Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Hacker charged with stealing $53 million from Uranium crypto exchange
U.S. prosecutors have charged a Maryland man with stealing more than $53 million after hacking the Uranium Finance crypto exchange twice and laundering the proceeds through a cryptocurrency mixer. 36-year-old Jonathan Spalletta (known online as “Cthulhon” and “Jspalletta”) appeared in court before U.S. Magistrate Judge Ona T. Wang after surrendering to law enforcement on Monday. […]
Dutch Finance Ministry takes treasury banking portal offline after breach
The Dutch Ministry of Finance took some of its systems offline, including the digital portal for treasury banking, while investigating a cyberattack detected two weeks ago. When it disclosed the incident last week, the ministry said the March 19 security breach didn’t affect systems used to manage tax collection, income-linked subsidies, and import/export regulations for citizens and […]
CISA orders feds to patch actively exploited Citrix flaw by Thursday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their Citrix NetScaler appliances against an actively exploited vulnerability by Thursday. Multiple cybersecurity companies flagged the flaw (CVE-2026-3055) as posing an increased risk of exploitation after Citrix released security updates on March 23, noting a technical resemblance to the widely exploited ‘CitrixBleed’ and ‘CitrixBleed2’ security issues. […]
Healthcare tech firm CareCloud says hackers stole patient data
Healthcare IT firm CareCloud has disclosed a data breach incident that exposed sensitive data and caused a network disruption lasting approximately eight hours. The New Jersey-based company said in a filing with the U.S. Securities and Exchange Commission (SEC) that the intrusion occurred on March 16 when hackers accessed its IT infrastructure. “On March 16, […]
New RoadK1ll WebSocket implant used to pivot on breached networks
A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to other systems on the network. The malware is a Node.js implant that communicates over a custom WebSocket protocol to sustain ongoing attacker access and enable further operations. RoadK1ll was discovered by managed detection and response (MDR) provider Blackpoint […]
Critical Citrix NetScaler memory flaw actively exploited in attacks
Hackers are exploiting a critical severity vulnerability, tracked as CVE-2026-3055, in Citrix NetScaler ADC and NetScaler Gateway appliances to obtain sensitive data. Citrix initially disclosed CVE-2026-3055 in a security bulletin on March 23, alongside a high-severity race condition flaw tracked as CVE-2026-4368. The issue impacts versions of the two products before 14.1-60.58, versions older than 13.1-62.23, and those older than […]
Apple adds macOS Terminal warning to block ClickFix attacks
Apple has introduced a security feature in macOS Tahoe 26.4 that blocks pasting and executing potentially harmful commands in Terminal and alerts users to possible risks. The new mechanism appears to be aimed primarily at blocking ClickFix attacks and has been reported by macOS users since the release candidate version of the operating system. Apple didn’t specifically […]
Hackers exploiting critical F5 BIG-IP flaw in attacks, patch now
Cybersecurity firm F5 Networks has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on unpatched devices. BIG-IP APM (short for Access Policy Manager) is a centralized access management proxy solution that enables admins to secure and manage user access […]
Critical Fortinet Forticlient EMS flaw now exploited in attacks
Attackers are now actively exploiting a critical vulnerability in Fortinet’s FortiClient EMS platform, according to threat intelligence company Defused. Tracked as CVE-2026-21643, this SQL injection vulnerability allows unauthenticated threat actors to execute arbitrary code or commands on unpatched systems through low-complexity attacks targeting the FortiClientEMS GUI (web interface) via maliciously crafted HTTP requests. “Fortinet Forticlient EMS […]
European Commission confirms data breach after Europa.eu hack
The European Commission has confirmed a data breach after its Europa.eu web platform was hacked in a cyberattack claimed by the ShinyHunters extortion gang. GeekFeed first reported on Friday that this breach affects at least one of the Commission’s AWS (Amazon Web Services) accounts. The Commission says the attack didn’t disrupt any Europa websites and that its […]