🚨 CISA KEV 2[−]
17 Apr KEVApache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active ExploitationA recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To that end, the agency has added the vulnerability, tracked as CV…THEHACKERNEWS.COM
17 Apr KEVU.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalogThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score o…SECURITYAFFAIRS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 47[−]
17 AprCisco Warns Webex Customers Of Critical SSO ProblemWebEx SSO Vulnerability, booking.com Reservation Hijacking Risks, Windows Recall Scrutiny, and AI Vishing-as-a-Service Host Jim Love reports that Cisco disclosed a critical WebEx vulnerability (CVE-2026-2184) affecting SSO integration with Control Hub; although server-side fixes …CYBERSECURITYTODAY.LIBSYN.COM
17 AprNIST Limits CVE Enrichment After 263% Surge in Vulnerability SubmissionsThe National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to …THEHACKERNEWS.COM
17 AprCVE-2026-33948 jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed InputInformation published.MSRC.MICROSOFT.COM
17 AprCVE-2026-40164 jq: Algorithmic complexity DoS via hardcoded MurmurHash3 seedInformation published.MSRC.MICROSOFT.COM
17 AprCVE-2026-39956 jq: Missing runtime type checks for _strindices lead to crash and limited memory disclosureInformation published.MSRC.MICROSOFT.COM
17 AprCVE-2026-32316 jq: Integer overflow in jvp_string_append() allows Heap-based Buffer OverflowInformation published.MSRC.MICROSOFT.COM
17 AprCVE-2026-33947 jq: Unbounded Recursion in jv_setpath(), jv_getpath() and delpaths_sorted()Information published.MSRC.MICROSOFT.COM
17 AprCVE-2026-39979 jq: Out-of-Bounds Read in jv_parse_sized() Error Formatting for Non-NUL-Terminated Counted BuffersInformation published.MSRC.MICROSOFT.COM
17 AprCVE-2026-35199 SymCrypt SymCryptXmssSign function - Heap overflow via 64->32-bit leaf-count truncationInformation published.MSRC.MICROSOFT.COM
17 AprCVE-2025-14821 Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windowsInformation published.MSRC.MICROSOFT.COM
17 AprCVE-2026-40179 Prometheus: Stored XSS via metric names and label values in web UI tooltips and metrics explorerInformation published.MSRC.MICROSOFT.COM
17 AprPoC Released for FortiSandbox Flaw Enabling Arbitrary Command ExecutionA proof-of-concept (PoC) exploit has been publicly released for a critical security flaw in Fortinet’s FortiSandbox. Tracked as CVE-2026-39808, this severe vulnerability allows an unauthenticated attacker to execute arbitrary commands on the underlying operating system with…GBHACKERS.COM
17 AprWeaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging FaceAttackers are rapidly exploiting CVE-2026-39987 in the marimo Python notebook platform to deploy a new NKAbuse backdoor variant hosted on Hugging Face Spaces, turning AI/ML developer environments into high‑value infection points. The campaign combines pre-auth RCE, credential the…GBHACKERS.COM
17 AprAnother Microsoft Defender privilege escalation bug emerges days after patchDays after Microsoft patched a high-severity issue affecting its Windows Defender antivirus tool through April’s Patch Tuesday, researchers warn of another vulnerability that could enable SYSTEM privileges through local escalation. In a newly disclosed proof-of-concept (PoC) expl…CSOONLINE.COM
17 AprTP-Link Routers Hit by Mirai in CVE-2023-33538 AttacksHackers are actively scanning for vulnerable TP-Link home routers to push Mirai-style malware, abusing CVE-2023-33538 in a new wave of automated attacks. While the current exploit attempts are technically flawed, researchers warn that the underlying bug is real and dangerous when…GBHACKERS.COM
17 AprNIST Drops NVD Enrichment for Pre-March 2026 Vulnerabilities - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/nvd-enrichment-premarch-2026/SH.ITJUST.WORKS
