List cybersec
Google fixes fourth Chrome zero-day exploited in attacks in 2026
{"priority": "CRITICAL", "cve": "N/A", "target": "Google Chrome", "threat_actor": "N/A", "patch_ready": true, "insight": "Google patched a Chrome zero-day vulnerability, the fourth exploited in attack..
11:10 am, April 1, 2026 Cybersecurity
FBI warns against using Chinese mobile apps due to privacy risks
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The FBI warns against using Chinese mobile apps due to potential privacy risks..
12:10 pm, April 1, 2026 Cybersecurity
3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
{"priority":"MEDIUM","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"Attackers are increasingly using trusted tools and native binaries to move laterally, escalate privi..
12:10 pm, April 1, 2026 Cybersecurity
TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "TeamPCP", "patch_ready": false, "insight": "Update on TeamPCP supply chain campaign with confirmed victim disclosure a..
2:10 pm, April 1, 2026 Cybersecurity
Block the Prompt, Not the Work: The End of "Doctor No"
There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build. It doesn’t enable. Its entire function is to say "No." No t..
2:10 pm, April 1, 2026 Cybersecurity
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
{ "priority": "HIGH", "cve": "N/A", "target": "Latin America and Europe", "threat_actor": "Augmented Marauder and Water Saci", "patch_ready": false, "insight": "A Brazilian cybercrime thre..
2:10 pm, April 1, 2026 Cybersecurity
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
{ "priority": "HIGH", "cve": "N/A", "target": "Windows", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft warns of WhatsApp-delivered VBS malware hijacking Windows via UA..
2:10 pm, April 1, 2026 Cybersecurity
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
{ "priority": "CRITICAL", "cve": "CVE-2026-5281", "target": "Google Chrome", "threat_actor": "N/A", "patch_ready": true, "insight": "Google Chrome released a patch for a zero-day vulnerabi..
2:10 pm, April 1, 2026 Cybersecurity
Routine Access Is Powering Modern Intrusions, a New Threat Report Finds
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"Modern intrusions often begin with valid credentials and routine access, leveraging VPN abuse, RMM too..
3:10 pm, April 1, 2026 Cybersecurity
'NoVoice' Android malware on Google Play infected 2.3 million devices
{ "priority": "HIGH", "cve": "N/A", "target": "Android", "threat_actor": "NoVoice", "patch_ready": false, "insight": "NoVoice Android malware on Google Play infected 2.3 million devices" }..
6:10 pm, April 1, 2026 Cybersecurity
CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
{"priority":"HIGH","cve":"N/A","target":"N/A","threat_actor":"UAC-0255","patch_ready":false,"insight":"CERT-UA impersonated to spread AGEWHEEZE malware via 1 million emails"}
6:10 pm, April 1, 2026 Cybersecurity
New EvilTokens service fuels Microsoft device code phishing attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft", "threat_actor": "EvilTokens", "patch_ready": false, "insight": "EvilTokens kit enables device code phishing to hijack Microsoft a..
8:10 pm, April 1, 2026 Cybersecurity
Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
{ "priority": "HIGH", "cve": "N/A", "target": "iPhones running iOS 18", "threat_actor": "DarkSword", "patch_ready": true, "insight": "Apple expands iOS 18 updates to more iPhones to block ..
10:10 pm, April 1, 2026 Cybersecurity
Hackers exploit TrueConf zero-day to push malicious software updates
{ "priority": "CRITICAL", "cve": "N/A", "target": "TrueConf", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers exploit TrueConf zero-day to execute arbitrary files on conne..
10:10 pm, April 1, 2026 Cybersecurity
New CrystalRAT malware adds RAT, stealer and prankware features
{ "priority": "HIGH", "cve": "N/A", "target": "CrystalRAT", "threat_actor": "N/A", "patch_ready": false, "insight": "New CrystalRAT malware-as-a-service offers remote access, data theft, k..
12:10 am, April 2, 2026 Cybersecurity
ISC Stormcast For Thursday, April 2nd, 2026 https://isc.sans.edu/podcastdetail/9876, (Thu, Apr 2nd)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast for Thursday, April 2nd, 2026, discussing various cybers..
2:10 am, April 2, 2026 Cybersecurity
Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
{ "priority": "HIGH", "cve": "N/A", "target": "Apple iOS", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple expanded iOS 18.7.7 update to more devices to block DarkSword explo..
8:10 am, April 2, 2026 Cybersecurity
Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks
{ "priority": "CRITICAL", "cve": "CVE-2022-1388 or N/A", "target": "F5 BIG-IP APM", "threat_actor": "N/A", "patch_ready": false, "insight": "Over 14,000 F5 BIG-IP APM instances are exposed..
9:10 am, April 2, 2026 Cybersecurity
Microsoft links Classic Outlook issue to email delivery problems
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft Classic Outlook", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft is investigating an issue with Classic Outlook..
10:10 am, April 2, 2026 Cybersecurity
Critical Cisco IMC auth bypass gives attackers Admin access
{ "priority": "CRITICAL", "cve": "N/A", "target": "Cisco IMC", "threat_actor": "N/A", "patch_ready": true, "insight": "Cisco patched a critical authentication bypass in Integrated Manageme..
11:10 am, April 2, 2026 Cybersecurity
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
{"priority":"HIGH","cve":"N/A","target":"WhatsApp iOS app","threat_actor":"Unknown","patch_ready":false,"insight":"WhatsApp alerted 200 users of a fake iOS app with spyware, mostly affecting Italian t..
11:10 am, April 2, 2026 Cybersecurity
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
{ "priority": "HIGH", "cve": "N/A", "target": "N/A", "threat_actor": "REF1695", "patch_ready": false, "insight": "REF1695 uses fake installers to deploy RATs and crypto miners, monetizing ..
12:10 pm, April 2, 2026 Cybersecurity
The State of Trusted Open Source Report
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The State of Trusted Open Source Report provides insights on open source consu..
12:10 pm, April 2, 2026 Cybersecurity
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors exploit vacant homes as drop addresses to intercept mail and fac..
2:10 pm, April 2, 2026 Cybersecurity
New Progress ShareFile flaws can be chained in pre-auth RCE attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Progress ShareFile", "threat_actor": "N/A", "patch_ready": false, "insight": "Chained vulnerabilities allow pre-auth RCE attacks" }
2:10 pm, April 2, 2026 Cybersecurity
Medtech giant Stryker fully operational after data-wiping attack
{ "priority": "HIGH", "cve": "N/A", "target": "Stryker Corporation", "threat_actor": "Handala", "patch_ready": false, "insight": "Medtech giant Stryker restored operations after a data-wip..
2:10 pm, April 2, 2026 Cybersecurity
ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The ThreatsDay Bulletin covers various cybersecurity topics, including pre-aut..
2:10 pm, April 2, 2026 Cybersecurity
Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)
{ "priority": "HIGH", "cve": "CVE-2025-30208", "target": "Vite", "threat_actor": "N/A", "patch_ready": true, "insight": "Attempts to exploit exposed Vite installs have been detected." }
3:10 pm, April 2, 2026 Cybersecurity
Residential proxies evaded IP reputation checks in 78% of 4B sessions
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Researchers warn that residential proxies used to route malicious traffic are ..
4:10 pm, April 2, 2026 Cybersecurity
Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
{ "priority": "CRITICAL", "cve": "CVE-2026-20093", "target": "Cisco IMC", "threat_actor": "N/A", "patch_ready": true, "insight": "Cisco patches critical 9.8 CVSS flaw in IMC allowing remot..
5:10 pm, April 2, 2026 Cybersecurity
Drift loses $280 million as hackers seize Security Council powers
{"priority":"CRITICAL","cve":"N/A","target":"Drift Protocol","threat_actor":"N/A","patch_ready":false,"insight":"A threat actor seized control of Drift Protocol's Security Council administrative power..
7:10 pm, April 2, 2026 Cybersecurity
Claude Code leak used to push infostealer malware on GitHub
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. [...]
9:10 pm, April 2, 2026 Cybersecurity
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web S..
9:10 pm, April 2, 2026 Cybersecurity
ISC Stormcast For Friday, April 3rd, 2026 https://isc.sans.edu/podcastdetail/9878, (Fri, Apr 3rd)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Summary of ISC Stormcast podcast for April 3rd, 2026, no specific threat intel..
2:10 am, April 3, 2026 Cybersecurity
Drift loses $280 million North Korean hackers seize Security Council powers
{ "priority": "CRITICAL", "cve": "N/A", "target": "Drift Protocol", "threat_actor": "North Korean hackers", "patch_ready": false, "insight": "Drift Protocol lost $280 million to North Kore..
6:10 am, April 3, 2026 Cybersecurity
CERT-EU: European Commission hack exposes data of 30 EU entities
The European Union's Cybersecurity Service (CERT-EU) has attributed the European Commission cloud hack to the TeamPCP threat group, saying the resulting breach exposed the data of at least 29 other..
7:10 am, April 3, 2026 Cybersecurity
Microsoft now force upgrades unmanaged Windows 11 24H2 PCs
{"priority": "INFO", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft has started force-upgrading unmanaged Windows 11 24H2 Home and Pro devices..
8:10 am, April 3, 2026 Cybersecurity
Man admits to locking thousands of Windows devices in extortion plot
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows", "threat_actor": "Individual (former core infrastructure engineer)", "patch_ready": false, "insight": "A former infrastructure eng..
9:10 am, April 3, 2026 Cybersecurity
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
{ "priority": "HIGH", "cve": "N/A", "target": "iOS, Android Apps", "threat_actor": "SparkCat", "patch_ready": false, "insight": "New SparkCat malware variant steals crypto wallet recovery ..
10:10 am, April 3, 2026 Cybersecurity
Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
``` { "priority": "CRITICAL", "cve": "N/A", "target": "Drift Protocol", "threat_actor": "DPRK", "patch_ready": false, "insight": "A novel social engineering attack involving durable nonces..
10:10 am, April 3, 2026 Cybersecurity
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks. [...]
12:10 pm, April 3, 2026 Cybersecurity
UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
{"priority":"HIGH","cve":"N/A","target":"Axios npm package","threat_actor":"UNC1069","patch_ready":false,"insight":"North Korean threat actors UNC1069 used social engineering to compromise Axios maint..
1:10 pm, April 3, 2026 Cybersecurity
Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture
{"priority":"MEDIUM","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"The biggest gap in clients' security posture is third-party risk, as breaches often occur through tr..
1:10 pm, April 3, 2026 Cybersecurity
TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)
``` { "priority": "HIGH", "cve": "N/A", "target": "European Commission Cloud, Sportradar, Mercor AI, axios, LiteLLM", "threat_actor": "TeamPCP", "patch_ready": false, "insight": "CERT-EU c..
2:10 pm, April 3, 2026 Cybersecurity
Evolution of Ransomware: Multi-Extortion Ransomware Attacks
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the evolution of ransomware attacks, specifically multi-..
3:10 pm, April 3, 2026 Cybersecurity
Die Linke German political party confirms data stolen by Qilin ransomware
The Qilin ransomware group has claimed responsibility for an attack against Die Linke ('The Left'), forcing an IT systems outage at the political party, and threatening sensitive data leak. [...]
5:10 pm, April 3, 2026 Cybersecurity
Hims & Hers warns of data breach after Zendesk support ticket breach
{ "priority": "HIGH", "cve": "N/A", "target": "Hims & Hers Health", "threat_actor": "N/A", "patch_ready": false, "insight": "Telehealth company Hims & Hers Health suffered a data breach af..
6:10 pm, April 3, 2026 Cybersecurity
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
{ "priority": "HIGH", "cve": "N/A", "target": "European Governments", "threat_actor": "TA416", "patch_ready": false, "insight": "China-linked TA416 targets European governments with PlugX ..
6:10 pm, April 3, 2026 Cybersecurity
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
{"priority":"HIGH","cve":"N/A","target":"PHP Web Shells on Linux Servers","threat_actor":"Threat Actors","patch_ready":false,"insight":"Threat actors use HTTP cookies as a control channel for PHP-base..
6:10 pm, April 3, 2026 Cybersecurity
LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
{ "priority": "MEDIUM", "cve": "N/A", "target": "LinkedIn", "threat_actor": "N/A", "patch_ready": false, "insight": "LinkedIn uses hidden JavaScript scripts to scan visitors' browsers for ..
9:10 pm, April 3, 2026 Cybersecurity
AI Testing
