# Archive
Browse past daily curated stories
Friday, April 03, 2026
-
1The Hacker News generalHackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
Cisco Talos discovered a large-scale credential harvesting operation exploiting the React2Shell vulnerability (CVE-2025-55182) to compromise 766 Next.js hosts. Attackers stole database credentials, SSH private keys, AWS secrets, shell histories, Stripe API keys, and GitHub tokens across the breached systems.
-
2BleepingComputer generalDrift loses $280 million as hackers seize Security Council powers
The Drift Protocol suffered a $280 million cryptocurrency theft after threat actors executed a sophisticated takeover of the platform's Security Council administrative powers. Security researchers have attributed this attack to North Korean hackers based on the operational tactics employed.
-
3The Hacker News generalCisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
Cisco patched CVE-2026-20093, a critical 9.8 CVSS vulnerability in the Integrated Management Controller (IMC) that allows unauthenticated remote attackers to bypass authentication and gain elevated system privileges. The flaw also affects Cisco SSM systems and could enable complete remote system compromise.
-
4Schneier on Security threat-intelUS Bans All Foreign-Made Consumer Routers
The US Executive Branch banned all new foreign-manufactured consumer routers, citing supply chain vulnerabilities and cybersecurity risks to critical infrastructure. The ban applies only to new router purchases, with existing foreign-made devices remaining unaffected for current users.
-
5Ars Technica Security generalNew Rowhammer attacks give complete control of machines running Nvidia GPUs
Security researchers disclosed GDDRHammer and GeForge, new Rowhammer attacks that target Nvidia GPU memory to compromise the CPU and gain complete machine control. These attacks exploit memory bit flips in GPU GDDR memory to escalate privileges and bypass system security controls.
-
6SecurityWeek generalExploited Zero-Day Among 21 Vulnerabilities Patched in Chrome
Google patched CVE-2026-5281, a zero-day use-after-free vulnerability in Chrome's Dawn WebGPU component that was actively exploited in the wild. This marks the fourth Chrome zero-day fixed in 2026, with the update addressing 21 total vulnerabilities in the browser.
-
7Dark Reading generalNot Toying Around: Hasbro Attack May Take 'Weeks' to Remediate
Hasbro disclosed a cyberattack in its 8-K SEC filing, noting "unauthorized access" to company systems discovered on March 28. The toy giant has activated business continuity plans, taken affected systems offline, and estimates remediation may take weeks to complete.
-
8CyberScoop generalMedtech giant Stryker says it’s back up after Iranian cyberattack
Medical device manufacturer Stryker confirmed full operational recovery three weeks after the Iranian Handala hacktivist group executed a data-wiping cyberattack against the company's systems. The attack targeted Stryker's internal network infrastructure using destructive wiper malware.
-
9BleepingComputer generalNew Progress ShareFile flaws can be chained in pre-auth RCE attacks
Security researchers identified two vulnerabilities in Progress ShareFile that can be chained together to enable unauthenticated file exfiltration from enterprise file transfer environments. The pre-authentication remote code execution attack affects the widely-used secure file sharing platform.
-
10The Hacker News generalWhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
WhatsApp alerted approximately 200 users, primarily in Italy, who were tricked into installing a malicious iOS app containing spyware. The fake WhatsApp application was distributed through social engineering tactics targeting Italian users specifically.