List cybersec
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have taken center stage in April's Patch Tuesday releases. Topping the list is an SQL injection vulne..
2:10 pm, April 15, 2026 Cybersecurity
CISA flags Windows Task Host vulnerability as exploited in attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Windows Task Host", "threat_actor": "N/A", "patch_ready": false, "insight": "CISA warns of exploited Windows Task Host vulnerability allo..
3:10 pm, April 15, 2026 Cybersecurity
Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest
{"priority": "INFO", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft awards $2.3 million for cloud and AI vulnerabilities found during Zero Day ..
5:10 pm, April 15, 2026 Cybersecurity
Signed software abused to deploy antivirus-killing scripts
A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on thousands of endpoints, some in the educational, utilities, government, and h..
6:10 pm, April 15, 2026 Cybersecurity
n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads o..
6:10 pm, April 15, 2026 Cybersecurity
WordPress plugin suite hacked to push malware to thousands of sites
More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows unauthorized access to websites running them. [...]
9:10 pm, April 15, 2026 Cybersecurity
New AgingFly malware used in attacks on Ukraine govt, hospitals
{ "priority": "HIGH", "cve": "N/A", "target": "Ukraine govt, hospitals", "threat_actor": "N/A", "patch_ready": false, "insight": "AgingFly malware targets Ukraine govt and hospitals, steal..
10:10 pm, April 15, 2026 Cybersecurity
Critical Nginx UI auth bypass flaw now actively exploited in the wild
A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication. [...]
11:10 pm, April 15, 2026 Cybersecurity
[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A guest diary entry by Alec Jaffe discusses compromised DVRs and finding them ..
12:10 am, April 16, 2026 Cybersecurity
ISC Stormcast For Thursday, April 16th, 2026 https://isc.sans.edu/podcastdetail/9894, (Thu, Apr 16th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "This is a podcast episode from SANS Internet Storm Center, dated Thursday, Apr..
2:10 am, April 16, 2026 Cybersecurity
UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency..
7:10 am, April 16, 2026 Cybersecurity
Microsoft: April Windows Server 2025 update may fail to install
{"priority":"MEDIUM","cve":"N/A","target":"Windows Server 2025","threat_actor":"N/A","patch_ready":false,"insight":"Microsoft is investigating an installation issue with the April KB5082063 security u..
8:10 am, April 16, 2026 Cybersecurity
US nationals behind DPRK IT worker 'laptop farm' sent to prison
Two U.S. nationals have been sent to prison for helping North Korean remote information technology (IT) workers to pose as U.S. residents and get hired by over 100 companies across the country, includ..
9:10 am, April 16, 2026 Cybersecurity
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company's Salesforce environment earlier this month. [...]
11:10 am, April 16, 2026 Cybersecurity
Cisco says critical Webex Services flaw requires customer action
{"priority":"CRITICAL","cve":"N/A","target":"Cisco Webex Services","threat_actor":"N/A","patch_ready":true,"insight":"Cisco patches critical improper certificate validation flaw in Webex Services requ..
12:10 pm, April 16, 2026 Cybersecurity
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
{ "priority": "CRITICAL", "cve": "CVE-2026-20184", "target": "Cisco Identity Services, Webex Services", "threat_actor": "N/A", "patch_ready": true, "insight": "Cisco patches critical flaws..
12:10 pm, April 16, 2026 Cybersecurity
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote a..
12:10 pm, April 16, 2026 Cybersecurity
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
{ "priority": "HIGH", "cve": "N/A", "target": "Taboola, Temu", "threat_actor": "N/A", "patch_ready": false, "insight": "Taboola routed logged-in banking sessions to Temu without bank knowl..
12:10 pm, April 16, 2026 Cybersecurity
[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment
In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanaged non-human identities that nobody was watching. For every ..
1:10 pm, April 16, 2026 Cybersecurity
New ATHR vishing platform uses AI voice agents for automated attacks
A new cybercrime platform called ATHR can harvest credentials via fully automated voice phishing attacks that use both human operators and AI agents for the social engineering phase. [...]
2:10 pm, April 16, 2026 Cybersecurity
Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
AI-powered SOC tools promise automation, but most only speed up triage instead of reducing real workload. Tines shows how real gains come from end-to-end workflows that execute actions across systems,..
2:10 pm, April 16, 2026 Cybersecurity
ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
{"priority": "HIGH", "cve": "N/A", "target": "Multiple", "threat_actor": "N/A", "patch_ready": false, "insight": "Multiple threats disclosed, including a Defender 0-Day, SonicWall brute-force attacks,..
2:10 pm, April 16, 2026 Cybersecurity
Google expands Gemini AI use to fight malicious ads on its platform
{ "priority": "MEDIUM", "cve": "N/A", "target": "Google", "threat_actor": "N/A", "patch_ready": false, "insight": "Google utilizes Gemini AI to enhance detection and blocking of malicious ..
4:10 pm, April 16, 2026 Cybersecurity
Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. [...]
5:10 pm, April 16, 2026 Cybersecurity
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
{ "priority": "HIGH", "cve": "N/A", "target": "Czech Republic workforce", "threat_actor": "PowMix", "patch_ready": false, "insight": "Newly discovered PowMix botnet targets Czech workers w..
7:10 pm, April 16, 2026 Cybersecurity
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Defender", "threat_actor": "Chaotic Eclipse", "patch_ready": false, "insight": "A proof-of-concept exploit for a Microsoft Defe..
9:10 pm, April 16, 2026 Cybersecurity
ZionSiphon malware designed to sabotage water treatment systems
{ "priority": "CRITICAL", "cve": "N/A", "target": "Water treatment and desalination systems", "threat_actor": "N/A", "patch_ready": false, "insight": "New malware ZionSiphon targets water ..
10:10 pm, April 16, 2026 Cybersecurity
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains
The latest wave of "Operation PowerOFF," on April 13, 2026, targeted the distributed denial-of-service (DDoS) ecosystem and its users across 21 countries. [...]
11:10 pm, April 16, 2026 Cybersecurity
Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Introduction to a Lumma Stealer infection with Sectop RAT (ArechClient2) on Ap..
1:10 am, April 17, 2026 Cybersecurity
ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, April 17, 2026 Cybersecurity
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
{"priority":"CRITICAL","cve":"CVE-2026-34197","target":"Apache ActiveMQ Classic","threat_actor":"N/A","patch_ready":false,"insight":"Apache ActiveMQ CVE-2026-34197 is under active exploitation and has..
4:10 am, April 17, 2026 Cybersecurity
Recently leaked Windows zero-days now exploited in attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors are exploiting recently disclosed Windows zero-days to g..
7:10 am, April 17, 2026 Cybersecurity
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
{ "priority": "HIGH", "cve": "N/A", "target": "DDoS-for-hire services", "threat_actor": "N/A", "patch_ready": false, "insight": "Operation PowerOFF disrupts 53 DDoS domains, exposing 3 mil..
7:10 am, April 17, 2026 Cybersecurity
Microsoft: Some Windows servers enter reboot loops after April patches
{ "priority": "HIGH", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft warns that some Windows domain controllers are entering restart ..
8:10 am, April 17, 2026 Cybersecurity
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
{"priority":"INFO","cve":"N/A","target":"NIST NVD","threat_actor":"N/A","patch_ready":false,"insight":"NIST limits CVE enrichment due to 263% surge in vulnerability submissions."}
8:10 am, April 17, 2026 Cybersecurity
Man gets 30 months for selling thousands of hacked DraftKings accounts
{ "priority": "LOW", "cve": "N/A", "target": "DraftKings", "threat_actor": "N/A", "patch_ready": false, "insight": "A 23-year-old was sentenced to 30 months in prison for selling access to..
8:10 am, April 17, 2026 Cybersecurity
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Apache ActiveMQ", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA warns of active exploitation of a high-severity Apache ActiveM..
10:10 am, April 17, 2026 Cybersecurity
Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
{ "priority": "INFO", "cve": "N/A", "target": "Google", "threat_actor": "N/A", "patch_ready": false, "insight": "Google blocked 8.3B policy-violating ads in 2025 and launched Android 17 pr..
12:10 pm, April 17, 2026 Cybersecurity
Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery
{ "priority": "INFO", "cve": "N/A", "target": "MSPs (Managed Service Providers)", "threat_actor": "N/A", "patch_ready": false, "insight": "The webinar highlights the evolving threat of cyb..
1:10 pm, April 17, 2026 Cybersecurity
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the explo..
2:10 pm, April 17, 2026 Cybersecurity
Grinex exchange blames "Western intelligence" for $13.7M crypto hack
{"priority": "HIGH", "cve": "N/A", "target": "Grinex exchange", "threat_actor": "Western intelligence agencies", "patch_ready": false, "insight": "Grinex exchange suffered a $13.7M crypto hack attribu..
3:10 pm, April 17, 2026 Cybersecurity
Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses how threat actors verify trust in underground credit car..
3:10 pm, April 17, 2026 Cybersecurity
Payouts King ransomware uses QEMU VMs to bypass endpoint security
{ "priority": "HIGH", "cve": "N/A", "target": "Endpoint security systems", "threat_actor": "Payouts King", "patch_ready": false, "insight": "Payouts King ransomware uses QEMU VMs to bypass..
8:10 pm, April 17, 2026 Cybersecurity
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
``` { "priority": "HIGH", "cve": "CVE-2024-3721", "target": "TBK DVR", "threat_actor": "Mirai Variant Nexcorium", "patch_ready": false, "insight": "Mirai Variant Nexcorium exploits CVE-202..
7:10 am, April 18, 2026 Cybersecurity
[Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The webinar discusses the risks associated with unmanaged non-human identities..
9:10 am, April 18, 2026 Cybersecurity
$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
{ "priority": "HIGH", "cve": "N/A", "target": "Grinex Exchange", "threat_actor": "Western intelligence agencies", "patch_ready": false, "insight": "A $13.74M hack on Grinex Exchange attrib..
9:10 am, April 18, 2026 Cybersecurity
NAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 Support
{"priority":"INFO","cve":"N/A","target":"NAKIVO Backup & Replication v11.2","threat_actor":"N/A","patch_ready":false,"insight":"NAKIVO Inc. announced the general availability of NAKIVO Backup & Replic..
2:10 pm, April 18, 2026 Cybersecurity
Microsoft Teams right-click paste broken by Edge update bug
{"priority":"MEDIUM","cve":"N/A","target":"Microsoft Teams","threat_actor":"N/A","patch_ready":false,"insight":"Microsoft Edge update breaks right-click paste in Microsoft Teams desktop client"}
3:10 pm, April 18, 2026 Cybersecurity
Critical flaw in Protobuf library enables JavaScript code execution
Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. [...]
4:10 pm, April 18, 2026 Cybersecurity
NIST to stop rating non-priority flaws due to volume increase
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "NIST will cease rating non-priority vulnerabilities due to increased submissio..
3:10 pm, April 19, 2026 Cybersecurity
AI Testing
