Welcome to BSafes Library
BSafes library includes mobile-friendly cybersecurity publications.
News
April 2, 2026 – Phishing
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures Full Text
Abstract
A phishing campaign is targeting Spanish-speaking users in Latin America and Europe, delivering banking trojans like Casbaneiro and Horabot. The campaign employs dynamic PDF lures, WhatsApp automation, and ClickFix social engineering tactics.The Hacker News
April 2, 2026 – Malware
‘NoVoice’ Android malware on Google Play infected 2.3 million devices Full Text
Abstract
The NoVoice Android malware has been discovered on Google Play, infecting over 2.3 million devices. It exploits old Android vulnerabilities to gain root access and primarily targets WhatsApp for data theft.Bleeping Computer
April 2, 2026 – Breach
Anthropic Claude Code Leak Full Text
Abstract
Anthropic's Claude Code was accidentally leaked, exposing 59.8 MB of source code (513,000 lines, 1,906 files). The leak has been widely distributed on GitHub, with over 84,000 stars and 82,000 forks, posing significant security risks.ZSCalar
April 2, 2026 – Outage
Crypto platform Drift suspends services after millions stolen in security incident Full Text
Abstract
Drift Protocol, a decentralized finance platform, has suspended its services following a significant cyberattack resulting in the theft of hundreds of millions of dollars in cryptocurrency.The Record
March 31, 2026 – Breach
Telnyx package latest hit in PyPI supply-chain compromise Full Text
Abstract
The Telnyx Python SDK on PyPI has been compromised by TeamPCP, a group linked to the Trivy supply-chain attack. The malicious package versions 4.87.1 and 4.87.2 contain a multi-stage infostealer.The Register
March 31, 2026 – Vulnerabilities
15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow Full Text
Abstract
A critical vulnerability, CVE-2026-25075, has been identified in strongSwan's EAP-TTLS plugin, affecting versions 4.5.0 to 6.0.4. This flaw allows attackers to crash VPN services through an integer underflow, leading to massive memory corruption.Hack Read
March 31, 2026 – Outage
Cybercriminals say they hacked the city of Meriden, CT and stole data Full Text
Abstract
A ransomware group named Inc has claimed responsibility for a cyberattack on the city of Meriden, CT. The attack, reported by city officials on February 17, has caused significant disruptions, with services still being restored over a month later.CompariTech
March 31, 2026 – Malware
New RoadK1ll WebSocket implant used to pivot on breached networks Full Text
Abstract
RoadK1ll is a newly identified Node.js implant that enables threat actors to pivot within breached networks. It blends into normal network activity and does not rely on an inbound listener, using a custom WebSocket protocol for communication.Bleeping Computer
March 24, 2026 – Phishing
An AI-powered phishing campaign has compromised hundreds of organizations Full Text
Abstract
An AI-powered phishing campaign has compromised 344 organizations across sectors such as construction, law, healthcare, and government. The campaign exploits Microsoft cloud accounts using OAuth tokens.Cyber Scoop
March 24, 2026 – Breach
Hacker walks away with $24.5 million after breaching Resolv DeFi platform Full Text
Abstract
A cyberattack on the Resolv DeFi platform resulted in the unauthorized creation of $80 million worth of USR stablecoin, which was exchanged for 11,408 ETH, valued at $24.5 million.The Record
March 24, 2026 – Breach
Mazda discloses security breach exposing employee and partner data Full Text
Abstract
Mazda Motor Corporation has disclosed a security breach involving a system related to warehouse operations for parts procured from Thailand. The breach exposed sensitive data of employees and business partners.Bleeping Computer
March 18, 2026 – Vulnerabilities
Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23 Full Text
Abstract
Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon (telnetd) that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges.The Hacker News
March 18, 2026 – Policy and Law
Europe sanctions Chinese and Iranian firms for cyberattacks Full Text
Abstract
The EU sanctioned three Chinese and Iranian companies for cyberattacks targeting devices and critical infrastructure. One company provided technical and material support that led to hacking more than 65,000 devices in six EU states.Bleeping Computer
March 18, 2026 – Attack
GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX Full Text
Abstract
The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions.Bleeping Computer
March 18, 2026 – Vulnerabilities
Apple pushes first Background Security Improvements update to fix WebKit flaw Full Text
Abstract
Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without requiring a full operating system upgrade.Bleeping Computer
March 16, 2026 – Breach
AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code Full Text
Abstract
The AppsFlyer Web SDK was hijacked to spread crypto-stealing JavaScript code. This incident highlights the risks associated with third-party SDKs in supply-chain attacks.Bleeping Computer
March 16, 2026 – Vulnerabilities
Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw Full Text
Abstract
Microsoft has released an out-of-band (OOB) hotpatch update for Windows 11 Enterprise devices to address vulnerabilities in the Windows Routing and Remote Access Service (RRAS) that could lead to remote code execution.Bleeping Computer
March 16, 2026 – Criminals
Payload Ransomware claims the hack of Royal Bahrain Hospital Full Text
Abstract
The Payload Ransomware group has claimed responsibility for breaching the Royal Bahrain Hospital (RBH), a prominent healthcare facility in Bahrain. The group has stolen 110 GB of data.Security Affair