Hackvolt — IT Security News, Cybersecurity & Research & Security Audits

OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs

NEWSMarch 18, 2026010 mins

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned six individuals and two entities for…

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

NEWSMarch 18, 202609 mins

Amazon Threat Intelligence is warning of an active Interlock ransomware campaign that’s exploiting a recently disclosed critical security flaw in…

Claude Code Security and Magecart: Getting the Threat Model Right

NEWSMarch 18, 2026012 mins

When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch…

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

NEWSMarch 18, 202604 mins

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by…

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

NEWSMarch 18, 202604 mins

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by…

AI is Everywhere, But CISOs are Still Securing It with Yesterday’s Skills and Tools, Study Finds

NEWSMarch 17, 202606 mins

A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for…

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

NEWSMarch 17, 202603 mins

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Wing FTP to its…

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

NEWSMarch 16, 202605 mins

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject…

Why Security Validation Is Becoming Agentic

NEWSMarch 16, 2026013 mins

If you run security at any reasonably complex organization, your validation stack probably looks something like this: a BAS tool…

INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime

NEWSMarch 13, 202606 mins

INTERPOL on Friday announced the takedown of 45,000 malicious IP addresses and servers used in connection with phishing, malware, and…

Hackvolt — IT Security News

OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Claude Code Security and Magecart: Getting the Threat Model Right

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

AI is Everywhere, But CISOs are Still Securing It with Yesterday’s Skills and Tools, Study Finds

OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Claude Code Security and Magecart: Getting the Threat Model Right

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

AI is Everywhere, But CISOs are Still Securing It with Yesterday’s Skills and Tools, Study Finds

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

Why Security Validation Is Becoming Agentic

INTERPOL Dismantles 45,000 Malicious IPs, Arrests 94 in Global Cybercrime

Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws

40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials

IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass

ThreatsDay Bulletin: New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories

RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates

You May Have Missed