12 News Items
THN · BleepingComputer · Krebs · Dark Reading · SANS
THN · BleepingComputer · Krebs · Dark Reading · SANS
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of April 8, 2026.
-
Hackers exploit critical flaw in Ninja Forms WordPress plugin
— Bleeping Computer
A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authenticatio… -
FBI: Americans lost a record $21 billion to cybercrime last year
— Bleeping Computer
U.S. victims lost nearly $21 billion to cyber-enabled crimes last year, driven primarily by investment scams, business email compromise, tec… -
Storm-1175 Deploys Medusa Ransomware at 'High Velocity'
— Dark Reading
Microsoft says the financially motivated cybercrime group has exploited N-day and zero-day vulnerabilities in campaigns predicated on speed. -
Grafana Patches AI Bug That Could Have Leaked User Data
— Dark Reading
By hiding malicious instructions on an attacker-controlled Web page, AI could ingest orders as benign and return sensitive data to the attac… -
Snowflake customers hit in data theft attacks after SaaS integrator breach
— Bleeping Computer
Over a dozen companies have suffered data theft attacks after a SaaS integration provider was breached and authentication tokens stolen. [.… -
A Little Bit Pivoting: What Web Shells are Attackers Looking for?, (Tue, Apr 7th)
— SANS ISC
Webshells remain a popular method for attackers to maintain persistence on a compromised web server. Many "arbitrary file write" and "remote… -
US warns of Iranian hackers targeting critical infrastructure
— Bleeping Computer
Iranian-linked hackers are targeting Internet-exposed Rockwell/Allen-Bradley programmable logic controllers (PLCs) on the networks of U.S. c… -
Russia Hacked Routers to Steal Microsoft Office Tokens
— Krebs on Security
Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens… -
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
— The Hacker News
The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTi… -
[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk
— The Hacker News
In the rapid evolution of the 2026 threat landscape, a frustrating paradox has emerged for CISOs and security leaders: Identity programs … -
Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
— The Hacker News
A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (A… -
RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever
— Dark Reading
Dark Reading's Kelly Jackson Higgins shares insights on the past, present, and future of cybersecurity after attending RSAC 2026 Conference.
Generated by HiveNet.ai Threat Intelligence Platform · April 8, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC