π COMMON VULNERABILITIES AND EXPOSURES 16[β]
5 Apr KEVFortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMSFortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has been described as a pre-authentication API access bypasβ¦THEHACKERNEWS.COM
5 AprCVE-2026-34978 OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache)Information published.MSRC.MICROSOFT.COM
5 AprCVE-2026-27447 OpenPrinting CUPS: Authorization bypass via case-insensitive group-member lookupInformation published.MSRC.MICROSOFT.COM
5 AprCVE-2026-23473 io_uring/poll: fix multishot recv missing EOF on wakeup raceInformation published.MSRC.MICROSOFT.COM
5 AprCVE-2026-31394 mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stationsInformation published.MSRC.MICROSOFT.COM
5 AprCVE-2026-23468 drm/amdgpu: Limit BO list entry count to prevent resource exhaustionInformation published.MSRC.MICROSOFT.COM
5 AprCVE-2026-23442 ipv6: add NULL checks for idev in SRv6 pathsInformation published.MSRC.MICROSOFT.COM
5 AprCVE-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device SetupInformation published.MSRC.MICROSOFT.COM
5 AprCVE-2026-34979 OpenPrinting CUPS: Heap overflow in `get_options()`Information published.MSRC.MICROSOFT.COM
5 AprCVE-2026-34980 OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the networkInformation published.MSRC.MICROSOFT.COM
5 AprCVE-2026-34990 OpenPrinting CUPS: Local print admin token disclosure using temporary printersInformation published.MSRC.MICROSOFT.COM
5 AprCVE-2026-23472 serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWNInformation published.MSRC.MICROSOFT.COM
5 AprCVE-2026-23444 wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failureInformation published.MSRC.MICROSOFT.COM
5 AprHackers exploit React2Shell in automated credential theft campaignHackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. [...]BLEEPINGCOMPUTER.COM
β οΈ VULNERABILITY DISCLOSURE 3[β]
5 Apr36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent ImplantsCybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different payloads to facilitate Redis and PostgreSQL exploitation, deploy reverse shells, harvest credentials, and drop a persistent imβ¦THEHACKERNEWS.COM
5 Apr KEVNew FortiClient EMS flaw exploited in attacks, emergency patch releasedFortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks. [...]BLEEPINGCOMPUTER.COM
5 Apr KEVNew FortiClient EMS flaw exploited in attacks, emergency patch releasedFortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks. [...]BLEEPINGCOMPUTER.COM
π΅οΈ THREAT INTELLIGENCE 1[β]
5 AprWhatsApp malware campaign installs backdoorssubmitted by not_IO to securitynews 2 points | 0 comments https://www.heise.de/en/news/WhatsApp-malware-campaign-installs-backdoors-11244368.html itβs digital independence day! get your relatives off whatsappINFOSEC.PUB
ποΈ PODCASTS 1[β]
5 AprKiller robots are here. Now what? (Lock and Code S07E07)This week on the Lock and Code podcast, we speak with Peter Asaro about killer robots, how to stop them, and their obvious consequences.MALWAREBYTES.COM
π‘ INFOSEC NEWS 3[β]
5 AprTraffic violation scams switch to QR codes in new phishing textsScammers are sending fake "Notice of Default" traffic violation text messages impersonating state courts across the U.S., pressuring recipients to scan a QR code that leads to a phishing site demanding a $6.99 payment while stealing personal and financial information. [...]BLEEPINGCOMPUTER.COM
5 Apr$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering OperationDrift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long targeted and meticulously planned social engineering operation undertaken by the Democratic People's Republic of Korea (DPRK) that began in β¦THEHACKERNEWS.COM