matlock.ca // THREAT INTELLIGENCE — 2026-04-06

85Articles

7Categories

2026-04-06Date

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-35616 - Fortinet FortiClient EMS Improper Access Control Vulnerability This type of vulnerability is a frequent attack vector for malicio…

KEVCISA.GOV — Mon, 06 Apr 26 1

🚨

CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wildExploitation has been observed for CVE-2026-35616, a critical improper access control zero-day vulnerability affecting Fortinet FortiClientEMS devices. Key takeaways: CVE-2026-35616, an improper access control vulnerability, has been exploited in the wild as a zero-day. Pu…

KEVTENABLE.COM — 06 Apr 2026

🐛

2,000+ FortiClient EMS Instances Exposed Online as Attackers Exploit Active RCE Flaw

GBHACKERS.COM — 06 Apr 2026

🐛

Critical Dgraph Database Flaw Allowed Attackers to Bypass Authentication

GBHACKERS.COM — 06 Apr 2026

🐛

6 ways attackers abuse AI services to hack your business

CSOONLINE.COM — 06 Apr 2026

🐛

New multilingual severity classifiers for vulnerability analysis

INFOSEC.PUB — 6 Apr 2026

🐛

Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

KEVCISA.GOV — 06 Apr 2026

🐛

ZDI-26-257: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZERODAYINITIATIVE.COM — 06 Apr 2026

🐛

ZDI-26-256: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZERODAYINITIATIVE.COM — 06 Apr 2026

🐛

ZDI-26-255: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZERODAYINITIATIVE.COM — 06 Apr 2026

🐛

ZDI-26-254: (0Day) Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability

ZERODAYINITIATIVE.COM — 06 Apr 2026

⚠️

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

KREBSONSECURITY.COM — 06 Apr 2026

⚠️

36 Malicious Strapi npm Packages Deliver Redis RCE, Persistent C2 Malware

GBHACKERS.COM — 06 Apr 2026

⚠️

Google DeepMind Flags New Threat as Malicious Web Content Puts AI Agents at Risk

GBHACKERS.COM — 06 Apr 2026

⚠️

Hackers Breach ILSpy WordPress Domain to Deliver Malware

GBHACKERS.COM — 06 Apr 2026

⚠️

Apache Traffic Server Flaw Allowed Attackers to Trigger Denial-of-Service Attacks

GBHACKERS.COM — 06 Apr 2026

⚠️

How often are redirects used in phishing in 2026?, (Mon, Apr 6th)

ISC.SANS.EDU — 06 Apr 2026

⚠️

Escaping the COTS trap

CSOONLINE.COM — 06 Apr 2026

⚠️

Battling payment fraud with tokenization and executive interviews from RSAC 2026 - ESW #453

YOUTUBE.COM — 2026-04-06

⚠️

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

SECURITYWEEK.COM — 06 Apr 2026

⚠️

Google’s Bug Bounty Program Hits Record $17 Million in 2025 Payouts

GBHACKERS.COM — 06 Apr 2026

⚠️

Authentication is broken: Here’s how security leaders can actually fix it

CSOONLINE.COM — 06 Apr 2026

⚠️

Critical Claude Code Flaw Silently Bypasses User-Configured Security Rules

GBHACKERS.COM — 06 Apr 2026

⚠️

North Korea’s Modular Malware Strategy Hides Attribution, Defies Takedowns

GBHACKERS.COM — 06 Apr 2026

⚠️

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

CSOONLINE.COM — 06 Apr 2026

⚠️

Hackers exploit React2Shell in automated credential theft campaign

SH.ITJUST.WORKS — 6 Apr 2026

⚠️

A Vulnerability in Fortinet FortiClientEMS Could Allow for Arbitrary Code Execution

SH.ITJUST.WORKS — 6 Apr 2026

⚠️

Your KnowBe4 Fresh Compliance Plus Content Updates | March 2026

KNOWBE4.COM — 06 Apr 2026

⚠️

Google Brings Lazy Loading to Media Files in New Chrome Release

GBHACKERS.COM — 06 Apr 2026

⚠️

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

THEHACKERNEWS.COM — 06 Apr 2026

⚠️

Google DeepMind Researchers Map Web Attacks Against AI Agents

SECURITYWEEK.COM — 06 Apr 2026

⚠️

CISA orders feds to patch Fortinet flaw exploited in attacks by Friday

KEVBLEEPINGCOMPUTER.COM — 06 Apr 2026

⚠️

North Korea’s hijack of one of the web’s most used open source projects was likely weeks in the making

TECHCRUNCH.COM — 06 Apr 2026

⚠️

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

MICROSOFT.COM — 06 Apr 2026

⚠️

Microsoft links Medusa ransomware affiliate to zero-day attacks

BLEEPINGCOMPUTER.COM — 06 Apr 2026

⚠️

New Mexico’s Meta Ruling and Encryption

SCHNEIER.COM — 2026-04-06

⚠️

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

BLEEPINGCOMPUTER.COM — 06 Apr 2026

⚠️

Microsoft links Medusa ransomware affiliate to zero-day attacks

SH.ITJUST.WORKS — 6 Apr 2026

⚠️

[local] Desktop Window Manager Core Library 10.0.10240.0 - Privilege Escalation

EXPLOIT-DB.COM — 06 Apr 2026

⚠️

[webapps] WBCE CMS 1.6.4 - Remote Code Execution

EXPLOIT-DB.COM — 06 Apr 2026

⚠️

[webapps] RiteCMS 3.1.0 - Authenticated Remote Code Execution

EXPLOIT-DB.COM — 06 Apr 2026

🔥

Threat Actors Weaponize Fake Microsoft Teams Domains to Target Users

GBHACKERS.COM — 06 Apr 2026

🔥

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

THEHACKERNEWS.COM — 06 Apr 2026

🔥

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

THEHACKERNEWS.COM — 06 Apr 2026

🔥

Alleged REvil Leader ‘UNKN’ Identified by German Authorities in New Takedown Effort

GBHACKERS.COM — 06 Apr 2026

🔥

Drift Protocol Hit in $286M Suspected North Korea-Linked Crypto Heist

GBHACKERS.COM — 06 Apr 2026

🔥

Trojanized PyPI AI Proxy Steals Claude Prompt, Exfiltrates Data

GBHACKERS.COM — 06 Apr 2026

🔥

Why Simple Breach Monitoring is No Longer Enough

BLEEPINGCOMPUTER.COM — 06 Apr 2026

🔥

Social Engineering Fraud Explodes

YOUTUBE.COM — 2026-04-06

🔥

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

THEHACKERNEWS.COM — 06 Apr 2026

🔥

Why Simple Breach Monitoring is No Longer Enough

SH.ITJUST.WORKS — 6 Apr 2026

🔥

New GPUBreach attack enables system takeover via GPU rowhammer

BLEEPINGCOMPUTER.COM — 06 Apr 2026

🔥

German authorities identify REvil and GangCrab ransomware bosses

BLEEPINGCOMPUTER.COM — 06 Apr 2026

🔥

German authorities identify REvil and GandCrab ransomware bosses

BLEEPINGCOMPUTER.COM — 06 Apr 2026

🕵️

ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)

ISC.SANS.EDU — 06 Apr 2026

🕵️

ResokerRAT Hijacks Telegram API to Command Infected Windows PCs

GBHACKERS.COM — 06 Apr 2026

🕵️

Poisoned Axios Package Spreads Cross-Platform Malware via Phantom Dependency

GBHACKERS.COM — 06 Apr 2026

🕵️

Google Wants to Transition to Post-Quantum Cryptography by 2029

SCHNEIER.COM — 2026-04-06

🕵️

North Korean Hackers Target High-Profile Node.js Maintainers

SECURITYWEEK.COM — 06 Apr 2026

🕵️

Guardarian Users Targeted With Malicious Strapi NPM Packages

SECURITYWEEK.COM — 06 Apr 2026

🕵️

Fake GitHub CI Update Steals Secrets and Tokens

GBHACKERS.COM — 06 Apr 2026

🕵️

GitHub-Backed Malware Spread via LNK Files in South Korea

GBHACKERS.COM — 06 Apr 2026

🕵️

Traffic violation scams switch to QR codes in new phishing texts

SH.ITJUST.WORKS — 6 Apr 2026

🕵️

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

THEHACKERNEWS.COM — 06 Apr 2026

🕵️

Detection and Prevention of Misdirected Emails: What to Know

KNOWBE4.COM — 06 Apr 2026

🕵️

Hackers Using Fake "Microsoft Teams" Domains to Attack Users Via Malicious Payload

SH.ITJUST.WORKS — 6 Apr 2026

🕵️

Watch this video of how a job interviewer exposes a North Korean fake IT worker

TECHCRUNCH.COM — 06 Apr 2026

🕵️

Adobe modifies hosts file to detect whether Creative Cloud is installed

INFOSEC.PUB — 6 Apr 2026

🕵️

Inside an AI‑enabled device code phishing campaign

MICROSOFT.COM — 06 Apr 2026

🕵️

Your Behavior Can Expose Fraud

YOUTUBE.COM — 2026-04-06

🌐

Convicted spyware maker Bryan Fleming avoids jail at sentencing

TECHCRUNCH.COM — 06 Apr 2026

🌐

A week in security (March 30 – April 5)

MALWAREBYTES.COM — 06 Apr 2026

📡

Ticket savings of up to $500 this week for TechCrunch Disrupt 2026

TECHCRUNCH.COM — 06 Apr 2026

📡

Drift $280M crypto theft linked to 6-month in-person operation

BLEEPINGCOMPUTER.COM — 06 Apr 2026

📡

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

THEHACKERNEWS.COM — 06 Apr 2026

📡

Microsoft removes Support and Recovery Assistant from Windows

BLEEPINGCOMPUTER.COM — 06 Apr 2026

📡

Microsoft fixes Classic Outlook bug causing email delivery issues

BLEEPINGCOMPUTER.COM — 06 Apr 2026

📡

Anthropic Claude Mythos Preview: The More Capable AI Becomes, the More Security It Needs

CROWDSTRIKE.COM — Apr 06, 2026 00:

📡

[local] is-localhost-ip 2.0.0 - SSRF

EXPLOIT-DB.COM — 06 Apr 2026

📡

[webapps] Fortinet FortiWeb v8.0.1 - Auth Bypass

EXPLOIT-DB.COM — 06 Apr 2026

📡

[local] Windows Kernel - Elevation of Privilege

EXPLOIT-DB.COM — 06 Apr 2026

📡

[webapps] ASP.net 8.0.10 - Bypass

EXPLOIT-DB.COM — 06 Apr 2026

📡

[webapps] Grafana 11.6.0 - SSRF

EXPLOIT-DB.COM — 06 Apr 2026

📡

[webapps] Zhiyuan OA - arbitrary file upload leading

EXPLOIT-DB.COM — 06 Apr 2026

📡

[webapps] WordPress Madara - Local File Inclusion

EXPLOIT-DB.COM — 06 Apr 2026