ThreatsHub Cybersecurity News

A practical look at securing identities, devices and applications wherever work happens Webinar Promo The shift to hybrid work has reshaped the enterprise perimeter. Users are logging in from home networks, shared spaces and unmanaged devices, while applications span on-prem systems and multiple clouds. Traditional security models were not designed for this level of fragmentation, leaving many organizations struggling to maintain visibility and control without adding friction.… READ MORE HERE…

ZDNet | Security

April 3, 2026 TH Author

I found an M.2 dock that handles SSD cloning without a computer – and with only one click

The Icy Box Docking and Clone Station provides the simplest way to transfer data between drives and to access bare drives.READ MORE HERE…

ZDNet | Security

April 3, 2026 TH Author

Brick vs. Bloom Card: I tested both for my screen addiction, and the winner depends on you

This cheaper Brick alternative blocks distracting apps and adds its own unique features. There’s just one catch.READ MORE HERE…

TrendMicro

April 3, 2026 TH Author

Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads

A packaging error in Anthropic’s Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and GhostSocks. Read More HERE…

The Register

April 2, 2026 TH Author

They thought they were downloading Claude Code source. They got a nasty dose of malware instead

Source code with a side of Vidar stealer and GhostSocks Tens of thousands of people eagerly downloaded the leaked Claude Code source code this week, and some of those downloads came with a side of credential-stealing malware.… READ MORE HERE…

Microsoft Secure

April 2, 2026 TH Author

Threat actor abuse of AI accelerates from tool to cyberattack surface

Generative AI is upgrading cyberattacks, from 450% higher phishing click‑through rates to industrialized MFA bypass.
The post Threat actor abuse of AI accelerates from tool to cyberattack surface appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

April 2, 2026 TH Author

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution behind specially crafted HTTP cookies.
The post Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments appeared first on Microsoft Security Blog. READ MORE HERE…

ZDNet | Security

April 2, 2026 TH Author

My two Raspberry Pi boards cost as much as a laptop now – and AI is to blame

We live in a time when two 16GB Raspberry Pi 5 boards cost the same as a MacBook Neo. Here’s why – and how to save.READ MORE HERE…

The Register

April 2, 2026 TH Author

The company’s biggest security hole lived in the breakroom

Connected devices can leave an otherwise secure network vulnerable Pwned Welcome to Pwned, The Register’s new column, where we highlight the worst infosec own goals so you can, hopefully, protect against them. Caffeine is an essential tool for most IT defenders, so, on balance, we’re sure it has protected against a lot more exploits than it has caused. But in this case, the desire for everyone’s favorite stimulant led to a massive breach.… READ MORE HERE…

The Register

April 2, 2026 TH Author

AI recruiting biz Mercor says it was ‘one of thousands’ hit in LiteLLM supply-chain attack

First public downstream victim, but won’t be the last AI hiring startup Mercor confirmed it was “one of thousands of companies” affected by the LiteLLM supply-chain attack as the fallout from the Trivy compromise continues to spread.… READ MORE HERE…

Cyber Security Trending News

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

Hybrid work, expanded risk: what needs to change

I found an M.2 dock that handles SSD cloning without a computer – and with only one click

Brick vs. Bloom Card: I tested both for my screen addiction, and the winner depends on you

Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads

They thought they were downloading Claude Code source. They got a nasty dose of malware instead

Threat actor abuse of AI accelerates from tool to cyberattack surface

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

My two Raspberry Pi boards cost as much as a laptop now – and AI is to blame

The company’s biggest security hole lived in the breakroom

AI recruiting biz Mercor says it was ‘one of thousands’ hit in LiteLLM supply-chain attack