Live Threat IntelLive
New Android spyware Morpheus linked to Italian surveillance firm(Security Affairs)Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks(The Hacker News)Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak(SecurityWeek)Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202(The Hacker News)Regulator fines Fidelity Brokerage Services $1.25M over data breach(DataBreaches.net)Ongoing supply-chain attack 'explicitly targeting' security, dev tools(The Register)Robinhood account creation flaw abused to send phishing emails(Bleeping Computer)GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions(Bleeping Computer)UNC6692 Combines Social Engineering, Malware, Cloud Abuse(Dark Reading)Alleged Silk Typhoon hacker extradited to US for cyberespionage(Bleeping Computer)Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records(Security Affairs)PyPI package with 1.1M monthly downloads hacked to push infostealer(Bleeping Computer)Italy extradites alleged Chinese state hacker to US(The Record)Home security giant ADT data breach affects 5.5 million people(Bleeping Computer)One ransomware crew now drives half of all cyber claims: At-Bay(DataBreaches.net)Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack(The Hacker News)TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)(SANS ISC)Utilities Tech Supplier Itron Discloses Cyber-Attack, Operations Unaffected(Infosecurity Magazine)Medtronic confirms breach after hackers claim 9 million records theft(Bleeping Computer)Chinese spy posed as researcher in spear-phishing campaign targeting NASA to steal defense software(Security Affairs)20-Year-Old Malware Rewrites History of Cyber Sabotage(Dark Reading)PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks(The Hacker News)Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware(The Hacker News)Energy and Water Management Firm Itron Hacked(SecurityWeek)Firefox bug CVE-2026-6770 enabled cross-site tracking and Tor fingerprinting(Security Affairs)UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware(SecurityWeek)Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet(Infosecurity Magazine)Fast16: Pre-Stuxnet malware that targeted precision engineering software(Security Affairs)Italy moves to extradite Chinese national to the U.S. over hacking charges(Security Affairs)U.S. utility giant Itron discloses a security breach(Security Affairs)TH: Hacker steals personal data of 350,000 engineers(DataBreaches.net)KR: Data of 100,000 leaked from Lee & Lee Country golf club; N. Korean hacking suspected(DataBreaches.net)Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software(The Hacker News)The npm Threat Landscape: Attack Surface and Mitigations(Palo Alto Unit 42)FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches(The Hacker News)AI Phishing Is No. 1 With a Bullet for Cyberattackers(Dark Reading)UK Biobank Data Breach: Health Data of 500,000 Listed for Sale in China(Infosecurity Magazine)Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation(Infosecurity Magazine)Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets(Dark Reading)Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia(Dark Reading)New Android spyware Morpheus linked to Italian surveillance firm(Security Affairs)Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks(The Hacker News)Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak(SecurityWeek)Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202(The Hacker News)Regulator fines Fidelity Brokerage Services $1.25M over data breach(DataBreaches.net)Ongoing supply-chain attack 'explicitly targeting' security, dev tools(The Register)Robinhood account creation flaw abused to send phishing emails(Bleeping Computer)GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions(Bleeping Computer)UNC6692 Combines Social Engineering, Malware, Cloud Abuse(Dark Reading)Alleged Silk Typhoon hacker extradited to US for cyberespionage(Bleeping Computer)Medtronic discloses security incident after ShinyHunters claimed theft of 9M+ records(Security Affairs)PyPI package with 1.1M monthly downloads hacked to push infostealer(Bleeping Computer)Italy extradites alleged Chinese state hacker to US(The Record)Home security giant ADT data breach affects 5.5 million people(Bleeping Computer)One ransomware crew now drives half of all cyber claims: At-Bay(DataBreaches.net)Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack(The Hacker News)TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)(SANS ISC)Utilities Tech Supplier Itron Discloses Cyber-Attack, Operations Unaffected(Infosecurity Magazine)Medtronic confirms breach after hackers claim 9 million records theft(Bleeping Computer)Chinese spy posed as researcher in spear-phishing campaign targeting NASA to steal defense software(Security Affairs)20-Year-Old Malware Rewrites History of Cyber Sabotage(Dark Reading)PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks(The Hacker News)Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware(The Hacker News)Energy and Water Management Firm Itron Hacked(SecurityWeek)Firefox bug CVE-2026-6770 enabled cross-site tracking and Tor fingerprinting(Security Affairs)UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware(SecurityWeek)Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet(Infosecurity Magazine)Fast16: Pre-Stuxnet malware that targeted precision engineering software(Security Affairs)Italy moves to extradite Chinese national to the U.S. over hacking charges(Security Affairs)U.S. utility giant Itron discloses a security breach(Security Affairs)TH: Hacker steals personal data of 350,000 engineers(DataBreaches.net)KR: Data of 100,000 leaked from Lee & Lee Country golf club; N. Korean hacking suspected(DataBreaches.net)Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software(The Hacker News)The npm Threat Landscape: Attack Surface and Mitigations(Palo Alto Unit 42)FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches(The Hacker News)AI Phishing Is No. 1 With a Bullet for Cyberattackers(Dark Reading)UK Biobank Data Breach: Health Data of 500,000 Listed for Sale in China(Infosecurity Magazine)Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation(Infosecurity Magazine)Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets(Dark Reading)Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia(Dark Reading)