List cybersec
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into the..
2:10 pm, April 30, 2026 Cybersecurity
What Happens in the First 24 Hours After a New Asset Goes Live
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Attackers typically start scanning new assets within minutes of going live and..
2:10 pm, April 30, 2026 Cybersecurity
Anti-DDoS Firm Heaped Attacks on Brazilian ISPs
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks ..
2:10 pm, April 30, 2026 Cybersecurity
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
{"priority":"HIGH","cve":"N/A","target":"GitHub","threat_actor":"EtherRAT","patch_ready":false,"insight":"A sophisticated malicious campaign impersonates administrative utilities on GitHub to target h..
1:10 pm, April 30, 2026 Cybersecurity
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of ..
1:10 pm, April 30, 2026 Cybersecurity
Police dismantles 9 crypto scam centers, arrests 276 suspects
A joint international operation involving U.S. and Chinese authorities arrested at least 276 suspects and shut down nine cryptocurrency investment fraud centers. [...]
12:10 pm, April 30, 2026 Cybersecurity
Critical cPanel and WHM bug exploited as a zero-day, PoC now available
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. [...]
12:10 pm, April 30, 2026 Cybersecurity
New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
{"priority":"HIGH","cve":"CVE-2026-31431","target":"Linux","threat_actor":"N/A","patch_ready":false,"insight":"A high-severity Linux local privilege escalation flaw allows unprivileged users to obtain..
10:10 am, April 30, 2026 Cybersecurity
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
{ "priority": "CRITICAL", "cve": "N/A", "target": "Gemini CLI", "threat_actor": "N/A", "patch_ready": true, "insight": "Google fixed a CVSS 10 RCE flaw in Gemini CLI that allowed attackers..
7:10 am, April 30, 2026 Cybersecurity
ISC Stormcast For Thursday, April 30th, 2026 https://isc.sans.edu/podcastdetail/9912, (Thu, Apr 30th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, April 30, 2026 Cybersecurity
Danger of Libredtail [Guest Diary], (Wed, Apr 29th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A guest diary by James Roberts, an ISC intern as part of the SANS.edu BACS pro..
12:10 am, April 30, 2026 Cybersecurity
Popular WordPress redirect plugin hid dormant backdoor for years
{ "priority": "CRITICAL", "cve": "N/A", "target": "Quick Page/Post Redirect plugin for WordPress", "threat_actor": "N/A", "patch_ready": false, "insight": "The Quick Page/Post Redirect plu..
11:10 pm, April 29, 2026 Cybersecurity
Official SAP npm packages compromised to steal credentials
{ "priority": "CRITICAL", "cve": "N/A", "target": "SAP npm packages", "threat_actor": "TeamPCP", "patch_ready": false, "insight": "Official SAP npm packages compromised in a supply-chain a..
11:10 pm, April 29, 2026 Cybersecurity
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on developers' servers. [...]
9:10 pm, April 29, 2026 Cybersecurity
Hackers arrested for hijacking and selling 610,000 Roblox accounts
{ "priority": "LOW", "cve": "N/A", "target": "Roblox", "threat_actor": "Ukrainian hackers (arrested)", "patch_ready": false, "insight": "Ukrainian police arrested three hackers who hijacke..
7:10 pm, April 29, 2026 Cybersecurity
SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
{ "priority": "HIGH", "cve": "N/A", "target": "SAP", "threat_actor": "mini Shai-Hulud", "patch_ready": false, "insight": "SAP-related npm packages compromised in credential-stealing supply..
6:10 pm, April 29, 2026 Cybersecurity
SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware
{ "priority": "HIGH", "cve": "N/A", "target": "SAP npm Packages", "threat_actor": "Mini Shai-Hulud", "patch_ready": false, "insight": "SAP npm packages compromised by Mini Shai-Hulud crede..
5:10 pm, April 29, 2026 Cybersecurity
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
{ "priority": "HIGH", "cve": "N/A", "target": "npm package @validate-sdk/v2", "threat_actor": "DPRK", "patch_ready": false, "insight": "Researchers discovered malicious code in the @valida..
4:10 pm, April 29, 2026 Cybersecurity
cPanel, WHM emergency update fixes critical auth bypass bug
{ "priority": "CRITICAL", "cve": "N/A", "target": "cPanel and WHM", "threat_actor": "N/A", "patch_ready": true, "insight": "A critical authentication bypass vulnerability in cPanel and WHM..
4:10 pm, April 29, 2026 Cybersecurity
European police dismantles €50 million crypto investment fraud ring
Austrian and Albanian authorities dismantled a criminal ring accused of running a large-scale cryptocurrency investment fraud operation that caused estimated losses of over €50 million ($58.5 millio..
3:10 pm, April 29, 2026 Cybersecurity
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
{ "priority": "HIGH", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Researchers uncover threat actors using custom AI setups to automate attacks d..
2:10 pm, April 29, 2026 Cybersecurity
Learning from the Vercel breach: Shadow AI & OAuth sprawl
{ "priority": "INFO", "cve": "N/A", "target": "Vercel", "threat_actor": "N/A", "patch_ready": false, "insight": "The Vercel breach highlights the risks of compromised OAuth apps and their ..
2:10 pm, April 29, 2026 Cybersecurity
Today's Odd Web Requests, (Wed, Apr 29th)
Today, two different "new" requests hit our honeypots. Both appear to be recon requests and not associated with specific vulnerabilities. But as always, please let me know if you have additional infor..
2:10 pm, April 29, 2026 Cybersecurity
GitHub fixes RCE flaw that gave access to millions of private repos
{ "priority": "CRITICAL", "cve": "CVE-2026-3854", "target": "GitHub", "threat_actor": "N/A", "patch_ready": true, "insight": "GitHub patched a critical RCE vulnerability allowing access to..
1:10 pm, April 29, 2026 Cybersecurity
What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"The article discusses the limitations of traditional vulnerability management metrics and the need for..
12:10 pm, April 29, 2026 Cybersecurity
Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately
{"priority": "CRITICAL", "cve": "N/A", "target": "cPanel", "threat_actor": "N/A", "patch_ready": true, "insight": "cPanel released security updates to address a critical authentication vulnerability t..
11:10 am, April 29, 2026 Cybersecurity
CISA orders feds to patch Windows flaw exploited as zero-day
{ "priority": "CRITICAL", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA orders federal agencies to patch a Windows flaw exploited in zero-..
11:10 am, April 29, 2026 Cybersecurity
Microsoft says backend change broke Teams Free chat and calls
Microsoft is working to resolve a known issue that prevents some Microsoft Teams Free users from chatting and calling others. [...]
9:10 am, April 29, 2026 Cybersecurity
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
{"priority": "CRITICAL", "cve": "CVE-2024-1708", "target": "ConnectWise ScreenConnect", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA adds actively exploited ConnectWise ScreenConnect v..
9:10 am, April 29, 2026 Cybersecurity
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
{ "priority": "CRITICAL", "cve": "CVE-2026-42208", "target": "LiteLLM", "threat_actor": "N/A", "patch_ready": false, "insight": "LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Ho..
6:10 am, April 29, 2026 Cybersecurity
ISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910, (Wed, Apr 29th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast details for April 29th, 2026." }
2:10 am, April 29, 2026 Cybersecurity
Broken VECT 2.0 ransomware acts as a data wiper for large files
{ "priority": "HIGH", "cve": "N/A", "target": "VECT 2.0 ransomware", "threat_actor": "N/A", "patch_ready": false, "insight": "VECT 2.0 ransomware has a flaw in handling encryption nonces, ..
10:10 pm, April 28, 2026 Cybersecurity
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
{ "priority": "CRITICAL", "cve": "CVE-2026-42208", "target": "LiteLLM", "threat_actor": "Hackers", "patch_ready": false, "insight": "Hackers are exploiting a critical pre-auth SQLi flaw in..
9:10 pm, April 28, 2026 Cybersecurity
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
{"priority":"CRITICAL","cve":"CVE-2026-3854","target":"GitHub.com and GitHub Enterprise Server","threat_actor":"N/A","patch_ready":false,"insight":"CVE-2026-3854 is a critical RCE flaw in GitHub and G..
7:10 pm, April 28, 2026 Cybersecurity
Video service Vimeo confirms Anodot breach exposed user data
{ "priority": "MEDIUM", "cve": "N/A", "target": "Vimeo", "threat_actor": "Anodot", "patch_ready": false, "insight": "Vimeo disclosed a data breach caused by unauthorized access to user dat..
7:10 pm, April 28, 2026 Cybersecurity
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
{ "priority": "HIGH", "cve": "N/A", "target": "Minecraft", "threat_actor": "LofyGang", "patch_ready": false, "insight": "Brazilian LofyGang resurfaces with Minecraft LofyStealer campaign t..
6:10 pm, April 28, 2026 Cybersecurity
US reportedly charges Scattered Spider hacker arrested in Finland
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "Scattered Spider", "patch_ready": false, "insight": "A 19-year-old hacker, dual US and Estonian citizen, arrested in F..
4:10 pm, April 28, 2026 Cybersecurity
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
{ "priority": "CRITICAL", "cve": "N/A", "target": "VECT 2.0 Ransomware", "threat_actor": "VECT 2.0", "patch_ready": false, "insight": "VECT 2.0 ransomware permanently destroys files over 1..
3:10 pm, April 28, 2026 Cybersecurity
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
{ "priority": "HIGH", "cve": "N/A", "target": "Checkmarx GitHub repository", "threat_actor": "LAPSUS$", "patch_ready": false, "insight": "LAPSUS$ threat group leaked data stolen from Check..
3:10 pm, April 28, 2026 Cybersecurity
Microsoft to deprecate legacy TLS in Exchange Online starting July
{ "priority": "INFO", "cve": "N/A", "target": "Exchange Online", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft will block legacy TLS connections for POP and IMAP email..
2:10 pm, April 28, 2026 Cybersecurity
HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Detected HTTP requests with X-Vercel-Set-Bypass-Cookie header in honeypot." }
2:10 pm, April 28, 2026 Cybersecurity
Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"The article discusses the challenges of secure data movement in Zero Trust programs, highlighting that..
1:10 pm, April 28, 2026 Cybersecurity
Inside an OPSEC Playbook: How Threat Actors Evade Detection
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors are publishing OPSEC playbooks to evade detection, outlining str..
1:10 pm, April 28, 2026 Cybersecurity
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,000 GitHub stars, that could be exploited to..
12:10 pm, April 28, 2026 Cybersecurity
After Mythos: New Playbooks For a Zero-Window Era
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The exploit window is closing fast due to advancements in AI, making patching ..
11:10 am, April 28, 2026 Cybersecurity
Microsoft: New Remote Desktop warnings may display incorrectly
{ "priority": "MEDIUM", "cve": "N/A", "target": "Microsoft Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft confirms an issue with new Windows security warnings..
10:10 am, April 28, 2026 Cybersecurity
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
{ "priority": "HIGH", "cve": "N/A", "target": "American organizations and government agencies", "threat_actor": "Silk Typhoon", "patch_ready": false, "insight": "A Chinese national linked ..
9:10 am, April 28, 2026 Cybersecurity
Microsoft asks iPhone users to reauthenticate after Outlook outage
After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to regain access to their Outlook and Hotmail a..
9:10 am, April 28, 2026 Cybersecurity
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
{ "priority": "HIGH", "cve": "CVE-2026-32202", "target": "Windows Shell", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft confirms active exploitation of Windows Shell CV..
7:10 am, April 28, 2026 Cybersecurity
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Entra ID", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft patches Entra ID role flaw that enabled service princi..
7:10 am, April 28, 2026 Cybersecurity
