List cybersec
New Mirai campaign exploits RCE flaw in EoL D-Link routers
{ "priority": "HIGH", "cve": "CVE-2025-29635", "target": "D-Link DIR-823X routers", "threat_actor": "Mirai", "patch_ready": false, "insight": "New Mirai campaign exploits RCE flaw in EoL D..
8:10 pm, April 22, 2026 Cybersecurity
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
{ "priority": "HIGH", "cve": "N/A", "target": "Checkmarx KICS Docker Images and VS Code Extensions", "threat_actor": "Unknown threat actors", "patch_ready": false, "insight": "Malicious im..
7:10 pm, April 22, 2026 Cybersecurity
Kyber ransomware gang toys with post-quantum encryption on Windows
{ "priority": "HIGH", "cve": "N/A", "target": "Windows systems, VMware ESXi", "threat_actor": "Kyber ransomware gang", "patch_ready": false, "insight": "Kyber ransomware gang targets Windo..
7:10 pm, April 22, 2026 Cybersecurity
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
{ "priority": "CRITICAL", "cve": "N/A", "target": "npm Packages", "threat_actor": "CanisterSprawl", "patch_ready": false, "insight": "A self-propagating supply chain worm hijacks npm packa..
6:10 pm, April 22, 2026 Cybersecurity
Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
{ "priority": "HIGH", "cve": "N/A", "target": "Linux systems in South Asia", "threat_actor": "Harvester", "patch_ready": false, "insight": "Harvester deploys Linux GoGra Backdoor in South ..
4:10 pm, April 22, 2026 Cybersecurity
Spain dismantles major $4.7M manga piracy platform, arrests four
{"priority":"LOW","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"Spanish police dismantle major manga piracy platform, arrest four."}
3:10 pm, April 22, 2026 Cybersecurity
Inside Caller-as-a-Service Fraud: The Scam Economy Has a Hiring Process
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"Cybercriminals manage 'Caller-as-a-Service' operations like professional sales teams, complete with hi..
2:10 pm, April 22, 2026 Cybersecurity
Microsoft Teams to get efficiency mode on PCs with limited resources
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft Teams", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft is developing an Efficiency Mode for Microsoft Teams to ..
1:10 pm, April 22, 2026 Cybersecurity
New npm supply-chain attack self-spreads to steal auth tokens
{ "priority": "HIGH", "cve": "N/A", "target": "npm", "threat_actor": "N/A", "patch_ready": false, "insight": "New npm supply-chain attack self-spreads to steal auth tokens." }
1:10 pm, April 22, 2026 Cybersecurity
Toxic Combinations: When Cross-App Permissions Stack into Risk
{ "priority": "CRITICAL", "cve": "N/A", "target": "Moltbook", "threat_actor": "N/A", "patch_ready": false, "insight": "Researchers disclosed an open database exposing 35,000 email addresse..
12:10 pm, April 22, 2026 Cybersecurity
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
{ "priority": "HIGH", "cve": "N/A", "target": "Venezuelan Energy Systems", "threat_actor": "N/A", "patch_ready": false, "insight": "A novel data wiper, Lotus Wiper, has been used in destru..
12:10 pm, April 22, 2026 Cybersecurity
Microsoft traces Universal Print issues to Graph API code change
Microsoft says that an ongoing Universal Print sharing issue that prevents users from creating some printer shares is due to a Microsoft Graph API code change. [...]
11:10 am, April 22, 2026 Cybersecurity
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
{"priority":"CRITICAL","cve":"CVE-2026-40372","target":"ASP.NET Core","threat_actor":"N/A","patch_ready":true,"insight":"Microsoft patches critical CVE-2026-40372 ASP.NET Core privilege escalation bug..
10:10 am, April 22, 2026 Cybersecurity
New GoGra malware for Linux uses Microsoft Graph API for comms
{ "priority": "HIGH", "cve": "N/A", "target": "Linux", "threat_actor": "GoGra", "patch_ready": false, "insight": "A Linux variant of the GoGra backdoor uses Microsoft Graph API for stealth..
10:10 am, April 22, 2026 Cybersecurity
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
{"priority": "CRITICAL", "cve": "CVE-2026-5752", "target": "Cohere AI Terrarium", "threat_actor": "N/A", "patch_ready": "false", "insight": "CVE-2026-5752 sandbox escape flaw in Terrarium allows root ..
9:10 am, April 22, 2026 Cybersecurity
Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
{ "priority": "HIGH", "cve": "N/A", "target": "India Banks, South Korea Policy Circles", "threat_actor": "Mustang Panda", "patch_ready": false, "insight": "New LOTUSLITE malware variant ta..
9:10 am, April 22, 2026 Cybersecurity
Microsoft releases emergency patches for critical ASP.NET flaw
{ "priority": "CRITICAL", "cve": "N/A", "target": "ASP.NET Core", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft released emergency patches for a critical ASP.NET Core p..
9:10 am, April 22, 2026 Cybersecurity
Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks
Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being abused in ongoing attacks. [...]
7:10 am, April 22, 2026 Cybersecurity
ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, April 22, 2026 Cybersecurity
[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)
[This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor&#;39;s Degree in Applied Cybersecurity (BACS) program [1].]
12:10 am, April 22, 2026 Cybersecurity
French govt agency confirms breach as hacker offers to sell data
France Titres, the government agency in France for issuing and managince administrative documents has disclosed a data breach after a threat actor claimed the attack and stealing citizen data. [...]..
10:10 pm, April 21, 2026 Cybersecurity
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
{ "priority": "HIGH", "cve": "N/A", "target": "The Gentlemen Ransomware Operation", "threat_actor": "The Gentlemen", "patch_ready": false, "insight": "The Gentlemen ransomware operation ha..
8:10 pm, April 21, 2026 Cybersecurity
New Lotus data wiper used against Venezuelan energy, utility firms
A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezuela. [...]
7:10 pm, April 21, 2026 Cybersecurity
22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters
Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper ..
5:10 pm, April 21, 2026 Cybersecurity
22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters
{ "priority": "HIGH", "cve": "N/A", "target": "Lantronix and Silex Serial-to-IP Converters", "threat_actor": "N/A", "patch_ready": false, "insight": "22 vulnerabilities in Lantronix and Si..
4:10 pm, April 21, 2026 Cybersecurity
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "BlackCat", "patch_ready": false, "insight": "A ransomware negotiator has pleaded guilty to aiding BlackCat attacks in 2..
3:10 pm, April 21, 2026 Cybersecurity
‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "Scattered Spider", "patch_ready": false, "insight": "A senior member of the Scattered Spider cybercrime group has plead..
3:10 pm, April 21, 2026 Cybersecurity
5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time
Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption, r..
2:10 pm, April 21, 2026 Cybersecurity
UK probes Telegram, teen chat sites over CSAM sharing concerns
{"priority": "HIGH", "cve": "N/A", "target": "Telegram", "threat_actor": "N/A", "patch_ready": false, "insight": "UK regulator Ofcom investigates Telegram and teen chat sites for sharing child sexual ..
2:10 pm, April 21, 2026 Cybersecurity
Stopping Fraud at Each Stage of the Customer Journey Without Adding Friction
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses how to prevent fraud during the customer journey without..
2:10 pm, April 21, 2026 Cybersecurity
CISA flags new SD-WAN flaw as actively exploited in attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Catalyst SD-WAN Manager", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA flags new SD-WAN flaw as actively exploited in attacks..
1:10 pm, April 21, 2026 Cybersecurity
Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution
{"priority":"CRITICAL","cve":"N/A","target":"Google Antigravity IDE","threat_actor":"N/A","patch_ready":true,"insight":"Google patched a flaw in Antigravity IDE that enabled prompt injection and code ..
12:10 pm, April 21, 2026 Cybersecurity
NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs
{ "priority": "HIGH", "cve": "N/A", "target": "HandyPay", "threat_actor": "NGate", "patch_ready": false, "insight": "NGate malware targets Brazil, trojanizes HandyPay to steal NFC data and..
