The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize recently disclosed vulnerabilities to obtain initial access, exfiltrate data, and deploy Medusa ransomware.
The post Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations appeared first on Microsoft Security Blog.
A malicious Python package has been discovered on PyPI that disguises itself as a privacy-focused AI inference tool while quietly stealing sensitive user data in the background. Named hermes-px, the package marketed itself as a “Secure AI Inference Proxy” that routes all AI requests through the Tor network to protect user anonymity. In reality, it hijacked […]
The post Trojanized PyPI AI Proxy Uses Stolen Claude Prompt to Exfiltrates Data appeared first on Cyber Security News.
The largest decentralized perpetual futures exchange on the Solana blockchain — became the target of a massive and well-orchestrated theft on April 1, 2026, Drift Protocol. Unknown attackers managed to drain $286 million in digital assets from the platform’s core liquidity vaults in less than an hour, causing widespread panic across the decentralized finance community. […]
The post Hackers Drain $286 Million From Drift Protocol in Suspected North Korea-Linked Exploit appeared first on Cyber Security News.
You must login to view this content
You must login to view this content