German authorities identify REvil and GandCrab ransomware bossesThe Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021. According to BKA's disclosure, 31-year-old and 43-year-old acted as the heads of the two rans...Apr 7, 2026·2 min read
Axios npm hack used fake Teams error fix to hijack maintainer accountThe maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineering campaign linked to North Korean hackers. This follows the threat actors compromising a ma...Apr 5, 2026·5 min read·10
Hims & Hers warns of data breach after Zendesk support ticket breachTelehealth giant Hims & Hers Health is warning that it suffered a data breach after support tickets were stolen from a third-party customer service platform. Hims & Hers is an American telehealth company specializing in the direct-to-consumer healthc...Apr 4, 2026·3 min read·3
LinkedIn secretly scans for 6,000+ Chrome extensions, collects dataA new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed extensions and collect device data. According to a report by Fairlinked e.V., which claims to...Apr 4, 2026·5 min read·23
Man admits to locking thousands of Windows devices in extortion plotA former core infrastructure engineer has pleaded guilty to locking Windows admins out of 254 servers as part of a failed extortion plot targeting his employer, an industrial company headquartered in Somerset County, New Jersey. According to , 57-yea...Apr 3, 2026·3 min read·4
Microsoft still working to fix Exchange Online mailbox access issuesMicrosoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. When it this service issue (tracked under ) last week, Microsoft said it started on M...Apr 3, 2026·2 min read·2
New Progress ShareFile flaws can be chained in pre-auth RCE attacksTwo vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable unauthenticated file exfiltration from affected environments. Progress ShareFile is a document sharing and collaboration product ty...Apr 2, 2026·2 min read·1
