List cybersec
Microsoft tests Windows Explorer speed, performance improvements
{ "priority": "INFO", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft is testing speed and performance improvements for Windows Fil..
1:10 pm, April 20, 2026 Cybersecurity
Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
{ "priority": "CRITICAL", "cve": "N/A", "target": "Anthropic MCP", "threat_actor": "N/A", "patch_ready": false, "insight": "Critical design vulnerability in Anthropic MCP enables remote co..
11:10 am, April 20, 2026 Cybersecurity
Microsoft pulls service update causing Teams launch failures
{ "priority": "MEDIUM", "cve": "N/A", "target": "Microsoft Teams", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft reverted a service update that was causing launch failu..
10:10 am, April 20, 2026 Cybersecurity
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
{ "priority": "HIGH", "cve": "N/A", "target": "Israeli water treatment and desalination systems", "threat_actor": "Darktrace", "patch_ready": false, "insight": "New malware called ZionSiph..
9:10 am, April 20, 2026 Cybersecurity
Microsoft releases emergency updates to fix Windows Server issues
{"priority": "MEDIUM", "cve": "N/A", "target": "Windows Server", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft releases emergency updates to fix Windows Server issues caused by Apr..
9:10 am, April 20, 2026 Cybersecurity
Handling the CVE Flood With EPSS, (Mon, Apr 20th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the challenge of handling the daily flood of new CVE ent..
7:10 am, April 20, 2026 Cybersecurity
Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
{ "priority": "HIGH", "cve": "N/A", "target": "Vercel", "threat_actor": "N/A", "patch_ready": false, "insight": "Vercel disclosed a security breach due to Context AI hack, exposing limited..
5:10 am, April 20, 2026 Cybersecurity
ISC Stormcast For Monday, April 20th, 2026 https://isc.sans.edu/podcastdetail/9898, (Mon, Apr 20th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "SANS Internet Storm Center podcast for April 20th, 2026." }
2:10 am, April 20, 2026 Cybersecurity
Vercel confirms breach as hackers claim to be selling stolen data
{ "priority": "HIGH", "cve": "N/A", "target": "Vercel", "threat_actor": "N/A", "patch_ready": false, "insight": "Vercel disclosed a security breach after hackers claimed to have stolen and..
6:10 pm, April 19, 2026 Cybersecurity
Apple account change alerts abused to send phishing emails
{ "priority": "HIGH", "cve": "N/A", "target": "Apple", "threat_actor": "N/A", "patch_ready": false, "insight": "Attackers are abusing Apple's account change notifications to send phishing ..
4:10 pm, April 19, 2026 Cybersecurity
NIST to stop rating non-priority flaws due to volume increase
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "NIST will cease rating non-priority vulnerabilities due to increased submissio..
3:10 pm, April 19, 2026 Cybersecurity
Critical flaw in Protobuf library enables JavaScript code execution
Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. [...]
4:10 pm, April 18, 2026 Cybersecurity
Microsoft Teams right-click paste broken by Edge update bug
{"priority":"MEDIUM","cve":"N/A","target":"Microsoft Teams","threat_actor":"N/A","patch_ready":false,"insight":"Microsoft Edge update breaks right-click paste in Microsoft Teams desktop client"}
3:10 pm, April 18, 2026 Cybersecurity
NAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 Support
{"priority":"INFO","cve":"N/A","target":"NAKIVO Backup & Replication v11.2","threat_actor":"N/A","patch_ready":false,"insight":"NAKIVO Inc. announced the general availability of NAKIVO Backup & Replic..
2:10 pm, April 18, 2026 Cybersecurity
$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
{ "priority": "HIGH", "cve": "N/A", "target": "Grinex Exchange", "threat_actor": "Western intelligence agencies", "patch_ready": false, "insight": "A $13.74M hack on Grinex Exchange attrib..
9:10 am, April 18, 2026 Cybersecurity
[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The webinar discusses the risks associated with unmanaged non-human identities..
9:10 am, April 18, 2026 Cybersecurity
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
``` { "priority": "HIGH", "cve": "CVE-2024-3721", "target": "TBK DVR", "threat_actor": "Mirai Variant Nexcorium", "patch_ready": false, "insight": "Mirai Variant Nexcorium exploits CVE-202..
7:10 am, April 18, 2026 Cybersecurity
Payouts King ransomware uses QEMU VMs to bypass endpoint security
{ "priority": "HIGH", "cve": "N/A", "target": "Endpoint security systems", "threat_actor": "Payouts King", "patch_ready": false, "insight": "Payouts King ransomware uses QEMU VMs to bypass..
8:10 pm, April 17, 2026 Cybersecurity
Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses how threat actors verify trust in underground credit car..
3:10 pm, April 17, 2026 Cybersecurity
Grinex exchange blames "Western intelligence" for $13.7M crypto hack
{"priority": "HIGH", "cve": "N/A", "target": "Grinex exchange", "threat_actor": "Western intelligence agencies", "patch_ready": false, "insight": "Grinex exchange suffered a $13.7M crypto hack attribu..
3:10 pm, April 17, 2026 Cybersecurity
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the explo..
2:10 pm, April 17, 2026 Cybersecurity
Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery
{ "priority": "INFO", "cve": "N/A", "target": "MSPs (Managed Service Providers)", "threat_actor": "N/A", "patch_ready": false, "insight": "The webinar highlights the evolving threat of cyb..
1:10 pm, April 17, 2026 Cybersecurity
Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
{ "priority": "INFO", "cve": "N/A", "target": "Google", "threat_actor": "N/A", "patch_ready": false, "insight": "Google blocked 8.3B policy-violating ads in 2025 and launched Android 17 pr..
12:10 pm, April 17, 2026 Cybersecurity
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Apache ActiveMQ", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA warns of active exploitation of a high-severity Apache ActiveM..
10:10 am, April 17, 2026 Cybersecurity
Man gets 30 months for selling thousands of hacked DraftKings accounts
{ "priority": "LOW", "cve": "N/A", "target": "DraftKings", "threat_actor": "N/A", "patch_ready": false, "insight": "A 23-year-old was sentenced to 30 months in prison for selling access to..
8:10 am, April 17, 2026 Cybersecurity
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
{"priority":"INFO","cve":"N/A","target":"NIST NVD","threat_actor":"N/A","patch_ready":false,"insight":"NIST limits CVE enrichment due to 263% surge in vulnerability submissions."}
8:10 am, April 17, 2026 Cybersecurity
Microsoft: Some Windows servers enter reboot loops after April patches
{ "priority": "HIGH", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft warns that some Windows domain controllers are entering restart ..
8:10 am, April 17, 2026 Cybersecurity
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
{ "priority": "HIGH", "cve": "N/A", "target": "DDoS-for-hire services", "threat_actor": "N/A", "patch_ready": false, "insight": "Operation PowerOFF disrupts 53 DDoS domains, exposing 3 mil..
7:10 am, April 17, 2026 Cybersecurity
Recently leaked Windows zero-days now exploited in attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors are exploiting recently disclosed Windows zero-days to g..
7:10 am, April 17, 2026 Cybersecurity
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
{"priority":"CRITICAL","cve":"CVE-2026-34197","target":"Apache ActiveMQ Classic","threat_actor":"N/A","patch_ready":false,"insight":"Apache ActiveMQ CVE-2026-34197 is under active exploitation and has..
4:10 am, April 17, 2026 Cybersecurity
ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, April 17, 2026 Cybersecurity
Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Introduction to a Lumma Stealer infection with Sectop RAT (ArechClient2) on Ap..
1:10 am, April 17, 2026 Cybersecurity
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains
The latest wave of "Operation PowerOFF," on April 13, 2026, targeted the distributed denial-of-service (DDoS) ecosystem and its users across 21 countries. [...]
11:10 pm, April 16, 2026 Cybersecurity
ZionSiphon malware designed to sabotage water treatment systems
{ "priority": "CRITICAL", "cve": "N/A", "target": "Water treatment and desalination systems", "threat_actor": "N/A", "patch_ready": false, "insight": "New malware ZionSiphon targets water ..
10:10 pm, April 16, 2026 Cybersecurity
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Defender", "threat_actor": "Chaotic Eclipse", "patch_ready": false, "insight": "A proof-of-concept exploit for a Microsoft Defe..
9:10 pm, April 16, 2026 Cybersecurity
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
{ "priority": "HIGH", "cve": "N/A", "target": "Czech Republic workforce", "threat_actor": "PowMix", "patch_ready": false, "insight": "Newly discovered PowMix botnet targets Czech workers w..
7:10 pm, April 16, 2026 Cybersecurity
Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. [...]
5:10 pm, April 16, 2026 Cybersecurity
Google expands Gemini AI use to fight malicious ads on its platform
{ "priority": "MEDIUM", "cve": "N/A", "target": "Google", "threat_actor": "N/A", "patch_ready": false, "insight": "Google utilizes Gemini AI to enhance detection and blocking of malicious ..
4:10 pm, April 16, 2026 Cybersecurity
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
{"priority": "HIGH", "cve": "N/A", "target": "Multiple", "threat_actor": "N/A", "patch_ready": false, "insight": "Multiple threats disclosed, including a Defender 0-Day, SonicWall brute-force attacks,..
2:10 pm, April 16, 2026 Cybersecurity
Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
AI-powered SOC tools promise automation, but most only speed up triage instead of reducing real workload. Tines shows how real gains come from end-to-end workflows that execute actions across systems,..
2:10 pm, April 16, 2026 Cybersecurity
New ATHR vishing platform uses AI voice agents for automated attacks
A new cybercrime platform called ATHR can harvest credentials via fully automated voice phishing attacks that use both human operators and AI agents for the social engineering phase. [...]
2:10 pm, April 16, 2026 Cybersecurity
[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment
In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every ..
1:10 pm, April 16, 2026 Cybersecurity
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
{ "priority": "HIGH", "cve": "N/A", "target": "Taboola, Temu", "threat_actor": "N/A", "patch_ready": false, "insight": "Taboola routed logged-in banking sessions to Temu without bank knowl..
12:10 pm, April 16, 2026 Cybersecurity
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote a..
12:10 pm, April 16, 2026 Cybersecurity
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
{ "priority": "CRITICAL", "cve": "CVE-2026-20184", "target": "Cisco Identity Services, Webex Services", "threat_actor": "N/A", "patch_ready": true, "insight": "Cisco patches critical flaws..
12:10 pm, April 16, 2026 Cybersecurity
Cisco says critical Webex Services flaw requires customer action
{"priority":"CRITICAL","cve":"N/A","target":"Cisco Webex Services","threat_actor":"N/A","patch_ready":true,"insight":"Cisco patches critical improper certificate validation flaw in Webex Services requ..
12:10 pm, April 16, 2026 Cybersecurity
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company's Salesforce environment earlier this month. [...]
11:10 am, April 16, 2026 Cybersecurity
US nationals behind DPRK IT worker 'laptop farm' sent to prison
Two U.S. nationals have been sent to prison for helping North Korean remote information technology (IT) workers to pose as U.S. residents and get hired by over 100 companies across the country, includ..
9:10 am, April 16, 2026 Cybersecurity
Microsoft: April Windows Server 2025 update may fail to install
{"priority":"MEDIUM","cve":"N/A","target":"Windows Server 2025","threat_actor":"N/A","patch_ready":false,"insight":"Microsoft is investigating an installation issue with the April KB5082063 security u..
8:10 am, April 16, 2026 Cybersecurity
UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency..
7:10 am, April 16, 2026 Cybersecurity
AI Testing