12:10 pm, April 21, 2026 Cybersecurity
Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
{ "priority": "HIGH", "cve": "N/A", "target": "Apache ActiveMQ", "threat_actor": "N/A", "patch_ready": false, "insight": "Over 6,400 Apache ActiveMQ servers exposed online are vulnerable t..
12:10 pm, April 21, 2026 Cybersecurity
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks
{ "priority": "MEDIUM", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The cybersecurity industry has spent the last several years chasing sophisti..
12:10 pm, April 21, 2026 Cybersecurity
Former ransomware negotiator pleads guilty to BlackCat attacks
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "BlackCat (ALPHV)", "patch_ready": false, "insight": "Former ransomware negotiator pleads guilty to BlackCat attacks on..
11:10 am, April 21, 2026 Cybersecurity
NGate Android malware uses HandyPay NFC app to steal card data
{ "priority": "HIGH", "cve": "N/A", "target": "Android users", "threat_actor": "N/A", "patch_ready": false, "insight": "A new variant of NGate malware targets Android users by hiding in a ..
9:10 am, April 21, 2026 Cybersecurity
A .WAV With A Payload, (Tue, Apr 21st)
{ "priority": "HIGH", "cve": "N/A", "target": ".WAV files", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors are using .wav files as a vector for malware." }
8:10 am, April 21, 2026 Cybersecurity
CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco C..
7:10 am, April 21, 2026 Cybersecurity
ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900, (Tue, Apr 21st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, April 21, 2026 Cybersecurity
KelpDAO suffers $290 million heist tied to Lazarus hackers
State-sponsored North Korean hackers are likely behind the $290 million crypto-heist that impacted the KelpDAO DeFi project on Saturday. [...]
11:10 pm, April 20, 2026 Cybersecurity
China's Apple App Store infiltrated by crypto-stealing wallet apps
{"priority": "HIGH", "cve": "N/A", "target": "Apple App Store", "threat_actor": "N/A", "patch_ready": false, "insight": "Malicious crypto wallet apps impersonate popular wallets on Apple's App Store t..
10:10 pm, April 20, 2026 Cybersecurity
The Gentlemen ransomware now uses SystemBC for bot-powered attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Gentlemen ransomware", "threat_actor": "Gentlemen ransomware gang", "patch_ready": false, "insight": "Gentlemen ransomware now uses SystemBC ..
8:10 pm, April 20, 2026 Cybersecurity
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
{"priority": "CRITICAL", "cve": "CVE-2026-5760", "target": "SGLang", "threat_actor": "N/A", "patch_ready": false, "insight": "CVE-2026-5760 in SGLang allows RCE via malicious GGUF model files with a C..
7:10 pm, April 20, 2026 Cybersecurity
Seiko USA website defaced as hacker claims customer data theft
{ "priority": "HIGH", "cve": "N/A", "target": "Seiko USA website", "threat_actor": "N/A", "patch_ready": false, "insight": "Seiko USA website defaced, attackers claim to have stolen custom..
7:10 pm, April 20, 2026 Cybersecurity
Microsoft: Teams increasingly abused in helpdesk impersonation attacks
Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movement on enterprise networks. [...]
4:10 pm, April 20, 2026 Cybersecurity
⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Weekly recap of various cyber attacks and emerging threats, including Vercel h..
3:10 pm, April 20, 2026 Cybersecurity
British Scattered Spider hacker pleads guilty to crypto theft charges
{"priority":"LOW","cve":"N/A","target":"N/A","threat_actor":"Scattered Spider","patch_ready":false,"insight":"British hacker pleads guilty to crypto theft charges"}
2:10 pm, April 20, 2026 Cybersecurity
The backup myth that is putting businesses at risk
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the importance of Business Continuity and Disaster Recov..
2:10 pm, April 20, 2026 Cybersecurity
Why Most AI Deployments Stall After the Demo
The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of ..
1:10 pm, April 20, 2026 Cybersecurity
AI Testing
