Cyber Security – Page 4 – Simply Secure Group

Copyright-Themed Lures Deliver Multi-Stage PureLog Stealer in New Credential Theft Campaign

A new malware campaign is targeting organizations across healthcare, government, education, and hospitality sectors using cleverly disguised copyright violation notices to deliver PureLog Stealer, a powerful information-stealing malware. The campaign, first analyzed in March 2026, tricks victims into executing a malicious file that looks like a legitimate legal document. Once opened, the file sets off […]

AstraZeneca Data Breach LAPSUS$ Group Allegedly Claims Access to Internal Data

The notorious hacking collective LAPSUS$ has resurfaced, allegedly claiming responsibility for a significant data breach involving the multinational pharmaceutical and biotechnology company AstraZeneca. The threat actors are currently attempting to sell a compressed 3GB internal data dump, signaling a potential shift towards pay-to-access extortion methods. LAPSUS$, previously known for high-profile breaches targeting major technology firms, […]

Malicious Script Injection in Trivy Compromise Enables Credential Theft

Malicious Script Injection in Trivy Compromise A sophisticated supply chain attack targeting the official Trivy GitHub Action (aquasecurity/trivy-action) has compromised continuous integration and continuous deployment (CI/CD) pipelines globally. Disclosed in late March 2026, this incident marks the second distinct compromise affecting the Trivy ecosystem within a single month. Threat actors successfully force-pushed 75 out of […]

FBI, CISA Warn Russian Hackers Are Targeting High-Value Individuals Through Signal

FBI, CISA Warn Russian Hackers The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently released a joint cybersecurity advisory regarding a widespread phishing campaign. The alert warns that Russian Intelligence Services are actively targeting users of encrypted messaging applications, primarily Signal. The attackers are bypassing the platform’s robust […]

Chrome Security Update Fixes 26 Vulnerabilities Allowing Remote Code Execution

Google has released a substantial security update for its Chrome web browser, addressing 26 distinct vulnerabilities that could allow unauthenticated attackers to execute malicious code remotely. The latest Stable channel update rolls out versions 146.0.7680.153 and 146.0.7680.154 for Windows and macOS, while Linux users will receive version 146.0.7680.153. This critical patch cycle is designed to […]

Anthropic Launches Projects Feature for Claude Cowork Desktop

Anthropic is expanding Claude Cowork Desktop with a new Projects feature designed to keep files, instructions, and task context organized inside a single workspace. For paid users, the update makes it easier to start from scratch, import an existing chat, or connect a local folder so Claude can continue work without losing the thread between […]

Windows 11 March Update Breaks Microsoft Teams and OneDrive Sign-Ins

Windows 11 March Update Breaks Teams Microsoft has acknowledged a significant bug introduced by its March 2026 cumulative update that is preventing users from signing into Microsoft Teams Free, OneDrive, and several other Microsoft applications on Windows 11 devices. The issue, tied to the KB5079473 update released on March 10, 2026, has left affected users […]

Hackers Compromised 7,500+ Magento Websites to Upload Hidden Malicious Files and Steal Data

A sweeping cyberattack campaign has compromised more than 7,500 Magento-powered e-commerce websites since late February 2026, with attackers uploading hidden malicious files into publicly accessible web directories across thousands of domains. The attack has spread to over 15,000 hostnames, affecting commercial brands, government agencies, universities, and non-profit organizations spanning multiple countries, making it one of […]

New VoidStealer Variant Bypasses Chrome ABE Without Injection or Privilege Escalation

A newly identified variant of the VoidStealer infostealer has drawn serious attention from the security community after it became the first malware known to bypass Google Chrome’s Application-Bound Encryption (ABE) without requiring code injection or elevated system privileges. The variant, introduced in VoidStealer version 2.0 on March 13, 2026, uses a debugger-based technique to silently […]

SILENTCONNECT Uses VBScript, PowerShell and PEB Masquerading to Deploy ScreenConnect

SILENTCONNECT is a newly discovered multi-stage malware loader that has been silently targeting Windows machines since at least March 2025. It uses VBScript, in-memory PowerShell execution, and PEB masquerading to install the ConnectWise ScreenConnect remote monitoring and management tool on victim systems. Once deployed, ScreenConnect gives the attacker full hands-on keyboard control over the compromised […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.