Drift $280M crypto theft linked to 6-month in-person operation

https://www.bleepingcomputer.com/news/security/drift-280m-crypto-theft-linked-to-6-month-in-person-operation/

Read on HackerWorkspace: https://hackerworkspace.com/article/drift-280m-crypto-theft-linked-to-6-month-in-person-operation

#cybersecurity #incidentresponse #threatintelligence

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

https://thehackernews.com/2026/04/multi-os-cyberattacks-how-socs-close.html

Read on HackerWorkspace: https://hackerworkspace.com/article/multi-os-cyberattacks-how-socs-close-a-critical-risk-in-3-steps

#malware #cybersecurity #incidentresponse

🔵 THREAT INTELLIGENCE

Hackers exploit React2Shell in automated credential theft campaign

Vulnerability | CRITICAL
CVEs: CVE-2025-55182

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable...

Full analysis:
https://www.yazoul.net/news/news/hackers-exploit-react2shell-in-automated-credential-theft-campaign

#CyberSecurity #APT #IncidentResponse

The way things are these days, you'd hope that immigration law firms would be especially careful to secure clients' files.

Dream on.

New by me: Two data security incidents affected immigration law firms and their clients

https://databreaches.net/2026/04/06/two-data-security-incidents-affected-immigration-law-firms-and-their-clients/

#databreach #thirdparty #dataleak #incidentresponse

When people keep advising victims not to pay ransom because threat actors can't be trusted to really delete all the data, my inner researcher kicks in and wants to know how often that really happens.

So I started sending out inquiries.

Now you might think that those who publicly and repeatedly urge journalists to "spread the word" not to pay would respond and share some of their experiences with untrustworthy threat actors, but no..... they didn't even respond.

Read about the replies I did get, because they really surprised me.

I have no doubt that some professionals will hate what I have reported, but then, perhaps they should have responded, too, if they think differently.

How often do threat actors default on promises to delete data?
https://databreaches.net/2026/04/05/how-often-do-threat-actors-default-on-promises-to-delete-data/

#databreach #incidentresponse #ransom

@zackwhittaker @campuscodi @euroinfosec @lawrenceabrams @jgreig @securityaffairs @Hackread @h4ckernews

The Modern SOC Analyst's Arsenal: Tools, AI, and Skills for 2026

https://hackerworkspace.com/article/the-modern-soc-analyst-s-arsenal-tools-ai-and-skills-for-2026

#cybersecurity #incidentresponse #threatintelligence