CTRL Hacking Toolkit, China Clusters, Iran Hack Hits FBI Director

THN Daily Updates Webinar ➞ Exposure-Driven Resilience: Automate Testing to Validate & Improve Your Security Posture Manual security testing can’t keep pace with evolving threats. This webinar reveals how automation and continuous validation strengthen your organization’s security posture, uncover blind spots in real time, and prove resilience before attackers do. Download Now Sponsored LATEST NEWS Mar 30, 2026 The State of Secrets Sprawl 2026: 9 Takeaways for CISOs Secrets sprawl isn't slowing down: in 2025, it accelerated faster than most security teams anticipated. GitGuardian's State of Secrets Sprawl 2026 report analyzed billions of commits across public GitHub and uncovered 2... Read More Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels Cybersecurity researchers have discovered a remote access toolkit of Russian-origin that's distributed via malicious Windows shortcut (LNK) files that are disguised as private key folders. The CTRL toolkit, according to... Read More Most Security Controls Block Under Half of Simulated Attacks Get the Picus data on how breach simulation closes security control gaps with vendor-specific fixes. Read More Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign Three threat activity clusters aligned with China have targeted a government organization in Southeast Asia as part of what has been described as a "complex and well-resourced operation." The campaigns have led to the d... Read More Iran-Linked Hackers Breach FBI Director's Personal Email, Hit Stryker With Wiper Attack Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation (FBI), and leaked a cache of photos and other documents to the i... Read More Which Code Vulnerabilities Actually Get Fixed? New Code Security Data from 50,000+ Repos New security research reveals which categories get fixed fast, which don't, and what makes the difference. Read More Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr. The vulnerability, CVE-2026-3055 (... Read More TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attribute... Read More Webinar ➞ Exposure-Driven Resilience: Automate Testing to Validate & Improve Your Security Posture Manual security testing can’t keep pace with evolving threats. This webinar reveals how automation and continuous validation strengthen your organization’s security posture, uncover blind spots in real time, and prove resilience before attackers do. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi