List cybersec
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitat..
7:10 am, April 14, 2026 Cybersecurity
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question ..
7:10 am, April 14, 2026 Cybersecurity
ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast for April 14th, 2026, providing security news and update..
2:10 am, April 14, 2026 Cybersecurity
European Gym giant Basic-Fit data breach affects 1 million members
{ "priority": "HIGH", "cve": "N/A", "target": "Basic-Fit", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers breached Basic-Fit's systems, compromising data of 1 million mem..
10:10 pm, April 13, 2026 Cybersecurity
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
{"priority": "HIGH", "cve": "N/A", "target": "Latin American Banks", "threat_actor": "N/A", "patch_ready": false, "insight": "JanelaRAT malware targets Latin American banks with 14,739 attacks in Braz..
8:10 pm, April 13, 2026 Cybersecurity
Critical flaw in wolfSSL library enables forged certificate use
{ "priority": "CRITICAL", "cve": "N/A", "target": "wolfSSL library", "threat_actor": "N/A", "patch_ready": true, "insight": "A critical vulnerability in wolfSSL allows forged certificate u..
8:10 pm, April 13, 2026 Cybersecurity
Stolen Rockstar Games analytics data leaked by extortion gang
{ "priority": "HIGH", "cve": "N/A", "target": "Rockstar Games", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "Rockstar Games analytics data leaked by ShinyHunters extor..
8:10 pm, April 13, 2026 Cybersecurity
FBI takedown of W3LL phishing service leads to developer arrest
{ "priority": "LOW", "cve": "N/A", "target": "W3LL phishing service", "threat_actor": "N/A", "patch_ready": false, "insight": "FBI and Indonesian authorities dismantled the W3LL global phi..
7:10 pm, April 13, 2026 Cybersecurity
New Booking.com data breach forces reservation PIN resets
{ "priority": "HIGH", "cve": "N/A", "target": "Booking.com", "threat_actor": "N/A", "patch_ready": false, "insight": "Booking.com detected unauthorized access to its systems, exposing sens..
6:10 pm, April 13, 2026 Cybersecurity
OpenAI rotates macOS certs after Axios attack hit code-signing workflow
{ "priority": "HIGH", "cve": "N/A", "target": "OpenAI", "threat_actor": "N/A", "patch_ready": false, "insight": "OpenAI rotated macOS code-signing certificates after a supply chain attack ..
6:10 pm, April 13, 2026 Cybersecurity
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
``` { "priority": "HIGH", "cve": "N/A", "target": "W3LL Phishing Toolkit", "threat_actor": "W3LL", "patch_ready": false, "insight": "FBI and Indonesian Police dismantled W3LL phishing netw..
4:10 pm, April 13, 2026 Cybersecurity
Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
{ "priority": "CRITICAL", "cve": "CVE-2026-34621", "target": "Adobe Acrobat Reader", "threat_actor": "N/A", "patch_ready": true, "insight": "Adobe releases emergency fix for zero-day flaw ..
4:10 pm, April 13, 2026 Cybersecurity
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
{"priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Weekly recap of various cybersecurity topics including fiber optic spying, Windows rootkit,..
2:10 pm, April 13, 2026 Cybersecurity
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
{ "priority": "HIGH", "cve": "N/A", "target": "Browser Sessions", "threat_actor": "Storm", "patch_ready": false, "insight": "New 'Storm' infostealer enables session hijacking by decrypting..
2:10 pm, April 13, 2026 Cybersecurity
Your MTTD Looks Great. Your Post-Alert Gap Doesn't
{ "priority": "CRITICAL", "cve": "N/A", "target": "Major operating systems and browsers", "threat_actor": "Anthropic", "patch_ready": false, "insight": "Anthropic's Mythos Preview model au..
1:10 pm, April 13, 2026 Cybersecurity
Scans for EncystPHP Webshell, (Mon, Apr 13th)
{ "priority": "INFO", "cve": "N/A", "target": "EncystPHP Webshell", "threat_actor": "N/A", "patch_ready": false, "insight": "Attackers are scanning for EncystPHP webshell, a favorite among..
1:10 pm, April 13, 2026 Cybersecurity
North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
{ "priority": "HIGH", "cve": "N/A", "target": "Facebook users", "threat_actor": "APT37 (ScarCruft)", "patch_ready": false, "insight": "APT37 uses Facebook social engineering to deliver Rok..
11:10 am, April 13, 2026 Cybersecurity
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
{ "priority": "HIGH", "cve": "N/A", "target": "OpenAI macOS App", "threat_actor": "N/A", "patch_ready": true, "insight": "OpenAI revoked a macOS app certificate due to a malicious Axios su..
8:10 am, April 13, 2026 Cybersecurity
ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, April 13, 2026 Cybersecurity
Critical Marimo pre-auth RCE flaw now under active exploitation
{ "priority": "CRITICAL", "cve": "N/A", "target": "Marimo", "threat_actor": "N/A", "patch_ready": false, "insight": "A critical pre-authentication remote code execution (RCE) vulnerability..
3:10 pm, April 12, 2026 Cybersecurity
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
{"priority": "CRITICAL", "cve": "CVE-2026-34621", "target": "Adobe Acrobat Reader", "threat_actor": "N/A", "patch_ready": true, "insight": "Adobe patches actively exploited Acrobat Reader flaw CVE-202..
6:10 am, April 12, 2026 Cybersecurity
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
{ "priority": "HIGH", "cve": "N/A", "target": "CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor", "threat_actor": "Unknown threat actors", "patch_ready": false, "insight": "CPUID website b..
6:10 am, April 12, 2026 Cybersecurity
Over 20,000 crypto fraud victims identified in international crackdown
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "An international law enforcement action identified over 20,000 victims of cryp..
3:10 pm, April 11, 2026 Cybersecurity
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
{ "priority": "INFO", "cve": "N/A", "target": "Webloc", "threat_actor": "Law Enforcement", "patch_ready": false, "insight": "Law enforcement used Webloc, an ad-based geolocation tool by Co..
8:10 am, April 11, 2026 Cybersecurity
ChatGPT rolls out new $100 Pro subscription to challenge Claude
{ "priority": "INFO", "cve": "N/A", "target": "ChatGPT", "threat_actor": "N/A", "patch_ready": false, "insight": "OpenAI introduces a $100 Pro subscription for ChatGPT, competing with Clau..
2:10 am, April 11, 2026 Cybersecurity
CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads
{ "priority": "HIGH", "cve": "N/A", "target": "CPU-Z and HWMonitor", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers hacked CPUID's API to serve malware via CPU-Z and HWMo..
5:10 pm, April 10, 2026 Cybersecurity
Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
{ "priority": "HIGH", "cve": "N/A", "target": "Rockwell Automation PLCs", "threat_actor": "Iranian-linked hackers", "patch_ready": false, "insight": "Thousands of US industrial devices are..
4:10 pm, April 10, 2026 Cybersecurity
Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitor
{ "priority": "HIGH", "cve": "N/A", "target": "CPU-Z/HWMonitor", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers used a compromised API to serve malware through CPU-Z and ..
2:10 pm, April 10, 2026 Cybersecurity
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
{ "priority": "HIGH", "cve": "N/A", "target": "Multiple Developer IDEs", "threat_actor": "GlassWorm", "patch_ready": false, "insight": "GlassWorm campaign uses Zig dropper to infect multip..
2:10 pm, April 10, 2026 Cybersecurity
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Analysis of 1 billion CISA KEV remediation records reveals limitations in huma..
2:10 pm, April 10, 2026 Cybersecurity
Microsoft: Canadian employees targeted in payroll pirate attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft", "threat_actor": "Storm-2755", "patch_ready": false, "insight": "A financially motivated threat actor is stealing Canadian employe..
12:10 pm, April 10, 2026 Cybersecurity
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
{ "priority": "CRITICAL", "cve": "CVE-2026-39987", "target": "Marimo", "threat_actor": "N/A", "patch_ready": false, "insight": "A pre-authenticated remote code execution vulnerability in M..
11:10 am, April 10, 2026 Cybersecurity
Google rolls out Gmail end-to-end encryption on mobile devices
{ "priority": "INFO", "cve": "N/A", "target": "Gmail", "threat_actor": "N/A", "patch_ready": false, "insight": "Google has made end-to-end encryption available for Gmail on all Android and..
11:10 am, April 10, 2026 Cybersecurity
Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
{"priority":"INFO","cve":"N/A","target":"AI browser extensions","threat_actor":"N/A","patch_ready":false,"insight":"A new report highlights the potential dangers of AI browser extensions as a largely ..
