List cybersec
ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "This is a podcast episode from SANS Internet Storm Center, dated Thursday, Apr..
2:10 am, April 16, 2026 Cybersecurity
[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A guest diary entry by Alec Jaffe discusses compromised DVRs and finding them ..
12:10 am, April 16, 2026 Cybersecurity
Critical Nginx UI auth bypass flaw now actively exploited in the wild
A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication. [...]
11:10 pm, April 15, 2026 Cybersecurity
New AgingFly malware used in attacks on Ukraine govt, hospitals
{ "priority": "HIGH", "cve": "N/A", "target": "Ukraine govt, hospitals", "threat_actor": "N/A", "patch_ready": false, "insight": "AgingFly malware targets Ukraine govt and hospitals, steal..
10:10 pm, April 15, 2026 Cybersecurity
WordPress plugin suite hacked to push malware to thousands of sites
More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows unauthorized access to websites running them. [...]
9:10 pm, April 15, 2026 Cybersecurity
n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads o..
6:10 pm, April 15, 2026 Cybersecurity
Signed software abused to deploy antivirus-killing scripts
A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on thousands of endpoints, some in the educational, utilities, government, and h..
6:10 pm, April 15, 2026 Cybersecurity
Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest
{"priority": "INFO", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft awards $2.3 million for cloud and AI vulnerabilities found during Zero Day ..
5:10 pm, April 15, 2026 Cybersecurity
CISA flags Windows Task Host vulnerability as exploited in attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Windows Task Host", "threat_actor": "N/A", "patch_ready": false, "insight": "CISA warns of exploited Windows Task Host vulnerability allo..
3:10 pm, April 15, 2026 Cybersecurity
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulne..
2:10 pm, April 15, 2026 Cybersecurity
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
{ "priority": "CRITICAL", "cve": "CVE-2026-33032", "target": "nginx-ui", "threat_actor": "Pluto Security", "patch_ready": false, "insight": "A critical authentication bypass vulnerability ..
2:10 pm, April 15, 2026 Cybersecurity
Rolling Networks: Securing the Transportation Sector
{ "priority": "INFO", "cve": "N/A", "target": "Transportation Sector", "threat_actor": "N/A", "patch_ready": false, "insight": "The transportation sector faces emerging cyber threats due t..
2:10 pm, April 15, 2026 Cybersecurity
Deterministic + Agentic AI: The Architecture Exposure Validation Requires
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the rapid adoption of AI across industries and its impli..
1:10 pm, April 15, 2026 Cybersecurity
Microsoft: April updates trigger BitLocker key prompts on some servers
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows Server 2025", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft confirmed that April updates trigger BitLocker key..
12:10 pm, April 15, 2026 Cybersecurity
Microsoft fixes bug behind Windows Server 2025 automatic upgrades
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows Server 2019/2022", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft fixed a bug causing unexpected upgrades to Win..
11:10 am, April 15, 2026 Cybersecurity
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft SharePoint", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft patches a zero-day vulnerability in SharePoint a..
9:10 am, April 15, 2026 Cybersecurity
OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
{ "priority": "INFO", "cve": "N/A", "target": "GPT-5.4-Cyber", "threat_actor": "N/A", "patch_ready": false, "insight": "OpenAI has launched GPT-5.4-Cyber, a variant of its GPT-5.4 model op..
6:10 am, April 15, 2026 Cybersecurity
ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, April 15, 2026 Cybersecurity
Scanning for AI Models, (Tue, Apr 14th)
{ "priority": "INFO", "cve": "N/A", "target": "AI models (e.g., claude, openclaw, huggingface)", "threat_actor": "N/A", "patch_ready": false, "insight": "DShield sensors have been reportin..
1:10 am, April 15, 2026 Cybersecurity
Microsoft adds Windows protections for malicious Remote Desktop files
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft introduces new protections for Windows against phishing attack..
11:10 pm, April 14, 2026 Cybersecurity
Over 100 Chrome Web Store extensions steal user accounts, data
More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud. [...]
10:10 pm, April 14, 2026 Cybersecurity
Patch Tuesday, April 2026 Edition
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Windows, Google Chrome, Adobe Reader", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft patched 167 security v..
10:10 pm, April 14, 2026 Cybersecurity
Crypto-exchange Kraken extorted by hackers after insider breach
{"priority": "HIGH", "cve": "N/A", "target": "Kraken", "threat_actor": "N/A", "patch_ready": false, "insight": "Kraken is being extorted by hackers who threaten to release videos showing internal syst..
10:10 pm, April 14, 2026 Cybersecurity
Over 100 Chrome extensions in Web Store target users accounts and data
{ "priority": "CRITICAL", "cve": "N/A", "target": "Google Chrome", "threat_actor": "N/A", "patch_ready": false, "insight": "Over 100 malicious Chrome extensions in the Web Store are attemp..
9:10 pm, April 14, 2026 Cybersecurity
Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft's April 2026 Patch Tuesday fixes 167 flaws, including 2 zer..
6:10 pm, April 14, 2026 Cybersecurity
Microsoft Patch Tuesday April 2026., (Tue, Apr 14th)
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft released a significant number of patches on Patch Tuesday in A..
6:10 pm, April 14, 2026 Cybersecurity
Windows 11 cumulative updates KB5083769 & KB5082052 released
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft releases cumulative updates KB5083769 and KB5082052 for Wind..
6:10 pm, April 14, 2026 Cybersecurity
McGraw-Hill confirms data breach following extortion threat
Education company McGraw-Hill has confirmed in a statement to BleepingComputer that hackers exploited a Salesforce misconfiguration and accessed its internal data. [...]
6:10 pm, April 14, 2026 Cybersecurity
Microsoft releases Windows 10 KB5082200 extended security update
{ "priority": "CRITICAL", "cve": "N/A", "target": "Windows 10", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft released Windows 10 KB5082200 extended security update to ..
6:10 pm, April 14, 2026 Cybersecurity
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
{ "priority": "HIGH", "cve": "CVE-2026-40176", "target": "PHP Composer", "threat_actor": "N/A", "patch_ready": true, "insight": "Two high-severity security vulnerabilities in Composer, a P..
5:10 pm, April 14, 2026 Cybersecurity
Fake Ledger Live app on Apple’s App Store stole $9.5M in crypto
A malicious Ledger Live app for macOS available from Apple's App Store has drained approximately $9.5 million in cryptocurrency from 50 victims in just a few days this month. [...]
5:10 pm, April 14, 2026 Cybersecurity
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
{ "priority": "HIGH", "cve": "N/A", "target": "Google Discover", "threat_actor": "N/A", "patch_ready": false, "insight": "Researchers uncover AI-driven ad fraud scheme using SEO and AI-gen..
4:10 pm, April 14, 2026 Cybersecurity
Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft Windows Hardware Program", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft introduces a fast-track process for d..
4:10 pm, April 14, 2026 Cybersecurity
5 Ways Zero Trust Maximizes Identity Security
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses how Zero Trust security model maximizes identity securit..
3:10 pm, April 14, 2026 Cybersecurity
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
{"priority":"MEDIUM","cve":"N/A","target":"Pixel 10 Modem","threat_actor":"N/A","patch_ready":true,"insight":"Google integrates Rust-based DNS parser into Pixel 10 modem firmware to enhance security a..
2:10 pm, April 14, 2026 Cybersecurity
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
{"priority": "HIGH", "cve": "N/A", "target": "Android", "threat_actor": "Mirax", "patch_ready": false, "insight": "Mirax Android RAT compromises devices, turning them into SOCKS5 proxies, and reached ..
12:10 pm, April 14, 2026 Cybersecurity
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Analysis of 216M security findings shows a 4x increase in critical risk, with ..
10:10 am, April 14, 2026 Cybersecurity
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
{"priority":"HIGH","cve":"N/A","target":"Google Chrome","threat_actor":"N/A","patch_ready":false,"insight":"Malicious Chrome extensions steal Google and Telegram data affecting 20,000 users"}
9:10 am, April 14, 2026 Cybersecurity
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitat..
7:10 am, April 14, 2026 Cybersecurity
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question ..
7:10 am, April 14, 2026 Cybersecurity
ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast for April 14th, 2026, providing security news and update..
2:10 am, April 14, 2026 Cybersecurity
European Gym giant Basic-Fit data breach affects 1 million members
{ "priority": "HIGH", "cve": "N/A", "target": "Basic-Fit", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers breached Basic-Fit's systems, compromising data of 1 million mem..
10:10 pm, April 13, 2026 Cybersecurity
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
{"priority": "HIGH", "cve": "N/A", "target": "Latin American Banks", "threat_actor": "N/A", "patch_ready": false, "insight": "JanelaRAT malware targets Latin American banks with 14,739 attacks in Braz..
8:10 pm, April 13, 2026 Cybersecurity
Critical flaw in wolfSSL library enables forged certificate use
{ "priority": "CRITICAL", "cve": "N/A", "target": "wolfSSL library", "threat_actor": "N/A", "patch_ready": true, "insight": "A critical vulnerability in wolfSSL allows forged certificate u..
8:10 pm, April 13, 2026 Cybersecurity
Stolen Rockstar Games analytics data leaked by extortion gang
{ "priority": "HIGH", "cve": "N/A", "target": "Rockstar Games", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "Rockstar Games analytics data leaked by ShinyHunters extor..
8:10 pm, April 13, 2026 Cybersecurity
FBI takedown of W3LL phishing service leads to developer arrest
{ "priority": "LOW", "cve": "N/A", "target": "W3LL phishing service", "threat_actor": "N/A", "patch_ready": false, "insight": "FBI and Indonesian authorities dismantled the W3LL global phi..
7:10 pm, April 13, 2026 Cybersecurity
New Booking.com data breach forces reservation PIN resets
{ "priority": "HIGH", "cve": "N/A", "target": "Booking.com", "threat_actor": "N/A", "patch_ready": false, "insight": "Booking.com detected unauthorized access to its systems, exposing sens..
6:10 pm, April 13, 2026 Cybersecurity
OpenAI rotates macOS certs after Axios attack hit code-signing workflow
{ "priority": "HIGH", "cve": "N/A", "target": "OpenAI", "threat_actor": "N/A", "patch_ready": false, "insight": "OpenAI rotated macOS code-signing certificates after a supply chain attack ..
6:10 pm, April 13, 2026 Cybersecurity
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
``` { "priority": "HIGH", "cve": "N/A", "target": "W3LL Phishing Toolkit", "threat_actor": "W3LL", "patch_ready": false, "insight": "FBI and Indonesian Police dismantled W3LL phishing netw..
4:10 pm, April 13, 2026 Cybersecurity
Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
{ "priority": "CRITICAL", "cve": "CVE-2026-34621", "target": "Adobe Acrobat Reader", "threat_actor": "N/A", "patch_ready": true, "insight": "Adobe releases emergency fix for zero-day flaw ..
4:10 pm, April 13, 2026 Cybersecurity
AI Testing
