Secure IT

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

[email protected] The Hacker News April 6, 2026

The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials...

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

[email protected] The Hacker News April 6, 2026

Ravie LakshmananApr 06, 2026Ransomware / Endpoint Security Threat actors associated with Qilin and Warlock ransomware operations have been observed using the...

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

[email protected] The Hacker News April 6, 2026

Ravie LakshmananApr 06, 2026Cybercrime / Financial Crime Germany’s Federal Criminal Police Office (aka BKA or the Bundeskriminalamt)...

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

Sean April 6, 2026

An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab...

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

BrianKrebs April 8, 2026

An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab...

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

[email protected] The Hacker News April 6, 2026

Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination...

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

[email protected] The Hacker News April 6, 2026

Ravie LakshmananApr 05, 2026Malware / DevSecOps Cybersecurity researchers have discovered 36 malicious packages in the npm registry...

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

[email protected] The Hacker News April 6, 2026

Ravie LakshmananApr 05, 2026Vulnerability / API Security Fortinet has released out-of-band patches for a critical security flaw...

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

[email protected] The Hacker News April 6, 2026

A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a...

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

[email protected] The Hacker News April 6, 2026

Ravie LakshmananApr 03, 2026Linux / Server Hardening Threat actors are increasingly using HTTP cookies as a control channel...

Secure IT

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

You may have missed

$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul