Live Threat IntelLive
How often are redirects used in phishing in 2026?, (Mon, Apr 6th)(SANS ISC)BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks(The Hacker News)CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw(Security Affairs)Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab(Krebs on Security)Traffic violation scams switch to QR codes in new phishing texts(Bleeping Computer)SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91(Security Affairs)Hackers exploit React2Shell in automated credential theft campaign(Bleeping Computer)Image or Malware? Read until the end and answer in comments :)(Security Affairs)Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS(The Hacker News)The breach lasted 25 minutes. How long will the litigation last?(DataBreaches.net)Hong Kong Hospital Authority apologises for data breach involving 56,000 patients(DataBreaches.net)Claude Code leak used to push infostealer malware on GitHub(DataBreaches.net)UK: School IT system targeted in cyber attack ahead of exam season(DataBreaches.net)Device code phishing attacks surge 37x as new kits spread online(Bleeping Computer)FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)(Help Net Security)European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack(SecurityWeek)Hackers Are Posting the Claude Code Leak With Bonus Malware(WIRED Security)European Commission breach exposed data of 30 EU entities, CERT-EU says(Security Affairs)Questions raised after Cherry Creek students notified of data breach, lawsuit(DataBreaches.net)BakerHostetler’s 2026 report: Findings from 1,250 clients’ breach experiences in 2025(DataBreaches.net)European Commission investigates cyber attack on its websites; CERT-EU publishes recommendations(DataBreaches.net)Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk(WIRED Security)EU cyber agency attributes major data breach to TeamPCP hacking group(The Record)Hims & Hers warns of data breach after Zendesk support ticket breach(Bleeping Computer)China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing(The Hacker News)Die Linke German political party confirms data stolen by Qilin ransomware(Bleeping Computer)Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting(Dark Reading)Evolution of Ransomware: Multi-Extortion Ransomware Attacks(Bleeping Computer)North Korea–linked hackers drain $285M from Drift in sophisticated attack(Security Affairs)CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access(Security Affairs)TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)(SANS ISC)Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)(Help Net Security)TrueConf Zero-Day Exploited in Asian Government Attacks(SecurityWeek)In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware(SecurityWeek)UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack(The Hacker News)Mobile Attack Surface Expands as Enterprises Lose Control(SecurityWeek)Claude Code source leak exploited to spread malware(Help Net Security)T-Mobile Sets the Record Straight on Latest Data Breach Filing(SecurityWeek)CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards(WIRED Security)Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK(The Hacker News)How often are redirects used in phishing in 2026?, (Mon, Apr 6th)(SANS ISC)BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks(The Hacker News)CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw(Security Affairs)Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab(Krebs on Security)Traffic violation scams switch to QR codes in new phishing texts(Bleeping Computer)SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91(Security Affairs)Hackers exploit React2Shell in automated credential theft campaign(Bleeping Computer)Image or Malware? Read until the end and answer in comments :)(Security Affairs)Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS(The Hacker News)The breach lasted 25 minutes. How long will the litigation last?(DataBreaches.net)Hong Kong Hospital Authority apologises for data breach involving 56,000 patients(DataBreaches.net)Claude Code leak used to push infostealer malware on GitHub(DataBreaches.net)UK: School IT system targeted in cyber attack ahead of exam season(DataBreaches.net)Device code phishing attacks surge 37x as new kits spread online(Bleeping Computer)FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)(Help Net Security)European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack(SecurityWeek)Hackers Are Posting the Claude Code Leak With Bonus Malware(WIRED Security)European Commission breach exposed data of 30 EU entities, CERT-EU says(Security Affairs)Questions raised after Cherry Creek students notified of data breach, lawsuit(DataBreaches.net)BakerHostetler’s 2026 report: Findings from 1,250 clients’ breach experiences in 2025(DataBreaches.net)European Commission investigates cyber attack on its websites; CERT-EU publishes recommendations(DataBreaches.net)Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk(WIRED Security)EU cyber agency attributes major data breach to TeamPCP hacking group(The Record)Hims & Hers warns of data breach after Zendesk support ticket breach(Bleeping Computer)China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing(The Hacker News)Die Linke German political party confirms data stolen by Qilin ransomware(Bleeping Computer)Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting(Dark Reading)Evolution of Ransomware: Multi-Extortion Ransomware Attacks(Bleeping Computer)North Korea–linked hackers drain $285M from Drift in sophisticated attack(Security Affairs)CrystalX RAT: new MaaS malware combines spyware, stealer, and remote access(Security Affairs)TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)(SANS ISC)Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)(Help Net Security)TrueConf Zero-Day Exploited in Asian Government Attacks(SecurityWeek)In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware(SecurityWeek)UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack(The Hacker News)Mobile Attack Surface Expands as Enterprises Lose Control(SecurityWeek)Claude Code source leak exploited to spread malware(Help Net Security)T-Mobile Sets the Record Straight on Latest Data Breach Filing(SecurityWeek)CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards(WIRED Security)Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK(The Hacker News)