214Articles
8Categories
2026-04-23Date
🚨 CISA KEV 1[−]
23 Apr KEVU.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalogThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Defender, tracked as CVE-2026-33825 (CVSS s…SECURITYAFFAIRS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 105[−]
23 AprCVE-2026-35239Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-34271Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-35238Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-34267Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-22005Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-22015Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31455 xfs: stop reclaim before pushing AIL during unmountInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31476 ksmbd: do not expire session on binding failureInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31461 drm/amd/display: Fix drm_edid leak in amdgpu_dmInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31441 dmaengine: idxd: Fix memory leak when a wq is resetInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31495 netfilter: ctnetlink: use netlink policy range checksInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31448 ext4: avoid infinite loops caused by residual dataInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31477 ksmbd: fix memory leaks and NULL deref in smb2_lock()Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31450 ext4: publish jinode after initializationInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31493 RDMA/efa: Fix use of completion ctx after freeInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-34278Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-21998Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-35237Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-22009Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-34270Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-34293Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-22002Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-22017Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-34303Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-34308Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-34304Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-34276Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-22004Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-22001Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-35240Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-35236Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-40706Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-3219 pip doesn't reject concatenated ZIP and tar archivesInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31524 HID: asus: avoid memory leak in asus_report_fixup()Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31487 spi: use generic driver_override infrastructureInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31515 af_key: validate families in pfkey_send_migrate()Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31506 net: bcmasp: fix double free of WoL irqInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31462 drm/amdgpu: prevent immediate PASID reuse caseInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31523 nvme-pci: ensure we're polling a polled queueInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31497 Bluetooth: btusb: clamp SCO altsetting table indicesInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31440 dmaengine: idxd: Fix leaking event log memoryInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31431 crypto: algif_aead - Revert to operating out-of-placeInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31489 spi: meson-spicc: Fix double-put in remove pathInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31482 s390/entry: Scrub r12 register on kernel entryInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31518 esp: fix skb leak with espintcp and async cryptoInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31520 HID: apple: avoid memory leak in apple_report_fixup()Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31485 spi: spi-fsl-lpspi: fix teardown order issue (UAF)Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31528 perf: Make sure to use pmu_ctx->pmu for groupsInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31503 udp: Fix wildcard bind conflict check when using hash2Information published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31467 erofs: add GFP_NOIO in the bio completion if neededInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-31494 net: macb: use the current queue number for statsInformation published.MSRC.MICROSOFT.COM
23 AprCVE-2026-5187 Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSLInformation published.MSRC.MICROSOFT.COM
23 AprApple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic CaseApple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device. The vulnerability, tracked as CVE-2026-28950 (CVSS score: N/A), has been described as a logging issue that has been addresse…THEHACKERNEWS.COM
23 AprAttackers Exploit LMDeploy Flaw in the Wild Within 12 Hours of AdvisoryA critical Server-Side Request Forgery (SSRF) vulnerability in LMDeploy’s vision-language module was exploited in active attacks just 12 hours and 31 minutes after its public disclosure, with no proof-of-concept code required. On April 21, 2026, GitHub published security ad…GBHACKERS.COM
23 AprApple Patches Exploited Notification Flaw, (Thu, Apr 23rd)Apple yesterday released iOS/iPadOS 26.4.2 and iOS/iPadOS 18.7.8. This update fixes a single Notification Services vulnerability, CVE-2026-28950: ISC.SANS.EDU
23 AprVU#748485: Unauthenticated configuration modification vulnerability in Central Office Services - Content Hosting ComponentOverview A security flaw exists in the configuration management endpoint of the DRC INSIGHT software, allowing an unauthenticated user with access to the same network as the server to modify the server’s configuration file. This could enable data exfiltration, traffic redirection…KB.CERT.ORG
23 ApriOS Flaw Let Deleted Notifications Linger, Apple Issues FixApple fixed an iOS flaw that kept deleted notifications on devices, allowing recovery of messages, including from apps like Signal. Apple released updates for iOS and iPadOS to address the vulnerability CVE-2026-28950, a flaw in Notification Services that stored notifications eve…SECURITYAFFAIRS.COM
23 AprUAT-4356's Targeting of Cisco Firepower DevicesCisco Talos is aware of UAT-4356's continued active targeting of Cisco Firepower devices’ Firepower eXtensible Operating System (FXOS). UAT-4356 exploited n-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) to gain unauthorized access to vulnerable devices.TALOSINTELLIGENCE.COM
⚠️ VULNERABILITY DISCLOSURE 39[−]
23 AprMalicious pgserve, automagik developer tools found in npm registryApplication developers are being warned that malicious versions of pgserve, an embedded PostgreSQL server for application development, and automagik, an AI coding tool, have been dropped into the npm JavaScript registry, where they could poison developers’ computers. Downloading …CSOONLINE.COM
23 AprClaude Mythos signals a new era in AI-driven security, finding 271 flaws in FirefoxThe Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this month, has discovered 271 vulnerabilities in version 148 of …CSOONLINE.COM
23 AprRiddled with flaws, serial-to-Ethernet converters endanger critical infrastructureSerial-to-Ethernet adapters used in industrial, retail, and healthcare environments to link serial devices to TCP/IP networks are riddled with vulnerabilities and outdated open-source components, researchers warn. The flaws enable various attacks scenarios, including taking full …CSOONLINE.COM
23 AprSLAM, scam, thank you ma’am.This week, while Maria is on vacation, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Dave Bittner⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ are joined by ⁠Michele Kellerman⁠ as they discuss the latest in social engineeri…THECYBERWIRE.COM
23 AprApple Patches Privacy Issue Exposing Signal Message Data Through NotificationsApple recently rolled out iOS 26.4.2 and iPadOS 26.4.2 to patch a critical privacy vulnerability affecting millions of users. Released on April 22, 2026, this vital security update addresses a flaw that could accidentally expose sensitive message data from secure applications, mo…GBHACKERS.COM
23 AprClaude Mythos Exposes 271 Zero-Day Security Flaws in FirefoxMozilla has released Firefox 150, addressing a staggering 271 zero-day vulnerabilities. The security team identified these latent flaws using Anthropic’s early-stage Claude Mythos Preview AI model. This massive cleanup represents a major shift in how tech companies detect a…GBHACKERS.COM
23 AprApple fixes iOS privacy flaw that allowed Signal message retrievalApple has released iOS 26.4.2 and iPadOS 26.4.2 to fix a privacy issue that could cause deleted app notifications, including message content, to persist on devices. The update directly addresses concerns raised after reports revealed that law enforcement could recover Signal mess…CYBERINSIDER.COM
23 AprVercel Finds More Compromised Accounts in Context.ai-Linked BreachVercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security incident that enabled unauthorized access to its internal systems. The company said it made the discovery after expanding its investigation to in…THEHACKERNEWS.COM
