cybersec

#TitleDate
1Hackers abuse Google ads, Claude.ai chats to push Mac malwareMay 10, 6:10 pm
2Police shut down reboot of Crimenetwork marketplace, arrest adminMay 10, 3:10 pm
3Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory LeakMay 10, 1:10 pm
4JDownloader site hacked to replace installers with Python RAT malwareMay 9, 8:10 pm
5Fake OpenAI repository on Hugging Face pushes infostealer malwareMay 9, 3:10 pm
6cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch NowMay 9, 8:10 am
7TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook WormsMay 8, 7:10 pm
8Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store DownloadsMay 8, 5:10 pm
9NVIDIA confirms GeForce NOW data breach affecting Armenian usersMay 8, 5:10 pm
10Trellix source code breach claimed by RansomHouse hackersMay 8, 2:10 pm
11Why More Analysts Won’t Solve Your SOC’s Alert ProblemMay 8, 2:10 pm
12CISA gives feds four days to patch Ivanti flaw exploited as zero-dayMay 8, 1:10 pm
13Quasar Linux RAT Steals Developer Credentials for Software Supply Chain CompromiseMay 8, 12:10 pm
14New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH CredentialsMay 8, 11:10 am
15One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity RiskMay 8, 11:10 am
16Zara data breach exposed personal information of 197,000 peopleMay 8, 11:10 am
17Former govt contractor convicted for wiping dozens of federal databasesMay 8, 9:10 am
18Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major DistributionsMay 8, 8:10 am
19New Linux 'Dirty Frag' zero-day gives root on all major distrosMay 8, 8:10 am
20Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag, (Fri, May 8th)May 8, 8:10 am
21Canvas Breach Disrupts Schools & Colleges NationwideMay 8, 3:10 am
22ISC Stormcast For Friday, May 8th, 2026 https://isc.sans.edu/podcastdetail/9924, (Fri, May 8th)May 8, 2:10 am
23Canvas login portals hacked in mass ShinyHunters extortion campaignMay 7, 11:10 pm
24New TCLBanker malware self-spreads over WhatsApp and OutlookMay 7, 10:10 pm
25PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud SystemsMay 7, 7:10 pm
26Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level AccessMay 7, 7:10 pm
27New PCPJack worm steals credentials, cleans TeamPCP infectionsMay 7, 7:10 pm
28Australia warns of ClickFix attacks pushing Vidar Stealer malwareMay 7, 6:10 pm
29Ivanti warns of new EPMM flaw exploited in zero-day attacksMay 7, 4:10 pm
30One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth BreachesMay 7, 3:10 pm
31PAN-OS RCE Exploit Under Active Use Enabling Root Access and EspionageMay 7, 2:10 pm
32Americans sentenced for running 'laptop farms' for North KoreaMay 7, 2:10 pm
33The Browser Is Breaking Your DLP: How Data Slips Past Modern ControlsMay 7, 2:10 pm
34Crypto gang member gets 6.5 years for role in $230 million heistMay 7, 1:10 pm
35Day Zero Readiness: The Operational Gaps That Break Incident ResponseMay 7, 12:10 pm
36ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New StoriesMay 7, 12:10 pm
37Webinar: Why modern attacks require both security and recoveryMay 7, 12:10 pm
38Palo Alto Networks firewall zero-day exploited for nearly a monthMay 7, 11:10 am
39PyPI Packages Deliver ZiChatBot Malware via Zulip APIs on Windows and LinuxMay 7, 10:10 am
40Fake Claude AI website delivers new 'Beagle' Windows malwareMay 7, 10:10 am
41vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code ExecutionMay 7, 5:10 am
42An Adaptive Cyber Analytics UI for Web Honeypot Logs [Guest Diary], (Wed, May 6th)May 7, 2:10 am
43ISC Stormcast For Thursday, May 7th, 2026 https://isc.sans.edu/podcastdetail/9922, (Thu, May 7th)May 7, 2:10 am
44Hackers abuse Google ads for GoDaddy ManageWP login phishingMay 6, 10:10 pm
45Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS AttacksMay 6, 9:10 pm
46Critical vm2 sandbox bug lets attackers execute code on hostsMay 6, 7:10 pm
47New Cisco DoS flaw requires manual reboot to revive devicesMay 6, 6:10 pm
48DAEMON Tools devs confirm breach, release malware-free versionMay 6, 5:10 pm
49MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware AttackMay 6, 3:10 pm
50Why ransomware attacks succeed even when backups existMay 6, 2:10 pm
51Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?May 6, 1:10 pm
52The Hacker News Launches 'Cybersecurity Stars Awards 2026' — Submissions Now OpenMay 6, 1:10 pm
53Webinar: Why network incidents escalate and how to fix response gapsMay 6, 1:10 pm
54MuddyWater hackers use Chaos ransomware as a decoy in attacksMay 6, 1:10 pm
55Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPsMay 6, 10:10 am
56Google's Android Apps Get Public Verification to Stop Supply Chain AttacksMay 6, 10:10 am
57Palo Alto Networks warns of firewall RCE zero-day exploited in attacksMay 6, 10:10 am
58Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code ExecutionMay 6, 8:10 am
59ISC Stormcast For Wednesday, May 6th, 2026 https://isc.sans.edu/podcastdetail/9920, (Wed, May 6th)May 6, 2:10 am
60Instructure hacker claims data theft from 8,800 schools, universitiesMay 5, 10:10 pm
61New stealthy Quasar Linux malware targets software developersMay 5, 10:10 pm
62DAEMON Tools trojanized in supply-chain attack to deploy backdoorMay 5, 8:10 pm
63The EOL Blind Spot in Your CVE Feed: What SCA Tools MissMay 5, 7:10 pm
64Student hacked Taiwan high-speed rail to trigger emergency brakesMay 5, 6:10 pm
65DAEMON Tools Supply Chain Attack Compromises Official Installers with MalwareMay 5, 5:10 pm
66Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCEMay 5, 5:10 pm
67China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across RegionsMay 5, 4:10 pm
68FTC to ban data broker Kochava from selling Americans’ location dataMay 5, 3:10 pm
69The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check.May 5, 2:10 pm
70MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution AttacksMay 5, 1:10 pm
71The Back Door Attackers Know About — and Most Security Teams Still Haven’t ClosedMay 5, 1:10 pm
72Vimeo data breach exposes personal information of 119,000 peopleMay 5, 1:10 pm
73Google now offers up to $1.5 million for some Android exploitsMay 5, 12:10 pm
74Cleartext Passwords in MS Edge? In 2026?, (Mon, May 4th)May 5, 12:10 pm
75SSL.com rotates their root certificate today, (Tue, May 5th)May 5, 12:10 pm
76Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prisonMay 5, 11:10 am
77We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually IsMay 5, 11:10 am
78ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and WindowsMay 5, 10:10 am
79CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPsMay 5, 10:10 am
80ScarCruft hackers push BirdCall Android malware via game platformMay 5, 9:10 am
81Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 CountriesMay 5, 8:10 am
82Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug APIMay 5, 8:10 am
83ISC Stormcast For Tuesday, May 5th, 2026 https://isc.sans.edu/podcastdetail/9918, (Tue, May 5th)May 5, 2:10 am
84Weaver E-cology critical bug exploited in attacks since MarchMay 4, 11:10 pm
85Amazon SES increasingly abused in phishing to evade detectionMay 4, 8:10 pm
86Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM ToolsMay 4, 7:10 pm
87Progress Patches Critical MOVEit Automation Bug Enabling Authentication BypassMay 4, 6:10 pm
88TeamPCP Weekly Analysis: 2026-W18 (2026-04-27 through 2026-05-03), (Mon, May 4th)May 4, 6:10 pm
89Backdoored PyTorch Lightning package drops credential stealerMay 4, 6:10 pm
90Trellix discloses data breach after source code repository hackMay 4, 5:10 pm
91⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & MoreMay 4, 4:10 pm
92DShield Honeypot Update, (Mon, May 4th)May 4, 3:10 pm
93They don’t hack, they borrow: How fraudsters target credit unionsMay 4, 2:10 pm
94Webinar: Why MSPs must rethink security and backup strategiesMay 4, 1:10 pm
95Progress warns of critical MOVEit Automation auth bypass flawMay 4, 1:10 pm
96CISA says ‘Copy Fail’ flaw now exploited to root Linux systemsMay 4, 12:10 pm
97Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and RussiaMay 4, 12:10 pm
982026: The Year of AI-Assisted AttacksMay 4, 12:10 pm
99Critical cPanel Vulnerability Weaponized to Target Government and MSP NetworksMay 4, 11:10 am
100Microsoft confirms April Windows updates cause backup failuresMay 4, 11:10 am
101Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701MMay 4, 7:10 am
102ISC Stormcast For Monday, May 4th, 2026 https://isc.sans.edu/podcastdetail/9916, (Mon, May 4th)May 4, 2:10 am
103Instructure confirms data breach, ShinyHunters claims attackMay 3, 11:10 pm
104Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dhaMay 3, 7:10 pm
105Wireshark 4.6.5 Released, (Sun, May 3rd)May 3, 5:10 pm
106Telegram Mini Apps abused for crypto scams, Android malware deliveryMay 3, 3:10 pm
107CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEVMay 3, 7:10 am
108Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacksMay 2, 10:10 pm
109ConsentFix v3 attacks target Azure with automated OAuth abuseMay 2, 3:10 pm
110Trellix Confirms Source Code Breach With Unauthorized Repository AccessMay 2, 7:10 am
111Microsoft tests modern Windows Run, says it's faster than legacy dialogMay 2, 1:10 am
112Edu tech firm Instructure discloses cyber incident, probes impactMay 2, 12:10 am
11330,000 Facebook Accounts Hacked via Google AppSheet Phishing CampaignMay 1, 8:10 pm
114Malicious Ad for Homebrew Leads to MacSync Stealer, (Fri, May 1st)May 1, 7:10 pm
11515-year-old detained over French govt agency data breachMay 1, 6:10 pm
116Story retractedMay 1, 5:10 pm
117China-Linked Hackers Target Asian Governments, NATO State, Journalists, and ActivistsMay 1, 3:10 pm
118Criminal IP and Securonix ThreatQ Collaborate to Enhance Threat Intelligence OperationsMay 1, 3:10 pm
119Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion AttacksMay 1, 3:10 pm
120Microsoft fixes Remote Desktop warnings displaying incorrectlyMay 1, 1:10 pm
121Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware AttacksMay 1, 12:10 pm
122Top Five Sales Challenges Costing MSPs Cybersecurity RevenueMay 1, 12:10 pm
123Microsoft now lets admins choose pre-installed Store apps to uninstallMay 1, 12:10 pm
124Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential TheftMay 1, 10:10 am
125Windows 11 KB5083631 update released with 34 changes and fixesMay 1, 10:10 am
126US ransomware negotiators get 4 years in prison over BlackCat attacksMay 1, 8:10 am
