Illinois Representative Delia Ramirez has been appointed as the top Democrat on the House Homeland Security Committee's Cybersecurity and Infrastructure Protection Subcommittee, replacing Eric Swalwell following his resignation from Congress.
Adobe has pushed an out-of-band security update for Acrobat and Reader to address CVE-2026-34621, a zero-day vulnerability exploited in the wild since at least December that allows malicious PDFs to escape sandbox protections and execute arbitrary code.
The ShinyHunters cybercrime group says it accessed Rockstar Games data via stolen authentication tokens linked to cloud analytics provider Anodot, threatening to leak files unless a ransom is paid by April 14.
Booking.com has begun alerting customers that hackers may have accessed personal details tied to their travel reservations, though the company says no financial or payment information was compromised.
Claims that LinkedIn is running mass corporate espionage by scanning users' browser extensions have gone viral, but security researchers say the reality is far more mundane — and the real concern may be the extensions themselves.
A new subscription-based infostealer named Storm emerged on underground forums in early 2026, shifting credential theft to server-side decryption to evade endpoint security tools and automate session hijacking against SaaS, cloud, and internal platforms.
OpenAI confirmed its macOS app-signing workflow executed a malicious version of the Axios JavaScript library, published by North Korean-linked threat group UNC1069 after compromising a lead maintainer's NPM account.
European gym chain Basic-Fit confirmed that unknown hackers breached its systems and downloaded personal data belonging to approximately 1 million members across Belgium, the Netherlands, Luxembourg, France, Spain, and Germany.
A joint law enforcement operation involving the United States, United Kingdom, and Canada has identified over $45 million in stolen cryptocurrency and successfully frozen roughly $12 million, which will be returned to victims.
The popular CPUID hardware utility website was breached and manipulated to serve malicious versions of CPU-Z, HWMonitor, and PerfMonitor, deploying a newly identified RAT capable of stealing credentials and cryptocurrency wallets.