MATLOCK.CA
107Articles
10Categories
2026-04-08Date
🚨
TeamPCP Supply Chain Campaign: Update 007 - Cisco Source Code Stolen via Trivy-Linked Breach, Google GTIG Tracks TeamPCP as UNC6780, and CISA KEV Deadline Arrives with No Standalone Advisory, (Wed, Apr 8th)This is the seventh update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0; "When the Security Scanner Became the Weapon" &#;x26;#;xc2;&#;x26…
KEVISC.SANS.EDU — 08 Apr 2026
🚨
CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-1340 Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malici…
KEVCISA.GOV — Wed, 08 Apr 26 1
🐛
Claude Identifies Critical 13-Year-Old RCE Vulnerability in Apache ActiveMQ
GBHACKERS.COM — 08 Apr 2026
🐛
CVE-2026-34982 Vim modeline bypass via various options affects Vim < 9.2.0276
MSRC.MICROSOFT.COM — 08 Apr 2026
🐛
CVE-2026-35177 Path traversal issue with zip.vim in Vim
MSRC.MICROSOFT.COM — 08 Apr 2026
🐛
Docker Authorization Bypass Flaw Exposed Hosts to Potential Attackers
GBHACKERS.COM — 08 Apr 2026
🐛
Multiple OpenSSL Flaws Expose Sensitive Data in RSA KEM Handling
GBHACKERS.COM — 08 Apr 2026
🐛
Hackers exploit a critical Flowise flaw affecting thousands of AI workflows
CSOONLINE.COM — 08 Apr 2026
🐛
Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
SH.ITJUST.WORKS — 8 Apr 2026
⚠️
Cybercriminals Use Fake Zoom, Teams Calls to Deliver Malware
GBHACKERS.COM — 08 Apr 2026
⚠️
Claude Code Leak Exploited to Spread Vidar and GhostSocks via GitHub Releases
GBHACKERS.COM — 08 Apr 2026
⚠️
Remus Infostealer Debuts With Stealthy New Credential-Theft Tactics
GBHACKERS.COM — 08 Apr 2026
⚠️
Assessing Claude Mythos Preview’s cybersecurity capabilities
PROGRAMMING.DEV — 8 Apr 2026
⚠️
GreyNoise Launches C2 Detection for Exploited Edge Devices
GBHACKERS.COM — 08 Apr 2026
⚠️
Top 10 Best Multi-Factor Authentication (MFA) Providers in 2026
GBHACKERS.COM — 08 Apr 2026
⚠️
The tabletop exercise grows up
CSOONLINE.COM — 08 Apr 2026
⚠️
Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents
CSOONLINE.COM — 08 Apr 2026
⚠️
Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems
THEHACKERNEWS.COM — 08 Apr 2026
⚠️
The zero-day timeline just collapsed. Here’s what security leaders do next
CSOONLINE.COM — 08 Apr 2026
⚠️
US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking
SECURITYWEEK.COM — 08 Apr 2026
⚠️
LLM-generated passwords are indefensible. Your codebase may already prove it
CSOONLINE.COM — 08 Apr 2026
⚠️
Forest Blizzard leverages router compromises to launch AiTM attacks, target Outlook sessions
CSOONLINE.COM — 08 Apr 2026
⚠️
Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover
SECURITYWEEK.COM — 08 Apr 2026
⚠️
Hackers Target Adobe Reader Users With Sophisticated Zero-Day Exploit
GBHACKERS.COM — 08 Apr 2026
⚠️
Iran‑linked PLC attacks cause real‑world disruption at critical US infra sites
CSOONLINE.COM — 08 Apr 2026
⚠️
Massachusetts Hospital Diverts Ambulances as Cyberattack Causes Disruption
SECURITYWEEK.COM — 08 Apr 2026
⚠️
Anthropic Launches Claude Mythos Preview Focused on Zero-Day Vulnerability Discovery
GBHACKERS.COM — 08 Apr 2026
⚠️
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
SH.ITJUST.WORKS — 8 Apr 2026
⚠️
Voice Phishing is a Growing Social Engineering Threat
KNOWBE4.COM — 08 Apr 2026
⚠️
Joint advisory on Russian GRU exploiting vulnerable routers to steal sensitive information
CYBER.GC.CA — 2026-04-08
⚠️
RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years
SECURITYWEEK.COM — 08 Apr 2026
⚠️
GrafanaGhost Exploit Bypasses AI Guardrails for Silent Data Exfiltrati
SH.ITJUST.WORKS — 8 Apr 2026
⚠️
Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account
TECHCRUNCH.COM — 08 Apr 2026
⚠️
Data Leakage Vulnerability Patched in OpenSSL
SECURITYWEEK.COM — 08 Apr 2026
⚠️
Yael Nardi joins Minimus as Chief Business Officer to drive hyper-growth
CSOONLINE.COM — 08 Apr 2026
⚠️
Legit Login Flow Turned Attack
YOUTUBE.COM — 2026-04-08
⚠️
13-year-old bug in ActiveMQ lets hackers remotely execute commands
BLEEPINGCOMPUTER.COM — 08 Apr 2026
⚠️
How botnet-driven DDoS attacks evolved in 2H 2025
CSOONLINE.COM — 08 Apr 2026
⚠️
CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
BLEEPINGCOMPUTER.COM — 08 Apr 2026
⚠️
Arelion employs NETSCOUT Arbor DDoS protection products
CSOONLINE.COM — 08 Apr 2026
⚠️
WireGuard VPN developer can’t ship software updates after Microsoft locks account
TECHCRUNCH.COM — 08 Apr 2026
⚠️
Hackers use pixel-large SVG trick to hide credit card stealer
BLEEPINGCOMPUTER.COM — 08 Apr 2026
⚠️
[webapps] FortiWeb 8.0.2 - Remote Code Execution
EXPLOIT-DB.COM — 08 Apr 2026
⚠️
[webapps] xibocms 3.3.4 - RCE
EXPLOIT-DB.COM — 08 Apr 2026
⚠️
[webapps] Horilla v1.3 - RCE
EXPLOIT-DB.COM — 08 Apr 2026
⚠️
Risky Business #832 -- Anthropic unveils magical 0day computer God
RISKY.BIZ — 08 Apr 2026
📋
IBM Security Verify Access Flaws Let Remote Attackers Access Sensitive Data
GBHACKERS.COM — 08 Apr 2026
📢
HPE security advisory (AV26-325)
CYBER.GC.CA — 2026-04-08
📢
CUPS security advisory (AV26-326)
CYBER.GC.CA — 2026-04-08
📢
GitLab security advisory (AV26-327)
CYBER.GC.CA — 2026-04-08
📢
Mitel security advisory (AV26-328)
CYBER.GC.CA — 2026-04-08
📢
OpenSSL security advisory (AV26-329)
CYBER.GC.CA — 2026-04-08
📢
Ivanti security advisory (AV26-068) – Update 2
CYBER.GC.CA — 2026-04-08
📢
Apache ActiveMQ security advisory (AV26-330)
CYBER.GC.CA — 2026-04-08
📢
Palo Alto Networks security advisory (AV26-331)
CYBER.GC.CA — 2026-04-08
📢
SonicWall security advisory (AV26-332)
CYBER.GC.CA — 2026-04-08
📢
A framework for securely collecting forensic artifacts into S3 buckets
AWS.AMAZON.COM — 08 Apr 2026
📢
Russian hacking group targets home and small office routers to spy on users
MALWAREBYTES.COM — 08 Apr 2026
🔥
Snowflake customers hit in data theft attacks after SaaS integrator breach
SH.ITJUST.WORKS — 8 Apr 2026
🔥
My Lovely AI - 106,271 breached accounts
HAVEIBEENPWNED.COM — 08 Apr 2026
🔥
FBI Takes Down Russian Campaign That Compromised Thousands of Routers
GBHACKERS.COM — 08 Apr 2026
🔥
Zero Trust Readiness and Two RSAC 2026 Interviews from Fenix24 and Absolute Security - BSW #442
YOUTUBE.COM — 2026-04-08
🔥
Hackers steal and leak sensitive LAPD police documents
TECHCRUNCH.COM — 08 Apr 2026
🔥
Thousands of consumer routers hacked by Russia's military
SH.ITJUST.WORKS — 8 Apr 2026
🕵️
ISC Stormcast For Wednesday, April 8th, 2026 https://isc.sans.edu/podcastdetail/9884, (Wed, Apr 8th)
ISC.SANS.EDU — 08 Apr 2026
🕵️
Iran-Linked Hackers Disrupt US Critical Infrastructure via PLC Attacks
SECURITYWEEK.COM — 08 Apr 2026
🕵️
ComfyUI Servers Hijacked for Cryptomining, Proxy Botnet Ops
GBHACKERS.COM — 08 Apr 2026
🕵️
Fiber Optic Cables Turned Into Hidden Microphones to Spy on Private Conversations
GBHACKERS.COM — 08 Apr 2026
🕵️
Russian Threat Actors Abuse Home Routers in Expanding DNS Hijacking Wave
GBHACKERS.COM — 08 Apr 2026
🕵️
Minimum Release Age is an Underrated Supply Chain Defense
PROGRAMMING.DEV — 8 Apr 2026
🕵️
N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
THEHACKERNEWS.COM — 08 Apr 2026
🕵️
Python Supply-Chain Compromise
SCHNEIER.COM — 2026-04-08
🕵️
Masjesu Botnet Targets Routers in Commercial DDoS Attacks
GBHACKERS.COM — 08 Apr 2026
🕵️
Evasive Masjesu DDoS Botnet Targets IoT Devices
SECURITYWEEK.COM — 08 Apr 2026
🕵️
EvilTokens Uses Stolen Microsoft 365 Tokens, AI to Supercharge BEC
GBHACKERS.COM — 08 Apr 2026
🕵️
Anthropic Unveils ‘Claude Mythos’ – A Cybersecurity Breakthrough That Could Also Supercharge Attacks
SH.ITJUST.WORKS — 8 Apr 2026
🕵️
What are You Working on Wednesday
INFOSEC.PUB — 8 Apr 2026
🕵️
FBI: Cybercrime Losses Neared $21 Billion in 2025
SECURITYWEEK.COM — 08 Apr 2026
🕵️
Major outage cripples Russian banking apps and metro payments nationwide
SH.ITJUST.WORKS — 8 Apr 2026
🕵️
LLMs vs Machine Learning for Security
YOUTUBE.COM — 2026-04-08
🕵️
APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
THEHACKERNEWS.COM — 08 Apr 2026
🕵️
6 Winter 2026 G2 Leader Badges prove this DDoS protection stands out
CSOONLINE.COM — 08 Apr 2026
🕵️
VeraCrypt lockdown
SH.ITJUST.WORKS — 8 Apr 2026
🕵️
Don’t Know Your Data? Problem
YOUTUBE.COM — 2026-04-08
🕵️
Google: New UNC6783 hackers steal corporate Zendesk support tickets
BLEEPINGCOMPUTER.COM — 08 Apr 2026
🕵️
Announcing ADEM Universal Agent
PALOALTONETWORKS.COM — 08 Apr 2026
🕵️
Understanding and Anticipating Venezuelan Government Actions
RECORDEDFUTURE.COM — 08 Apr 2026
🕵️
Building Phishing Detection That Works: 3 Steps for CISOs
ANY.RUN — 08 Apr 2026
🌐
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
THEHACKERNEWS.COM — 08 Apr 2026
🌐
Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
THEHACKERNEWS.COM — 08 Apr 2026
🌐
New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
THEHACKERNEWS.COM — 08 Apr 2026
🌐
New macOS stealer campaign uses Script Editor in ClickFix attack
BLEEPINGCOMPUTER.COM — 08 Apr 2026
🌐
Hack-for-hire group caught targeting Android devices and iCloud backups
TECHCRUNCH.COM — 08 Apr 2026
🌐
Financial cyberthreats in 2025 and the outlook for 2026
SECURELIST.COM — 08 Apr 2026
🎙️
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
GRAHAMCLULEY.COM — 08 Apr 2026
📡
Weekly Threat Bulletin – April 8th, 2026
F5.COM — 08 Apr 2026
📡
Microsoft rolls out fix for broken Windows Start Menu search
BLEEPINGCOMPUTER.COM — 08 Apr 2026
📡
Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
THEHACKERNEWS.COM — 08 Apr 2026
📡
Is a $30,000 GPU Good at Password Cracking?
BLEEPINGCOMPUTER.COM — 08 Apr 2026
📡
Final 3 days to save up to $500 on your TechCrunch Disrupt 2026 pass
TECHCRUNCH.COM — 08 Apr 2026
📡
More Honeypot Fingerprinting Scans, (Wed, Apr 8th)
ISC.SANS.EDU — 08 Apr 2026
📡
Hardening security management console settings | Kaspersky official blog
KASPERSKY.COM — 08 Apr 2026
📡
[local] 7-Zip 24.00 - Directory Traversal
EXPLOIT-DB.COM — 08 Apr 2026
📡
[local] SQLite 3.50.1 - Heap Overflow
EXPLOIT-DB.COM — 08 Apr 2026
📡
[local] Microsoft MMC MSC EvilTwin - Local Admin Creation
EXPLOIT-DB.COM — 08 Apr 2026
📡
Your extensions leak clues about you, so we made sure Browser Guard doesn&#8217;t
MALWAREBYTES.COM — 08 Apr 2026
📡
Timeshare owners warned to watch out for cartel-linked scams
MALWAREBYTES.COM — 08 Apr 2026