17 AprChromium: CVE-2026-6296 Heap buffer overflow in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6363 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6359 Use after free in VideoThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6364 Out of bounds read in SkiaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6362 Use after free in CodecsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6313 Insufficient policy enforcement in CORSThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6314 Out of bounds write in GPUThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6318 Use after free in CodecsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6361 Heap buffer overflow in PDFiumThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6310 Use after free in DawnThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6360 Use after free in FileSystemThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6316 Use after free in FormsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6309 Use after free in VizThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6311 Uninitialized Use in AccessibilityThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6307 Type Confusion in TurbofanThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6306 Heap buffer overflow in PDFiumThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6303 Use after free in CodecsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6308 Out of bounds read in MediaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6302 Use after free in VideoThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6300 Use after free in CSSThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6304 Use after free in GraphiteThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6305 Heap buffer overflow in PDFiumThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6301 Type Confusion in TurbofanThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6317 Use after free in CastThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6312 Insufficient policy enforcement in PasswordsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6298 Heap buffer overflow in SkiaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6297 Use after free in ProxyThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprChromium: CVE-2026-6299 Use after free in PrerenderThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.MSRC.MICROSOFT.COM
17 AprCritical sandbox bypass fixed in popular Thymeleaf Java template engineMaintainers of Thymeleaf, a widely used template engine for Java web applications, fixed a rare critical vulnerability that allows unauthenticated attackers to execute malicious code on servers. The vulnerability, tracked as CVE-2026-40478, is rated 9.1 on the CVSS severity scale…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 26[−]
17 AprOperation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal AccountsAn international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000 cybercriminals. The ongoing effort, dubbed Operation PowerOFF, disrupted …THEHACKERNEWS.COM
17 AprFake Zoom SDK Update Spreads Sapphire Sleet Malware in New macOS Attack ChainA sophisticated macOS-focused cyber campaign orchestrated by the North Korean threat actor Sapphire Sleet, revealing a shift toward social engineering over traditional software exploitation. Instead of relying on vulnerabilities, the attackers trick users into executing malicious…GBHACKERS.COM
17 AprCritical Flowise Flaw Enables Remote Command Execution via MCP AdaptersOX Security researchers have uncovered a critical, systemic vulnerability built directly into the architecture of Anthropic’s Model Context Protocol (MCP). As the industry standard for AI agent communication, this foundational flaw exposes systems to Arbitrary Command Execution (…GBHACKERS.COM
17 AprGoogle Deploys Gemini AI to Stop Threat Actors, Blocking 8.3 Billion AdsGoogle has significantly escalated its fight against cybercriminals, deploying its advanced Gemini AI to neutralize malicious advertising campaigns. By leveraging generative AI, the tech giant intercepted more than 99% of these harmful advertisements before they ever reached end …GBHACKERS.COM
17 AprAmtrak - 2,147,679 breached accountsIn April 2026, the hacking group ShinyHunters claimed they had breached Amtrak . The group typically compromises organisations' Salesforce instances before demanding a ransom and later, if not paid, dumping the data publicly. They subsequently published the alleged data which con…HAVEIBEENPWNED.COM
17 AprLocal area network anonymity hardening tool for Linuxsubmitted by Nikolas5476 to cybersecurity 4 points | 0 comments Source code and details: github.com/nikolas-trey/LANGhost Description LANGhost is a Linux anonymity hardening layer for systems managed by NetworkManager. It minimizes identity leakage across multiple network surface…SH.ITJUST.WORKS
17 AprPalo Alto’s Helmut Reisinger sees a cyber sea change ahead as AI advancesIn two decades, Palo Alto Networks has evolved from a next-generation niche player to one of the largest global cybersecurity giants today. Under its mantra of “platformization,” the company has catapulted its revenues over its closest competitors and boosted its stock valuation …CSOONLINE.COM
