Brian Krebs

1. Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

   A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm's chief executive says…

   Published Thu, Apr 30, 2026

2. ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

   A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack…

   Published Tue, Apr 21, 2026

3. Patch Tuesday, April 2026 Edition

   Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed "BlueHammer." Separately, Google Chrome fixed its fourth…

   Published Tue, Apr 14, 2026

4. Russia Hacked Routers to Steal Microsoft Office Tokens

   Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from…

   Published Tue, Apr 7, 2026

5. Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

   An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage…

   Published Mon, Apr 6, 2026

6. ‘CanisterWorm’ Springs Wiper Attack Targeting Iran

   A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.

   Published Mon, Mar 23, 2026

7. Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

   The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets -- named…

   Published Fri, Mar 20, 2026

8. Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

   A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than…

   Published Wed, Mar 11, 2026

9. Microsoft Patch Tuesday, March 2026 Edition

   Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usual some patches may deserve more rapid attention from organizations…

   Published Wed, Mar 11, 2026

10. How AI Assistants are Moving the Security Goalposts

    AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful…

    Published Sun, Mar 8, 2026