List cybersec
ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, April 28, 2026 Cybersecurity
Robinhood account creation flaw abused to send phishing emails
Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspici..
12:10 am, April 28, 2026 Cybersecurity
GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions
{ "priority": "HIGH", "cve": "N/A", "target": "OpenVSX ecosystem", "threat_actor": "GlassWorm", "patch_ready": false, "insight": "GlassWorm malware attacks return via 73 OpenVSX 'sleeper' ..
10:10 pm, April 27, 2026 Cybersecurity
Alleged Silk Typhoon hacker extradited to US for cyberespionage
A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to the United States to face criminal charges. [...]
8:10 pm, April 27, 2026 Cybersecurity
Canada arrests three for operating “SMS blaster” device in Toronto
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Canadian authorities arrested three men for operating an SMS blaster device in ..
8:10 pm, April 27, 2026 Cybersecurity
FTC: Americans lost over $2.1 billion to social media scams in 2025
The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in 2025. [...]
5:10 pm, April 27, 2026 Cybersecurity
⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Weekly recap of various cybersecurity issues, including malware, supply chain ..
4:10 pm, April 27, 2026 Cybersecurity
Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
{ "priority": "MEDIUM", "cve": "N/A", "target": "GitHub Repository", "threat_actor": "Cybercriminal Group", "patch_ready": false, "insight": "Checkmarx confirms data from its GitHub reposi..
4:10 pm, April 27, 2026 Cybersecurity
PyPI package with 1.1M monthly downloads hacked to push infostealer
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. [...]
4:10 pm, April 27, 2026 Cybersecurity
Webinar: Spotting cyberattacks before they begin
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"BleepingComputer hosts a webinar with Flare and researcher Tammy Harper on spotting early warning sign..
3:10 pm, April 27, 2026 Cybersecurity
Home security giant ADT data breach affects 5.5 million people
{ "priority": "HIGH", "cve": "N/A", "target": "ADT", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "The ShinyHunters extortion group stole personal information of 5.5 mi..
3:10 pm, April 27, 2026 Cybersecurity
Medtronic confirms breach after hackers claim 9 million records theft
{ "priority": "HIGH", "cve": "N/A", "target": "Medtronic", "threat_actor": "N/A", "patch_ready": false, "insight": "Medtronic confirmed a breach where hackers claimed to have stolen 9 mill..
2:10 pm, April 27, 2026 Cybersecurity
TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)
{ "priority": "HIGH", "cve": "CVE-2026-33634", "target": "Checkmarx KICS, Bitwarden CLI, xinference PyPI", "threat_actor": "UNC6780", "patch_ready": false, "insight": "TeamPCP supply chain..
2:10 pm, April 27, 2026 Cybersecurity
Deepfake Voice Attacks are Outpacing Defenses: What Security Leaders Should Know
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Deepfake voice attacks can clone a voice with just three seconds of audio, tri..
1:10 pm, April 27, 2026 Cybersecurity
Money launderer linked to $230M crypto heist gets 70 months in prison
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A 22-year-old individual was sentenced to 70 months in prison for laundering fu..
1:10 pm, April 27, 2026 Cybersecurity
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository that are linked to a persistent information-stealing campaign dubbed Glass..
12:10 pm, April 27, 2026 Cybersecurity
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
{ "priority": "HIGH", "cve": "N/A", "target": "TrueConf video conferencing software", "threat_actor": "PhantomCore", "patch_ready": false, "insight": "PhantomCore exploits TrueConf vulnera..
12:10 pm, April 27, 2026 Cybersecurity
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"The article discusses the impact of Anthropic's Claude Mythos Preview on vulnerability discovery and r..
12:10 pm, April 27, 2026 Cybersecurity
Microsoft says Outlook.com outage is causing sign‑in failures
{ "priority": "MEDIUM", "cve": "N/A", "target": "Microsoft Outlook.com", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft is investigating an Outlook.com outage causing s..
12:10 pm, April 27, 2026 Cybersecurity
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
{ "priority": "MEDIUM", "cve": "N/A", "target": "N/A", "threat_actor": "Keitaro", "patch_ready": false, "insight": "Fake CAPTCHA IRSF scam and 120 Keitaro campaigns drive global SMS and cr..
9:10 am, April 27, 2026 Cybersecurity
American utility firm Itron discloses breach of internal IT network
{ "priority": "HIGH", "cve": "N/A", "target": "Itron Inc.", "threat_actor": "N/A", "patch_ready": false, "insight": "Itron Inc. disclosed a cybersecurity breach where an unauthorized third..
3:10 pm, April 26, 2026 Cybersecurity
Microsoft rolls out revamped Windows Insider Program
{ "priority": "INFO", "cve": "N/A", "target": "Windows Insider Program", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft has revamped the Windows Insider Program as part..
5:10 pm, April 25, 2026 Cybersecurity
Threat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a browser extension, a tunneler, and a backdoor. [...]
4:10 pm, April 25, 2026 Cybersecurity
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
{"priority":"HIGH","cve":"N/A","target":"Engineering Software","threat_actor":"N/A","patch_ready":false,"insight":"Researchers discovered a Lua-based malware called 'fast16' targeting engineering soft..
10:10 am, April 25, 2026 Cybersecurity
CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
{ "priority": "CRITICAL", "cve": "CVE-2024-57726", "target": "SimpleHelp, Samsung MagicINFO 9 Server, D-Link DIR-823X series routers", "threat_actor": "N/A", "patch_ready": true, "insight"..
6:10 am, April 25, 2026 Cybersecurity
ADT confirms data breach after ShinyHunters leak threat
{ "priority": "HIGH", "cve": "N/A", "target": "ADT", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "ADT confirms data breach after ShinyHunters leak threat." }
11:10 pm, April 24, 2026 Cybersecurity
Firestarter malware survives Cisco firewall updates, security patches
{ "priority": "HIGH", "cve": "N/A", "target": "Cisco Firepower and Secure Firewall devices", "threat_actor": "N/A", "patch_ready": false, "insight": "Firestarter malware persists on Cisco ..
9:10 pm, April 24, 2026 Cybersecurity
Windows Update gets new controls to reduce forced restarts
{ "priority": "INFO", "cve": "N/A", "target": "Windows Update", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft introduces new controls for Windows Update to minimize fo..
8:10 pm, April 24, 2026 Cybersecurity
Microsoft to roll out Entra passkeys on Windows in late April
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft Entra", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft announces passkey support for Microsoft Entra on Windows..
7:10 pm, April 24, 2026 Cybersecurity
New BlackFile extortion group linked to surge of vishing attacks
{ "priority": "INFO", "cve": "N/A", "target": "Retail and hospitality organizations", "threat_actor": "BlackFile", "patch_ready": false, "insight": "New financially motivated hacking group..
7:10 pm, April 24, 2026 Cybersecurity
FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency's Cisco Firepower device running Adaptive Security Appliance (ASA) software was co..
6:10 pm, April 24, 2026 Cybersecurity
New ‘Pack2TheRoot’ flaw gives hackers root Linux access
{ "priority": "HIGH", "cve": "N/A", "target": "Linux", "threat_actor": "N/A", "patch_ready": false, "insight": "New vulnerability Pack2TheRoot in PackageKit daemon allows local Linux users..
6:10 pm, April 24, 2026 Cybersecurity
NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
{ "priority": "HIGH", "cve": "N/A", "target": "NASA, U.S. Defense Software", "threat_actor": "Chinese national", "patch_ready": false, "insight": "Chinese national posed as U.S. researcher..
4:10 pm, April 24, 2026 Cybersecurity
DORA and operational resilience: Credential management as a financial risk control
Article 9 of DORA makes authentication and access control a legal obligation for EU financial entities. Here is what the regulation requires, and what a breach looks like when those controls are missi..
3:10 pm, April 24, 2026 Cybersecurity
Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks
Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw. [...]
2:10 pm, April 24, 2026 Cybersecurity
Microsoft now lets admins uninstall Copilot on enterprise devices
{"priority":"INFO","cve":"N/A","target":"Microsoft Copilot","threat_actor":"N/A","patch_ready":false,"insight":"Microsoft has introduced a policy setting to allow IT administrators to uninstall Copilo..
12:10 pm, April 24, 2026 Cybersecurity
26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
{ "priority": "HIGH", "cve": "N/A", "target": "Apple App Store", "threat_actor": "N/A", "patch_ready": false, "insight": "Malicious apps impersonating cryptocurrency wallets found on Apple..
12:10 pm, April 24, 2026 Cybersecurity
Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
{"priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the AI Agent Authority Gap in enterprise security, highlighting the n..
12:10 pm, April 24, 2026 Cybersecurity
UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Teams", "threat_actor": "UNC6692", "patch_ready": false, "insight": "UNC6692 uses social engineering via Microsoft Teams to deploy ..
10:10 am, April 24, 2026 Cybersecurity
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
{ "priority": "HIGH", "cve": "N/A", "target": "SumatraPDF reader, Microsoft Visual Studio Code (VS Code)", "threat_actor": "Tropic Trooper", "patch_ready": false, "insight": "Tropic Troope..
10:10 am, April 24, 2026 Cybersecurity
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
{"priority": "HIGH", "cve": "CVE-2026-33626", "target": "LMDeploy", "threat_actor": "N/A", "patch_ready": false, "insight": "CVE-2026-33626 SSRF vulnerability in LMDeploy exploited within 13 hours of ..
9:10 am, April 24, 2026 Cybersecurity
ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, April 24, 2026 Cybersecurity
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. [...]
10:10 pm, April 23, 2026 Cybersecurity
Bitwarden CLI npm package compromised to steal developer credentials
{ "priority": "HIGH", "cve": "N/A", "target": "Bitwarden CLI", "threat_actor": "N/A", "patch_ready": false, "insight": "Bitwarden CLI npm package compromised to steal developer credentials..
8:10 pm, April 23, 2026 Cybersecurity
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Teams", "threat_actor": "UNC6692", "patch_ready": false, "insight": "UNC6692 uses social engineering via Microsoft Teams to deploy ..
7:10 pm, April 23, 2026 Cybersecurity
Trigona ransomware attacks use custom exfiltration tool to steal data
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. [...]
7:10 pm, April 23, 2026 Cybersecurity
New Checkmarx supply-chain breach affects KICS analysis tool
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. [...]
4:10 pm, April 23, 2026 Cybersecurity
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The bulletin highlights various threats including a $290M DeFi hack, macOS Lot..
3:10 pm, April 23, 2026 Cybersecurity
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from Socket. "The affected package version appears to be @bitw..
3:10 pm, April 23, 2026 Cybersecurity
Regular Password Resets Aren’t as Safe as You Think
{ "priority": "MEDIUM", "cve": "N/A", "target": "Specops Software", "threat_actor": "N/A", "patch_ready": false, "insight": "Helpdesk social engineering can turn password reset requests in..
3:10 pm, April 23, 2026 Cybersecurity
