MATLOCK.CA
126Articles
9Categories
2026-04-01Date
🚨
CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-5281 Google Dawn Use-After-Free Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses…
KEVCISA.GOV — Wed, 01 Apr 26 1
πŸ›
Cisco Breached: Source Code Stolen - Cybersecurity Today
CYBERSECURITYTODAY.LIBSYN.COM — 01 Apr 2026
πŸ›
Hackers Actively Exploit Critical WebLogic RCE Vulnerabilities in Ongoing Attacks
GBHACKERS.COM — 01 Apr 2026
πŸ›
TrueConf Vulnerability Under Active Exploitation in Southeast Asia Government Attacks
GBHACKERS.COM — 01 Apr 2026
πŸ›
CVE-2025-66037 OpenSC: Out of Bounds vulnerability
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2026-34714
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2026-21717
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2026-21715
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2026-21714
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2025-49010 OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2025-66215 OpenSC: Stack-buffer-overflow WRITE in card-oberthur
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2025-66038 OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2026-4176 Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2026-21710
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2026-34043 Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2026-21716
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2026-21713
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2026-21711
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2023-52676 bpf: Guard stack limits against 32bit overflow
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
CVE-2024-35839 netfilter: bridge: replace physindev with physinif in nf_bridge_info
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
PoC Exploit Code Published for nginx-ui Backup Restore Security Flaw
GBHACKERS.COM — 01 Apr 2026
πŸ›
CVE-2024-41013 xfs: don't walk off the end of a directory data block
MSRC.MICROSOFT.COM — 01 Apr 2026
πŸ›
Vim Modeline Vulnerability Opens Door to Arbitrary OS Command Execution
GBHACKERS.COM — 01 Apr 2026
πŸ›
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation β€” Patch Released
KEVTHEHACKERNEWS.COM — 01 Apr 2026
πŸ›
Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome
SECURITYWEEK.COM — 01 Apr 2026
πŸ›
Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both
CSOONLINE.COM — 01 Apr 2026
⚠️
Mercor says it was hit by cyberattack tied to compromise of open-source LiteLLM project
TECHCRUNCH.COM — 01 Apr 2026
⚠️
Anthropic employee error exposes Claude Code source
CSOONLINE.COM — 01 Apr 2026
⚠️
Google Cloud’s Vertex AI Hit by Vulnerability Enabling Sensitive Data Access
GBHACKERS.COM — 01 Apr 2026
⚠️
Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms
THEHACKERNEWS.COM — 01 Apr 2026
⚠️
Google Addresses Vertex Security Issues After Researchers Weaponize AI Agents
SECURITYWEEK.COM — 01 Apr 2026
⚠️
9 ways CISOs can combat AI hallucinations
CSOONLINE.COM — 01 Apr 2026
⚠️
Security awareness is not a control: Rethinking human risk in enterprise security
CSOONLINE.COM — 01 Apr 2026
⚠️
A Taxonomy of Cognitive Security
SCHNEIER.COM — 2026-04-01
⚠️
Google fixes fourth Chrome zero-day exploited in attacks in 2026
BLEEPINGCOMPUTER.COM — 01 Apr 2026
⚠️
Hackers Exploit Hotel Booking Systems to Send Fake Payment Requests to Guests
GBHACKERS.COM — 01 Apr 2026
⚠️
Unrelenting Threats Against Government and Education: Why Human Risk Is the Front Line
KNOWBE4.COM — 01 Apr 2026
⚠️
WhatsApp malware campaign uses malicious VBS files to gain persistent access
CSOONLINE.COM — 01 Apr 2026
⚠️
Cisco Faces Alleged Data Leak as ShinyHunters Claims Responsibility
GBHACKERS.COM — 01 Apr 2026
⚠️
Microsoft Teams to Improve Privacy With EXIF Data Removal Feature
GBHACKERS.COM — 01 Apr 2026
⚠️
Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts
SH.ITJUST.WORKS — 1 Apr 2026
⚠️
TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets - Infosecurity Magazine
SH.ITJUST.WORKS — 1 Apr 2026
⚠️
Google Warns of New Chrome Zero-Day Under Active Exploitation – Users Urged to Update Immediately
KEVGBHACKERS.COM — 01 Apr 2026
⚠️
US Charges Uranium Crypto Exchange Hacker
SECURITYWEEK.COM — 01 Apr 2026
⚠️
Routine Access Is Powering Modern Intrusions, a New Threat Report Finds
BLEEPINGCOMPUTER.COM — 01 Apr 2026
⚠️
CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
THEHACKERNEWS.COM — 01 Apr 2026
⚠️
Fireside Chat: AI agents are reshaping mobile attacks β€” and exposing weak API trust models
LASTWATCHDOG.COM — 01 Apr 2026
⚠️
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
CISECURITY.ORG — 01 Apr 2026
⚠️
Chronic Resource Constraints: Doing More With Less in Public Sector Cybersecurity
KNOWBE4.COM — 01 Apr 2026
⚠️
Hackers exploit TrueConf zero-day to push malicious software updates
BLEEPINGCOMPUTER.COM — 01 Apr 2026
⚠️
RSA 2026: Agentic Future, Analog Fundamentals β€” The Paradox of Why the Old Guard Still Survives
MEDIUM.COM — 01 Apr 2026
⚠️
Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
KEVBLEEPINGCOMPUTER.COM — 01 Apr 2026
⚠️
TrendAI Insight: New U.S. National Cyber Strategy
TRENDMICRO.COM — 01 Apr 2026
⚠️
6 critical mistakes that undermine cyber resilience (and how to fix them)
CSOONLINE.COM — 01 Apr 2026
⚠️
6 metrics IT leaders can’t afford to ignore for business resilience
CSOONLINE.COM — 01 Apr 2026
⚠️
5 critical steps to achieve business resilience in cybersecurity
CSOONLINE.COM — 01 Apr 2026
⚠️
7 ways to improve your business resilience with backup and recovery
CSOONLINE.COM — 01 Apr 2026
⚠️
5 Steps to break free from alert fatigue and build resilient security operations
CSOONLINE.COM — 01 Apr 2026
⚠️
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)
CSOONLINE.COM — 01 Apr 2026
⚠️
Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069
TENABLE.COM — 01 Apr 2026
⚠️
Securing the open source supply chain across GitHub
GITHUB.BLOG — 01 Apr 2026
⚠️
Mutation testing for the agentic era
TRAILOFBITS.COM — 01 Apr 2026
⚠️
Risky Business #831 -- The AI bugpocalypse begins
KEVRISKY.BIZ — 01 Apr 2026
πŸ“‹
Apple releases security fix for older iPhones and iPads to protect against DarkSword attacks
TECHCRUNCH.COM — 01 Apr 2026
πŸ“’
Closing the Gap by Enhancing Visibility and Mitigating Risks
PALOALTONETWORKS.COM — 01 Apr 2026
πŸ“’
Executive Paralysis and Two Pre-Recorded RSAC 2026 Interviews from DigiCert and Okta - BSW #441
YOUTUBE.COM — 2026-04-01
πŸ“’
Google Chrome security advisory (AV26-306)
CYBER.GC.CA — 2026-04-01
πŸ“’
Cisco security advisory (AV26-307)
CYBER.GC.CA — 2026-04-01
πŸ“’
Drupal security advisory (AV26-308)
CYBER.GC.CA — 2026-04-01
πŸ”₯
Google Drive ransomware detection now on by default for paying users
BLEEPINGCOMPUTER.COM — 01 Apr 2026
πŸ”₯
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
GBHACKERS.COM — 01 Apr 2026
πŸ”₯
SUCCESS - 253,510 breached accounts
HAVEIBEENPWNED.COM — 01 Apr 2026
πŸ”₯
Axios NPM Package Breached in North Korean Supply Chain Attack
SECURITYWEEK.COM — 01 Apr 2026
πŸ”₯
Webinar Today: Agentic AI vs. Identity’s Last Mile Problem
SECURITYWEEK.COM — 01 Apr 2026
πŸ”₯
TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)
ISC.SANS.EDU — 01 Apr 2026
πŸ”₯
When Crisis Plans Fail to Act
YOUTUBE.COM — 2026-04-01
πŸ”₯
Hasbro says it was hacked, and may take β€˜several weeks’ to recover
TECHCRUNCH.COM — 01 Apr 2026
πŸ”₯
Toy Giant Hasbro Hit by Cyberattack
SECURITYWEEK.COM — 01 Apr 2026
πŸ”₯
Is β€œHackback” Official US Cybersecurity Strategy?
SCHNEIER.COM — 2026-04-01
πŸ”₯
Leadership or Career Risk
YOUTUBE.COM — 2026-04-01
πŸ”₯
Smashing Security podcast #461: This man hid $400 million in a fishing rod. Then it vanished
GRAHAMCLULEY.COM — 01 Apr 2026
πŸ”₯
Major Cyber Attacks in March 2026: OAuth Phishing,Β SVG Smuggling,Β Magecart, and More
ANY.RUN — 01 Apr 2026
πŸ•΅οΈ
ISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)
ISC.SANS.EDU — 01 Apr 2026
πŸ•΅οΈ
XLoader malware Sharpens Obfuscation, Masks C2 Traffic via Decoy Servers
GBHACKERS.COM — 01 Apr 2026
πŸ•΅οΈ
NPM Supply Chain Attack Uses undicy-http to Deploy RAT
GBHACKERS.COM — 01 Apr 2026
πŸ•΅οΈ
PyPI Telnyx Python SDK Backdoored to Steal Credentials on Windows, macOS, and Linux
GBHACKERS.COM — 01 Apr 2026
πŸ•΅οΈ
Windows 11 Update Fixes Critical Installation Loop Problem
GBHACKERS.COM — 01 Apr 2026
πŸ•΅οΈ
CrewAI Hit by Critical Vulnerabilities Enabling Sandbox Escape and Host Compromise
GBHACKERS.COM — 01 Apr 2026
πŸ•΅οΈ
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
THEHACKERNEWS.COM — 01 Apr 2026
πŸ•΅οΈ
Cybersecurity Firm TAC Security Hits 10,000 Clients, Enters Top 5 in Global VM & AppSec
GBHACKERS.COM — 01 Apr 2026
πŸ•΅οΈ
CrystalX Malware-as-a-Service Spreads via Telegram With Stealer, RAT Tools
GBHACKERS.COM — 01 Apr 2026
πŸ•΅οΈ
Hacker zielen auf Exilportal Iranwire
CSOONLINE.COM — 01 Apr 2026
πŸ•΅οΈ
3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
THEHACKERNEWS.COM — 01 Apr 2026
πŸ•΅οΈ
GIGABYTE Control Center vulnerable to arbitrary file write flaw
SH.ITJUST.WORKS — 1 Apr 2026
πŸ•΅οΈ
CrewAI Vulnerabilities Expose Devices to Hacking - SecurityWeek
SH.ITJUST.WORKS — 1 Apr 2026
πŸ•΅οΈ
Ethereum-Based EtherRAT, EtherHiding Power Stealthy Malware Campaigns
GBHACKERS.COM — 01 Apr 2026
πŸ•΅οΈ
WA local gov entity lost $350,000 in phishing attack - iTnews
SH.ITJUST.WORKS — 1 Apr 2026
πŸ•΅οΈ
Axios npm supply chain attack: Malicious updates add remote access trojan | news | SC Media
SH.ITJUST.WORKS — 1 Apr 2026
πŸ•΅οΈ
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
THEHACKERNEWS.COM — 01 Apr 2026
πŸ•΅οΈ
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
THEHACKERNEWS.COM — 01 Apr 2026
πŸ•΅οΈ
FBI Warns of Data Security Risks From China-Made Mobile Apps
SECURITYWEEK.COM — 01 Apr 2026
πŸ•΅οΈ
New DeepLoad Malware Dropped in ClickFix Attacks
SECURITYWEEK.COM — 01 Apr 2026
πŸ•΅οΈ
Depthfirst Raises $80 Million in Series B Funding
SECURITYWEEK.COM — 01 Apr 2026
πŸ•΅οΈ
Mitigating the Axios npm supply chain compromise
MICROSOFT.COM — 01 Apr 2026
🌐
Alleged RedLine malware developer extradited to United States
BITDEFENDER.COM — 01 Apr 2026
🌐
Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)
ISC.SANS.EDU — 01 Apr 2026
🌐
CrystalX RAT: a Trojan for pranks, remote access, and cryptocurrency theft | Kaspersky official blog
KASPERSKY.COM — 01 Apr 2026
🌐
WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware
TECHCRUNCH.COM — 01 Apr 2026
🌐
'NoVoice' Android malware on Google Play infected 2.3 million devices
BLEEPINGCOMPUTER.COM — 01 Apr 2026
🌐
New CrystalRAT malware adds RAT, stealer and prankware features
BLEEPINGCOMPUTER.COM — 01 Apr 2026
🌐
The Shift: An Era of Quantum Geopolitics
RECORDEDFUTURE.COM — 01 Apr 2026
🌐
Inside the Axios supply chain compromise - one RAT to rule them all
ELASTIC.CO — 01 Apr 2026
🌐
Elastic releases detections for the Axios supply chain compromise
ELASTIC.CO — 01 Apr 2026
🌐
A laughing RAT: CrystalX combines spyware, stealer, and prankware features
SECURELIST.COM — 01 Apr 2026
πŸ“‘
Weekly Threat Bulletin – April 1st, 2026
F5.COM — 01 Apr 2026
πŸ“‘
New Windows 11 emergency update fixes preview update install issues
BLEEPINGCOMPUTER.COM — 01 Apr 2026
πŸ“‘
Im Fokus: IT-Leadership
DE.RESOURCES.CSOONLINE.COM — 01 Apr 2026
πŸ“‘
FBI warns against using Chinese mobile apps due to privacy risks
BLEEPINGCOMPUTER.COM — 01 Apr 2026
πŸ“‘
Block the Prompt, Not the Work: The End of "Doctor No"
THEHACKERNEWS.COM — 01 Apr 2026
πŸ“‘
New EvilTokens service fuels Microsoft device code phishing attacks
BLEEPINGCOMPUTER.COM — 01 Apr 2026
πŸ“‘
De-fi platform Drift suspends deposits and withdrawals after millions in crypto stolen in hack
TECHCRUNCH.COM — 01 Apr 2026
πŸ“‘
Digital assets after death: Managing risks to your loved one’s digital estate
WELIVESECURITY.COM — 01 Apr 2026
πŸ“‘
STARDUST CHOLLIMA Likely Compromises Axios npm Package
CROWDSTRIKE.COM — Apr 01, 2026 00:
πŸ“‘
Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management
CROWDSTRIKE.COM — Apr 01, 2026 00:
πŸ“‘
Industrialization of the Fraud Ecosystem Blog
RECORDEDFUTURE.COM — 01 Apr 2026
πŸ“‘
AI Security Risks: Proofpoint CSO Ryan Kalember, Live at RSAC 2026
PROOFPOINT.COM — 01 Apr 2026