🚨 CISA KEV 2[−]
9 Apr KEVPatch windows collapse as time-to-exploit acceleratesThe gap between vulnerability disclosure and exploitation is drastically decreasing, putting security teams’ patching practices on notice. According to Rapid7’s latest Cyber Threat Landscape Report , confirmed exploitation of newly disclosed high- and critical-severity vulnerabil…CSOONLINE.COM
9 Apr KEVWhat to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical InfrastructureAn Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors. Key takeaways: CyberAv3ngers is a state-directed threat group operating u…TENABLE.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 17[−]
9 Apr KEVFortinet EMS Zero-Day, Anthropic's AI Finds Thousands of Bugs, Iranian Hackers Target US ICSFortinet EMS Zero-Day Exploited, Anthropic's AI Finds Thousands of Bugs, and Iranian Hackers Target US ICS Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one…CYBERSECURITYTODAY.LIBSYN.COM
9 AprPalo Alto Cortex XSOAR Flaw in Microsoft Teams Integration Lets Attackers Access DataPalo Alto Networks has released a high-priority security update to address a serious vulnerability in its Cortex XSOAR and Cortex XSIAM platforms. Tracked as CVE-2026-0234, this security flaw exists within the Microsoft Teams integration. If successfully exploited, it allows an u…GBHACKERS.COM
9 AprCVE-2026-34933 Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemonInformation published.MSRC.MICROSOFT.COM
9 AprCVE-2026-39314 CUPS has an integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported`Information published.MSRC.MICROSOFT.COM
9 AprCVE-2026-31789 Heap Buffer Overflow in Hexadecimal ConversionInformation published.MSRC.MICROSOFT.COM
9 AprCVE-2026-28387 Potential Use-after-free in DANE Client CodeInformation published.MSRC.MICROSOFT.COM
9 AprCVE-2026-31790 Incorrect Failure Handling in RSA KEM RSASVE EncapsulationInformation published.MSRC.MICROSOFT.COM
9 AprCVE-2026-28388 NULL Pointer Dereference When Processing a Delta CRLInformation published.MSRC.MICROSOFT.COM
9 AprCVE-2026-34446 ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX loadInformation published.MSRC.MICROSOFT.COM
9 AprCVE-2026-39316 CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointerInformation published.MSRC.MICROSOFT.COM
9 AprCVE-2026-35093 Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode pluginsInformation published.MSRC.MICROSOFT.COM
9 AprCVE-2026-34445 ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings.Information published.MSRC.MICROSOFT.COM
9 Apr KEVCISA Issues Warning on Critical Ivanti EPMM Flaw Exploited in Ongoing AttacksThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added the vulnerability, identified as CVE-2026-1340, to its Known Exploited Vulnerabilities (KE…GBHACKERS.COM
9 AprTechnical Details Released for Critical Cisco SSM Command Execution VulnerabilitySecurity researchers have published technical details regarding a highly critical vulnerability in the Cisco Smart Software Manager On-Prem (SSM On-Prem). Tracked as CVE-2026-20160, this flaw carries a near-maximum CVSS score of 9.8. It allows remote, unauthenticated attackers to…GBHACKERS.COM
9 Apr KEVVulnerability-Lookup 4.4.0submitted by cm0002 to cybersecurity 1 points | 0 comments https://github.com/vulnerability-lookup/vulnerability-lookup/releases/tag/v4.4.0 We are pleased to announce the release of Vulnerability-Lookup 4.4.0 ! This release introduces public disclosure list views , enhanced sight…INFOSEC.PUB
9 Apr KEVHackers have been exploiting an unpatched Adobe Reader vulnerability for monthsAdobe Reader vulnerabilities have been exploited for decades by threat actors taking advantage of the universal use of the utility to fool employees into downloading infected PDF documents through phishing lures. Now a security researcher says a Reader hole has been quietly explo…CSOONLINE.COM
