Archiv für April 2026

Alleged TrakCare Access, PowerLab Leak, U.S. Driver IDs, Hong Kong HA Data and More SOCRadar’s Dark Web Team identified several new underground posts this week, including an alleged unauthorized access offering tied to TrakCare and InterSystems environments, a small French retailer database leak claim, and multiple high-risk datasets marketed with identity and healthcare-related fields. Another […]

Pro-Iran Cyberattacks on Financial Services: 144 Incidents Financial services is the #2 most targeted sector in the entire campaign, and for reasons that are deliberate, documented, and rooted in more than a decade of Iranian cyber doctrine. Between February 28 and April 6, 2026, SOCRadar tracked 1,583 verified incidents across Operation Epic Fury. Of those, […]

Advisory at a Glance Title Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure Original Publication April 7, 2026 Executive Summary Iran-affiliated advanced persistent threat (APT) actors are conducting exploitation activity targeting internet-facing operational technology (OT) devices, including programmable logic controllers (PLCs) manufactured by Rockwell Automation/Allen-Bradley. This activity has led to PLC disruptions […]

CVE-2026-35616: FortiClient EMS API Auth Bypass Enables Command Execution Fortinet disclosed a critical vulnerability in Fortinet FortiClient EMS (Enterprise Management Server) tracked as CVE-2026-35616. Fortinet also says it has observed in-the-wild exploitation and released out-of-band hotfix guidance for affected builds. This post breaks down what CVE-2026-Adresse geschuetzt, who is affected, and what defenders should do […]