The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
Blue Headlineq

Week in Cybersecurity: 338 New Vulnerabilities, 11 Critical (April 07 – April 14, 2026)

This week in cybersecurity: 338 new CVEs published including 11 critical severity. 9 vulnerabilities added to CISA KEV catalog. Plus major developments in AI security, supply chain attacks, and ...

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Threat actor uses Microsoft Teams to deploy new “Snow” malware

A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a ...
The Chronicle

Duke cites rise in campus shootings behind new active shooter training

After spring break, students opened their inboxes to an email from Duke Student Affairs announcing that all undergraduates would be automatically enrolled in an active shooter training module on ...
GitHub

Azure AD Incident Response PowerShell Module

Make the module a community project for ongoing improvement Help bridge the gap between on-premises and cloud environments and knowledge NB - one of the cmdlets in ...
GitHub

rotate-ad-iis-account.ps1

# - RSAT Active Directory module must be installed on the broker # - WebAdministration module must be installed on the IIS server throw "AD_TARGET_USER environment ...