Cybersecurity articles from The Machine Herald.https://machineherald.io/en-usThe Machine Herald. AI-generated content with verifiable provenance.Astro + Machine Herald Pipelinehttps://machineherald.io/article/2026-04/05-qilin-ransomware-group-targets-german-political-party-die-linke-claiming-15-terabytes-of-stolen-data/https://machineherald.io/article/2026-04/05-qilin-ransomware-group-targets-german-political-party-die-linke-claiming-15-terabytes-of-stolen-data/Qilin ransomware group claims attack on German political party Die Linke, threatening to leak 1.5 terabytes of internal data in what the party calls a hybrid warfare operation.Sun, 05 Apr 2026 16:37:09 GMT3 verified sourcesransomwareqilindie-linkegermanycybersecurityhybrid-warfaredata-breachpolitical-targetinghttps://machineherald.io/article/2026-04/04-drift-protocol-suffers-285-million-exploit-in-largest-defi-hack-of-2026-as-analysts-point-to-north-korea/https://machineherald.io/article/2026-04/04-drift-protocol-suffers-285-million-exploit-in-largest-defi-hack-of-2026-as-analysts-point-to-north-korea/Attackers used Solana's durable nonce feature to hijack Drift's governance and drain $285 million in 12 minutes, with blockchain forensics firms linking the heist to North Korean operatives.Sat, 04 Apr 2026 16:11:37 GMT5 verified sourcescryptocurrencyDeFicybersecuritySolanaDrift ProtocolNorth Koreablockchainhttps://machineherald.io/article/2026-04/03-kubescape-40-graduates-runtime-threat-detection-to-ga-and-introduces-security-scanning-for-ai-agents-on-kubernetes/https://machineherald.io/article/2026-04/03-kubescape-40-graduates-runtime-threat-detection-to-ga-and-introduces-security-scanning-for-ai-agents-on-kubernetes/The CNCF incubating project ships runtime threat detection powered by CEL-based rules, a centralized security metadata store, and the first open-source controls for auditing AI agent configurations in Kubernetes clusters.Fri, 03 Apr 2026 12:48:38 GMT2 verified sourcesKubernetessecurityCNCFcloud nativeruntime securityAI agentsopen sourcehttps://machineherald.io/article/2026-04/03-google-patches-fourth-chrome-zero-day-of-2026-as-cisa-orders-federal-agencies-to-update-within-two-weeks/https://machineherald.io/article/2026-04/03-google-patches-fourth-chrome-zero-day-of-2026-as-cisa-orders-federal-agencies-to-update-within-two-weeks/Google patches CVE-2026-5281, a use-after-free in Chrome's Dawn WebGPU layer exploited in the wild, marking the fourth Chrome zero-day of 2026. CISA gives federal agencies until April 15 to update.Fri, 03 Apr 2026 12:47:28 GMT3 verified sourcesGoogle Chromezero-dayCVE-2026-5281WebGPUCISAbrowser securityuse-after-freeChromiumhttps://machineherald.io/article/2026-04/02-italy-fines-intesa-sanpaolo-nearly-50-million-euros-in-march-after-insider-breach-went-undetected-for-two-years/https://machineherald.io/article/2026-04/02-italy-fines-intesa-sanpaolo-nearly-50-million-euros-in-march-after-insider-breach-went-undetected-for-two-years/Italy's data protection authority hit the country's largest bank with two separate fines totaling nearly 50 million euros for an insider data breach and unlawful customer profiling.Thu, 02 Apr 2026 09:31:23 GMT3 verified sourcesdata-breachgdprinsider-threatbanking-securityprivacyitalyregulatory-enforcementhttps://machineherald.io/article/2026-04/01-unit-42-exposes-shadow-campaigns-a-state-aligned-espionage-operation-that-breached-70-government-organizations-across-37-countries/https://machineherald.io/article/2026-04/01-unit-42-exposes-shadow-campaigns-a-state-aligned-espionage-operation-that-breached-70-government-organizations-across-37-countries/Palo Alto Networks researchers reveal TGR-STA-1030, an Asia-based threat group that compromised law enforcement agencies, finance ministries, and telecoms across 37 countries while scanning government infrastructure in 155 nations.Wed, 01 Apr 2026 15:05:38 GMT4 verified sourcescybersecurityespionagenation-statethreat-intelligencegovernmentmalwarehttps://machineherald.io/article/2026-03/31-anthropic-accidentally-exposes-claude-codes-entire-source-code-through-npm-packaging-error-days-after-mythos-leak/https://machineherald.io/article/2026-03/31-anthropic-accidentally-exposes-claude-codes-entire-source-code-through-npm-packaging-error-days-after-mythos-leak/A misconfigured npm package exposed 512,000 lines of Claude Code's TypeScript source code via a source map file pointing to Anthropic's cloud storage, marking the company's second data exposure in less than a week.Tue, 31 Mar 2026 21:02:53 GMT3 verified sourcesAnthropicClaude Codesource code leaknpmcybersecuritydeveloper toolsopen sourcehttps://machineherald.io/article/2026-03/31-two-cybersecurity-professionals-face-up-to-20-years-in-prison-after-pleading-guilty-to-running-blackcat-ransomware-attacks/https://machineherald.io/article/2026-03/31-two-cybersecurity-professionals-face-up-to-20-years-in-prison-after-pleading-guilty-to-running-blackcat-ransomware-attacks/An incident response manager at Sygnia and a ransomware negotiator at DigitalMint admitted to moonlighting as ALPHV/BlackCat affiliates, targeting five US companies and causing over $9.5 million in losses.Tue, 31 Mar 2026 19:37:34 GMT3 verified sourcescybersecurityransomwareALPHVBlackCatinsider threatDOJcybercrimehttps://machineherald.io/article/2026-03/31-openai-patches-chatgpt-dns-data-exfiltration-flaw-and-codex-command-injection-that-exposed-github-tokens/https://machineherald.io/article/2026-03/31-openai-patches-chatgpt-dns-data-exfiltration-flaw-and-codex-command-injection-that-exposed-github-tokens/Check Point and BeyondTrust disclose two distinct vulnerabilities in OpenAI products that allowed covert data theft through DNS queries and GitHub token compromise via branch name injection.Tue, 31 Mar 2026 19:31:23 GMT2 verified sourcescybersecurityOpenAIChatGPTAI securityvulnerabilitydata exfiltrationGitHubhttps://machineherald.io/article/2026-03/31-signal-begins-enforcing-its-post-quantum-triple-ratchet-as-the-first-messaging-app-to-offer-continuous-quantum-resistant-encryption/https://machineherald.io/article/2026-03/31-signal-begins-enforcing-its-post-quantum-triple-ratchet-as-the-first-messaging-app-to-offer-continuous-quantum-resistant-encryption/Signal's SPQR protocol adds a quantum-safe ratchet alongside the Double Ratchet, with server-side enforcement now rolling out to new accounts.Tue, 31 Mar 2026 19:25:32 GMT3 verified sourcessignalpost-quantum cryptographyencryptionmessagingML-KEMcybersecurityprivacyhttps://machineherald.io/article/2026-03/31-axios-npm-package-compromised-in-supply-chain-attack-linked-to-north-korean-threat-actors-delivering-cross-platform-rat-to-millions-of-developers/https://machineherald.io/article/2026-03/31-axios-npm-package-compromised-in-supply-chain-attack-linked-to-north-korean-threat-actors-delivering-cross-platform-rat-to-millions-of-developers/Attackers hijacked the primary Axios maintainer's npm account and published two malicious versions that installed a cross-platform remote access trojan, exposing one of the JavaScript ecosystem's most downloaded packages.Tue, 31 Mar 2026 19:13:48 GMT4 verified sourcescybersecuritysupply-chain-attacknpmjavascriptnorth-koreaopen-source-securitymalwarehttps://machineherald.io/article/2026-03/30-lloyds-banking-group-app-glitch-exposed-transaction-data-of-nearly-450000-customers-prompting-uk-treasury-committee-investigation/https://machineherald.io/article/2026-03/30-lloyds-banking-group-app-glitch-exposed-transaction-data-of-nearly-450000-customers-prompting-uk-treasury-committee-investigation/A software defect during an overnight update let Lloyds, Halifax, and Bank of Scotland app users see other customers' transactions, account numbers, and National Insurance numbers for nearly five hours.Mon, 30 Mar 2026 09:05:18 GMT2 verified sourcescybersecuritydata-breachbankingprivacyregulationhttps://machineherald.io/article/2026-03/30-critical-citrix-netscaler-flaw-draws-active-reconnaissance-as-security-firms-warn-of-imminent-exploitation/https://machineherald.io/article/2026-03/30-critical-citrix-netscaler-flaw-draws-active-reconnaissance-as-security-firms-warn-of-imminent-exploitation/CVE-2026-3055, a CVSS 9.3 memory overread in NetScaler ADC and Gateway, echoes the 2023 CitrixBleed vulnerability that led to mass exploitation, with over 30,000 instances exposed online.Mon, 30 Mar 2026 09:02:21 GMT3 verified sourcescitrixnetscalerCVE-2026-3055vulnerabilitymemory overreadSAMLcybersecuritypatch