> TritonInfoSec News

# Archive

Browse past daily curated stories

May 08 May 05 May 03 May 02 May 01 Apr 30 Apr 28 Apr 26 Apr 25 Apr 24 Apr 23 Apr 22 Apr 21 Apr 20 Apr 19 Apr 18 Apr 17 Apr 16 Apr 15 Apr 14 Apr 12 Apr 11 Apr 10 Apr 09 Apr 08 Apr 07 Apr 05 Apr 04 Apr 03 Apr 02

Tuesday, April 07, 2026

  1. 1
    0
    BleepingComputer general
    German authorities identify REvil and GangCrab ransomware bosses

    German Federal Police (BKA) identified two Russian nationals as leaders of GandCrab and REvil ransomware operations: 31-year-old Daniil Shchukin (alias UNKN) and 43-year-old Anatoly Kravchuk, linking them to over 130 ransomware attacks in Germany between 2019-2021. This represents a major breakthrough in attributing leadership of two of the most destructive ransomware families that caused billions in damages globally.

  2. 2
    0
    CyberScoop general
    Fortinet customers confront actively exploited zero-day, with a full patch still pending

    Fortinet customers face actively exploited zero-day vulnerabilities in FortiClient EMS with only a hotfix available while a full patch remains pending. Two critical defects have been exploited in recent weeks, prompting experts to urge immediate application of temporary fixes to prevent system compromise.

  3. 3
    0
    BleepingComputer general
    New GPUBreach attack enables system takeover via GPU rowhammer

    Researchers disclosed GPUBreach, a new attack that exploits Rowhammer bit-flips on GPU GDDR6 memory to escalate privileges and achieve full system compromise. This technique targets graphics processing units rather than traditional system RAM, expanding the attack surface for privilege escalation exploits.

  4. 4
    0
    The Record threat-intel
    Medusa ransomware group using zero-days to launch attacks within 24 hours of breach, Microsoft says

    Microsoft reports that Medusa ransomware group deploys zero-day exploits and can complete attacks from initial access to data exfiltration and ransomware deployment within 24 hours. This exceptionally fast attack timeline demonstrates the group's sophisticated capabilities and operational efficiency in compromising enterprise networks.

  5. 5
    0
    The Record threat-intel
    FBI: Cyber fraud surges to $17.6 billion in losses as scams, crypto theft soar

    FBI's Internet Crime Complaint Center (IC3) received 1,008,597 complaints in 2025, with cyber-enabled fraud accounting for 85% of all losses totaling $17.6 billion. The surge includes increased cryptocurrency theft and sophisticated scamming operations targeting victims across multiple platforms.

  6. 6
    0
    BleepingComputer general
    Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

    A disgruntled researcher publicly released exploit code for 'BlueHammer,' an unpatched Windows privilege escalation vulnerability that allows attackers to gain SYSTEM or elevated administrator permissions. The zero-day was previously reported privately to Microsoft but remains unfixed, creating immediate risk for Windows systems.

  7. 7
    0
    The Hacker News general
    Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

    Iran-linked threat actors conducted password-spraying campaigns targeting over 300 Israeli Microsoft 365 organizations across three attack waves on March 3, 13, and 23, 2026. Check Point identified the campaign as targeting both Israeli and UAE organizations amid ongoing Middle East conflicts.

  8. 8
    0
    BleepingComputer general
    Drift $280M crypto theft linked to 6-month in-person operation

    Drift Protocol revealed that its $280+ million cryptocurrency hack resulted from a sophisticated 6-month social engineering operation by DPRK-linked attackers who built 'a functioning operational presence inside the Drift ecosystem.' The attack demonstrates North Korean APT groups' long-term infiltration capabilities targeting cryptocurrency platforms.

  9. 9
    0
    Dark Reading general
    AI-Assisted Supply Chain Attack Targets GitHub

    PRT-scan represents the second recent AI-assisted supply chain attack targeting GitHub repositories through automated exploitation of widespread misconfigurations. Threat actors are increasingly leveraging artificial intelligence to scale targeting and exploitation of software development platforms and open-source repositories.

  10. 10
    0
    BleepingComputer general
    CISA orders feds to patch exploited Fortinet EMS flaw by Friday

    CISA ordered federal agencies to patch actively exploited CVE-2026-35616 in FortiClient Enterprise Management Server by Friday, with Singapore and US authorities warning of ongoing exploitation. The vulnerability allows authentication bypass and represents the latest in a series of Fortinet security flaws being exploited in the wild.