11:10 am, April 10, 2026 Cybersecurity
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
{"priority":"MEDIUM","cve":"N/A","target":"Google Chrome","threat_actor":"N/A","patch_ready":true,"insight":"Google has released Device Bound Session Credentials (DBSC) in Chrome 146 to prevent sessio..
9:10 am, April 10, 2026 Cybersecurity
Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers
{ "priority": "CRITICAL", "cve": "N/A", "target": "Smart Slider 3 Pro", "threat_actor": "Unknown threat actors", "patch_ready": false, "insight": "Backdoored Smart Slider 3 Pro update dist..
8:10 am, April 10, 2026 Cybersecurity
Obfuscated JavaScript or Nothing, (Thu, Apr 9th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A JavaScript file, cbmjlzan.JS, was found in a phishing email and identified a..
7:10 am, April 10, 2026 Cybersecurity
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
{ "priority": "HIGH", "cve": "N/A", "target": "EngageLab SDK", "threat_actor": "N/A", "patch_ready": true, "insight": "A security vulnerability in EngageLab SDK exposed 50M Android users, ..
6:10 am, April 10, 2026 Cybersecurity
New VENOM phishing attacks steal senior executives' Microsoft logins
Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials of C-suite executives across multiple industries. [...]
10:10 pm, April 9, 2026 Cybersecurity
New ‘LucidRook’ malware used in targeted attacks on NGOs, universities
{ "priority": "MEDIUM", "cve": "N/A", "target": "LucidRook malware", "threat_actor": "N/A", "patch_ready": false, "insight": "A new Lua-based malware called LucidRook is targeting NGOs and..
10:10 pm, April 9, 2026 Cybersecurity
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets
Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurren..
8:10 pm, April 9, 2026 Cybersecurity
Healthcare IT solutions provider ChipSoft hit by ransomware attack
{ "priority": "HIGH", "cve": "N/A", "target": "ChipSoft", "threat_actor": "N/A", "patch_ready": false, "insight": "Dutch healthcare software vendor ChipSoft was hit by a ransomware attack,..
8:10 pm, April 9, 2026 Cybersecurity
Google Chrome adds infostealer protection against session cookie theft
{ "priority": "MEDIUM", "cve": "N/A", "target": "Google Chrome", "threat_actor": "N/A", "patch_ready": true, "insight": "Google Chrome adds infostealer protection against session cookie th..
7:10 pm, April 9, 2026 Cybersecurity
Smart Slider updates hijacked to push malicious WordPress, Joomla versions
Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version with multiple backdoors. [...]
5:10 pm, April 9, 2026 Cybersecurity
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
{ "priority": "HIGH", "cve": "N/A", "target": "Taiwanese NGOs", "threat_actor": "UAT-10362", "patch_ready": false, "insight": "UAT-10362 uses LucidRook Malware in spear-phishing campaigns ..
5:10 pm, April 9, 2026 Cybersecurity
When attackers already have the keys, MFA is just another door to open
{"priority":"MEDIUM","cve":"N/A","target":"MFA systems","threat_actor":"N/A","patch_ready":false,"insight":"Stolen credentials can bypass MFA, but wearable biometric authentication can verify users an..
3:10 pm, April 9, 2026 Cybersecurity
ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The ThreatsDay Bulletin covers various cybersecurity stories, including a hybr..
2:10 pm, April 9, 2026 Cybersecurity
Webinar: From noise to signal - What threat actors are targeting next
Threat actors often signal their intentions before launching attacks, from dark web chatter to access-broker listings and credential requests. Join our upcoming webinar with Flare Systems to learn how..
1:10 pm, April 9, 2026 Cybersecurity
Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region
{ "priority": "HIGH", "cve": "N/A", "target": "Journalists, Activists, Government Officials", "threat_actor": "Bitter, suspected ties to Indian government", "patch_ready": false, "insight"..
12:10 pm, April 9, 2026 Cybersecurity
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
{ "priority": "CRITICAL", "cve": "N/A", "target": "Adobe Reader", "threat_actor": "N/A", "patch_ready": false, "insight": "A zero-day vulnerability in Adobe Reader has been exploited via m..
12:10 pm, April 9, 2026 Cybersecurity
AI Testing