23 AprMicrosoft taps Anthropic’s Mythos to strengthen secure software developmentMicrosoft plans to integrate Anthropic’s Mythos AI model into its Security Development Lifecycle, a move that suggests advanced generative AI is beginning to play a direct role in how major software vendors identify vulnerabilities and harden code against attack. The company said…CSOONLINE.COM
23 AprResearchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI AgentsForcepoint has found 10 new indirect prompt injection attacks targeting AI agentsINFOSECURITY-MAGAZINE.COM
23 AprApple fixes iOS bug that kept deleted notifications, including chat previewsA vulnerability in iPhones and iPads allowed law enforcement to recover deleted notifications, including Signal message previews.MALWAREBYTES.COM
23 Apr[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI SpeedImagine a world where hackers don't sleep, don't take breaks, and find weak spots in your systems instantly. Well, that world is already here. Thanks to AI, attackers are now launching automated, large-scale exploits faster than ever before. The time you have to fix a vulnerabili…THEHACKERNEWS.COM
23 AprGoogle gets agent-ready for the Mythos ageIn response to Anthropic Mythos, instead of launching another LLM, Google unveiled a broad push toward agentic, AI-driven defense at Google Cloud Next ‘26 to help SOC analysts as they scramble to keep up with the influx of CVEs Mythos threatens. As Mythos promises more vulnerabil…CSOONLINE.COM
23 AprDNN vulnerability puts 750,000 websites at risk​ | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/security/dnn-vulnerability-enables-rce-exploits-on-web-servers/SH.ITJUST.WORKS
23 AprFlaw in Microsoft-owned GitHub repository allowed RCE via issue submission | news | SC Mediasubmitted by kid to cybersecurity 7 points | 0 comments https://www.scworld.com/news/flaw-in-microsoft-owned-github-repository-allowed-rce-via-issue-submissionSH.ITJUST.WORKS
23 AprTrailmark turns code into graphsWe’re open-sourcing Trailmark , a library that parses source code into a queryable call graph of functions, classes, call relationships, and semantic metadata, then exposes that graph through a Python API that Claude skills can call directly. Install it now: uv pip install …TRAILOFBITS.COM
23 AprVercel Confirms Security Breach Affecting Customer AccountsVercel has confirmed a security breach involving unauthorised access to certain internal systems, and the company says the incident affected a limited number of customer accounts and stored data. The cloud platform provider disclosed that it is actively investigating the incident…GBHACKERS.COM
23 AprOffer customers passkeys by default, UK’s NCSC tells enterprisesThe UK’s National Cyber Security Centre (NCSC) is recommending passkeys as the default authentication method for businesses to offer consumers, citing industry progress that now makes them a more secure and user-friendly alternative to passwords. In a blog post published this wee…CSOONLINE.COM
23 AprHouse Republicans unveil data privacy law that would override state protectionsThe bill, known as the SECURE Data Act, is backed by top Republicans on the House Energy and Commerce and Financial Services committees.THERECORD.MEDIA
23 AprThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New StoriesYou scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes. The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. A…THEHACKERNEWS.COM
23 AprVercel says some of its customers’ data was stolen prior to its recent hackThe app and website hosting company has found evidence of a second compromise of customer accounts after expanding its initial investigation following a breach in early April.TECHCRUNCH.COM
23 AprSnow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware SuiteWritten by: JP Glab, Tufail Ahmed, Josh Kelley, Muhammad Umair Introduction Google Threat Intelligence Group (GTIG) identified a multistage intrusion campaign by a newly tracked threat group, UNC6692, that leveraged persistent social engineering, a custom modular malware suite, a…CLOUD.GOOGLE.COM
23 AprSony to enforce age checks for PlayStation users in the UK starting in JuneSony has announced that UK-based PlayStation users will soon need to verify their age to maintain access to key social features, with enforcement set to begin in June 2026. While players will still be able to access games and purchases, unverified accounts will face growing featu…CYBERINSIDER.COM
23 AprFive steps to become Mythos readyAI is uncovering vulnerabilities at a scale that will overwhelm legacy defenses. Here is how to build a security organization that is Mythos ready. Key takeaways While frontier AI models like Claude Mythos boost cyber defenses, they also empower attackers to discover and weaponiz…TENABLE.COM
23 AprSurveillance vendors exploit telecom weaknesses.Sean Plankey withdraws nomination to serve as CISA director. GopherWhisper targets Mongolian government entities.THECYBERWIRE.COM
23 AprLuxury cosmetics giant Rituals discloses data breach impacting member personal detailsRituals disclosed a breach where hackers accessed and downloaded some My Rituals members’ data, including names and addresses. Luxury cosmetics giant Rituals disclosed a data breach impacting My Rituals members after attackers gained unauthorized access to its systems and downloa…SECURITYAFFAIRS.COM
23 AprRecent Microsoft Defender Vulnerability Exploited as Zero-Day - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/recent-microsoft-defender-vulnerability-exploited-as-zero-day/SH.ITJUST.WORKS
23 AprSurveillance companies exploiting telecom system to spy on targets’ locations, research showsThe campaigns exploited a weakness in telecom infrastructure to allow the unnamed vendors to secretly pose as real cellular providers and pinpoint victims’ locations.THERECORD.MEDIA
23 AprCISA: US agency breached through Cisco vulnerability, FIRESTARTER backdoor allowed access through MarchCISA said the unnamed department was infected with malware called “FIRESTARTER” that allowed the hackers to return to the Cisco device in March without re-exploiting the original vulnerabilities.THERECORD.MEDIA
23 AprSurveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilitiesResearchers said it’s the first-ever mapping of attack traffic to mobile operator signalling infrastructure. The post Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities appeared first on CyberScoop .CYBERSCOOP.COM
23 AprMicrosoft Offers First-Ever Retirement Buyouts to Thousands of EmployeesMicrosoft is offering first-ever retirement buyouts to some US employees as AI-driven data center spending grows and tech layoffs continue. The post Microsoft Offers First-Ever Retirement Buyouts to Thousands of Employees appeared first on TechRepublic .TECHREPUBLIC.COM
23 Apr3 practical ways AI threat detection improves enterprise cyber resilienceWhy “more alerts” isn’t the same as better security If you run security in an enterprise environment, you already know the problem. Generic detection tools generate thousands of alerts, most of them low value. Analysts spend hours chasing noise while attackers quietly move latera…CSOONLINE.COM
23 AprThe curious case of Sean Plankey’s derailed CISA nominationDonald Trump’s nominee to lead the Cybersecurity and Infrastructure Security Agency (CISA), Sean Plankey, informed Homeland Security Secretary Markwayne Mullin and the White House that he is withdrawing his nomination after a 13-month stall, during which the well-regarded cyberse…CSOONLINE.COM
23 AprYour signal is showing.Researchers expose covert telecom surveillance campaigns. Lawmakers push new national privacy rules. China-linked actors hide inside compromised device networks. A ransomware forum leak reveals a criminal marketplace. GopherWhisper blends into cloud services for espionage. Attack…THECYBERWIRE.COM
23 AprBack to (or Start) Fundamentals? - Rajesh Khazanchi - PSW #923This week: Larry’s in the host seat and chaos ensues. We dig into: - A very questionable story about tracking a warship with a $5 Bluetooth tracker - Serial-to-IP devices quietly sitting in critical infrastructure… and full of holes - New York regulators mandating MFA and asset i…YOUTUBE.COM
23 AprAI threats in the wild: The current state of prompt injections on the webPosted by Thomas Brunner, Yu-Han Liu, Moni Pande At Google, our Threat Intelligence teams are dedicated to staying ahead of real-world adversarial activity, proactively monitoring emerging threats before they can impact users. Right now, Indirect Prompt Injection (IPI) is a top p…SECURITY.GOOGLEBLOG.COM
23 AprSupply Chain Defense LimitsA proposed security tool intercepts software package installs and checks them against a cloud database of known malicious or compromised packages, similar to traditional antivirus systems. While this approach can block known threats, it remains dependent on signature-based detect…YOUTUBE.COM
23 AprVercel attack fallout expands to more customers and third-party systemsThe company said it found more evidence of compromise across its customer base. Exposure, which has yet to be defined, poses significant downstream risk. The post Vercel attack fallout expands to more customers and third-party systems appeared first on CyberScoop .CYBERSCOOP.COM
23 AprBitwarden CLI password manager trojanized in supply chain attackResearchers warn of a new software supply chain attack that resulted in a malicious version of Bitwarden CLI, the terminal version of the extremely popular open-source password manager. The attack is believed to be related to the string of recent supply chain compromises attribut…CSOONLINE.COM
📢 SECURITY ADVISORIES 7[−]
23 AprNCSC Backs Passkeys, Hailing a New Era of Sign-inThe UK’s NCSC has fully backed passkeys as consumers’ first choice for login, citing progress with FIDO and successful use across the NHSINFOSECURITY-MAGAZINE.COM
23 AprDefending Against China-Nexus Covert Networks of Compromised Devices | CISAsubmitted by kid to cybersecurity 2 points | 0 comments https://www.cisa.gov/news-events/cybersecurity-advisories/aa26-113aSH.ITJUST.WORKS
23 AprTrump’s pick for CISA director withdraws from considerationSean Plankey reportedly told colleagues that he needed to focus on assuaging concerns about his Coast Guard work that had led Sen. Rick Scott (R-FL) to block his nomination.THERECORD.MEDIA
23 AprChina disguises cyberattacks with ‘covert network’ botnets, US and allies warnA new security advisory highlights Beijing’s stealthy techniques.CYBERSECURITYDIVE.COM
23 AprA dozen allied agencies say China is building covert hacker networks out of everyday routersThe joint warning describes a major tactical shift by Chinese-linked hackers and lays out what organizations should do about it. The post A dozen allied agencies say China is building covert hacker networks out of everyday routers appeared first on CyberScoop .CYBERSCOOP.COM
23 AprTrump’s pick to run US cyber agency CISA asks to drop outSean Plankey has requested to withdraw his name to run the U.S. cybersecurity agency after a tumultuous year of chaotic temporary leadership.TECHCRUNCH.COM
23 AprUS, UK agencies warn hackers were hiding on Cisco firewalls long after patches were appliedInvestigators found the malware, dubbed Firestarter, on a federal agency's network in a campaign dating back to at least September 2025. The post US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied appeared first on CyberScoop .CYBERSCOOP.COM
🔥 INCIDENT REPORTING 13[−]
23 AprHow does AI change the economics of cybercrime?Robert (Bob) McArdle has spent two decades tracking cybercriminals - from ransomware groups to nation-state actors to financially motivated crime organizations. As a result, he has a front-row seat on how agentic AI is reshaping the threat landscape right now. In conversation wit…THECYBERWIRE.COM
23 AprCheckmarx KICS Docker Repo Hijacked in Malicious Code Injection AttackA massive software supply chain attack has targeted the official Checkmarx KICS (Keeping Infrastructure as Code Secure) Docker Hub repository. Discovered on April 22, 2026, by Docker and Socket, the compromise involves trojanized Docker images and malicious VS Code extensions des…GBHACKERS.COM
23 AprBreach SchoolWhat does it take to go from staring at forensic images to sitting across from a CEO whose company is on fire? ⁠Steve Elovitz⁠ has spent his entire career in the room when things go wrong. He started in forensics and eDiscovery at PwC, moved to Booz Allen doing government work, t…THECYBERWIRE.COM
23 AprXinference PyPI Breach Exposes Developers to Cloud Credential TheftA severe supply chain attack has compromised the popular Python package Xinference, exposing developers to massive data theft. Threat actors uploaded malicious versions of the tool to the Python Package Index (PyPI), embedding a heavily obfuscated infostealer into the code. Xinfe…GBHACKERS.COM
23 AprLazarus Lures Developers With Backdoored Coding TestsNorth Korea-linked hackers are using AI-assisted malware and backdoored coding challenges to quietly loot millions in cryptocurrency from Web3 developers. Expel assesses with high confidence that HexagonalRodent is a DPRK state-sponsored subgroup that likely evolved from fraudule…GBHACKERS.COM
23 AprMalicious npm Package Hijacks Hugging Face for Malware DeliveryMalicious npm package js-logger-pack is now abusing Hugging Face not just as a malware CDN, but also as a live exfiltration backend for stolen data, turning a popular AI platform into part of a full-featured cross‑platform implant chain. Earlier campaign phases already used Huggi…GBHACKERS.COM
23 AprRAMP Uncovered: Anatomy of Russia’s Ransomware MarketplaceLeaked data from RAMP reveals Russia’s ransomware ecosystem, analyzing 1,732 threads, 7,707 users, and 340,000 IP records from the forum. RAMP was not just another dark web forum. It was one of the clearest examples of how ransomware has become an organized marketplace, with sell…SECURITYAFFAIRS.COM
23 AprDiscord-Linked Group Accessed Anthropic’s Claude Mythos AI in Vendor Breachsubmitted by kid to cybersecurity 10 points | 0 comments https://hackread.com/discord-access-anthropic-claude-mythos-ai-breach/SH.ITJUST.WORKS
