U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
Ravie LakshmananMar 24, 2026Cybercrime / Network Security
A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major...
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
Ravie LakshmananMar 24, 2026Endpoint Security / Social Engineering
A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.-based individuals searching for tax-related documents to serve rogue installers...
54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing...
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
Ravie LakshmananMar 19, 2026Network Security / Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration...
ThreatsDay Bulletin: FortiGate RaaS, Citrix Exploits, MCP Abuse, LiveChat Phish & More
Ravie LakshmananMar 19, 2026Cybersecurity / Hacking News
ThreatsDay Bulletin is back on The Hacker News, and this week feels off in a familiar way. Nothing loud, nothing breaking everything at...
54 EDR Killers Use BYOVD to Exploit 34 Signed Vulnerable Drivers and Disable Security
A new analysis of endpoint detection and response (EDR) killers has revealed that 54 of them leverage a technique known as bring your own vulnerable driver (BYOVD) by abusing...
Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access
Ravie LakshmananMar 18, 2026Network Security / Ransomware
Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that's exploiting a recently disclosed critical security flaw in Cisco Secure Firewall...
LeakNet Ransomware Uses ClickFix via Hacked Sites, Deploys Deno In-Memory Loader
The ransomware operation known as LeakNet has adopted the ClickFix social engineering tactic delivered through compromised websites as an initial access method.
The use of ClickFix, where users are tricked...
Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution
Ravie LakshmananMar 13, 2026Vulnerability / Enterprise Security
Veeam has released security updates to address multiple critical vulnerabilities in its Backup & Replication software that, if successfully exploited, could result in...
INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime
Ravie LakshmananMar 13, 2026Ransomware / Cybercrime
INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and ransomware campaigns, as part...
