Dark Reading

Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation

An unpatched vulnerability can allow for privilege escalation across Windows systems through the abuse of the Remote Procedure Call (RPC) architecture in Microsoft's OS. Called PhantomRPC, the flaw ...
Crowdfund Insider

KelpDAO Bridge Exploit Analysis : North Korean Hackers Steal $292 Million via Off-Chain Attack

Chainalysis noted that on April 18, 2026, cybercriminals believed to be tied to North Korea’s Lazarus Group executed one of the largest DeFi heists of the year, siphoning approximately $292 million ...
CoinDesk

LayerZero blames Kelp's setup for $290 million exploit, attributes it to North Korea's Lazarus

LayerZero has placed responsibility for the $290 million Kelp DAO exploit on Kelp's own security configuration, saying the liquid restaking protocol ran a single-verifier setup that LayerZero had ...
Yahoo Finance

DeFi TVL Drops on All Top 20 Chains After KelpDAO Exploit

The above button links to Coinbase. Yahoo Finance is not a broker-dealer or investment adviser and does not offer securities or cryptocurrencies for sale or facilitate trading. Coinbase pays us for ...

Microsoft’s Patch Tuesday release for April is a whopper

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even Microsoft Developer Tools.
American Rifleman

Taurus RPC: The Bull Does a PDW

** When you buy products through the links on our site, we may earn a commission that supports NRA's mission to protect, preserve and defend the Second Amendment. ** The term “personal defense weapon” ...
Forbes

Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
Yahoo Finance

Drift Protocol Hit by $285M Exploit: Crypto’s Biggest Hack of 2026 Unfolds on April Fool’s Day

The above button links to Coinbase. Yahoo Finance is not a broker-dealer or investment adviser and does not offer securities or cryptocurrencies for sale or facilitate trading. Coinbase pays us for ...
Mashable

iPhone exploit DarkSword has been released in the wild: How to protect yourself

iPhone users should be on alert: DarkSword spyware has been posted in the wild. Credit: Cheng Xin/Getty Images DarkSword, the web-based hacker tool that can be used to steal data from millions of ...
9to5Mac

Google reveals another exploit chain affecting outdated iPhones

Following its recent disclosure of the Coruna exploit chain targeting older iOS versions, the company has now revealed a similar attack believed to be called DarkSword. Here are the details. A few ...
Android Authority

Qualcomm responds to GBL exploit used on latest Snapdragon flagships

Qualcomm confirmed that fixes for the GBL exploit were provided to Android device makers earlier this month. The exploit, discovered by Xiaomi ShadowBlade Security Lab, was a key component in ...