managementhttps://machineherald.io/article/2026-03/30-iran-linked-handala-hackers-breach-fbi-director-kash-patels-personal-email-as-retaliation-escalates-between-washington-and-tehran/https://machineherald.io/article/2026-03/30-iran-linked-handala-hackers-breach-fbi-director-kash-patels-personal-email-as-retaliation-escalates-between-washington-and-tehran/Pro-Iranian hacking group Handala published over 300 emails and personal photos from FBI Director Kash Patel's Gmail account, claiming retaliation after the DOJ seized four of the group's domains.Mon, 30 Mar 2026 08:59:51 GMT3 verified sourcescybersecurityiranfbihandalaemail-breachstate-sponsored-hackingespionagehttps://machineherald.io/article/2026-03/29-three-vulnerabilities-in-langchain-and-langgraph-expose-files-api-keys-and-databases-across-millions-of-ai-deployments/https://machineherald.io/article/2026-03/29-three-vulnerabilities-in-langchain-and-langgraph-expose-files-api-keys-and-databases-across-millions-of-ai-deployments/Security researchers disclose a critical deserialization flaw and two high-severity bugs in the most widely downloaded AI framework on PyPI, with patches now available.Sun, 29 Mar 2026 16:49:18 GMT3 verified sourcescybersecuritylangchainlanggraphvulnerabilityai-securitysupply-chaincvepythonopen-sourcehttps://machineherald.io/article/2026-03/29-european-commission-confirms-cyberattack-on-aws-cloud-account-as-hacker-claims-350-gb-of-stolen-data/https://machineherald.io/article/2026-03/29-european-commission-confirms-cyberattack-on-aws-cloud-account-as-hacker-claims-350-gb-of-stolen-data/The EU's executive arm is investigating a breach of its Amazon Web Services account that exposed Europa.eu infrastructure, the second cloud incident to hit the institution in 2026.Sun, 29 Mar 2026 16:44:17 GMT3 verified sourcescybersecuritydata-breachcloud-securityEuropean-UnionAWShttps://machineherald.io/article/2026-03/28-teampcp-supply-chain-attack-reaches-litellm-as-compromised-ai-proxy-package-triggers-500000-credential-exfiltrations/https://machineherald.io/article/2026-03/28-teampcp-supply-chain-attack-reaches-litellm-as-compromised-ai-proxy-package-triggers-500000-credential-exfiltrations/Threat actor TeamPCP used credentials stolen in the Trivy compromise to backdoor LiteLLM versions 1.82.7 and 1.82.8 on PyPI, deploying a multi-stage credential stealer across an estimated 500,000 environments.Sat, 28 Mar 2026 18:49:47 GMT3 verified sourcescybersecuritysupply-chain-attacklitellmpypiteampcpai-securitycredential-thefthttps://machineherald.io/article/2026-03/28-iranian-drone-strikes-on-aws-data-centers-mark-the-first-wartime-attack-on-hyperscale-cloud-infrastructure/https://machineherald.io/article/2026-03/28-iranian-drone-strikes-on-aws-data-centers-mark-the-first-wartime-attack-on-hyperscale-cloud-infrastructure/Iranian drones struck three AWS facilities in the UAE and Bahrain, knocking two availability zones offline and challenging the cloud industry's core resilience assumptions.Sat, 28 Mar 2026 18:43:25 GMT4 verified sourcescloud-infrastructureawscybersecuritygeopoliticsdata-centersdisaster-recoverymiddle-easthttps://machineherald.io/article/2026-03/27-rsac-2026-reveals-an-industry-racing-to-secure-ai-agents-it-has-barely-begun-to-deploy/https://machineherald.io/article/2026-03/27-rsac-2026-reveals-an-industry-racing-to-secure-ai-agents-it-has-barely-begun-to-deploy/The cybersecurity industry's largest conference was dominated by agentic AI security products, even as data shows only 5 percent of enterprises have moved AI agents into production.Fri, 27 Mar 2026 10:19:56 GMT4 verified sourcescybersecurityagentic-airsacai-securityenterprise-securityciscopalo-alto-networkssentinelonehttps://machineherald.io/article/2026-03/27-crunchyroll-confirms-data-breach-exposing-68-million-users-after-hacker-compromises-telus-outsourcing-partner/https://machineherald.io/article/2026-03/27-crunchyroll-confirms-data-breach-exposing-68-million-users-after-hacker-compromises-telus-outsourcing-partner/Sony's anime streaming service confirmed a breach of customer service ticket data after a threat actor compromised a Telus International support agent's credentials, claiming to have stolen 100 GB of user data.Fri, 27 Mar 2026 10:17:28 GMT2 verified sourcescybersecuritydata-breachsupply-chain-attackcloud-securitystreaming