SC Staff

Global Microsoft device code phishing facilitated by novel EvilTokens kit

• identity
• phishing
• threat-intelligence

Global Microsoft device code phishing facilitated by novel EvilTokens kit

SC Staff April 2, 2026

BleepingComputer reports that organizations around the world, particularly in the U.S., Canada, France, Australia, India, Switzerland, and...

Read More Read more about Global Microsoft device code phishing facilitated by novel EvilTokens kit

New Chinese cyberespionage campaigns strike Europe

• threat-intelligence

New Chinese cyberespionage campaigns strike Europe

SC Staff April 2, 2026

Chinese state-sponsored threat operation TA416 has reemerged from a two-year hiatus to compromise European governments in a...

Read More Read more about New Chinese cyberespionage campaigns strike Europe

Infoblox’s Craig Sanderson breaks down the newly finalized NIST SP 800-81

• industry-regulations
• rsac

Infoblox’s Craig Sanderson breaks down the newly finalized NIST SP 800-81

SC Staff April 2, 2026

Craig Sanderson dives into the newly finalized NIST SP 800-81 as it marks a pivotal shift in...

Read More Read more about Infoblox’s Craig Sanderson breaks down the newly finalized NIST SP 800-81

NoVoice Android malware steals WhatsApp data via Google Play apps

• application-security
• data-security
• malware

NoVoice Android malware steals WhatsApp data via Google Play apps

SC Staff April 2, 2026

The NoVoice operation, identified by McAfee, concealed malicious components within the com.facebook.utils package, blending them with legitimate...

Read More Read more about NoVoice Android malware steals WhatsApp data via Google Play apps

Thousands of API credentials exposed on public websites

• api-security
• data-security
• identity

Thousands of API credentials exposed on public websites

SC Staff April 2, 2026

The study, detailed in a preprint paper by Standford University, University of California, Davis, and TU Delft...

Read More Read more about Thousands of API credentials exposed on public websites

Exabeam expands platform to monitor AI agent activity

• aiml
• security-operations

Exabeam expands platform to monitor AI agent activity

SC Staff April 2, 2026

The expanded platform transforms AI agent services into sources of behavior telemetry, feeding directly into Exabeam's threat...

Read More Read more about Exabeam expands platform to monitor AI agent activity

CrystalRAT malware-as-a-service offers remote access and prankware features

• data-security
• malware
• threat-intelligence

CrystalRAT malware-as-a-service offers remote access and prankware features

SC Staff April 2, 2026

CrystalRAT, which first appeared in January, operates on a tiered subscription model and shares significant similarities with...

Read More Read more about CrystalRAT malware-as-a-service offers remote access and prankware features

Gartner report offers framework for evaluating AI SOC agents

• aiml
• soc

Gartner report offers framework for evaluating AI SOC agents

SC Staff April 2, 2026

A recent Gartner report, "Validate the Promises of AI SOC Agents With These Key Questions," provides a...

Read More Read more about Gartner report offers framework for evaluating AI SOC agents

Phishing campaign delivers Casbaneiro and Horabot banking trojans

• malware
• phishing

Phishing campaign delivers Casbaneiro and Horabot banking trojans

SC Staff April 2, 2026

The threat actor, identified as Brazilian cybercrime group Augmented Marauder and Water Saci, employs a unique delivery...

Read More Read more about Phishing campaign delivers Casbaneiro and Horabot banking trojans

Ransomware attackers increasingly exploit legitimate IT tools, bypassing antivirus

• malware
• ransomware
• security-operations

Ransomware attackers increasingly exploit legitimate IT tools, bypassing antivirus

SC Staff April 2, 2026

Attackers are leveraging tools like Process Hacker and IOBit Unlocker, which possess deep operating system access.

Read More Read more about Ransomware attackers increasingly exploit legitimate IT tools, bypassing antivirus