127ISC Stormcast For Friday, May 1st, 2026 https://isc.sans.edu/podcastdetail/9914, (Fri, May 1st)May 1, 2:10 am
128PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal CredentialsApr 30, 7:10 pm
129New Bluekit phishing service includes an AI assistant, 40 templatesApr 30, 7:10 pm
130Romanian leader of online swatting ring gets 4 years in prisonApr 30, 6:10 pm
131PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal CredentialsApr 30, 5:10 pm
132FBI links cybercriminals to sharp surge in cargo theft attacksApr 30, 5:10 pm
133April KB5083769 Windows 11 update causes backup software failuresApr 30, 4:10 pm
134New Linux ‘Copy Fail’ flaw gives hackers root on major distrosApr 30, 2:10 pm
135ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More StoriesApr 30, 2:10 pm
136What Happens in the First 24 Hours After a New Asset Goes LiveApr 30, 2:10 pm
137Anti-DDoS Firm Heaped Attacks on Brazilian ISPsApr 30, 2:10 pm
138EtherRAT Distribution Spoofing Administrative Tools via GitHub FacadesApr 30, 1:10 pm
139New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud CredentialsApr 30, 1:10 pm
140Police dismantles 9 crypto scam centers, arrests 276 suspectsApr 30, 12:10 pm
141Critical cPanel and WHM bug exploited as a zero-day, PoC now availableApr 30, 12:10 pm
142New Linux 'Copy Fail' Vulnerability Enables Root Access on Major DistributionsApr 30, 10:10 am
143Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code ExecutionApr 30, 7:10 am
144ISC Stormcast For Thursday, April 30th, 2026 https://isc.sans.edu/podcastdetail/9912, (Thu, Apr 30th)Apr 30, 2:10 am
145Danger of Libredtail [Guest Diary], (Wed, Apr 29th)Apr 30, 12:10 am
146Popular WordPress redirect plugin hid dormant backdoor for yearsApr 29, 11:10 pm
147Official SAP npm packages compromised to steal credentialsApr 29, 11:10 pm
148Hackers exploit RCE flaws in Qinglong task scheduler for cryptominingApr 29, 9:10 pm
149Hackers arrested for hijacking and selling 610,000 Roblox accountsApr 29, 7:10 pm
150SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain AttackApr 29, 6:10 pm
151SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing MalwareApr 29, 5:10 pm
152New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATsApr 29, 4:10 pm
153cPanel, WHM emergency update fixes critical auth bypass bugApr 29, 4:10 pm
154European police dismantles €50 million crypto investment fraud ringApr 29, 3:10 pm
155Webinar: How to Automate Exposure Validation to Match the Speed of AI AttacksApr 29, 2:10 pm
156Learning from the Vercel breach: Shadow AI & OAuth sprawlApr 29, 2:10 pm
157Today's Odd Web Requests, (Wed, Apr 29th)Apr 29, 2:10 pm
158GitHub fixes RCE flaw that gave access to millions of private reposApr 29, 1:10 pm
159What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)Apr 29, 12:10 pm
160Critical cPanel Authentication Vulnerability Identified — Update Your Server ImmediatelyApr 29, 11:10 am
161CISA orders feds to patch Windows flaw exploited as zero-dayApr 29, 11:10 am
162Microsoft says backend change broke Teams Free chat and callsApr 29, 9:10 am
163CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEVApr 29, 9:10 am
164LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of DisclosureApr 29, 6:10 am
165ISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910, (Wed, Apr 29th)Apr 29, 2:10 am
166Broken VECT 2.0 ransomware acts as a data wiper for large filesApr 28, 10:10 pm
167Hackers are exploiting a critical LiteLLM pre-auth SQLi flawApr 28, 9:10 pm
168Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git PushApr 28, 7:10 pm
169Video service Vimeo confirms Anodot breach exposed user dataApr 28, 7:10 pm
170Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer CampaignApr 28, 6:10 pm
171US reportedly charges Scattered Spider hacker arrested in FinlandApr 28, 4:10 pm
172VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXiApr 28, 3:10 pm
173Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub dataApr 28, 3:10 pm
174Microsoft to deprecate legacy TLS in Exchange Online starting JulyApr 28, 2:10 pm
175HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)Apr 28, 2:10 pm
176Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks AboutApr 28, 1:10 pm
177Inside an OPSEC Playbook: How Threat Actors Evade DetectionApr 28, 1:10 pm
178Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCEApr 28, 12:10 pm
179After Mythos: New Playbooks For a Zero-Window EraApr 28, 11:10 am
180Microsoft: New Remote Desktop warnings may display incorrectlyApr 28, 10:10 am
181Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research CyberattacksApr 28, 9:10 am
182Microsoft asks iPhone users to reauthenticate after Outlook outageApr 28, 9:10 am
183Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202Apr 28, 7:10 am
184Microsoft Patches Entra ID Role Flaw That Enabled Service Principal TakeoverApr 28, 7:10 am
185ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th)Apr 28, 2:10 am
186Robinhood account creation flaw abused to send phishing emailsApr 28, 12:10 am
187GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensionsApr 27, 10:10 pm
188Alleged Silk Typhoon hacker extradited to US for cyberespionageApr 27, 8:10 pm
189Canada arrests three for operating “SMS blaster” device in TorontoApr 27, 8:10 pm
