👉 What’s trending in cybersecurity today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Listen to our podcast here ⏬

Get BlueSleuth-Lite

🚨 Cyber Alerts

1.WhatsApp Warns Users of iOS Spyware Risk

WhatsApp has notified approximately 200 users, primarily in Italy, who were targeted by a fraudulent iOS application containing spyware. In response, the platform logged out affected accounts and initiated legal action against Asigint, an Italian firm accused of developing the counterfeit software.

2. Cisco IMC Auth Bypass Gives Admin Access

Cisco has launched critical security updates to address an authentication bypass vulnerability in its Integrated Management Controller that allows unauthenticated remote attackers to gain administrative control. The company also patched several other high-severity flaws, including a remote code execution vulnerability in its Smart Software Manager On-Prem systems.

3. UNC1069 Hits npm via Axios Maintainer

The Axios npm package maintainer revealed that the project was compromised through a sophisticated social engineering campaign led by North Korean threat actors known as UNC1069. By impersonating a legitimate company founder and deploying malware during a fraudulent video call, the attackers gained the credentials necessary to publish malicious versions of the highly popular library.

For more alerts click here!

Subscribe Now

💥 Cyber Incidents

4. Handala Claims Breach of Israeli PSK

Hackers linked to Iran have announced a breach of PSK Wind, an Israeli defense firm responsible for developing vital command and control systems. The group, known as Handala, claims to have exfiltrated sensitive data and distributed it to regional military allies to undermine Israeli security infrastructure.

5. Hasbro Hit in Cyberattack Disrupting Ops

Hasbro recently reported a cyberattack that forced the company to disable various systems, potentially leading to significant disruptions in order processing and product distribution. According to a filing with the Securities and Exchange Commission, the toy manufacturer expects to rely on backup business continuity plans for several weeks as they work to restore full functionality.

6. Drift Hit By North Korean Hackers Seize Funds

The Drift Protocol suffered a loss of over 280 million dollars after a sophisticated attacker seized control of its Security Council administrative powers. Blockchain analysts have attributed the breach to North Korean hackers, citing specific on-chain patterns and timing consistent with previous state-sponsored cyber operations.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. Man Admits Locking Thousands of Windows PCs

A former core infrastructure engineer has admitted to orchestrating a failed extortion plot that involved locking administrators out of hundreds of servers at his New Jersey-based employer. After gaining unauthorized access to the network, the employee attempted to force a ransom payment of 20 bitcoin by deleting administrator accounts and threatening to shut down systems.

8. CERT-EU Reports EC Hack Affecting EU Data

The European Union’s Cybersecurity Service has linked a significant breach of the European Commission’s cloud infrastructure to the TeamPCP threat actor group. This intrusion, which originated from a supply-chain attack, resulted in the exposure of sensitive data belonging to the Commission and at least 29 other Union entities.

9. Free VPNs Leak Data Despite Privacy Claims

Many free Android VPNs function as data collection tools rather than privacy protectors by tracking user activity and requesting invasive permissions. Research shows that these apps often connect to servers in high-risk jurisdictions, turning the promise of free security into a significant privacy threat.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks were mostly higher on Friday, April 3, 2026, outperforming the broader tech sector as investors reacted to positive channel checks and a stabilizing macroeconomic backdrop. The sector saw a notable uptick in “bottom-fishing” activity, with several major platform providers showing strong intraday recoveries.

Market Summary

The price action suggests a “risk-on” Friday for the sector, with capital flowing back into dominant cloud and network security providers after a period of heavy consolidation.

• Platform Leadership: Fortinet (FTNT) continued its streak of outperformance, trading up +4.92%. The company’s consistent growth in SASE and SD-WAN is clearly separating it from the pack in the current high-interest-rate environment.

• The “Big Three” Stabilization: CrowdStrike (CRWD) showed a healthy bounce, closing at -13.28% for the period (up +1.48% on the day), while Palo Alto Networks (PANW) tracked closely at -13.59%. The convergence of these two titans suggests the market is beginning to price in a “duopoly” floor for enterprise XDR and cloud security.

• Identity Holding Steady: Okta (OKTA) remains resilient at -14.30%, effectively mirroring the performance of the top-tier platform players as identity security remains non-negotiable for enterprise compliance.

• Persistent Headwinds: Rapid7 (RPD) remains the significant outlier, down -61.39%. Despite the broader sector bounce, RPD continues to struggle with the market’s preference for broad platform consolidation over specialized vulnerability tools.

Key Insight: As the first week of Q2 closes, the narrative is firmly about “Platformization.” The tight correlation between CRWD, PANW, and OKTA, combined with the breakout of FTNT, indicates that “Quality and Scale” are the primary drivers of investor sentiment. We are witnessing a clear survival-of-the-fittest cycle where the largest ecosystems are successfully absorbing the budgets of smaller, struggling point-solution vendors.

💡 Cyber Tip

🤖 Update Now: Chrome Zero-Day Under Active Attack.

Google has released an emergency update to fix CVE-2026-5281, a high-severity “zero-day” vulnerability currently being exploited by hackers in the wild. This flaw exists in the Dawn graphics component and could allow an attacker to execute malicious code on your system just by luring you to a compromised website.

🛠️ What You Should Do

• Update Chrome Immediately: Click the three dots (⋮) in the top-right corner, go to Help > About Google Chrome.

• Verify the Version: Ensure you are running version 146.0.7680.177 (Linux) or 146.0.7680.178 (Windows/Mac) or higher.

• Relaunch the Browser: The patch is not fully applied until you click Relaunch; simply closing the window may not be enough.

• Check Other Browsers: If you use Microsoft Edge, Brave, or Vivaldi, check their settings for updates as they also use the affected Chromium engine.

⚠️ Why This Matters

This vulnerability is particularly dangerous because it is a “zero-day,” meaning hackers discovered and used it before a fix was available to the public. If left unpatched, a remote attacker can exploit this memory error to bypass security boundaries and take control of your device through your web browser.

Visit BookClub

📚 Cyber Book

Deep Medicine by Eric Topol.

GET BOOK

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium