Security Articles

Cloudflare introduces Programmable Flow Protection, a beta feature for Magic Transit Enterprise customers that lets them deploy custom eBPF-based DDoS mitigation logic across Cloudflare's global network.

Beta

DDoS

UDP

Axios package compromise and remediation steps

The axios npm package was compromised in an active supply chain attack discovered on March 31, 2026, and Vercel has documented remediation steps.

The Hacker News

01 min read

Security•2026-03-31

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

This article covers the Silver Fox (SwimSnake) threat group's expanded Asia cyber campaign using a newly discovered AtlasCross RAT delivered via typosquatted domains.

The Hacker News

01 min read

Security•2026-03-31

The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority

This article argues that AI-driven threats have fundamentally changed cybersecurity, making unified exposure management a strategic necessity.

The Hacker News

01 min read

Security•2026-03-31

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios HTTP client versions 1.14.1 and 0.30.4 were poisoned via a compromised npm maintainer account, deploying a cross-platform RAT.

The Hacker News

11 min read

Security•2026-03-30

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

This article covers two critical security vulnerabilities discovered in OpenAI's ChatGPT and Codex that have since been patched.

Google Cloud

112 min read

Security•2026-03-30

Cloud CISO Perspectives: RSAC '26: AI, security, and the workforce of the future

Nick Godfrey recaps RSA Conference 2026 discussions on AI's dual role in cybersecurity offense and defense, and Google Cloud's security strategy.

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

This article covers DeepLoad, a newly discovered malware loader that uses ClickFix social engineering, AI-assisted obfuscation, and WMI persistence to steal browser credentials.

The Hacker News

01 min read

Security•2026-03-30

⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More

This weekly cybersecurity recap covers active exploits, state-sponsored telecom intrusions, a legal sentencing, and emerging malware campaigns.

The Hacker News

01 min read

Security•2026-03-30

3 SOC Process Fixes That Unlock Tier 1 Productivity

This article outlines three SOC process improvements to boost Tier 1 analyst productivity using ANY.RUN sandbox.

The Hacker News

01 min read

Security•2026-03-30

The State of Secrets Sprawl 2026: 9 Takeaways for CISOs

GitGuardian's State of Secrets Sprawl 2026 report reveals that hardcoded secret leaks accelerated dramatically in 2025, with 29 million new secrets exposed — a 34% year-over-year increase.

The Hacker News

01 min read

Security•2026-03-30

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Censys researchers uncovered CTRL, a Russian-origin remote access toolkit distributed via malicious LNK files disguised as private key folders.