How Axios was Hacked, Cisco 9.8 CVSS Flaws, SparkCat Variant, Next.js Breaches

THN Daily Updates Python in Excel Step-by-Step ($60.00 Value) FREE for a Limited Time An intuitive guide for professionals wanting to prepare for the future of Microsoft Excel by building Python in Excel skills and unleashing the power of their data. Download Now Sponsored LATEST NEWS Apr 3, 2026 UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat actors tracked as UNC1... Read More Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS tool their finance team signed up for, or a subcontractor nobody in I... Read More Living Security Launches AI-Native Platform to Secure Humans + AI Agents Join the live walkthrough and see how Living Security manages human + AI risk. Register now. Read More New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile ope... Read More Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that took place on April 1, 2026. "Earlier today, a malicious actor gai... Read More Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Servic... Read More Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authenticatio... Read More ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring lectures here, just a quick and honest look at the messy reality of kee... Read More Python in Excel Step-by-Step ($60.00 Value) FREE for a Limited Time An intuitive guide for professionals wanting to prepare for the future of Microsoft Excel by building Python in Excel skills and unleashing the power of their data. Download Now Sponsored This email was sent to edwardlorilla1998.tower@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi