attack infects JavaScript ecosystem with Shai-Hulud via 500 NPM packages. Developers at high risk of dependency poisoning.
FBI Disrupts Russian Botnet, Urges Router Updates
Federal agencies warn Americans to secure home routers after FBI takedown of massive Russian military hacking campaign. Critical infrastructure remains top ransomware target.