9 AprVU#536588: Multiple Heap Buffer Overflows in Orthanc DICOM ServerOverview Multiple vulnerabilities have been identified in Orthanc DICOM Server version, 1.12.10 and earlier, that affect image decoding and HTTP request handling components. These vulnerabilities include heap buffer overflows, out-of-bounds reads, and resource exhaustion vulnerab…KB.CERT.ORG
⚠️ VULNERABILITY DISCLOSURE 27[−]
9 AprQuestions raised about how LinkedIn uses the petabytes of data it collectsThrough LinkedIn’s more than one billion business users, the Microsoft unit has access to a vast array of personally-identifiable information, including data that could identify religious and political positions. What is less clear is what LinkedIn does with all of that data. A s…CSOONLINE.COM
9 AprGitLab Addresses Multiple Vulnerabilities Linked to DoS and Code InjectionGitLab has rolled out a crucial security update to fix multiple vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms. Organizations utilizing self-managed GitLab instances are strongly advised by GitLab security experts to apply these updates im…GBHACKERS.COM
9 AprMultiple SonicWall Flaws Enable SQL Injection and Privilege Escalation AttacksSonicWall has published a critical security advisory addressing four distinct vulnerabilities in its SMA1000 series appliances. These security flaws open the door for attackers to escalate their system privileges, guess user credentials, and bypass essential multi-factor authenti…GBHACKERS.COM
9 AprMicrosoft suspends dev accounts for high-profile open source projectsMicrosoft has suspended developer accounts used to maintain multiple high-profile open-source projects without proper notification and no way to quickly reinstate them, effectively blocking them from publishing new software builds and security patches for Windows users. [...]BLEEPINGCOMPUTER.COM
9 AprLinux Foundation Leader Impersonated in Slack Attack on Open Source DevelopersA social engineering campaign is actively targeting open source developers through Slack. The warning was shared through the OpenSSF Siren mailing list, a public threat intelligence platform designed to alert developers and security teams about active threats after initial disclo…GBHACKERS.COM
9 AprAdobe Reader Zero-Day Exploited for Months: ResearcherReputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability. The post Adobe Reader Zero-Day Exploited for Months: Researcher appeared first on SecurityWeek .SECURITYWEEK.COM
9 AprWeak at the seamsBefore I ever held a security title, I was a software engineer implementing vertically integrated automation systems for industrial manufacturing, warehouse-scale conveyor networks, robotic material handling, physical infrastructure controlled by software on increasingly connecte…CSOONLINE.COM
9 AprHackers exploiting Acrobat Reader zero-day flaw since DecemberAttackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December. [...]BLEEPINGCOMPUTER.COM
9 AprAdobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December 2025. The finding, detailed by EXPMON's Haifei Li, has been described as a highly-sophisticated PDF exploit.&nb…THEHACKERNEWS.COM
9 AprCritical Vulnerability in Ninja Forms Exposes WordPress Sites - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/flaw-ninja-forms-wordpress/SH.ITJUST.WORKS
9 AprPalo Alto Networks, SonicWall Patch High-Severity VulnerabilitiesThe bugs could allow attackers to modify protected resources and escalate their privileges to administrator. The post Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
9 AprNew ClickFix variant bypasses Apple safeguards with one‑click script executionClickFix malware campaigns are evolving again, with threat actors removing one of their most obvious and user‑dependent steps: convincing victims to paste malicious commands into Terminal. Instead, the latest variant uses a single browser click to trigger script execution, stream…CSOONLINE.COM
9 AprNew Phishing Campaign Exploits Google Storage to Deliver Remcos RATA recently observed phishing campaign is abusing Google Cloud Storage to deliver the Remcos remote access trojan (RAT), relying on trusted Google infrastructure and a signed Microsoft binary to evade traditional defenses. Attackers host a fake Google Drive login page on the legit…GBHACKERS.COM
9 AprAttackers Deploy Hidden Magecart Skimmer on Magento Using SVG onload AbuseSecurity researchers at Sansec uncovered a large-scale Magecart campaign targeting Magento e-commerce platforms. Nearly 100 online stores were infected with a sophisticated credit card skimmer. To evade security scanners and steal shopper payment data seamlessly, attackers concea…GBHACKERS.COM
9 AprHackers Actively Attacking Adobe Reader Users Using Sophisticated 0-Day Exploitsubmitted by kid to cybersecurity 2 points | 0 comments https://cybersecuritynews.com/adobe-reader-0-day-exploit/SH.ITJUST.WORKS
9 AprThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More StoriesThursday. Another week, another batch of things that probably should've been caught sooner but weren't. This one's got some range — old vulnerabilities getting new life, a few "why was that even possible" moments, attackers leaning on platforms and tools you'd normally …THEHACKERNEWS.COM
9 AprIntent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential riskA severe Android intent‑redirection vulnerability in a widely deployed SDK exposed sensitive user data across millions of apps. Microsoft researchers detail how the flaw works, why it matters, and how developers can mitigate similar risks by updating affected SDKs. The post Inten…MICROSOFT.COM
9 AprMicrosoft BANNED WireGuard, VeraCrypt & Windscribe With Zero Warningsubmitted by cm0002 to cybersecurity 1 points | 0 comments https://www.youtube.com/watch?v=fTui3CQuL9I Microsoft silently suspended developer accounts for WireGuard, VeraCrypt, and Windscribe with zero warning, leaving these critical open source security tools unable to push upda…INFOSEC.PUB
9 AprCloudflare ‘actively adjusting’ quantum priorities in wake of Google warningGoogle’s accelerated post-quantum encryption deadline has spurred other leaders in the industry, including Cloudflare, to consider pushing forward their own plans. The US National Institute of Standards and Technology (NIST) has set a 2030 deadline for depreciating legacy encrypt…CSOONLINE.COM
9 AprEngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto WalletsDetails have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same dev…THEHACKERNEWS.COM
9 AprHealthcare IT solutions provider ChipSoft hit by ransomware attackDutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. [...]BLEEPINGCOMPUTER.COM
9 AprAI Makes All Bug Shallow? - PSW #921This week: - Rage dropping 0-Day - Claude Mythos, things are different now - From UART to root, on a device made in China, where's the FCC? - More CUPS vulnerabilities - Russians are hacking routers, FCC ban doesn't stop them - Mongoose vulnerabilities, and FCC still does nothing…YOUTUBE.COM
9 AprU.S. Public Sector Under Siege: Threat Intelligence for Q1 2026The first quarter of 2026 has reinforced a hard truth: U.S. government agencies and educational institutions are operating in the most hostile cyber threat environment ever recorded.TRENDMICRO.COM
9 Apr[webapps] React Server 19.2.0 - Remote Code ExecutionReact Server 19.2.0 - Remote Code ExecutionEXPLOIT-DB.COM
9 Apr[webapps] Jumbo Website Manager - Remote Code ExecutionJumbo Website Manager - Remote Code ExecutionEXPLOIT-DB.COM
9 AprMaster C and C++ with our new Testing Handbook chapterWe added a new chapter to our Testing Handbook: a comprehensive security checklist for C and C++ code . We’ve identified a broad range of common bug classes, known footguns, and API gotchas across C and C++ codebases and organized them into sections covering Linux, Windows, and s…TRAILOFBITS.COM
📋 SECURITY BULLETINS 2[−]
9 AprCritical Chrome Flaws Let Attackers Execute Arbitrary CodeGoogle has released an urgent security update for its Chrome browser, resolving multiple dangerous vulnerabilities. The Chrome team promoted version 147 to the stable channel for Windows, Mac, and Linux users on April 7, 2026. This major release patches flaws that could allow att…GBHACKERS.COM
9 AprAI Can Catch Malicious UpdatesA tool compares software updates using diffs and analyzes them with AI to detect malicious changes. Supply chain attacks bypass trust by hiding inside legitimate updates. Automating detection at the diff level could shift defense from reactive to proactive—and potentially reduce …YOUTUBE.COM
📢 SECURITY ADVISORIES 8[−]
9 AprMicrosoft Details How Defender Protects High-Value Assets in Real-World AttacksMicrosoft has significantly upgraded its Defender platform to automatically detect and block sophisticated cyberattacks targeting High-Value Assets (HVAs) like domain controllers and web servers. By leveraging the new Microsoft Security Exposure Management tool, the system now us…GBHACKERS.COM
9 AprThe Hidden ROI of Visibility: Better Decisions, Better Behavior, Better SecurityBeyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions. The post The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security appeare…SECURITYWEEK.COM
9 AprSTX RAT Hides Remote Desktop, Steals Data to Dodge DetectionA stealthy new remote access trojan, dubbed STX RAT, that blends hidden remote desktop control with powerful infostealer capabilities while using advanced evasion and encryption techniques to stay under the radar of security tools. The operators rely on opportunistic initial acce…GBHACKERS.COM
9 AprElastic on Defence Cyber Marvel 2026: A Technical overview from the Exercise FloorAn overview of the Elastic Security and AI infrastructure deployed to support the UK Ministry of Defence's flagship cyber exercise, Defence Cyber Marvel 2026.ELASTIC.CO
🔥 INCIDENT REPORTING 13[−]
9 AprShaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for LongHackers vowed to revive its efforts against America when the time was right — demonstrating how digital warfare has become ingrained in military conflict. The post Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long appeared first on SecurityWeek .SECURITYWEEK.COM
9 AprMicrosoft Confirms Windows 11 Update Breaks Start Menu SearchMicrosoft recently addressed a disruptive server-side flaw that completely disabled Start Menu search functionality for some Windows 11 23H2 users. The tech giant quickly acknowledged the incident and deployed an automatic fix behind the scenes. Because the repair happens directl…GBHACKERS.COM
9 AprHackers steal $3.6 million from crypto ATM giant Bitcoin DepotBitcoin Depot, which operates one of the largest Bitcoin ATM networks, says attackers stole $3.665 million worth of Bitcoin from its crypto wallets after breaching its systems last month. [...]BLEEPINGCOMPUTER.COM
9 Apr300,000 People Impacted by Eurail Data BreachIn December 2025, hackers stole names and passport numbers from the European travel company’s network. The post 300,000 People Impacted by Eurail Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
9 AprChina’s Tianjin Supercomputer Center Allegedly Hit in 10-Petabyte Data TheftA threat actor has allegedly executed one of the largest data heists in China’s history, siphoning an astounding 10 petabytes of highly classified information from the National Supercomputing Center (NSCC) in Tianjin. The stolen dataset reportedly includes sensitive defense…GBHACKERS.COM
9 AprFake Security Tool Spreads LucidRook in Taiwan CyberattacksHackers are using fake security tools and cleverly crafted phishing emails to secretly deploy a new malware family, LucidRook, against organizations in Taiwan. The campaign, tracked as UAT-10362, focuses on Taiwanese NGOs and likely universities and shows a high level of planning…GBHACKERS.COM
9 AprEurail says December data breach impacts 300,000 individualsEurail B.V., a European travel operator that provides digital passes covering 33 national railways, says attackers stole the personal information of over 300,000 individuals in a December 2025 data breach. [...]BLEEPINGCOMPUTER.COM
9 AprGoogle API Keys in Android Apps Expose Gemini Endpoints to Unauthorized AccessDozens of such keys can be extracted from apps’ decompiled code to gain access to all Gemini endpoints. The post Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access appeared first on SecurityWeek .SECURITYWEEK.COM
9 AprApple Intelligence AI Guardrails Bypassed in New AttackRSAC researchers hacked Apple Intelligence using the Neural Exect method and Unicode manipulation. The post Apple Intelligence AI Guardrails Bypassed in New Attack appeared first on SecurityWeek .SECURITYWEEK.COM
9 AprInvestigating Storm-2755: “Payroll pirate” attacks targeting Canadian employeesMicrosoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated threat actor, tracked as Storm-2755, compromising Canadian employee accounts to gain unauthorized access to employee profiles and divert salary payments to att…MICROSOFT.COM
9 AprEurail says December data breach impacts 300,000 individualssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/eurail-says-december-data-breach-impacts-300-000-individuals/SH.ITJUST.WORKS
9 AprProtecting Cookies with Device Bound Session CredentialsPosted by Ben Ackerman, Chrome team, Daniel Rubery, Chrome team and Guillaume Ehinger, Google Account Security team Following our April 2024 announcement , Device Bound Session Credentials (DBSC) is now entering public availability for Windows users on Chrome 146, and expanding t…SECURITY.GOOGLEBLOG.COM
9 AprCASI Leaderboard Shifts: Developer Role Attack, and Three Concerning IncidentsAI Security Insights – April 2026F5.COM
🕵️ THREAT INTELLIGENCE 24[−]
9 AprISC Stormcast For Thursday, April 9th, 2026 https://isc.sans.edu/podcastdetail/9886, (Thu, Apr 9th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
9 AprMeta Business Alerts Abused for Phishing CampaignsHackers are weaponizing legitimate Meta Business Manager notifications to sneak phishing emails past security filters and into users’ inboxes. By abusing trusted Meta infrastructure, attackers make their messages appear authentic while quietly funneling victims to credentia…GBHACKERS.COM
9 AprSilver Fox Campaign Spreads ValleyRAT via Fake Chinese Telegram Language PackNew analysis of a fake Telegram installer uploaded to MalwareBazaar shows Silver Fox expanding its ValleyRAT operations with a fresh delivery chain that hides behind a Chinese-language pack-decoy and an uncommon ZPAQ-based packer. The MSI is a WiX-built installer (IssueAccentRequ…GBHACKERS.COM
9 Apr$3.6 Million Stolen in Bitcoin Depot HackA hacker transferred more than 50 bitcoin from the Bitcoin ATM operator’s wallets after stealing credentials. The post $3.6 Million Stolen in Bitcoin Depot Hack appeared first on SecurityWeek .SECURITYWEEK.COM
9 AprRoningLoader Campaign Uses DLL Side-Loading, Code Injection to Slip Past DefensesA sophisticated cyber-espionage group known as DragonBreath (APT-Q-27) has been linked to a new RoningLoader malware campaign that uses advanced evasion techniques such as DLL side-loading and code injection to bypass traditional security defenses. Active since at least 2022, Dra…GBHACKERS.COM
9 AprPackage Security Problems for AI Agentssubmitted by codeinabox to security 1 points | 0 comments https://nesbitt.io/2026/04/08/package-security-problems-for-ai-agents.htmlPROGRAMMING.DEV
9 AprLinkedIn Hidden Code Secretly Searches Your Browser for Installed Extensionssubmitted by gokayburucdev to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/linkedin-code-collects-data/SH.ITJUST.WORKS
9 AprGoogle Warns of New Campaign Targeting BPOs to Steal Corporate DataTracked as UNC6783, the threat actor is likely linked to Mr. Raccoon, the hacker behind the alleged theft of Adobe data from a BPO. The post Google Warns of New Campaign Targeting BPOs to Steal Corporate Data appeared first on SecurityWeek .SECURITYWEEK.COM
9 AprOn Microsoft’s Lousy Cloud SecurityProPublica has a scoop : In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings. The tech giant’s “lack of proper detailed security documentation” left revi…SCHNEIER.COM
9 AprClickFix Campaign Abuses macOS Script Editor to Deploy Atomic StealerA refreshed ClickFix campaign that swaps macOS Terminal for Script Editor to deliver an Atomic Stealer payload to unsuspecting Mac users quietly. By abusing the applescript:// URL scheme, attackers sidestep Apple’s new paste-protection in Terminal on macOS Tahoe 26.4 while preser…GBHACKERS.COM
9 AprIran Disrupts US Critical Infrastructure Via Exposed PLCssubmitted by kid to cybersecurity 2 points | 0 comments https://www.darkreading.com/ics-ot-security/iranian-threat-actors-us-critical-infrastructure-exposed-plcsSH.ITJUST.WORKS
9 AprBitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA RegionAn apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA), according to findings from Access Now, Lo…THEHACKERNEWS.COM
9 Apr13-year-old bug in ActiveMQ lets hackers remotely execute commandssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/13-year-old-bug-in-activemq-lets-hackers-remotely-execute-commands/SH.ITJUST.WORKS
9 AprWebinar: From noise to signal - What threat actors are targeting nextThreat actors often signal their intentions before launching attacks, from dark web chatter to access-broker listings and credential requests. Join our upcoming webinar with Flare Systems to learn how to turn those early warning signs into proactive defensive action before an int…BLEEPINGCOMPUTER.COM
9 AprFBI: Cybercrime Losses Neared $21 Billion in 2025 - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/fbi-cybercrime-losses-neared-21-billion-in-2025/SH.ITJUST.WORKS
9 AprPhishing Campaign Impersonates Palo Alto Networks RecruitersThreat actors are impersonating Palo Alto Networks recruiters to target job seekers, according to researchers with Palo Alto’s Unit 42 security team. “These attacks specifically target senior-level professionals by leveraging scraped LinkedIn data to craft highly personalized lur…KNOWBE4.COM
9 AprCan we Trust AI? No – But Eventually We MustFrom hallucinations and bias to model collapse and adversarial abuse, today’s AI is built on probability rather than truth, yet enterprises are deploying it at speed without fully understanding the risks. The post Can we Trust AI? No – But Eventually We Must appeared first on Sec…SECURITYWEEK.COM
9 AprClickFix, Malicious DMGs Push notnullOSX to macOS UsersHackers are abusing ClickFix commands and booby-trapping DMG installers to deliver a new macOS stealer called notnullOSX, built to loot high-value crypto wallets from Mac users. The story starts with 0xFFF, a malware developer who abruptly quit a major Russian-speaking hacking fo…GBHACKERS.COM
9 AprAI Phishing Attack Prevention Strategies: How AI Identifies and Limits Human RiskAI is making phishing attacks easier to create and scale. Tasks that once required manual effort can now be automated, allowing attackers to generate realistic messages, launch campaigns, and adapt tactics quickly to evade security controls. In fact, KnowBe4’s 2025 Phishing Threa…KNOWBE4.COM
9 AprU.S. Treasury to loop in crypto sector on hacker warnings shared with traditional firmssubmitted by monica_b1998 to cybersecurity 2 points | 0 comments https://cryptonews.net/news/security/32684121/SH.ITJUST.WORKS
9 AprThe agentic SOC—Rethinking SecOps for the next decadeIn the SOC of the future, autonomous defense moves at machine speed, agents add context and coordination, and humans focus on judgment, risk, and outcomes. The post The agentic SOC—Rethinking SecOps for the next decade appeared first on Microsoft Security Blog .MICROSOFT.COM
9 AprNew VENOM phishing attacks steal senior executives' Microsoft loginsThreat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials of C-suite executives across multiple industries. [...]BLEEPINGCOMPUTER.COM
9 AprThe long road to your crypto: ClipBanker and its marathon infection chainThreat actors are distributing a Trojan disguised as Proxifier software; through a multi-stage infection chain, it delivers ClipBanker – malware that replaces cryptocurrency wallet addresses in the clipboard.SECURELIST.COM
9 AprHow Phishing Is Targeting Germany’s Economy: Active Threats from Finance to ManufacturingGermany’s economy is a precision machine: finance fuels it, manufacturing builds it, telecom connects it, IT optimizes it, and healthcare sustains it. The country sits at the crossroads of industrial power and digital transformation, making it irresistibly attracti…ANY.RUN
🌐 CYBER THREAT LANDSCAPE 5[−]
9 AprSmart Slider updates hijacked to push malicious WordPress, Joomla versionsHackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version with multiple backdoors. [...]BLEEPINGCOMPUTER.COM
9 AprUAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing CampaignsA previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations (NGOs) and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated st…THEHACKERNEWS.COM
9 AprGoogle Chrome adds infostealer protection against session cookie theftGoogle has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block info-stealing malware from harvesting session cookies. [...]BLEEPINGCOMPUTER.COM
9 AprNew ‘LucidRook’ malware used in targeted attacks on NGOs, universitiesA new Lua-based malware, called LucidRook, is being used in spear-phishing campaigns targeting non-governmental organizations and universities in Taiwan. [...]BLEEPINGCOMPUTER.COM
9 AprThis fake Windows support website delivers password-stealing malwareA convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.MALWAREBYTES.COM
📡 INFOSEC NEWS 11[−]
9 AprNumber Usage in Passwords: Take Two, (Thu, Apr 9th)In a previous diary [1], we looked to see how numbers were used within passwords submitted to honeypots. One of the items of interest was how dates, and more specifically years, were represented within the data and how that changed over time. It is often seen that years…ISC.SANS.EDU
9 AprThe Hidden Security Risks of Shadow AI in EnterprisesAs AI tools become more accessible, employees are adopting them without formal approval from IT and security teams. While these tools may boost productivity, automate tasks, or fill gaps in existing workflows, they also operate outside the visibility of security teams, …THEHACKERNEWS.COM
9 AprFake BTS ARIRANG tour tickets: K-pop fans being targeted by scammers | Kaspersky official blogA BTS comeback and world-tour announcement has resulted in a new wave of scam campaigns. Kaspersky experts have discovered fraudulent websites that sell fake BTS tickets to fans all around the world. We explain what those fake pages look like, and how you can avoid getting scamme…KASPERSKY.COM
9 AprWhen attackers already have the keys, MFA is just another door to openStolen credentials turn authentication systems into the attack surface. Token shows how wearable biometric authentication verifies the user—not the session—blocking phishing relays and MFA bypass. [...]BLEEPINGCOMPUTER.COM
9 AprHacker stole £700,000 from U.K. energy company by redirecting paymentThe U.K. energy company said a redirected payment meant for a contractor instead landed in a hacker's bank account.TECHCRUNCH.COM
9 AprTearing down a car telematic unit (and finding an accident on Facebook)From hardware analysis to OSINT: how we retrieved information about a BYD car crash by analyzing the TCU embedded memory.QUARKSLAB.COM
9 AprThird-Party Risk Is an Intelligence Operation. It's Time We Treated It Like One.Recorded Future sees its inclusion in the 2026 Forrester Wave™ for Cybersecurity Risk Ratings Platforms as a reflection of a broader truth: the era of ratings-only vendor risk management is over.RECORDEDFUTURE.COM
9 AprScammers pose as Amazon support to steal your accountA new wave of Amazon refund scams is spreading, hitting both email inboxes and text messages.MALWAREBYTES.COM
9 AprNSFW app leak exposes 70,000 prompts linked to individual usersMyLovelyAI leaked personal data, explicit prompts, and images of over 100,000 users, exposing many to sextortion and doxxing.MALWAREBYTES.COM
9 Apr30,000 private Facebook images allegedly downloaded by Meta employeeThe accused didn't just browse around; he built a custom script designed to circumvent Meta's internal detection systems.MALWAREBYTES.COM