12 News Items
THN · BleepingComputer · Krebs · Dark Reading · SANS
THN · BleepingComputer · Krebs · Dark Reading · SANS
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of April 6, 2026.
-
Traffic violation scams switch to QR codes in new phishing texts
— Bleeping Computer
Scammers are sending fake "Notice of Default" traffic violation text messages impersonating state courts across the U.S., pressuring recipie… -
New FortiClient EMS flaw exploited in attacks, emergency patch released
— Bleeping Computer
Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability t… -
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
— The Hacker News
Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long targeted and… -
Hackers exploit React2Shell in automated credential theft campaign
— Bleeping Computer
Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnera… -
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
— The Hacker News
Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with d… -
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
— The Hacker News
Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wil… -
Axios npm hack used fake Teams error fix to hijack maintainer account
— Bleeping Computer
The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by … -
Inconsistent Privacy Labels Don't Tell Users What They Are Getting
— Dark Reading
Data privacy labels are a great idea for mobile apps, but the current versions just aren't good enough. -
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
— The Hacker News
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year p… -
Apple Breaks Precedent, Patches DarkSword for iOS 18
— Dark Reading
Even organizations with users unwilling or unable to adopt iOS 26 can now protect themselves from a severe mobile OS-cracking tool. -
Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting
— Dark Reading
As organizations disclose breaches tied to TeamPCP's supply chain attacks, ShinyHunters and Lapsus$ are getting involved, taking credit, and… -
Picking Up 'Skull Vibrations'? Could Be XR Headset Authentication
— Dark Reading
"Skull vibration harmonics generated by vital signs" can be used to sign in to VR, AR, and MR headsets, according to emerging research.
Generated by HiveNet.ai Threat Intelligence Platform · April 6, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC