In the second timeline of April 2026 I collected 108 events, corresponding to an average of 7.2 events per day, a number that confirms a growing trend, driven by the increasing number of supply chain attacks, compared to the previous timeline, where I collected 94 events (6.27 events/day).

DataDome researchers uncovered a massive low and slow DDoS attack that delivered 2.45 billion requests using 1.2 million IP addresses.

VECT 2.0 ransomware contains fatal flaws that permanently destroy files, making recovery impossible and rendering ransom payments useless for victims worldwide.

Two US cybersecurity experts jailed for aiding BlackCat ransomware group, extorting victims worldwide and exploiting insider access for profit.

A new campaign shows misconfigured Jenkins servers abused to deploy a DDoS botnet targeting gaming systems, with Valve Corporation infrastructure in focus.

I aggregated the statistics created from the cyber attacks timelines published in the first quarter of 2026. In this period, I collected a total of 528 events (5.87 events/day) dominated by Cyber Crime with 66%, followed by Cyber Espionage with 18%, Hacktivism with 3%, and finally Cyber Warfare with 2%.

Discover the 13 hidden costs of password-based authentication, from $70-per-reset help desk overhead to SMS OTP fees and breach exposure. Includes a simple ROI worksheet formula to calculate your organization's annual password tax and build the business case for passwordless authentication

The post 13 Hidden Costs of Password-Based Authentication (With Real ROI Math) appeared first on Security Boulevard.

GitGuardian uncovers TeamPCP attack on Bitwarden CLI, abusing GitHub Dependabot to spread Shai-Hulud and poison AI coding tools.

The first timeline of April 2026 brings an evolution in terms of methodology: from now on I will map the initial access techniques with the MITRE ATT&CK model. I also decided to merge the categories of Finance and Fintech in the sectors chart. From an event perspective, the first half of April 2026 confirmed a sustained trend...

New GoGra Linux malware linked to Harvester APT targets systems in South Asia, using fake PDFs and Microsoft APIs for covert command and control.

Acronis reveals Mustang Panda is using an updated version of LOTUSLITE backdoor to target Indian banks and Korean diplomats. Learn how this DLL sideloading attack works.

Bluesky is back online after a roughly 24-hour DDoS attack disrupted services, with the Iran-linked 313 Team claiming responsibility and no data breach reported.

Credential stuffing is a cyberattack where attackers use stolen usernames and passwords, often obtained from data breaches or bought on the dark web, to gain unauthorized access to accounts on other platforms. These attacks are highly prevalent and a major contributor to data breaches, largely because 64% of users reuse passwords across multiple accounts. On […]

The post What Makes Credential Stuffing Difficult to Detect? appeared first on Kratikal Blogs.

The post What Makes Credential Stuffing Difficult to Detect? appeared first on Security Boulevard.

After the cyber attacks timelines, it’s time to publish the statistics for March 2026 where I collected and analyzed 282 events: a sharp increase compared to the 176 events of the previous month. In March 2026, Cyber Crime continued to lead the Motivations chart with 64%, ahead of Cyber Espionage at number two with 15%. Hacktivism took over the third position with 6%, ahead of Cyber Warfare with 3%.

A new Qrator Labs report reveals that the largest DDoS botnet has grown to 13.5 million devices, and…

Active HanGhost Loader campaign targets enterprise payment and logistics workflows with fileless attacks, multi-stage execution, and stealthy malware delivery.

The second half of March 2026 has been very active from an infosec standpoint, with 124 events and a threat landscape dominated by malware. As always, cyber crime led the motivations chart with 65%, slightly up from the previous timeline.

Booking.com confirms a data breach exposing customer details to hackers. No payment data accessed, but users face risk of targeted phishing scams now!

ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK.

A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies.