Cyber Security News

Socket has confirmed that Bitwarden CLI version 2026.4.0 was compromised as part of the ongoing Checkmarx supply chain campaign, exposing millions of users and thousands of enterprises to credential theft and CI/CD pipeline infiltration. The attack targeted @bitwarden/cli 2026.4.0 on npm, injecting a malicious file named bw1.js into the package contents. Bitwarden CLI is used The post Bitwarden CLI Compromised in Supply Chain Attack via GitHub Actions appeared first on Cyber Security News.

A new macOS malware called notnullOSX has surfaced in early 2026, specifically built to steal cryptocurrency from Mac users who hold digital assets worth more than $10,000. The threat is real, active, and carefully constructed to look completely legitimate at every step of its infection process. The story behind this malware goes back to 2023, The post Hackers Abuse Fake Wallpaper App and YouTube Channel to Spread notnullOSX Malware appeared first on Cyber Security News.

A new malware campaign is tricking traders into downloading a data-stealing tool by impersonating the popular financial platform TradingView. Attackers set up a fake website promoting something called TradingClaw, which they describe as an AI-powered trading assistant. Once a visitor downloads and runs what they believe is a helpful trading tool, they unknowingly install Needle The post Fake TradingView AI Agent Site is Delivering Needle Stealer Malware via Fake TradingClaw appeared first on Cyber Security News.

A nation-state-linked hacking group has found a clever way to hide its malicious activity inside Microsoft Outlook mailboxes, making its attacks much harder to detect by standard security tools. The Harvester APT group, believed to be a nation-state-backed threat actor active since at least 2021, has developed a new Linux version of its GoGra backdoor. The post Hackers Use Outlook Mailboxes to Hide Linux GoGra Backdoor Communications appeared first on Cyber Security News.

Microsoft is set to introduce Efficiency Mode in Microsoft Teams, a performance-enhancing feature designed to improve app responsiveness and meeting quality on hardware-constrained devices. The rollout begins in early May 2026 and is expected to be completed by mid-May 2026, with the feature linked to Microsoft 365 Roadmap ID 560055. Efficiency Mode is a performance-optimized The post Microsoft Teams Rolls Out Efficiency Mode to Optimize Performance on Low-End Devices appeared first on Cyber Security News.

Web infrastructure platform Vercel has disclosed a significant security incident involving unauthorized access to internal systems, tracing the attack chain back to a compromise of Context.ai, a third-party AI productivity tool used by one of its employees. Vercel first published its security bulletin on April 19, 2026, confirming that an attacker successfully gained a foothold The post Vercel Confirms Security Breach – Set of Customer Account Compromised appeared first on Cyber Security News.

A sophisticated cyberattack campaign linked to the well-known threat group Tropic Trooper has recently surfaced, leveraging military-themed document lures to target Chinese-speaking individuals in Taiwan, along with individuals in South Korea and Japan. The campaign was discovered on March 12, 2026, when researchers came across a malicious ZIP archive that set off a multi-stage attack The post New Tropic Trooper Attack Uses Custom Beacon Listener and VS Code Tunnels for Remote Access appeared first on Cyber Security News.

A high-severity privilege escalation vulnerability, dubbed Pack2TheRoot (CVE-2026-41651, CVSS 3.1: 8.8), has been publicly disclosed by Deutsche Telekom’s Red Team, affecting multiple major Linux distributions in their default installations. The flaw allows any local unprivileged user to silently install or remove system packages, ultimately achieving full root access without requiring a password. The vulnerability resides The post Critical Pack2TheRoot Vulnerability Let Attackers Gain Root Access or Compromise the System appeared first on Cyber Security News.

Apple released iOS 26.4.2 and iPadOS 26.4.2 on April 22, 2026, to patch a critical notification privacy vulnerability that allowed law enforcement to extract Signal message content from iPhones — even after the app had been deleted. The flaw, tracked as CVE-2026-28950, stems from a logging issue in Apple’s notification services. Notifications marked for deletion The post Apple Fixes Notification Privacy Flaw That Allowed FBI to Access Deleted Signal Messages appeared first on Cyber Security News.

A significant supply chain attack targeting the official checkmarx/kics Docker Hub repository, where threat actors pushed trojanized images capable of harvesting and exfiltrating sensitive developer credentials and infrastructure secrets. Docker’s internal monitoring flagged suspicious activity around KICS image tags on April 22, 2026, and promptly alerted Socket researchers. The investigation revealed that attackers had overwritten The post Checkmarx KICS Official Docker Repo Compromised to Inject Malicious Code appeared first on Cyber Security News.