matlock.ca // THREAT INTELLIGENCE — 2026-04-13

92Articles

8Categories

2026-04-13Date

🚨

CISA Adds Seven Known Exploited Vulnerabilities to CatalogCISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2012-1854 Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability CVE-2020-9715 Adobe Acrobat Use-After-Free Vulner…

KEVCISA.GOV — Mon, 13 Apr 26 1

🐛

Adobe Fixes Actively Exploited Zero-Day in Acrobat Reader

KEVGBHACKERS.COM — 13 Apr 2026

🐛

WordPress Plugin Vulnerability Enables Admin Takeover via Auth Bypass

GBHACKERS.COM — 13 Apr 2026

🐛

Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure

KEVGBHACKERS.COM — 13 Apr 2026

🐛

Critical Axios Vulnerability Enables Remote Code Execution, PoC Released

GBHACKERS.COM — 13 Apr 2026

🐛

Seven IBM WebSphere Liberty flaws can be chained into full takeover

CSOONLINE.COM — 13 Apr 2026

🐛

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

KEVCSOONLINE.COM — 13 Apr 2026

🐛

Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw

BLEEPINGCOMPUTER.COM — 13 Apr 2026

⚠️

Banks Panic As Anthropic Mythos Exposes Software Vulnerabilties

CYBERSECURITYTODAY.LIBSYN.COM — 13 Apr 2026

⚠️

Apache Tomcat Flaws Enable EncryptInterceptor Bypass

GBHACKERS.COM — 13 Apr 2026

⚠️

CISOs tackle the AI visibility gap

CSOONLINE.COM — 13 Apr 2026

⚠️

We catch up on the news, including AI vuln hunting; also more RSAC interviews! - ESW #454

YOUTUBE.COM — 2026-04-13

⚠️

AI Chatbots and Trust

SCHNEIER.COM — 2026-04-13

⚠️

International Operation Targets Multimillion-Dollar Crypto Theft Schemes

SECURITYWEEK.COM — 13 Apr 2026

⚠️

Hackers Exploit MSBuild LOLBin to Evade Detection in Fileless Windows Attacks

GBHACKERS.COM — 13 Apr 2026

⚠️

Critical Marimo pre-auth RCE flaw now under active exploitation

SH.ITJUST.WORKS — 13 Apr 2026

⚠️

Your MTTD Looks Great. Your Post-Alert Gap Doesn't

THEHACKERNEWS.COM — 13 Apr 2026

⚠️

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

THEHACKERNEWS.COM — 13 Apr 2026

⚠️

Too Many Vulnerabilities to Fix

YOUTUBE.COM — 2026-04-13

⚠️

From Compliance to Code: Rethinking Cloud Security - Richard Marcus - CSP #223

YOUTUBE.COM — 2026-04-13

⚠️

On Anthropic’s Mythos Preview and Project Glasswing

SCHNEIER.COM — 2026-04-13

⚠️

Anthropic's Mythos Preview: Why the Human Layer Matters More, Not Less

KNOWBE4.COM — 13 Apr 2026

⚠️

Anthropic’s Mythos signals a structural cybersecurity shift

CSOONLINE.COM — 13 Apr 2026

⚠️

March 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, Interlock Ransomware Group Exploits Cisco FMC Zero-Day

RECORDEDFUTURE.COM — 13 Apr 2026

⚠️

Simply opening a PDF could trigger this Adobe Reader zero-day

KEVMALWAREBYTES.COM — 13 Apr 2026

⚠️

Citizen Lab: Webloc tracked 500M devices for global law enforcement

SECURITYAFFAIRS.COM — 13 Apr 2026

⚠️

GrafanaGhost: The AI That Leaked Everything Without Being Hacked

TECHREPUBLIC.COM — 13 Apr 2026

⚠️

Get Secure Cloud Storage on a 2TB Lifetime Plan with Internxt for $100

TECHREPUBLIC.COM — 13 Apr 2026

⚠️

Rockstar Games confirms data breach as ShinyHunters leaks 78 million records

CYBERINSIDER.COM — 13 Apr 2026

⚠️

Booking.com data breach exposed users’ reservation details

CYBERINSIDER.COM — 13 Apr 2026

⚠️

Standard fiber optic cables can be turned into remote microphones

CYBERINSIDER.COM — 13 Apr 2026

⚠️

Hallmark data breach exposed information of 1.7 million accounts

CYBERINSIDER.COM — 13 Apr 2026

📢

Google Brings End-to-End Encrypted Gmail to Android and iPhone

GBHACKERS.COM — 13 Apr 2026

📢

New Nginx 1.29.8 and FreeNginx Versions Patch Critical Security Flaws

GBHACKERS.COM — 13 Apr 2026

📢

[Control systems] CISA ICS security advisories (AV26–339)

CYBER.GC.CA — 2026-04-13

📢

Ubuntu security advisory (AV26-338)

CYBER.GC.CA — 2026-04-13

📢

Adobe Acrobat security advisory (AV26-340)

CYBER.GC.CA — 2026-04-13

📢

IBM security advisory (AV26-342)

CYBER.GC.CA — 2026-04-13

📢

Red Hat security advisory (AV26-341)

CYBER.GC.CA — 2026-04-13

🔥

EDR Killers Broaden Ransomware Tactics, ESET Warns

GBHACKERS.COM — 13 Apr 2026

🔥

APT37 Uses Facebook, Telegram, and Trojanzied Installer in New Targeted Cyberattack

GBHACKERS.COM — 13 Apr 2026

🔥

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

THEHACKERNEWS.COM — 13 Apr 2026

🔥

Basic-Fit Suffers Data Breach Affecting Millions Across Multiple Nations

GBHACKERS.COM — 13 Apr 2026

🔥

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

SECURITYWEEK.COM — 13 Apr 2026

🔥

How to protect your privacy while using smart sex toys | Kaspersky official blog

KASPERSKY.COM — 13 Apr 2026

🔥

Nearly 4,000 US industrial devices exposed to Iranian cyberattacks

SH.ITJUST.WORKS — 13 Apr 2026

🔥

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

SECURITYWEEK.COM — 13 Apr 2026

🔥

Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records

SH.ITJUST.WORKS — 13 Apr 2026

🔥

Hack at Anodot leaves over a dozen breached companies facing extortion

TECHCRUNCH.COM — 13 Apr 2026

🔥

Booking.com confirms hackers accessed customers’ data

TECHCRUNCH.COM — 13 Apr 2026

🔥

Rockstar Games receives “pay or leak” warning after cyberattack

SH.ITJUST.WORKS — 13 Apr 2026

🔥

Iran-linked group Handala claims to have breached three major UAE organizations

SECURITYAFFAIRS.COM — 13 Apr 2026

🔥

CPUID watering hole attack spreads STX RAT malware

SECURITYAFFAIRS.COM — 13 Apr 2026

🔥

Booking.com Hack Exposes Customer Data, Sparks Travel Scam Fears

TECHREPUBLIC.COM — 13 Apr 2026

🕵️

ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th)

ISC.SANS.EDU — 13 Apr 2026

🕵️

WhatsApp’s “End-to-End Encryption by Default” Claim Called Consumer Fraud by Pavel Durov

GBHACKERS.COM — 13 Apr 2026

🕵️

Elon Musk Announces XChat Launch With Self-Destructing Messages

GBHACKERS.COM — 13 Apr 2026

🕵️

Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users

SECURITYWEEK.COM — 13 Apr 2026

🕵️

VIPERTUNNEL Python Backdoor Hidden in Fake DLL, Obfuscated Loader Chain

GBHACKERS.COM — 13 Apr 2026

🕵️

Fake Claude Website Distributes PlugX RAT

SECURITYWEEK.COM — 13 Apr 2026

🕵️

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

THEHACKERNEWS.COM — 13 Apr 2026

🕵️

Iran-Linked CyberAv3ngers Target Water Utilities, Industrial Controllers

GBHACKERS.COM — 13 Apr 2026

🕵️

Juniper Networks Patches Dozens of Junos OS Vulnerabilities - SecurityWeek

SH.ITJUST.WORKS — 13 Apr 2026

🕵️

Microsoft: Canadian employees targeted in payroll pirate attacks

SH.ITJUST.WORKS — 13 Apr 2026

🕵️

New Phishing Kit Streamlines ClickFix Attacks

KNOWBE4.COM — 13 Apr 2026

🕵️

GitHub and Jira Alerts Hijacked for Trusted-SaaS Phishing

GBHACKERS.COM — 13 Apr 2026

🕵️

BrowserGate: Claims of LinkedIn ‘Spying’ Clash With Security Research Findings

SECURITYWEEK.COM — 13 Apr 2026

🕵️

Booking.com Says Hackers Accessed User Information

SECURITYWEEK.COM — 13 Apr 2026

🕵️

The Risk of Trusted System Access

YOUTUBE.COM — 2026-04-13

🕵️

Outlook Breaks on Moon Mission

YOUTUBE.COM — 2026-04-13

🕵️

Just 21 IP Addresses Are Now Behind Nearly Half of All RDP Scanning on the Internet

SH.ITJUST.WORKS — 13 Apr 2026

🕵️

Google’s ‘Tap to Share’ Could Finally Give Android Its AirDrop Moment

TECHREPUBLIC.COM — 13 Apr 2026

🕵️

Google Rolls Out End-to-End Encryption to Eligible Gmail Users on Mobile

TECHREPUBLIC.COM — 13 Apr 2026

🕵️

Own Windows 11 Pro and Microsoft Office 2024 for just $105

TECHREPUBLIC.COM — 13 Apr 2026

🕵️

Your Data, Always Within Reach – 2TB of Lifetime Cloud Storage Is $75

TECHREPUBLIC.COM — 13 Apr 2026

🕵️

Apple Car Key Support Coming to Lexus Vehicles: What We Know So Far

TECHREPUBLIC.COM — 13 Apr 2026

🕵️

Surfshark unveils new Dausos VPN protocol with dedicated user tunnels

CYBERINSIDER.COM — 13 Apr 2026

🌐

The silent “Storm”: New infostealer hijacks sessions, decrypts server-side

BLEEPINGCOMPUTER.COM — 13 Apr 2026

🌐

JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025

THEHACKERNEWS.COM — 13 Apr 2026

🌐

A week in security (April 6 – April 12)

MALWAREBYTES.COM — 13 Apr 2026

🌐

JanelaRAT: a financial threat targeting users in Latin America

SECURELIST.COM — 13 Apr 2026

🌐

iPhone forensics expose Signal messages after app removal in U.S. case

SECURITYAFFAIRS.COM — 13 Apr 2026

🌐

„ClickFix“-Angriffe auf macOS jetzt auch via Script Editor

HEISE.DE — 2026-04-13

📡

Scans for EncystPHP Webshell, (Mon, Apr 13th)

ISC.SANS.EDU — 13 Apr 2026

📡

FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts

THEHACKERNEWS.COM — 13 Apr 2026

📡

FBI announces takedown of phishing operation that targeted thousands of victims

TECHCRUNCH.COM — 13 Apr 2026

📡

The Iran War: What You Need to Know

RECORDEDFUTURE.COM — 13 Apr 2026

📡

Hackers access Booking.com user data, company secures systems

SECURITYAFFAIRS.COM — 13 Apr 2026

📡

KI-Betrug: Deutsche überschätzen ihre Fähigkeit, Deepfakes zu entlarven

HEISE.DE — 2026-04-13

📡

Fitnesskette Basic-Fit: Rund eine Million Mitglieder von Datenleck betroffen

HEISE.DE — 2026-04-13

📡

SSL-Konfigurationsfehler gefährdet VMware Tanzu Spring Cloud Gateway

HEISE.DE — 2026-04-13

📡

Angreifer attackieren Python-Notebook Marimo

HEISE.DE — 2026-04-13