190FTC: Americans lost over $2.1 billion to social media scams in 2025Apr 27, 5:10 pm
191⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & MoreApr 27, 4:10 pm
192Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 AttackApr 27, 4:10 pm
193PyPI package with 1.1M monthly downloads hacked to push infostealerApr 27, 4:10 pm
194Webinar: Spotting cyberattacks before they beginApr 27, 3:10 pm
195Home security giant ADT data breach affects 5.5 million peopleApr 27, 3:10 pm
196Medtronic confirms breach after hackers claim 9 million records theftApr 27, 2:10 pm
197TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)Apr 27, 2:10 pm
198Deepfake Voice Attacks are Outpacing Defenses: What Security Leaders Should KnowApr 27, 1:10 pm
199Money launderer linked to $230M crypto heist gets 70 months in prisonApr 27, 1:10 pm
200Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 MalwareApr 27, 12:10 pm
201PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian NetworksApr 27, 12:10 pm
202Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation SideApr 27, 12:10 pm
203Microsoft says Outlook.com outage is causing sign‑in failuresApr 27, 12:10 pm
204Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto FraudApr 27, 9:10 am
205American utility firm Itron discloses breach of internal IT networkApr 26, 3:10 pm
206Microsoft rolls out revamped Windows Insider ProgramApr 25, 5:10 pm
207Threat actor uses Microsoft Teams to deploy new “Snow” malwareApr 25, 4:10 pm
208Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering SoftwareApr 25, 10:10 am
209CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal DeadlineApr 25, 6:10 am
210ADT confirms data breach after ShinyHunters leak threatApr 24, 11:10 pm
211Firestarter malware survives Cisco firewall updates, security patchesApr 24, 9:10 pm
212Windows Update gets new controls to reduce forced restartsApr 24, 8:10 pm
213Microsoft to roll out Entra passkeys on Windows in late AprilApr 24, 7:10 pm
214New BlackFile extortion group linked to surge of vishing attacksApr 24, 7:10 pm
215FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security PatchesApr 24, 6:10 pm
216New ‘Pack2TheRoot’ flaw gives hackers root Linux accessApr 24, 6:10 pm
217NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense SoftwareApr 24, 4:10 pm
218DORA and operational resilience: Credential management as a financial risk controlApr 24, 3:10 pm
219Over 10,000 Zimbra servers vulnerable to ongoing XSS attacksApr 24, 2:10 pm
220Microsoft now lets admins uninstall Copilot on enterprise devicesApr 24, 12:10 pm
22126 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed PhrasesApr 24, 12:10 pm
222Bridging the AI Agent Authority Gap: Continuous Observability as the Decision EngineApr 24, 12:10 pm
223UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW MalwareApr 24, 10:10 am
224Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2Apr 24, 10:10 am
225LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of DisclosureApr 24, 9:10 am
226ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th)Apr 24, 2:10 am
227Hackers exploit file upload bug in Breeze Cache WordPress pluginApr 23, 10:10 pm
228Bitwarden CLI npm package compromised to steal developer credentialsApr 23, 8:10 pm
229UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW MalwareApr 23, 7:10 pm
230Trigona ransomware attacks use custom exfiltration tool to steal dataApr 23, 7:10 pm
231New Checkmarx supply-chain breach affects KICS analysis toolApr 23, 4:10 pm
232ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New StoriesApr 23, 3:10 pm
233Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain CampaignApr 23, 3:10 pm
234Regular Password Resets Aren’t as Safe as You ThinkApr 23, 3:10 pm
235Cosmetics giant Rituals discloses data breach affecting customersApr 23, 3:10 pm
236Microsoft: Some Teams users can’t join meetings after Edge updateApr 23, 2:10 pm
237Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?Apr 23, 1:10 pm
238[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI SpeedApr 23, 1:10 pm
239UK warns of Chinese hackers using proxy networks to evade detectionApr 23, 1:10 pm
240New GopherWhisper APT group abuses Outlook, Slack, Discord for commsApr 23, 12:10 pm
241Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal MessagesApr 23, 11:10 am
242Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd)Apr 23, 11:10 am
243CISA orders feds to patch BlueHammer flaw exploited as zero-dayApr 23, 11:10 am
244Vercel Finds More Compromised Accounts in Context.ai-Linked BreachApr 23, 10:10 am
245China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go BackdoorsApr 23, 10:10 am
246Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic CaseApr 23, 9:10 am
247Apple fixes bug that let the FBI recover deleted Signal messagesApr 23, 6:10 am
248ISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904, (Thu, Apr 23rd)Apr 23, 2:10 am
249Apple fixes iOS bug that retained deleted notification dataApr 22, 9:10 pm
250New Mirai campaign exploits RCE flaw in EoL D-Link routersApr 22, 8:10 pm
251Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply ChainApr 22, 7:10 pm
252Kyber ransomware gang toys with post-quantum encryption on WindowsApr 22, 7:10 pm
253Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer TokensApr 22, 6:10 pm
254Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph APIApr 22, 4:10 pm
255Spain dismantles major $4.7M manga piracy platform, arrests fourApr 22, 3:10 pm
256Inside Caller-as-a-Service Fraud: The Scam Economy Has a Hiring ProcessApr 22, 2:10 pm
257Microsoft Teams to get efficiency mode on PCs with limited resourcesApr 22, 1:10 pm
258New npm supply-chain attack self-spreads to steal auth tokensApr 22, 1:10 pm
259Toxic Combinations: When Cross-App Permissions Stack into RiskApr 22, 12:10 pm
260Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive AttackApr 22, 12:10 pm
261Microsoft traces Universal Print issues to Graph API code changeApr 22, 11:10 am
262Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation BugApr 22, 10:10 am
263New GoGra malware for Linux uses Microsoft Graph API for commsApr 22, 10:10 am
264Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container EscapeApr 22, 9:10 am
265Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy CirclesApr 22, 9:10 am
266Microsoft releases emergency patches for critical ASP.NET flawApr 22, 9:10 am
267Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacksApr 22, 7:10 am
268ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)Apr 22, 2:10 am
269[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)Apr 22, 12:10 am
270French govt agency confirms breach as hacker offers to sell dataApr 21, 10:10 pm
271SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware OperationApr 21, 8:10 pm
272New Lotus data wiper used against Venezuelan energy, utility firmsApr 21, 7:10 pm
27322 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP ConvertersApr 21, 5:10 pm
27422 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP ConvertersApr 21, 4:10 pm
275Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023Apr 21, 3:10 pm
276‘Scattered Spider’ Member ‘Tylerb’ Pleads GuiltyApr 21, 3:10 pm
2775 Places where Mature SOCs Keep MTTR Fast and Others Waste TimeApr 21, 2:10 pm
278UK probes Telegram, teen chat sites over CSAM sharing concernsApr 21, 2:10 pm
279Stopping Fraud at Each Stage of the Customer Journey Without Adding FrictionApr 21, 2:10 pm
280CISA flags new SD-WAN flaw as actively exploited in attacksApr 21, 1:10 pm
281Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code ExecutionApr 21, 12:10 pm
282NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINsApr 21, 12:10 pm
283Actively exploited Apache ActiveMQ flaw impacts 6,400 serversApr 21, 12:10 pm
284No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based AttacksApr 21, 12:10 pm
285Former ransomware negotiator pleads guilty to BlackCat attacksApr 21, 11:10 am
286NGate Android malware uses HandyPay NFC app to steal card dataApr 21, 9:10 am
287A .WAV With A Payload, (Tue, Apr 21st)Apr 21, 8:10 am
288CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal DeadlinesApr 21, 7:10 am
289ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900, (Tue, Apr 21st)Apr 21, 2:10 am
290KelpDAO suffers $290 million heist tied to Lazarus hackersApr 20, 11:10 pm
291China's Apple App Store infiltrated by crypto-stealing wallet appsApr 20, 10:10 pm
292The Gentlemen ransomware now uses SystemBC for bot-powered attacksApr 20, 8:10 pm
293SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model FilesApr 20, 7:10 pm
294Seiko USA website defaced as hacker claims customer data theftApr 20, 7:10 pm
295Microsoft: Teams increasingly abused in helpdesk impersonation attacksApr 20, 4:10 pm
296⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & MoreApr 20, 3:10 pm
297British Scattered Spider hacker pleads guilty to crypto theft chargesApr 20, 2:10 pm
298The backup myth that is putting businesses at riskApr 20, 2:10 pm
299Why Most AI Deployments Stall After the DemoApr 20, 1:10 pm
300Microsoft tests Windows Explorer speed, performance improvementsApr 20, 1:10 pm
301Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply ChainApr 20, 11:10 am
302Microsoft pulls service update causing Teams launch failuresApr 20, 10:10 am
303Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT SystemsApr 20, 9:10 am
304Microsoft releases emergency updates to fix Windows Server issuesApr 20, 9:10 am
305Handling the CVE Flood With EPSS, (Mon, Apr 20th)Apr 20, 7:10 am
306Vercel Breach Tied to Context AI Hack Exposes Limited Customer CredentialsApr 20, 5:10 am
307ISC Stormcast For Monday, April 20th, 2026 https://isc.sans.edu/podcastdetail/9898, (Mon, Apr 20th)Apr 20, 2:10 am
308Vercel confirms breach as hackers claim to be selling stolen dataApr 19, 6:10 pm
309Apple account change alerts abused to send phishing emailsApr 19, 4:10 pm
310NIST to stop rating non-priority flaws due to volume increaseApr 19, 3:10 pm
311Critical flaw in Protobuf library enables JavaScript code executionApr 18, 4:10 pm
312Microsoft Teams right-click paste broken by Edge update bugApr 18, 3:10 pm
313NAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 SupportApr 18, 2:10 pm
314$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence ClaimsApr 18, 9:10 am
315[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise DataApr 18, 9:10 am
316Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS BotnetApr 18, 7:10 am
317Payouts King ransomware uses QEMU VMs to bypass endpoint securityApr 17, 8:10 pm
318Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card ShopsApr 17, 3:10 pm
319Grinex exchange blames "Western intelligence" for $13.7M crypto hackApr 17, 3:10 pm
320Three Microsoft Defender Zero-Days Actively Exploited; Two Still UnpatchedApr 17, 2:10 pm
321Webinar: From phishing to fallout — Why MSPs must rethink both security and recoveryApr 17, 1:10 pm
322Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy OverhaulApr 17, 12:10 pm
323CISA flags Apache ActiveMQ flaw as actively exploited in attacksApr 17, 10:10 am
324Man gets 30 months for selling thousands of hacked DraftKings accountsApr 17, 8:10 am
325NIST Limits CVE Enrichment After 263% Surge in Vulnerability SubmissionsApr 17, 8:10 am
326Microsoft: Some Windows servers enter reboot loops after April patchesApr 17, 8:10 am
327Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal AccountsApr 17, 7:10 am
328Recently leaked Windows zero-days now exploited in attacksApr 17, 7:10 am
329Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active ExploitationApr 17, 4:10 am
330ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)Apr 17, 2:10 am
331Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)Apr 17, 1:10 am
332Operation PowerOFF identifies 75k DDoS users, takes down 53 domainsApr 16, 11:10 pm
333ZionSiphon malware designed to sabotage water treatment systemsApr 16, 10:10 pm
334New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privilegesApr 16, 9:10 pm
335Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 TrafficApr 16, 7:10 pm
336Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging FaceApr 16, 5:10 pm
337Google expands Gemini AI use to fight malicious ads on its platformApr 16, 4:10 pm
338ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More StoriesApr 16, 2:10 pm
339Most "AI SOCs" Are Just Faster Triage. That's Not Enough.Apr 16, 2:10 pm
340New ATHR vishing platform uses AI voice agents for automated attacksApr 16, 2:10 pm
341[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your EnvironmentApr 16, 1:10 pm
342Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to TemuApr 16, 12:10 pm
343Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto AttacksApr 16, 12:10 pm
344Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code ExecutionApr 16, 12:10 pm
345Cisco says critical Webex Services flaw requires customer actionApr 16, 12:10 pm
346Data breach at edtech giant McGraw Hill affects 13.5 million accountsApr 16, 11:10 am
347US nationals behind DPRK IT worker 'laptop farm' sent to prisonApr 16, 9:10 am
348Microsoft: April Windows Server 2025 update may fail to installApr 16, 8:10 am
349UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware CampaignApr 16, 7:10 am
350ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th)Apr 16, 2:10 am
351[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)Apr 16, 12:10 am
352Critical Nginx UI auth bypass flaw now actively exploited in the wildApr 15, 11:10 pm
353New AgingFly malware used in attacks on Ukraine govt, hospitalsApr 15, 10:10 pm
354WordPress plugin suite hacked to push malware to thousands of sitesApr 15, 9:10 pm
355n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing EmailsApr 15, 6:10 pm
356Signed software abused to deploy antivirus-killing scriptsApr 15, 6:10 pm
357Microsoft pays $2.3M for cloud and AI flaws at Zero Day QuestApr 15, 5:10 pm
358CISA flags Windows Task Host vulnerability as exploited in attacksApr 15, 3:10 pm
359April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and MoreApr 15, 2:10 pm
360Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server TakeoverApr 15, 2:10 pm
361Rolling Networks: Securing the Transportation SectorApr 15, 2:10 pm
362Deterministic + Agentic AI: The Architecture Exposure Validation RequiresApr 15, 1:10 pm
363Microsoft: April updates trigger BitLocker key prompts on some serversApr 15, 12:10 pm
364Microsoft fixes bug behind Windows Server 2025 automatic upgradesApr 15, 11:10 am
365Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New VulnerabilitiesApr 15, 9:10 am
366OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security TeamsApr 15, 6:10 am
367ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)Apr 15, 2:10 am
368Scanning for AI Models, (Tue, Apr 14th)Apr 15, 1:10 am
369Microsoft adds Windows protections for malicious Remote Desktop filesApr 14, 11:10 pm
370Over 100 Chrome Web Store extensions steal user accounts, dataApr 14, 10:10 pm
371Patch Tuesday, April 2026 EditionApr 14, 10:10 pm
372Crypto-exchange Kraken extorted by hackers after insider breachApr 14, 10:10 pm
373Over 100 Chrome extensions in Web Store target users accounts and dataApr 14, 9:10 pm
374Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-daysApr 14, 6:10 pm
375Microsoft Patch Tuesday April 2026., (Tue, Apr 14th)Apr 14, 6:10 pm
376Windows 11 cumulative updates KB5083769 & KB5082052 releasedApr 14, 6:10 pm
377McGraw-Hill confirms data breach following extortion threatApr 14, 6:10 pm
378Microsoft releases Windows 10 KB5082200 extended security updateApr 14, 6:10 pm
379New PHP Composer Flaws Enable Arbitrary Command Execution — Patches ReleasedApr 14, 5:10 pm
380Fake Ledger Live app on Apple’s App Store stole $9.5M in cryptoApr 14, 5:10 pm
381AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad FraudApr 14, 4:10 pm
382Microsoft rolls out fast-track to reinstate Windows hardware dev accountsApr 14, 4:10 pm
3835 Ways Zero Trust Maximizes Identity SecurityApr 14, 3:10 pm
384Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance SecurityApr 14, 2:10 pm
385Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta AdsApr 14, 12:10 pm
386Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)Apr 14, 10:10 am
387108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 UsersApr 14, 9:10 am
388CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe SoftwareApr 14, 7:10 am
389ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched ServersApr 14, 7:10 am
390ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th)Apr 14, 2:10 am
391European Gym giant Basic-Fit data breach affects 1 million membersApr 13, 10:10 pm
392JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025Apr 13, 8:10 pm
393Critical flaw in wolfSSL library enables forged certificate useApr 13, 8:10 pm
394Stolen Rockstar Games analytics data leaked by extortion gangApr 13, 8:10 pm
395FBI takedown of W3LL phishing service leads to developer arrestApr 13, 7:10 pm
396New Booking.com data breach forces reservation PIN resetsApr 13, 6:10 pm
397OpenAI rotates macOS certs after Axios attack hit code-signing workflowApr 13, 6:10 pm
398FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud AttemptsApr 13, 4:10 pm
399Adobe rolls out emergency fix for Acrobat, Reader zero-day flawApr 13, 4:10 pm
400⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and MoreApr 13, 2:10 pm
401The silent “Storm”: New infostealer hijacks sessions, decrypts server-sideApr 13, 2:10 pm
402Your MTTD Looks Great. Your Post-Alert Gap Doesn'tApr 13, 1:10 pm
403Scans for EncystPHP Webshell, (Mon, Apr 13th)Apr 13, 1:10 pm
404North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT MalwareApr 13, 11:10 am
405OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain IncidentApr 13, 8:10 am
406ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th)Apr 13, 2:10 am
407Critical Marimo pre-auth RCE flaw now under active exploitationApr 12, 3:10 pm
408Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621Apr 12, 6:10 am
409CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor DownloadsApr 12, 6:10 am
410Over 20,000 crypto fraud victims identified in international crackdownApr 11, 3:10 pm
411Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad DataApr 11, 8:10 am
412ChatGPT rolls out new $100 Pro subscription to challenge ClaudeApr 11, 2:10 am
413CPUID hacked to deliver malware via CPU-Z, HWMonitor downloadsApr 10, 5:10 pm
414Nearly 4,000 US industrial devices exposed to Iranian cyberattacksApr 10, 4:10 pm
415Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitorApr 10, 2:10 pm
416GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEsApr 10, 2:10 pm
417Analysis of one billion CISA KEV remediation records exposes limits of human-scale securityApr 10, 2:10 pm
418Microsoft: Canadian employees targeted in payroll pirate attacksApr 10, 12:10 pm
419Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of DisclosureApr 10, 11:10 am
420Google rolls out Gmail end-to-end encryption on mobile devicesApr 10, 11:10 am
421Browser Extensions Are the New AI Consumption Channel That No One Is Talking AboutApr 10, 11:10 am
422Google Rolls Out DBSC in Chrome 146 to Block Session Theft on WindowsApr 10, 9:10 am
423Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend ServersApr 10, 8:10 am
424Obfuscated JavaScript or Nothing, (Thu, Apr 9th)Apr 10, 7:10 am
425EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet InstallsApr 10, 6:10 am
426New VENOM phishing attacks steal senior executives' Microsoft loginsApr 9, 10:10 pm
427New ‘LucidRook’ malware used in targeted attacks on NGOs, universitiesApr 9, 10:10 pm
428EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto WalletsApr 9, 8:10 pm
429Healthcare IT solutions provider ChipSoft hit by ransomware attackApr 9, 8:10 pm
430Google Chrome adds infostealer protection against session cookie theftApr 9, 7:10 pm
431Smart Slider updates hijacked to push malicious WordPress, Joomla versionsApr 9, 5:10 pm
432UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing CampaignsApr 9, 5:10 pm
433When attackers already have the keys, MFA is just another door to openApr 9, 3:10 pm
434ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More StoriesApr 9, 2:10 pm
435Webinar: From noise to signal - What threat actors are targeting nextApr 9, 1:10 pm
436Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA RegionApr 9, 12:10 pm
437Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025Apr 9, 12:10 pm
438The Hidden Security Risks of Shadow AI in EnterprisesApr 9, 12:10 pm
439Eurail says December data breach impacts 300,000 individualsApr 9, 11:10 am
440Hackers exploiting Acrobat Reader zero-day flaw since DecemberApr 9, 10:10 am
441Hackers steal $3.6 million from crypto ATM giant Bitcoin DepotApr 9, 8:10 am
442Microsoft suspends dev accounts for high-profile open source projectsApr 9, 7:10 am
443ISC Stormcast For Thursday, April 9th, 2026 https://isc.sans.edu/podcastdetail/9886, (Thu, Apr 9th)Apr 9, 2:10 am
