122Articles
9Categories
2026-04-22Date
🚨 CISA KEV 2[−]
22 Apr KEVAnthropic bets on EPSS for the coming bug surgeAnthropic’s Mythos has intensified a problem that vulnerability management programs were already struggling to contain: too many vulnerabilities and not enough clarity about which ones matter. What changes with Mythos — and the AI-based class of vulnerability discovery systems it…CSOONLINE.COM
22 Apr KEVCISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlinessubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/04/cisa-adds-8-exploited-flaws-to-kev-sets.htmlSH.ITJUST.WORKS
🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
22 AprCohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container EscapeA critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system. "Sandbox escape vulnerability in Terrarium allows a…THEHACKERNEWS.COM
22 AprMicrosoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation BugMicrosoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It's rated Important in severity. An anonymou…THEHACKERNEWS.COM
22 AprCritical Spring Authorization Server Issue Exposes Systems to XSS and SSRF AttacksA critical vulnerability, tracked as CVE-2026-22752, has been disclosed in Spring Security Authorization Server, affecting organizations running Dynamic Client Registration endpoints. The flaw allows attackers to inject malicious client metadata, potentially leading to Stored Cro…GBHACKERS.COM
22 AprCritical Bamboo Data Centre and Server Flaw Enables Command Injection AttacksAtlassian has disclosed a critical OS Command Injection vulnerability (CVE-2026-21571) in Bamboo Data Centre and Server, with a CVSS score of 9.4, enabling authenticated attackers to execute commands on affected systems remotely. The flaw, tracked as CVE-2026-21571, was published…GBHACKERS.COM
22 AprMozilla Firefox 150 Released With Fixes for Multiple Code Execution VulnerabilitiesMozilla has released Firefox 150 to patch 41 security vulnerabilities, including multiple high-severity flaws that could lead to remote code execution. Users should immediately update their browsers to protect against these critical memory corruption and use-after-free bugs. Crit…GBHACKERS.COM
22 AprVU#518910: Ollama GGUF Quantization Remote Memory LeakOverview Ollama’s model quantization engine contains a vulnerability that allows an attacker with access to the model upload interface to read and potentially exfiltrate heap memory from the server. This issue may lead to unintended behavior, including unauthorized access to sens…KB.CERT.ORG
22 AprMicrosoft out-of-band updates fixed critical ASP.NET Core privilege escalation flawMicrosoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges. Microsoft released out-of-band updates to address a serious ASP.NET Core vulnerability tracked as CVE-2026-40372 (CVSS score of 9.1). Micro…SECURITYAFFAIRS.COM
22 AprMirai Botnet exploits CVE-2025-29635 to target legacy D-Link routersMirai botnet is targeting old D-Link routers using CVE-2025-29635, a command injection flaw exploitable via crafted POST requests after public PoC disclosure. A Mirai botnet is actively exploiting a command injection vulnerability, tracked as CVE-2025-29635, in discontinued D-Lin…SECURITYAFFAIRS.COM
22 AprMicrosoft issues out-of-band patch for critical security flaw in update to ASP.NET CoreDevelopers are advised to check their applications after Microsoft revealed that last week’s ASP.NET Core update inadvertently introduced a serious security flaw into the web framework’s Data Protection Library. Microsoft describes the issue as a “regression,” coding jargon for a…CSOONLINE.COM
22 AprMicrosoft Patch Still Leaves 1,300 SharePoint Servers ExposedMore than 1,300 internet-exposed SharePoint servers remain unpatched against CVE-2026-32201, a spoofing flaw Microsoft says was exploited as a zero-day. The post Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed appeared first on TechRepublic .TECHREPUBLIC.COM
⚠️ VULNERABILITY DISCLOSURE 23[−]
22 AprVercel Breach Started With AI ToolCYBERSECURITYTODAY.LIBSYN.COM
22 AprMicrosoft Issues Emergency .NET 10.0.7 Update to Patch Elevation of Privilege VulnerabilityMicrosoft has issued an emergency out-of-band security update to address a severe vulnerability within the .NET framework. The critical release of .NET 10.0.7 patches an Elevation of Privilege flaw that inadvertently surfaced after a recent routine system update. Out-of-band patc…GBHACKERS.COM
22 Apr KEV1,370+ Microsoft SharePoint Servers at Risk of Spoofing Attacks Found Exposed OnlineMore than 1,370 Microsoft SharePoint servers remain publicly exposed to an actively exploited spoofing vulnerability, putting countless corporate networks at severe risk. Identified by threat intelligence researchers at The Shadowserver Foundation, these unpatched systems are vul…GBHACKERS.COM
22 AprDinDoor Backdoor Exploits Deno and MSI Installers to Slip Past DetectionDinDoor is a newly documented backdoor that abuses the Deno JavaScript runtime and MSI installer files to execute attacker‑controlled code while sidestepping traditional detection controls quietly. Hiding behind trusted runtimes and common Windows tooling gives threat actors a fl…GBHACKERS.COM
22 AprFrom Shame to Fame: Changing Behaviors and RSAC Interviews from Tanium and Illumio - BSW #444Why have security awareness training programs failed? Maybe we need to understand human psychology. Humans don't like tricks, or to be shamed, or negative emotions. Humans want to be rewarded, but yet our training and phishing programs are not built for reward. Maybe it's time to…YOUTUBE.COM
22 AprRisky Business #834 -- Vercel gets owned, Mozilla dumps hundreds of Mythos bugsOn this week’s show, Patrick Gray and James Wilson are joined by special guest The Grugq. They discuss the week’s cybersecurity news, including: Vercel got owned, and there’s a few infostealer and compromised employee dots to connect Mozilla used Mythos to find 271 bugs, which fe…RISKY.BIZ
22 AprThe AI era demands a different kind of CISOWhen attackers can discover and exploit vulnerabilities in minutes, last quarter's audit doesn't mean much. CISOs need to shift from static measurement to real-time awareness -- and fast. The post The AI era demands a different kind of CISO appeared first on CyberScoop .CYBERSCOOP.COM
22 AprLotus Wiper Hits Energy Sector in Destructive CyberattackHackers have deployed a new destructive malware, dubbed Lotus Wiper , in a targeted cyberattack against energy and utilities organizations in Venezuela, aiming not to extort money but to destroy data and disrupt operations permanently. Artifacts from the Lotus Wiper attack chain …GBHACKERS.COM
22 AprMullvad to add feature that forces all iOS traffic through the VPN tunnelMullvad has announced a new feature that forces all iOS app traffic through its VPN tunnel, accepting significant usability trade-offs to close long-standing traffic leak risks caused by Apple’s networking limitations. The VPN provider explained that unresolved issues in Apple’s …CYBERINSIDER.COM
22 AprToxic Combinations: When Cross-App Permissions Stack into RiskOn January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat inside the private messages. …THEHACKERNEWS.COM
22 AprNFC tap-to-pay gets tapped by hackersCyber crooks are abusing a trojanized Android payment application to steal near field communication (NFC) data and PINs, enabling cloning of payment cards and draining victim accounts. According to ESET researchers, a new variant of the NGate malware has been infused into the Han…CSOONLINE.COM
22 AprMozilla says Claude’s Mythos AI helped uncover 271 flaws in FirefoxMozilla says it has fixed 271 previously unknown security vulnerabilities in Firefox 150 after testing an experimental AI model from Anthropic, marking a dramatic escalation in AI-assisted bug discovery. The announcement by Bobby Holley, a senior staff engineer on the Firefox tea…CYBERINSIDER.COM
22 Apr109 Fake GitHub Repos Spread SmartLoader, StealC MalwareA coordinated malware operation is abusing fake GitHub repositories to distribute a LuaJIT-based loader, SmartLoader, and a follow-on StealC infostealer, with at least 109 malicious repos active across 103 accounts. The campaign blends cloned open source code, obfuscated Lua stag…GBHACKERS.COM
22 AprIran claims US exploited networking equipment backdoors during strikessubmitted by floofloof to cybersecurity 5 points | 1 comments https://www.tomshardware.com/tech-industry/cyber-security/iran-claims-us-exploited-networking-equipment-backdoors-during-strikes cross-posted from: lemmy.bestiver.se/post/1063291 CommentsINFOSEC.PUB
22 AprUnsecured Perforce Servers Expose Sensitive Data From Major Orgs - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/unsecured-perforce-servers-expose-sensitive-data-from-major-orgs/SH.ITJUST.WORKS
22 Apr KEVActively exploited Apache ActiveMQ flaw impacts 6,400 serverssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/actively-exploited-apache-activemq-flaw-impacts-6-400-servers/SH.ITJUST.WORKS
