# Archive
Browse past daily curated stories
Tuesday, April 28, 2026
-
1BleepingComputer generalGlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions
Security researchers discovered 73 malicious extensions on OpenVSX marketplace as part of a new GlassWorm campaign, with 6 confirmed malicious extensions that turn hostile after updates. The sleeper extensions masquerade as legitimate VS Code extensions and deploy information-stealing malware once activated, targeting developers who trust the open-source extension repository.
-
2BleepingComputer generalPyPI package with 1.1M monthly downloads hacked to push infostealer
The elementary-data Python package on PyPI with 1.1 million monthly downloads was compromised by attackers who pushed a malicious version to steal developer credentials and cryptocurrency wallets. This supply chain attack demonstrates how threat actors target high-profile open source packages to maximize the impact of their credential harvesting operations.
-
3BleepingComputer generalHome security giant ADT data breach affects 5.5 million people
Home security giant ADT suffered a data breach affecting 5.5 million customers after the ShinyHunters extortion group infiltrated their systems earlier this month. The breach exposed personal information of millions of users whose homes are protected by ADT's security services, creating significant privacy and physical security risks.
-
4BleepingComputer generalMedtronic confirms breach after hackers claim 9 million records theft
Medical device manufacturer Medtronic confirmed hackers breached their corporate IT systems after threat actors claimed to have stolen 9 million patient records. The breach affects a major provider of critical medical devices including pacemakers and insulin pumps, raising concerns about both data privacy and potential impacts to medical device security.
-
5BleepingComputer generalAlleged Silk Typhoon hacker extradited to US for cyberespionage
Chinese national Xu Zewei, allegedly part of the Silk Typhoon APT group, was extradited from Italy to the US to face charges for cyberespionage operations targeting COVID-19 vaccine research and US policy interests. The case represents a rare successful extradition of a suspected Chinese state-sponsored hacker to face prosecution in American courts.
-
6SecurityWeek generalOpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years
A critical OpenSSH vulnerability that allowed full root shell access remained undetected for 15 years due to a code reuse issue where comma characters in certificate principals were incorrectly interpreted as list separators. The flaw enabled privilege escalation attacks against SSH implementations across countless Unix and Linux systems worldwide.
-
7Dark Reading generalUnpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation
Researchers disclosed 'PhantomRPC', an unpatched architectural weakness in Windows' Remote Procedure Call mechanism that enables privilege escalation through five different exploit paths. The vulnerability stems from how Windows handles connections to unavailable RPC services, potentially affecting millions of Windows installations.
-
8Dark Reading generalUNC6692 Combines Social Engineering, Malware, Cloud Abuse
Newly identified threat actor UNC6692 combines Microsoft Teams social engineering with AWS S3 bucket abuse and custom 'Snow' malware family (Snowbelt, Snowglaze, Snowbasin) in multipronged attacks. The group uses email bombing tactics and impersonates IT help desk workers to gain initial access before deploying their malware toolkit.
-
9BleepingComputer generalRobinhood account creation flaw abused to send phishing emails
Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate platform emails, making users believe their accounts had suspicious activity. This abuse of trusted communication channels demonstrates how attackers can weaponize legitimate business processes to enhance the credibility of their phishing campaigns.
-
10SecurityWeek generalEnergy and Water Management Firm Itron Hacked
Energy and water management firm Itron, which serves utilities and cities globally, disclosed unauthorized access to its internal systems discovered on April 13. The breach affects a critical infrastructure company that provides smart metering and grid management solutions to power and water utilities worldwide.