444Number Usage in Passwords: Take Two, (Thu, Apr 9th)Apr 9, 1:10 am
445Hackers use pixel-large SVG trick to hide credit card stealerApr 8, 11:10 pm
446Google: New UNC6783 hackers steal corporate Zendesk support ticketsApr 8, 10:10 pm
447New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS ProxyApr 8, 7:10 pm
448CISA orders feds to patch exploited Ivanti EPMM flaw by SundayApr 8, 7:10 pm
449New macOS stealer campaign uses Script Editor in ClickFix attackApr 8, 7:10 pm
450Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT DevicesApr 8, 6:10 pm
451TeamPCP Supply Chain Campaign: Update 007 - Cisco Source Code Stolen via Trivy-Linked Breach, Google GTIG Tracks TeamPCP as UNC6780, and CISA KEV Deadline Arrives with No Standalone Advisory, (Wed, Apr 8th)Apr 8, 6:10 pm
45213-year-old bug in ActiveMQ lets hackers remotely execute commandsApr 8, 6:10 pm
453APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO AlliesApr 8, 4:10 pm
454More Honeypot Fingerprinting Scans, (Wed, Apr 8th)Apr 8, 3:10 pm
455Is a $30,000 GPU Good at Password Cracking?Apr 8, 2:10 pm
456Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)Apr 8, 12:10 pm
457Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major SystemsApr 8, 10:10 am
458N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, RustApr 8, 9:10 am
459Microsoft rolls out fix for broken Windows Start Menu searchApr 8, 7:10 am
460Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCsApr 8, 6:10 am
461ISC Stormcast For Wednesday, April 8th, 2026 https://isc.sans.edu/podcastdetail/9884, (Wed, Apr 8th)Apr 8, 2:10 am
462Hackers exploit critical flaw in Ninja Forms WordPress pluginApr 7, 10:10 pm
463FBI: Americans lost a record $21 billion to cybercrime last yearApr 7, 9:10 pm
464Snowflake customers hit in data theft attacks after SaaS integrator breachApr 7, 8:10 pm
465A Little Bit Pivoting: What Web Shells are Attackers Looking for?, (Tue, Apr 7th)Apr 7, 7:10 pm
466Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking CampaignApr 7, 6:10 pm
467Russia Hacked Routers to Steal Microsoft Office TokensApr 7, 6:10 pm
468US warns of Iranian hackers targeting critical infrastructureApr 7, 6:10 pm
469Max severity Flowise RCE vulnerability now exploited in attacksApr 7, 5:10 pm
470Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host AccessApr 7, 4:10 pm
471Authorities disrupt router DNS hijacks used to steal Microsoft 365 loginsApr 7, 4:10 pm
472Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet CampaignApr 7, 2:10 pm
473Why Your Automated Pentesting Tool Just Hit a WallApr 7, 2:10 pm
474The Hidden Cost of Recurring Credential IncidentsApr 7, 1:10 pm
475[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise RiskApr 7, 1:10 pm
476New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-FlipsApr 7, 10:10 am
477China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa RansomwareApr 7, 8:10 am
478Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances ExposedApr 7, 6:10 am
479German authorities identify REvil and GandCrab ransomware bossesApr 7, 4:10 am
480ISC Stormcast For Tuesday, April 7th, 2026 https://isc.sans.edu/podcastdetail/9882, (Tue, Apr 7th)Apr 7, 2:10 am
481German authorities identify REvil and GangCrab ransomware bossesApr 7, 12:10 am
482New GPUBreach attack enables system takeover via GPU rowhammerApr 6, 10:10 pm
483Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 OrganizationsApr 6, 8:10 pm
484Microsoft fixes Classic Outlook bug causing email delivery issuesApr 6, 8:10 pm
485Disgruntled researcher leaks “BlueHammer” Windows zero-day exploitApr 6, 8:10 pm
486DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South KoreaApr 6, 6:10 pm
487Microsoft removes Support and Recovery Assistant from WindowsApr 6, 6:10 pm
488CISA orders feds to patch exploited Fortinet EMS flaw by FridayApr 6, 5:10 pm
489Drift $280M crypto theft linked to 6-month in-person operationApr 6, 5:10 pm
490Microsoft links Medusa ransomware affiliate to zero-day attacksApr 6, 5:10 pm
491CISA orders feds to patch Fortinet flaw exploited in attacks by FridayApr 6, 4:10 pm
492⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and MoreApr 6, 3:10 pm
493Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 StepsApr 6, 3:10 pm
494Why Simple Breach Monitoring is No Longer EnoughApr 6, 2:10 pm
495How LiteLLM Turned Developer Machines Into Credential Vaults for AttackersApr 6, 1:10 pm
496Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR ToolsApr 6, 11:10 am
497How often are redirects used in phishing in 2026?, (Mon, Apr 6th)Apr 6, 9:10 am
498BKA Identifies REvil Leaders Behind 130 German Ransomware AttacksApr 6, 7:10 am
499Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrabApr 6, 3:10 am
500ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)Apr 6, 2:10 am
AI Testing

Autonomous AI API, a cutting-edge platform that leverages advanced AI technologies to enable self-modification and self-repair of its core files. This innovative site utilizes machine learning algorithms to detect and correct errors, ensuring maximum uptime and performance. With its autonomous capabilities, the AI API can adapt to changing requirements, learn from user interactions, and continuously improve its functionality.