22 AprPunishment Fails Behavior ChangeSecurity awareness programs often rely on punishment—especially in phishing simulations and compliance training. But behavioral psychology shows that rewarded actions are far more likely to stick than punished ones. If employees only act securely to avoid consequences, the behavi…YOUTUBE.COM
22 AprNews alert: BreachLock’s integrated attack validation platform debuts in Gartner AEV categoryNEW YORK, Apr. 21, 2026, CyberNewswire— BreachLock , a global leader in offensive security, today announced it has been named a representative vendor in the 2026 Gartner Market Guide for Adversarial Exposure Validation . This recognition marks the first time … (more…) The p…LASTWATCHDOG.COM
22 AprMicrosoft SharePoint vulnerability widely exposed across multiple countriesThe disclosure comes just weeks after a prior SharePoint flaw was discovered.CYBERSECURITYDIVE.COM
22 AprNew Apple Phishing Scam Uses Fake $899 iPhone Purchase AlertAn Apple account notification has been exploited in a new email phishing attack that comes with a fake iPhone purchase claim. The post New Apple Phishing Scam Uses Fake $899 iPhone Purchase Alert appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprDDoS wave continues as Mastodon hit after Bluesky incidentMastodon suffered a major DDoS attack shortly after a similar incident hit Bluesky. The outage was significant but resolved within a few hours. Mastodon was hit by a major DDoS attack just days after a similar disruption affected Bluesky. Mastodon is a free and open-source softwa…SECURITYAFFAIRS.COM
22 AprApple fixes bug that cops used to extract deleted chat messages from iPhonesThe iPhone and iPad bug allowed law enforcement using forensic tools to read messages that had long been deleted by the Signal app.TECHCRUNCH.COM
22 AprThe leak was only a matter of time.Mythos leaks. The DOD preps a more aggressive cyber strategy. A former FBI cyber official urges homicide charges for hospital ransomware deaths. Lotus Wiper targeted the Venezuelan energy and utilities sector. Over 1,300 SharePoint servers remain unpatched against a spoofing vuln…THECYBERWIRE.COM
📢 SECURITY ADVISORIES 13[−]
22 AprNamastex npm Packages Spread TeamPCP-Style CanisterWorm MalwareCompromised Namastex npm packages are delivering a new TeamPCP-style CanisterWorm variant that targets developer secrets, browser and wallet data, and then attempts to spread across npm and PyPI ecosystems using canister-backed exfiltration infrastructure. The campaign closely mi…GBHACKERS.COM
22 AprThe Cybercrime Shift: From Opportunistic Attacks to Marketplace-Driven EcosystemIn this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠⁠Sherrod DeGrippo⁠ speaks with Maurice Mason and Jackie Burns-Koven to explore how cybercrime has shifted into a highly organized, marketplace-driven ecosystem. They break down the growing convergence between c…THECYBERWIRE.COM
22 AprUK Faces a Cyber ‘Perfect Storm’ Driven by Tech Advances and Nation State Threats, NCSC WarnsThe convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warnsINFOSECURITY-MAGAZINE.COM
22 AprIR Trends Q1 2026: Phishing reemerges as top initial access vector, as attacks targeting public administration persistPhishing reemerged as the most observed means of gaining initial access, accounting for over a third of the engagements where initial access could be determined. Phishing has not been the top vertical for initial access since Q2 2025.TALOSINTELLIGENCE.COM
22 AprIran, Russia and China behind most major cyberattacks on UK, security chief warnssubmitted by randomname to cybersecurity 1 points | 0 comments https://www.the-independent.com/news/uk/home-news/cyber-attacks-uk-iran-russia-china-b2961955.html cross-posted from: scribe.disroot.org/post/8496807 cross-posted from: scribe.disroot.org/post/8496678 Archived version…INFOSEC.PUB
22 AprIran, Russia and China behind most major cyberattacks on UK, security chief warnssubmitted by randomname to cybersecurity 1 points | 0 comments https://www.the-independent.com/news/uk/home-news/cyber-attacks-uk-iran-russia-china-b2961955.html cross-posted from: scribe.disroot.org/post/8496807 cross-posted from: scribe.disroot.org/post/8496678 Archived version…SH.ITJUST.WORKS
22 AprNew Defense Department cyber strategy imminent, official saysThe U.S. Defense Department is crafting a new cyber strategy that will better align with the Trump administration’s plans to more aggressively combat digital adversaries, a senior official told the House Armed Services Committee.THERECORD.MEDIA
22 AprNCSC Unveils SilentGlass, a Plug-In Device to Protect Monitors from Cyber-AttacksThe UK’s cybersecurity agency said the devices will be available for purchase by organizations around the worldINFOSECURITY-MAGAZINE.COM
22 AprSelf-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer TokensCybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens. The supply chain worm has been detected by both Socket and StepSecurity, with the companies…THEHACKERNEWS.COM
22 AprCISA director pick Sean Plankey withdraws his nominationPlankey had been waiting for more than a year, prompting the request to withdraw him as the one tapped to lead an agency now in further upheaval. The post CISA director pick Sean Plankey withdraws his nomination appeared first on CyberScoop .CYBERSCOOP.COM
22 AprHouse Republicans roll out national privacy billExperts say the federal legislation takes inspiration from states laws in Virginia and Kentucky, but a lack of bipartisan support could spell trouble. The post House Republicans roll out national privacy bill appeared first on CyberScoop .CYBERSCOOP.COM
22 AprAnonymous Competition Drives ExecutivesIntroducing anonymous leaderboards into security training led to a sharp increase in executive participation. Leaders could see their ranking—but not others’ identities. This approach removes public shaming while preserving competitive pressure. For high-achieving individuals, si…YOUTUBE.COM
22 AprTrump’s CISA director pick withdraws after tumultuous nominationCISA has been without a permanent director for more than a year, imperiling its efforts to establish a strategic direction.  CYBERSECURITYDIVE.COM
🔥 INCIDENT REPORTING 13[−]
22 Apr[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)[This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor&&#x23&#x3b;39&#x3b;s Degree in Applied Cybersecurity (BACS) program [1].] ISC.SANS.EDU
22 AprExclusive Anthropic Cyber Tool Mythos Accessed by Unapproved ActorsA group of unauthorized users has successfully bypassed access controls to reach Claude Mythos Preview, Anthropic’s closely guarded cybersecurity AI. This breach highlights critical concerns about third-party vendor security and the severe risks posed by advanced offensive AI fal…GBHACKERS.COM
22 AprFrench Authorities Confirm Data Breach Amid Hackers’ Data Leak AllegationsThe French National Agency for Secure Documents (ANTS) has officially confirmed a severe data breach affecting its central government portal. This critical infrastructure system manages the issuance of national identity cards, passports, vehicle registration certificates, and dri…GBHACKERS.COM
22 AprFormer Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber GangA former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCatINFOSECURITY-MAGAZINE.COM
22 AprRansomware Negotiator Pleads Guilty to BlackCat Schemesubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/insider-threats/ransomware-negotiator-pleads-guilty-blackcat-schemeSH.ITJUST.WORKS
22 AprUK cyber agency handling four major incidents a week as nation-state attacks surgeBritain's cybersecurity chief warned Tuesday that the country is handling four nationally significant cyber incidents every week, with the majority now traced back to hostile foreign governments rather than criminal hackers.THERECORD.MEDIA
22 AprFrench govt agency confirms breach as hacker offers to sell datasubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/french-govt-agency-confirms-breach-as-hacker-offers-to-sell-data/SH.ITJUST.WORKS
22 AprData Breaches at Healthcare Organizations in Illinois and Texas Affect 600,000 - SecurityWeeksubmitted by kid to cybersecurity 8 points | 0 comments https://www.securityweek.com/data-breaches-at-healthcare-organizations-in-illinois-and-texas-affect-600000/SH.ITJUST.WORKS
22 AprCosmetics giant Rituals confirms data breach of customer membership recordsThe cosmetics retailer, which counts 41 million customers in its membership data, declined to provide an accurate total number of customers affected.TECHCRUNCH.COM
22 AprFrench police arrest suspected hacker behind dozens of data breachesFrench authorities have arrested a suspected hacker believed to be behind dozens of data breaches targeting public institutions, sports federations and private organizations across the country.THERECORD.MEDIA