17 AprMythos and CybersecurityLast week, Anthropic pulled back the curtain on Claude Mythos Preview , an AI model so capable at finding and exploiting software vulnerabilities that the company decided it was too dangerous to release to the public. Instead, access has been restricted to roughly 50 organization…SCHNEIER.COM
17 AprTails 7.6.2 patches vulnerability that could expose saved files - Help Net Securitysubmitted by kid to cybersecurity 4 points | 0 comments https://www.helpnetsecurity.com/2026/04/16/tails-vulnerability-expose-saved-files/SH.ITJUST.WORKS
17 AprWe beat Google’s zero-knowledge proof of quantum cryptanalysisTwo weeks ago, Google’s Quantum AI group published a zero-knowledge proof of a quantum circuit so optimized, they concluded that first-generation quantum computers will break elliptic curve cryptography keys in as little as 9 minutes. Today, Trail of Bits is publishing our own ze…TRAILOFBITS.COM
17 AprSEO Poisoning Attack Uses Microsoft Binary to Install RMM ToolNew research has exposed a search engine poisoning campaign that delivers a trojanized TestDisk installer, abuses a Microsoft-signed binary for DLL sideloading, and silently deploys the ScreenConnect remote monitoring and management (RMM) client for hands-on keyboard access. The …GBHACKERS.COM
17 AprOperation PowerOFF Knocks Out 75,000 DDoS Attackers and Over 50 Service DomainsA major international law enforcement campaign has hit the DDoS-for-hire ecosystem, warning more than 75,000 suspected users and disrupting the infrastructure that helped power online attacks around the world. Backed by Europol, Operation PowerOFF brought together authorities fro…GBHACKERS.COM
17 AprWhite House moves to give federal agencies access to Anthropic’s Claude MythosThe US government is preparing to authorize a version of Anthropic’s Claude Mythos model for use by major US federal agencies, amid concerns that the AI model could rapidly spot cybersecurity vulnerabilities and offer the ability to exploit them. Federal Chief Information Officer…CSOONLINE.COM
17 AprHackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Facesubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/hackers-exploit-marimo-flaw-to-deploy-nkabuse-malware-from-hugging-face/SH.ITJUST.WORKS
17 Apr KEVThree Microsoft Defender Zero-Days Actively Exploited; Two Still UnpatchedHuntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires Git…THEHACKERNEWS.COM
17 AprPowMix botnet targets Czech workforcesubmitted by kid to cybersecurity 2 points | 0 comments https://blog.talosintelligence.com/powmix-botnet-targets-czech-workforce/SH.ITJUST.WORKS
17 AprOperation PowerOFF: 53 DDoS domains seized and 3 Million criminal accounts uncoveredOperation PowerOFF shut down 53 DDoS-for-hire domains, arrested four suspects, and exposed data on over 3 million criminal user accounts. Operation PowerOFF is an international law enforcement action that dismantled 53 domains linked to DDoS-for-hire services used by over 75,000 …SECURITYAFFAIRS.COM
17 AprPen Test Took Down Campus WiFiA routine Nmap scan against a Cisco wireless LAN controller caused a full outage of a college’s Wi-Fi network. The issue was later confirmed as a denial-of-service vulnerability and patched. Even standard security testing techniques can trigger real outages when systems have hidd…YOUTUBE.COM
17 AprWe Reproduced Anthropic's Mythos Findings With Public Modelssubmitted by codeinabox to security 3 points | 0 comments https://blog.vidocsecurity.com/blog/we-reproduced-anthropics-mythos-findings-with-public-models Anthropic presents Mythos and Project Glasswing as evidence that advanced AI vulnerability research should be restricted. But …PROGRAMMING.DEV
17 AprInditex confirms third-party breach as hackers threaten Zara data leakInditex, the owner of Zara, has disclosed a data breach linked to a former technology provider, stating that no customer data was exposed. However, the ShinyHunters extortion group has since listed Zara on its leak site, claiming it will publish stolen data within days. The Spani…CYBERINSIDER.COM
17 Apr KEVNew “RedSun” Windows Defender zero-day exploited in the wildA newly disclosed Windows zero-day vulnerability dubbed “RedSun” is being actively exploited in the wild, allowing attackers to gain SYSTEM privileges by abusing Microsoft Defender. The vulnerability was publicly disclosed by the researcher “Nightmare-Eclipse,” who also released …CYBERINSIDER.COM
17 AprHackers are abusing unpatched Windows security flaws to hack into organizationsA security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit them. Now, hackers are taking advantage of the vulnerabilities in real life attacks, according to a cybersecurity firm.TECHCRUNCH.COM
17 Apr KEVThree Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatchedsubmitted by monica_b1998 to cybersecurity 7 points | 0 comments https://thehackernews.com/2026/04/three-microsoft-defender-zero-days.html?m=1INFOSEC.PUB
17 AprFlawed Cisco update threatens to stop APs from getting further patchesCisco admins are scrambling to patch a critical flash memory overflow vulnerability in over 200 Cisco Systems IOS XE-based models of wireless access points (APs), caused by a recent flawed software update. If the issue is not corrected quickly, the AP’s memory will become so floo…CSOONLINE.COM
17 Apr KEVTemporary fix for Section 702.The House extends Section 702, for now. Mythos raises fresh cyber risk concerns. CISA warns of reduced capacity. ZionSiphon targets Israeli water systems. Operation PowerOFF hits DDoS-for-hire networks. CISA flags an actively exploited ActiveMQ flaw. WordPress plugin supply chain…THECYBERWIRE.COM
17 AprSecuring autonomous AI at scale with Arvind (Nitro) Nithrakashyap from RubrikArvind (Nitro) Nithrakashyap, CTO and Co-Founder of Rubrik joins Dave Bittner on the CyberWire Daily podcast for a sponsored Industry Voices at the RSAC Conference 2026. He explores the rise of “AI sprawl,” the challenges of securing autonomous agents at scale, and what organizat…THECYBERWIRE.COMHTTPS:
📢 SECURITY ADVISORIES 2[−]
17 AprWith US spy laws set to expire, lawmakers are split over protecting Americans from warrantless surveillanceSome lawmakers are calling for widespread reforms following years of surveillance scandals and abuses across successive U.S. administrations. But even if the spy law known as Section 702 expires in April, the government's spy powers will not automatically lapse.TECHCRUNCH.COM
17 AprUS House extends FISA Section 702 for ten days.CISA's acting director warns lawmakers of reduced capacity. New malware strain targets Israeli water facilities.THECYBERWIRE.COM
🔥 INCIDENT REPORTING 9[−]
17 AprPayouts King Emerges: New Ransomware Operation Tied to Ex-BlackBasta MembersPayouts King is emerging as a technically sophisticated ransomware operation believed to be run by former BlackBasta affiliates, reusing their social‑engineering playbook while introducing hardened obfuscation and encryption routines. The group focuses on high‑value data theft an…GBHACKERS.COM
17 Apr108 Chrome extensions caught stealing user data and hijacking sessionssubmitted by beep to cybersecurity 1 points | 0 comments https://socket.dev/blog/108-chrome-ext-linked-to-data-exfil-session-theft-shared-c2 54 extensions steal Google account identity via OAuth2; 1 extension actively exfiltrates Telegram Web sessions every 15 seconds; 1 extensio…INFOSEC.PUB
17 Apr“Your shipment has arrived” email hides remote access softwareThis DHL-themed email tries to get recipients to install remote access software attackers can use to deploy further malware, including ransomware.MALWAREBYTES.COM
17 AprData breach at edtech giant McGraw Hill affects 13.5 million accountssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/data-breach-at-edtech-giant-mcgraw-hill-affects-135-million-accounts/SH.ITJUST.WORKS
17 AprIndustrial Systems Hit by New Email-Worm Threat WaveEmail-borne worms are driving a fresh wave of incidents against industrial control systems (ICS), even as overall malware activity on these networks appears to be slowly declining. New data from Q4 2025 shows that phishing-driven distribution of the XWorm backdoor has sharply shi…GBHACKERS.COM
17 AprAmtrak data breach exposed information of 2.1 million accountsAmtrak is the latest organization to have a major dataset added to the Have I Been Pwned (HIBP) database, following claims by the ShinyHunters hacking group that it breached the US passenger rail service and exfiltrated millions of customer records. The development comes days aft…CYBERINSIDER.COM
17 AprAI Upgrades, Security Breaches, and Industry Shifts Define This Week in TechSee what you missed in Daily Tech Insider from April 13–17. The post AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech appeared first on TechRepublic .TECHREPUBLIC.COM
17 AprMan who hacked US Supreme Court filing system sentenced to probationNicholas Moore hacked into three U.S. government networks using stolen credentials, and then bragged about it and posted victims' personal data on Instagram under the handle @ihackedthegovernment.TECHCRUNCH.COM
17 AprKyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western IntelligenceGrinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a threat actor stole $13.7 million in a cyber attack that the company attributes to W…SECURITYAFFAIRS.COM
🕵️ THREAT INTELLIGENCE 30[−]
17 AprISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
17 AprHackers Deploy ATHR for Scalable AI-Driven Vishing and Credential TheftHackers are increasingly turning to telephone-oriented attack delivery (TOAD) to bypass traditional email security, and a new cybercrime platform called ATHR is accelerating this trend with AI-driven automation and integrated phishing capabilities. TOAD attacks rely on a simple b…GBHACKERS.COM
17 AprAnthropic Introduces Claude Opus 4.7 for Advanced Problem-SolvingAnthropic has officially launched Claude Opus 4.7, a major upgrade designed to tackle complex software engineering while introducing rigorous new cybersecurity safeguards. Released on April 16, 2026, this model brings enhanced problem-solving capabilities to developers and active…GBHACKERS.COM
17 AprZionSiphon Malware Hits Israeli Desalination PlantsHackers are experimenting with new malware designed to sabotage Israeli desalination and water treatment plants using a tool dubbed “ZionSiphon,”. However, the current sample appears to be a faulty or developmental build rather than a fully operational weapon. The code checks IPv…GBHACKERS.COM
17 AprCensys Warns 6 Million Public-Facing FTP Servers Are Still Exposed in 2026A new security brief from internet intelligence firm Censys reveals that the 55 year old File Transfer Protocol continues to run on nearly 6 million internet facing hosts. As of April 2026, the dominant story of FTP exposure is not purpose built file transfer infrastructure, but …GBHACKERS.COM
17 AprFiverr left customer files public and searchable on Googlesubmitted by beep to cybersecurity 2 points | 0 comments https://news.ycombinator.com/item?id=47769796INFOSEC.PUB
17 AprTop 5 Disaster Recovery Companies in 2026This is a comprehensive list of the top Disaster Recovery as a Service providers. Use this guide to compare and choose the best solution for you. The post Top 5 Disaster Recovery Companies in 2026 appeared first on TechRepublic .TECHREPUBLIC.COM
17 AprOpenAI Extends GPT-5.4-Cyber Access to Trusted Organizations WorldwideOpenAI has announced the expansion of its “Trusted Access for Cyber” program, granting worldwide security organizations access to its advanced GPT-5.4-Cyber model. The initiative operates on a foundational premise: cutting-edge cyber capabilities must reach network de…GBHACKERS.COM
17 AprMicrosoft Acknowledges Reboot Loop Issue on Windows Servers Following April PatchesMicrosoft has confirmed a critical known issue affecting Windows Server 2025 domain controllers after deploying the April 2026 cumulative update KB5082063 (OS Build 26100.32690), released on April 14, 2026. Affected domain controllers are entering repeated restart loops, and a se…GBHACKERS.COM
17 AprIdentity at the Edge: How the Sixth Annual Identity Management Day Highlights the New Frontiers of TrustEach year, Identity Management Day (IMD) serves as a global reminder that managing digital identities is more than a technical requirement; it is a cornerstone of modern trust. Now in its sixth year, IMD continues to emphasize how identity itself is evolving, stretching beyond hu…KNOWBE4.COM
17 AprZionSiphon malware designed to sabotage water treatment systemssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/zionsiphon-malware-designed-to-sabotage-water-treatment-systems/SH.ITJUST.WORKS
17 AprOperation PowerOFF identifies 75k DDoS users, takes down 53 domainssubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/operation-poweroff-identifies-75k-ddos-users-takes-down-53-domains/SH.ITJUST.WORKS
17 AprNorth Korea Uses ClickFix to Target macOS Users' Datasubmitted by kid to cybersecurity 3 points | 0 comments https://www.darkreading.com/application-security/north-korea-clickfix-target-macos-users-dataSH.ITJUST.WORKS
17 AprSystemic Flaw in MCP Protocol Could Expose 150 Million Downloads - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/systemic-flaw-mcp-expose-150/SH.ITJUST.WORKS
17 AprSix million FTP servers exposed online | Cybernewssubmitted by kid to cybersecurity 2 points | 0 comments https://cybernews.com/security/six-million-ftp-servers-exposed-online/SH.ITJUST.WORKS
17 AprBluesky Outage: Coordinated Traffic Attack Causes Widespread ErrorsBluesky’s DDoS attack caused outages for a second day, disrupting feeds, notifications, and search across the platform. The post Bluesky Outage: Coordinated Traffic Attack Causes Widespread Errors appeared first on TechRepublic .TECHREPUBLIC.COM
17 AprOff-Topic Fridaysubmitted by shellsharks to cybersecurity 2 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
17 AprOver 13M Kemper Corporation records leaked on the dark web, hackers claim | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/security/kemper-insurance-data-leak-shinyhunters/SH.ITJUST.WORKS
17 AprCisco patches critical bugs in Webex, ISE | news | SC Mediasubmitted by kid to cybersecurity 3 points | 0 comments https://www.scworld.com/news/cisco-patches-critical-bugs-in-webex-iseSH.ITJUST.WORKS
17 AprNew Phishing Attack Turns n8n Into On-Demand Malware MachineHackers are abusing n8n workflows to deliver malware and evade detection, according to Cisco Talos, using trusted automation to bypass security defenses. The post New Phishing Attack Turns n8n Into On-Demand Malware Machine appeared first on TechRepublic .TECHREPUBLIC.COM
17 AprWidespread AI Use Masks a Growing Workplace Readiness GapStudy.com finds 9 in 10 employees use AI at work, but training and readiness lag as more employers expect workers to use the tools every day. The post Widespread AI Use Masks a Growing Workplace Readiness Gap appeared first on TechRepublic .TECHREPUBLIC.COM
17 AprBrave to launch minimalist “Origin” browser with core privacy featuresBrave has introduced “Brave Origin” in its Nightly builds, a minimalist version of the browser focused on core privacy protections, with additional features available through a paid upgrade. The new offering signals a shift toward a more modular Brave experience, where users can …CYBERINSIDER.COM
17 AprTor VPN for Android security audit confirms robust designThe Tor Project has published the results of a third-party security audit of its upcoming Tor VPN for Android, confirming that its core privacy architecture is sound. However, several weaknesses, primarily tied to DNS handling and input validation, were uncovered and require reme…CYBERINSIDER.COM
17 AprTransform security logs into OCSF format using a configuration-driven ETL solutionSecurity logs capture essential security-related activities, such as user sign-ins, file access, network traffic, and application usage. These logs are important for monitoring, detecting, and responding to potential security events. The Open Cybersecurity Schema Framework (OCSF)…AWS.AMAZON.COM
17 AprAnthropic Releases Opus 4.7, Not as ‘Broadly Capable’ as Mythos AIAnthropic launches Opus 4.7 with improved coding and reasoning, as its more “broadly capable” Mythos AI remains restricted over security concerns. The post Anthropic Releases Opus 4.7, Not as ‘Broadly Capable’ as Mythos AI appeared first on TechRepublic .TECHREPUBLIC.COM
17 AprClothing Retailer Patches Website Flaw Exposing Customer DataA clothing retailer patched a website flaw that exposed customer data via order links, highlighting risks associated with predictable URL structures. The post Clothing Retailer Patches Website Flaw Exposing Customer Data appeared first on TechRepublic .TECHREPUBLIC.COM
17 AprChinese Humanoid Robots Dominate Opening Day of Canton Fair 2026China’s Canton Fair 2026 opens with a powerful robotics showcase, highlighting humanoid machines and automation systems already transforming global industries. The post Chinese Humanoid Robots Dominate Opening Day of Canton Fair 2026 appeared first on TechRepublic .TECHREPUBLIC.COM
17 AprApple iPhone Ultra: New Leak Reveals ‘Passport’ Design, High Price TagApple’s iPhone Ultra leak reveals a passport-style foldable design, ultra-thin build, and a possible $2,000+ price tag ahead of launch. The post Apple iPhone Ultra: New Leak Reveals ‘Passport’ Design, High Price Tag appeared first on TechRepublic .TECHREPUBLIC.COM
17 AprFriday Squid Blogging: New Giant Squid VideoPretty fantastic video from Japan of a giant squid eating another squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.SCHNEIER.COM
17 AprDougbot, RedSun, ATHR, Vishing, Cisco, Google, Chrome, Severance, Shor, Josh Marpet.. - SWN #573Dougbot, RedSun, ATHR, Vishing, Cisco, Google, Chrome, Severance, Shor, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-573YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
17 AprInside ZionSiphon: politically driven malware aims at Israeli water systemsNew ZionSiphon malware targets water systems, and allows attackers to alter pressure and chlorine levels. A flaw makes it ineffective for now. Darktrace analyzed ZionSiphon, a new malware designed to target water treatment and desalination systems, which aims to disrupt operation…SECURITYAFFAIRS.COM
17 AprAnalyse: Vom Mythos zur Vulnocalypse und was jetzt wirklich zu tun istAlle Welt redet darüber, wie gefährlich Anthropics neue KI sein könnte. Jürgen Schmidt von heise security konzentriert sich lieber darauf, was jetzt zu tun ist.HEISE.DE
17 AprHackers leverage leaked government intelligence tools to target everyday iOS users | Kaspersky official blogDarkSword and Coruna are new iOS malware strains that infect devices through zero-click attacks. Learn how these threats operate, which iOS versions are at risk, and how to protect your devices.KASPERSKY.COM
🎙️ PODCASTS 1[−]
17 AprAuslegungssache 157: Datenschutz vor GerichtIm c't-Datenschutz-Podcast erklärt Niedersachsens Datenschutzbeauftragter, wie Widerspruchsverfahren gegen Bußgelder ablaufen – und warum er außen vor bleibt.HEISE.DE
📡 INFOSEC NEWS 14[−]
17 AprLumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)Introduction
ISC.SANS.EDU
17 AprAngreifer attackieren Apache ActiveMQ Broker, Apache ActiveMQAdmins sollten zügig die gegen derzeit laufende Attacken gerüsteten Versionen von Apache ActiveMQ Broker und Apache ActiveMQ installieren.HEISE.DE
17 AprÄrger mit aktueller NordVPN-App für macOSUser des VPN-Dienstes aus Litauen melden seit dem Upgrade auf Version 10.0 Verbindungs- und Bedienungsprobleme beim Mac-Client. 10.0.4 soll es richten.HEISE.DE
17 AprAmazon: Ring-Kameras jetzt mit optionaler GesichtserkennungAuch in Deutschland können Ring-Kameras nun Gesichter erkennen und Nutzer darüber informieren. Die Option ist standardmäßig deaktiviert.HEISE.DE
17 AprWindows-Updates: Unerwartete Server-Reboots und AnmeldestörungenDie Updates für Windows Server im April haben Nebenwirkungen. Server starten unerwartet neu oder erlauben keine Admin-Anmeldungen.HEISE.DE
17 AprJetzt patchen nginx-ui! Angreifer übernehmen Kontrolle über Nginx-ServerDerzeit nutzen Angreifer eine kritische Sicherheitslücke im Web-Managementtool nginx-ui aus. Davon sind auch Instanzen in Deutschland bedroht.HEISE.DE
17 AprÖsterlicher Zertifikats-GAU bei D-Trust: Zehntausende Zertifikate ungültigZwischen Gründonnerstag und Ostermontag mussten Admins ihre TLS-Zertifikate austauschen. Nun gibt D-Trust bekannt: Fast 60.000 waren nicht regelkonform.HEISE.DE
17 AprYubiKey Manager: Sicherheitslücke ermöglicht Ausführung untergeschobenen CodesYubico warnt vor einer Suchpfad-Schwachstelle im YubiKey Manager, libfido2 und python-fido2. Updates korrigieren die Fehler.HEISE.DE
17 AprGoogle Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy OverhaulGoogle this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9 million accounts in 2025. The new policy updates relate to conta…THEHACKERNEWS.COM
17 AprSinger loses life savings to fake wallet downloaded from the Apple App StoreIf you hold cryptocurrency, there's a very simple golden rule that you should always follow. Never hand over your seed phrase. Garrett Dutton, better known as G. Love - the front man of blues-hip-hop outfit G. Love & Special Sauce - has learnt that lesson the hard way. Read …BITDEFENDER.COM
17 AprAndroid 13 erreicht Support-Ende: Millionen Geräte betroffenAndroid 13 ist raus. Google hat schon Anfang März den Support für die im Jahr 2022 veröffentlichte OS-Version eingestellt.HEISE.DE
17 AprThis old-school scam is still workingWe sent Tess to investigate a classic Nigerian advance-fee scam with a new twist. Sadly, these old scams are still in play because they work.MALWAREBYTES.COM
17 AprDraftKings hacker sentenced to prison, ordered to pay $1.4 MillionA DraftKings hacker got 30 months in prison for selling stolen credentials and must pay over $1.4 million in fines and restitution. Kamerin Stokes, 23, from Memphis (aka TheMFNPlug), received a 30-month prison sentence for his role in a 2022 credential stuffing attack against Dra…SECURITYAFFAIRS.COM
17 AprEU-App zur Altersprüfung: Experten knacken „Sorglos-Paket“ in MinutenDie EU-Kommission will den Jugendschutz im Netz per App revolutionieren. Doch rasch entpuppt sich das Versprechen von Anonymität und Sicherheit als sehr fragil.HEISE.DE