The household toys and games manufacturer Hasbro suffered a recent cyberattack, but the company suggested it will continue to take orders and ship products, though the incident could result in some delays. In a tight-lipped 8-K filing with the Securities and Exchange Commission (SEC), Hasbro indicated that on March 28 it discovered "unauthorized access" in its network. The few further, if vague, details it shared pointed to both good news and bad. READ MORE...
The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. Blockchain intelligence firms Elliptic and TRM Labs linked the attacks to North Korean threat actors, based on multiple on-chain indicators consistent with DPRK tradecraft. These include Tornado Cash usage, CarbonVote deployment timing (09:30 Pyongyang time), cross-chain bridging patterns, and rapid large-scale laundering. READ MORE...
A former core infrastructure engineer has pleaded guilty to locking Windows admins out of 254 servers as part of a failed extortion plot targeting his employer, an industrial company headquartered in Somerset County, New Jersey. According to court documents, 57-year-old Daniel Rhyne from Kansas City, Missouri, remotely accessed the company's network without authorization using an administrator account between November 9 and November 25. READ MORE...
OpenSSH 10.3 shipped carrying five security fixes alongside feature additions and a set of behavior changes that will break compatibility with older SSH implementations that do not support rekeying. SSH clients and servers that lack rekeying support will fail when they attempt to interoperate with OpenSSH going forward. The project removed the bug-compatibility code that previously allowed such implementations to keep working. READ MORE...
Apple widened its latest iOS 18 security update to cover far more iPhones and iPads, specifically to stop real-world DarkSword attacks that can compromise a device from a single website visit. After researchers published their findings about the DarkSword attacks and an exploit kit abusing the vulnerabilities appeared on GitHub, Apple quietly updated its March 24 security bulletin. Apple first released iOS/iPadOS 18.7.7 on March 24 to a small set of older devices. READ MORE...
The Akira ransomware group has compromised hundreds of victims over the past year with a well-honed attack lifecycle that has whittled down the time from initial access to encryption of data in less than four hours, according to cybersecurity firm Halcyon. Akira has been active since 2023, racking up at least $245 million in ransom payments from victims through September 2025. The cybercriminal outfit likely includes former members and affiliates of the now-defunct Conti ransomware group. READ MORE...
A source code leak involving Anthropic's Claude Code tool quickly escalated into a cybersecurity threat, as attackers seized on the exposed files to lure developers into downloading malware disguised as "unlocked" versions of the software. On March 31, 2026, Anthropic accidentally exposed online the source code of its Claude Code tool. The leak was detected by security researcher Chaofan Shou, whose post on X drew widespread attention. READ MORE...
A Nigerian man who posed as a woman online to swindle men out of their savings has been sentenced to 15 years in a US prison. And in a surprising twist, it turns out that he was caught out after accidentally trying to swindle a fellow fraudster. 35-year-old Saheed Sunday Owolabi was sentenced after a jury trial in Wilmington, North Carolina, which saw him convicted of conspiracy to commit wire fraud and money laundering. READ MORE...
A critical flaw in F5 BIG-IP Access Policy Manager currently is under exploitation, and company officials warn the risk is far greater than previously known. The company in October 2025 disclosed the vulnerability, tracked as CVE-2025-53521, as a denial-of-service flaw. However, new information led F5 to recategorize the flaw, indicating a risk of remote code execution, according to an update Wednesday. READ MORE...
The cost of high-performance GPUs, typically $8,000 or more, means they are frequently shared among dozens of users in cloud environments. Two new attacks demonstrate how a malicious user can gain full root control of a host machine by performing novel Rowhammer attacks on high-performance GPU cards made by Nvidia. The attacks exploit memory hardware's increasing susceptibility to bit flips, in which 0s stored in memory switch to 1s and vice versa. READ MORE...