22 AprMalicious TikTok Downloader Extensions Quietly Compromised 130K UsersMalicious browser extensions disguised as TikTok downloaders compromised 130,000 users, exposing a growing blind spot in enterprise security. The post Malicious TikTok Downloader Extensions Quietly Compromised 130K Users appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprFrance confirms data breach at government agency that manages citizens’ IDsThe French government agency that issues and manages national IDs, passports, and other documents, announced that hackers stole the personal information of an unspecified number of citizens.TECHCRUNCH.COM
22 AprSmashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were notA company that ran anonymous tip lines for 35,000 American schools - handling reports of bullying, weapons, and self-harm - boasted on its website that it had suffered zero security breaches in over 20 years. A hacker called Internet Yiff Machine thought that sounded like a chall…GRAHAMCLULEY.COM
🕵️ THREAT INTELLIGENCE 40[−]
22 AprISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
22 AprWireshark tutorial: Capture vs. Display Filterssubmitted by monica_b1998 to cybersecurity 2 points | 0 comments https://slicker.me/wireshark/filters.htmlINFOSEC.PUB
22 AprNobody runs a marathon by accidentNobody wakes up on a Sunday, stretches, checks the weather, and accidentally clocks 26.2 miles before brunch. A marathon is built on lonely mornings, careful plans, lost toenails, and no social life. You train for weeks or months. You get injured. You ice. You tape. You pick prot…KNOWBE4.COM
22 AprMicrosoft-Signed Binary Helps Deliver LOTUSLITE in India Spy CampaignMicrosoft-signed developer tooling is being abused to quietly deploy a new LOTUSLITE backdoor variant against India’s banking sector, in what researchers link to the China‑nexus Mustang Panda espionage cluster with moderate confidence. The backdoor retains its espionage profile, …GBHACKERS.COM
22 AprScale Computing Spotlights Edge Wins in Retail, K-12At Platform//2026, Scale Computing showed how Taco Bell and a K-12 district use edge infrastructure to simplify IT and improve uptime. The post Scale Computing Spotlights Edge Wins in Retail, K-12 appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprAmazon, Anthropic Expand Alliance With 5GW Compute Push to Power ClaudeAmazon and Anthropic have announced a massive expansion of their strategic partnership. The tech giants signed a new agreement to secure up to 5 gigawatts (GW) of compute capacity for training and deploying the Claude AI model. This aggressive push highlights the immense infrastr…GBHACKERS.COM
22 AprHackers Tie Iranian Espionage to CastleRAT and ChainShellA direct operational link between Iran’s MuddyWater espionage group and the Russian TAG-150 CastleRAT malware-as-a-service (MaaS) platform, showing how state and criminal ecosystems are now tightly intertwined. Investigators recovered 15 malware samples, including at least two Ca…GBHACKERS.COM
22 AprMustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy CirclesCybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that's distributed via a theme related to India's banking sector. "The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access…THEHACKERNEWS.COM
22 AprAuraboros RAT Adds Live Audio, Keylogging, and Cookie Theft via Open C2 PanelA fully exposed command-and-control (C2) panel for a previously undocumented remote access trojan (RAT) framework dubbed Auraboros, supporting live audio streaming, intensive keylogging, browser credential theft, and multi-cookie hijacking all accessible over the internet with ze…GBHACKERS.COM
22 AprMicrosoft warns of fake IT worker identities infiltrating cloud environmentsMicrosoft is warning that North Korea‑aligned group Jasper Sleet is abusing remote hiring to slip fake IT workers into cloud environments by posing as legitimate staff and then abusing trusted access. Since the pandemic, many companies hire globally, verify identities online, and…GBHACKERS.COM
22 AprUnauthorized Group Gains Access to Anthropic's Exclusive Cyber Tool Mythossubmitted by kid to cybersecurity 8 points | 0 comments https://cybersecuritynews.com/anthropic-mythos-access/SH.ITJUST.WORKS
22 AprWhen Wi-Fi Encryption Fails: Protecting Your Enterprise from AirSnitch AttacksUnit 42 research reveals AirSnitch attacks bypass WPA2/3 Wi-Fi encryption and client isolation, exposing critical infrastructure vulnerabilities. The post When Wi-Fi Encryption Fails: Protecting Your Enterprise from AirSnitch Attacks appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
22 AprICE Uses Graphite SpywareICE has admitted that it uses spyware from the Israeli company Graphite.SCHNEIER.COM
22 AprFrench Fintech Accounts Used to Launder Stolen Funds Before DetectionCybercriminals are turning French freelancer fintech accounts into high-speed money laundering channels, moving stolen funds within minutes often before banks or victims realise anything is wrong. Fintech platforms like Revolut, Wise and N26 allow fast, remote account opening, li…GBHACKERS.COM
22 AprNGate NFC malware targets Android users through trojanized payment app - Help Net Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2026/04/21/android-ngate-nfc-malware/SH.ITJUST.WORKS
22 AprMicrosoft Must Face £2.1B UK Cloud Licensing LawsuitA UK tribunal has allowed a £2.1 billion lawsuit over Microsoft’s cloud licensing to move forward, adding new pressure to how Windows Server is priced outside Azure. The post Microsoft Must Face £2.1B UK Cloud Licensing Lawsuit appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprResearchers Uncover SIM Farm-as-a-Service Operation Spanning 87 Panels in 17 NationsInfrastructure intelligence firm Infrawatch has exposed a globally distributed SIM Farm-as-a-Service ecosystem powered by a single Belarus-based software platform called ProxySmart, identifying 87 exposed control panels across 17 countries and at least 94 physical phone-farm loca…GBHACKERS.COM
22 AprAzure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations | CSO Onlinesubmitted by kid to cybersecurity 2 points | 0 comments https://www.csoonline.com/article/4161389/azure-sre-agent-flaw-let-outsiders-silently-eavesdrop-on-enterprise-cloud-operations.htmlSH.ITJUST.WORKS
22 AprPhishing Campaigns Abuse AI Workflow Automation PlatformsThreat actors are abusing agentic AI automation platforms to deliver malware and send phishing emails, according to researchers at Cisco Talos. The researchers observed attackers using n8n, a legitimate platform that automates workflows in web apps and services like Slack, GitHub…KNOWBE4.COM
22 AprMalicious Google Ads Hit Crypto Users With Wallet DrainersMalicious Google Ads are increasingly being used to steal cryptocurrency by draining wallets and harvesting seed phrases from unsuspecting users searching for legitimate DeFi apps and wallet services. Recent campaigns tracked by SEAL show a sustained, technically advanced operati…GBHACKERS.COM
22 AprDownloads falsos do Google Antigravity estão roubando contas em questão de minutos | Malwarebytessubmitted by kid to cybersecurity 1 points | 0 comments https://www.malwarebytes.com/pt-br/blog/threat-intel/2026/04/fake-google-antigravity-downloads-are-stealing-accounts-in-minutesSH.ITJUST.WORKS
22 AprMore Attack Context for Faster Triage, Response, and Hunting. Now Available to Every SOCANY.RUN has expanded access to Threat Intelligence capabilities for SOC and MSSP teams, backed by live attack data from 15,000 organizations.  Here’s how your team can test TI’s impact on triage quality, response speed, and threat hunting workflows.…ANY.RUN
22 AprWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
22 AprHarvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph APIThe threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of attacks likely targeting entities in South Asia. "The malware uses the legitimate Microsoft Graph API and Outlook mailboxes as a covert command-and-control (C2…THEHACKERNEWS.COM
22 AprPhishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco saysHackers can now spin up fake login pages without writing a single line of code.CYBERSECURITYDIVE.COM
22 AprNetwork Engineering BasicsThe computer networking field is broad, encompassing many focus areas similar to cybersecurity. If you’re new to the field or just interested in networking, knowing where to start can be challenging. Searching for a network engineer position on any job listing site will yield tho…BLACKHILLSINFOSEC.COM
22 AprRevolut Reportedly Targets $200B IPO Valuation in Huge Fintech BetRevolut is reportedly targeting a $200 billion IPO valuation by 2028, a goal that would put the fintech above BlackRock, UBS, and Charles Schwab. The post Revolut Reportedly Targets $200B IPO Valuation in Huge Fintech Bet appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprThe Supreme Court is about to decide how far geofence warrants can goChatrie v. United States asks whether a single warrant can justify a location-data dragnet — and what “probable cause” means when the search starts with basically everyone nearby. The post The Supreme Court is about to decide how far geofence warrants can go appeared first on Cyb…CYBERSCOOP.COM
22 AprAI Tools Are Helping Mediocre North Korean Hackers Steal MillionsOne group of hackers used AI for everything from vibe coding their malware to creating fake company websites—and stole as much as $12 million in three months.WIRED.COM
22 AprAuthentication No Longer Means SafeOrganizations like Nacha are redefining what counts as an authorized transaction. Traditionally, valid credentials meant legitimacy—but that assumption is changing. With AI-driven scams and deepfakes, attackers can manipulate users into making “authorized” transactions. This intr…YOUTUBE.COM
22 AprHackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal DataHackers are abusing Microsoft Teams chats to impersonate IT support, gain remote access, move laterally, and steal company data, Microsoft warns. The post Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprMalicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply ChainCybersecurity researchers have warned of malicious images pushed to the official "checkmarx/kics" Docker Hub repository. In an alert published today, software supply chain security company Socket revealed that unknown threat actors managed to have overwritten existing tags, inclu…THEHACKERNEWS.COM
22 AprKelpDAO suffers $290 million heist tied to Lazarus hackerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/kelpdao-suffers-290-million-heist-tied-to-lazarus-hackers/SH.ITJUST.WORKS
22 AprFake Google Antigravity Installer Can Steal Accounts in MinutesFake Antigravity downloads are enabling fast account takeovers using hidden malware and stolen session cookies. The post Fake Google Antigravity Installer Can Steal Accounts in Minutes appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprMicrosoft: Most Windows 11 Users Don’t Need Third-Party AntivirusMicrosoft says Windows 11’s built-in security is strong enough for most users, though power users and enterprises may still want third-party protection. The post Microsoft: Most Windows 11 Users Don’t Need Third-Party Antivirus appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprHarvester: APT Group Expands Toolset With New GoGra Linux Backdoorsubmitted by kid to cybersecurity 1 points | 0 comments https://www.security.com/blog-post/harvester-new-linux-backdoor-gograSH.ITJUST.WORKS
22 AprAI Demand Is Forcing a Rethink of Data Center Power, CoolingAt Data Center World, experts explain how generative and agentic AI are reshaping data center power, cooling, and infrastructure demands. The post AI Demand Is Forcing a Rethink of Data Center Power, Cooling appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprVonage, Girls Who Code Show What ‘Responsible AI’ Looks LikeVonage’s partnership with Girls Who Code is more than feel-good philanthropy; it’s a blueprint for building diverse AI talent pipelines. The post Vonage, Girls Who Code Show What ‘Responsible AI’ Looks Like appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprMozilla Fixes 271 Firefox Bugs Using Anthropic’s Mythos AIMozilla says Firefox 150 patches 271 vulnerabilities found with Anthropic’s restricted Mythos AI, highlighting how quickly AI-driven bug hunting is accelerating. The post Mozilla Fixes 271 Firefox Bugs Using Anthropic’s Mythos AI appeared first on TechRepublic .TECHREPUBLIC.COM
22 AprNorth Korean hackers siphon more than $12 million from crypto users in sprawling campaignResearchers said the group stole up to $12 million in cryptocurrency in the first three months of 2026 through malware attacks on personal devices.THERECORD.MEDIA
🌐 CYBER THREAT LANDSCAPE 7[−]
22 AprLotus Wiper Malware Targets Venezuelan Energy Systems in Destructive AttackCybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. Dubbed Lotus Wiper, the novel file wiper has been used in a destructive campaign targeting the energy an…THEHACKERNEWS.COM
22 AprResearcher claims Claude Desktop installs “spyware” on macOSA security researcher claims Claude Desktop installed spyware on his Mac. We examine the findings.MALWAREBYTES.COM
22 AprMalicious trading website drops malware that hands your browser to attackersA fake TradingView AI agent site leads to malware that can take over your browser, steal your accounts and financial data, and open the door to further attacks.MALWAREBYTES.COM
22 AprUK government says 100 countries have spyware that can hack people’s phonesThe U.K.'s cybersecurity chief warned that U.K. businesses and critical infrastructure are underestimating the threat from spyware attacks and other cyberthreats, with more governments having access to the powerful surveillance technology than ever.TECHCRUNCH.COM
22 AprTargeting developers: real-world cases, tactics, and defense strategies | Kaspersky official blogDeveloper-focused attacks: from malicious npm packages and GitHub phishing, to fake interviews and take-home assignments.KASPERSKY.COM
22 AprHackers deployed wiper malware in destructive attacks on Venezuela’s energy sectorHackers deployed a previously unknown wiper malware against Venezuela’s energy and utilities sector in an attack that appears to have been designed to destroy systems.THERECORD.MEDIA
22 AprLABScon25 Replay | Are Your Chinese Cameras Spying For You Or On You?Marc Rogers and Silas Cutler expose how cheap smart home devices conceal a shadow supply chain of shell companies, firmware flaws, and foreign data routing.SENTINELONE.COM
🎙️ PODCASTS 2[−]
22 AprAlignment Episode: How Traci Byrne Works Across CISOs, Startups, and PartnersTraci Byrne has spent a lot of her time aligning CISOs, startups, and internal teams. In this episode, she breaks down how she does that, starting with listening, understanding what each side is trying to do, and using that to guide decisions without forcing them. That same appro…THECYBERWIRE.COM
22 AprThe AI-driven gap between innovation and security with Brian Vecci from VaronisBrian Vecci, Field CTO at Varonis joins Dave Bittner on the CyberWire Daily podcast for a sponsored Industry Voices at the RSA Conference 2026. He explains how the rapid shift to autonomous AI agents is widening the gap between innovation and security, and why organizations must …THECYBERWIRE.COMHTTPS:
📡 INFOSEC NEWS 12[−]
22 AprWeekly Threat Bulletin – April 22nd, 2026These are the top threats you should know about this week.F5.COM
22 AprWinter 2025 SOC 1 report is now available with 184 services in scopeAmazon Web Services (AWS) is pleased to announce that the Winter 2025 System and Organization Controls (SOC) 1 report is now available. The report covers 184 services over the 12-month period from January 1, 2025 – December 31, 2025, giving customers a full year of assurance. Thi…AWS.AMAZON.COM
22 AprVenezuela energy sector targeted by highly destructive Lotus wiperLotus Wiper hit Venezuelan energy systems, used scripts to disable defenses, then erased all data beyond recovery. Kaspersky researchers found Lotus Wiper targeting Venezuela’s energy and utilities sector amid regional tensions in 2025–2026. Attackers first used batch scripts to …SECURITYAFFAIRS.COM
22 AprResearchers Uncover ProxySmart Software Powering 90+ SIM FarmsInfrawatch says ProxySmart platform enables SIM farm activity at “industrial scale”INFOSECURITY-MAGAZINE.COM
22 AprSurge in Silent Subject Phishing Attacks Targets VIP UsersNull subject phishing campaigns bypass filters and target VIPs with QR code and RMM abuseINFOSECURITY-MAGAZINE.COM
22 AprChina’s cyber capabilities now equal to the US, warns Dutch intelligenceDutch intelligence says the threat from Beijing is now largely going unmet and is so sophisticated its operations are regularly missed by intelligence agencies and cybersecurity defenders.THERECORD.MEDIA
22 AprCritical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters22 BRIDGE:BREAK flaws hit Lantronix and Silex Technology converters, exposing approximately 20,000 devices to hijacking and data tampering. Researchers at Forescout Research Vedere Labs found 22 BRIDGE:BREAK flaws in serial-to-IP devices from Lantronix and Silex Technology. Seria…SECURITYAFFAIRS.COM
22 AprUK Commits £90m for Cybersecurity and Pushes for ‘Resilience Pledge’UK unveils £90m cybersecurity funding at CYBERUK to boost SME resilience, promote Cyber Essentials and a new Cyber Resilience Pledge, sparking industry debateINFOSECURITY-MAGAZINE.COM
22 AprUnauthorized users gain access to Anthropic's Mythos model.Mustang Panda targets India's financial sector. Business news: Artemis emerges from stealth with $70 million.THECYBERWIRE.COM
22 AprA technical walkthrough of multicloud full-stack security using AWS Security Hub ExtendedBuilding on our recent announcement of AWS Security Hub Extended —our full-stack enterprise security offering — we want to show you how we’re simplifying security procurement and operations for your multicloud environments. Whether you’re a security architect evaluating solutions…AWS.AMAZON.COM
22 AprMacOS Native Tools Enable Stealthy Enterprise AttacksmacOS LOTL techniques bypass detection using native tools and metadata abuseINFOSECURITY-MAGAZINE.COM
22 AprArtemis emerges from stealth with $70 million in funding.ServiceNow completes its acquisition of Armis.THECYBERWIRE.COM