Annie - RH-ISAC - Page 2 of 24 Blog

VIENNA, VA (April 16, 2026) – The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) announced its 2026 award winners during the RH-ISAC Member Celebration Dinner and Awards Ceremony held on 15 April in Austin, Texas. The awards recognize outstanding companies and individuals who have displayed extraordinary dedication to RH-ISAC’s mission to build a…

For years, fraud has been a payments problem. Detect it at checkout. Measure success in chargebacks avoided. Build controls around transactions. That model made sense when fraud itself was transactional – and reactive. That era is over. Modern fraud operations are not waiting for a payment event. They are active earlier in the customer journey,…

NEW YORK, NY – April 9, 2026 — Kasada, a leader in protecting digital businesses from automated and human-driven fraud and abuse, today announced it will serve as the title sponsor of the 2026 RH-ISAC Cybersecurity Summit, taking place April 13-15 in Austin, Texas. Hosted by the Retail & Hospitality Information Sharing and Analysis Center…

Executive Summary On 3 April 2026, a disgruntled security researcher publicly released a working proof-of-concept for an unpatched Windows local privilege escalation (LPE) vulnerability named BlueHammer. The flaw combines a time-of-check to time-of-use (TOCTOU) race condition and path-confusion issue in Windows Defender’s signature-update mechanism. It allows a low-privileged local user to access the SAM database,…

Executive Summary On 7 April 2026, reports emerged in open source that multiple companies have suffered data theft attacks after a SaaS integration provider was breached and authentication tokens stolen. While numerous cloud storage and SaaS vendors were targeted using the stolen tokens, the majority of the data theft attacks targeted the cloud-based data warehouse platform Snowflake….

Executive Summary According to a released report by StepSecurity, on 30 March 2026, an unnamed threat actor compromised a npm account associated with the Axios library and published malicious package versions, impacting developers and organizations relying on the dependency. The threat actor introduced backdoored versions of 1.14.1 and 0.30.4 that included a hidden malicious component designed…

VIENNA, VA (1 April 2026) — The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) and IANS today announced the release of the 2026 CISO Benchmark Report, providing a comprehensive look at how cybersecurity leaders across the retail and hospitality sectors are navigating economic pressure, evolving threats, and the rapid rise of artificial intelligence…

Executive Summary According to a released report from Rapid7 Labs, Chinese threat actor Red Menshen is targeting telecommunication networks in undisclosed regions with the goal of carrying out espionage against corporate and government agencies. This campaign, reported on 26 March 2026, has been a long-term operation gaining access to telecom critical environments for an extended period…

For years, fraud and cybersecurity have been treated as separate problems, owned by different teams and addressed with different tools. Fraud programs focused on screening transactions at checkout. Security programs focused on defending the perimeter. That division once made sense. Today, it no longer does. Modern attacks do not exploit infrastructure first, but rather identity….

Executive Summary On 24 March 2026, Sansec Researchers identified a novel payment skimmer leveraging WebRTC data channels rather than conventional web requests to load malicious code and exfiltrate stolen payment data, bypassing traditional security controls. Sansec reported the skimmer targeting ecommerce sites throughout March 2026 by exploiting a PolyShell vulnerability in Magento and Adobe Commerce. Key Takeaways  Novel Exfiltration Technique: This is reportedly the first observed instance of WebRTC being used…