23 AprMost Serious Cyberattacks Against the UK Now From Russia, Iran and China, Cyber Chief Says - SecurityWeeksubmitted by kid to cybersecurity 4 points | 0 comments https://www.securityweek.com/most-serious-cyberattacks-against-the-uk-now-from-russia-iran-and-china-cyber-chief-says/SH.ITJUST.WORKS
23 AprBitwarden CLI Compromised in Ongoing Checkmarx Supply Chain CampaignBitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from Socket. "The affected package version appears to be @bitwarden/cli@2026.4.0, and the malicious code was published in 'bw1.js,' a file inc…THEHACKERNEWS.COM
23 AprHow cyberattacks on companies affect everyoneWe look at how cybercrime targeting companies affects all of us, especially their customers.MALWAREBYTES.COM
23 AprBitwarden CLI backdoored in Checkmarx supply chain attackThe Bitwarden CLI has been compromised as part of the ongoing Checkmarx supply chain campaign, with attackers injecting malicious code into an official release through a poisoned CI/CD workflow. According to a brief report from the Socket Research Team, the compromised package is…CYBERINSIDER.COM
23 AprUNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW MalwareA previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts. "As with many other intrusions in recent years, UNC6692 relied heavily on imperson…THEHACKERNEWS.COM
🕵️ THREAT INTELLIGENCE 32[−]
23 AprISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904, (Thu, Apr 23rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
23 AprFake TradingView AI Site Spreads Needle Stealer Through Phony TradingClaw AppA fake TradingView AI agent website is delivering Needle Stealer malware through a bogus “TradingClaw” assistant that can hijack victims’ browsers, drain financial accounts, and enable follow‑on attacks. The campaign targets traders seeking automated strategies on TradingView, ca…GBHACKERS.COM
23 AprTropic Trooper Uses Custom Beacon and VS Code Tunnels for Stealthy Remote AccessA new Tropic Trooper campaign that combines a trojanized PDF reader, a custom AdaptixC2 Beacon listener, and Visual Studio (VS) Code tunnels to gain and maintain remote access to targeted systems. The operation appears to focus on Chinese-speaking individuals in Taiwan, as well a…GBHACKERS.COM
23 AprFake Wallpaper App, YouTube Channel Used to Spread notnullOSX MalwareHackers are abusing a fake macOS wallpaper app and a hijacked YouTube channel to quietly deliver notnullOSX, a new crypto-focused stealer that targets Macs via ClickFix commands and weaponized DMG installers. The campaign is highly selective, going after victims with crypto holdi…GBHACKERS.COM
23 AprMicrosoft Graph API misused by new GoGra Linux malware for hidden communicationA new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Graph API and an Outlook inbox to deliver malicious payloads stealthily. The malware is l…SECURITYAFFAIRS.COM
23 AprWhat Is Square? Pricing, Features & How It WorksSquare is a payment processing platform with built-in POS and business management tools for in-person and online sales. Here’s how it works, what it costs, and its ideal use cases. The post What Is Square? Pricing, Features & How It Works appeared first on TechRepublic .TECHREPUBLIC.COM
23 AprNorth Korean Fake IT Workers Infiltrate Firms to Dodge SanctionsNorth Korean threat actors are once again leveraging deceptive remote work schemes to infiltrate global organizations, using fake IT worker personas to generate revenue and bypass international sanctions. A recent investigation, triggered by cryptocurrency security researcher Zac…GBHACKERS.COM
23 AprBrave brings “Shred” to Android for one-tap tracking data deletionBrave has expanded its “Shred” privacy feature to Android, bringing its one-tap, site-specific data deletion capability to a broader user base with the release of version 1.89. The feature, introduced on iOS in 2024, is designed to disrupt first-party tracking by allowing users t…CYBERINSIDER.COM
23 AprChina-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go BackdoorsMongolian governmental institutions have emerged as the target of a previously undocumented China-aligned advanced persistent threat (APT) group tracked as GopherWhisper. "The group wields a wide array of tools mostly written in Go, using injectors and loaders to deploy and execu…THEHACKERNEWS.COM
23 AprOutlook Mailboxes Used to Conceal Linux GoGra Backdoor TrafficA newly discovered Linux variant of the GoGra backdoor is being used by the Harvester advanced persistent threat (APT) group to conduct stealthy cyber espionage operations. Harvester, a suspected nation-state-backed group active since at least 2021, is known for targeting South A…GBHACKERS.COM
23 AprCan AI Attack the Cloud? Lessons From Building an Autonomous Cloud Offensive Multi-Agent SystemUnit 42 reveals how multi-agent AI systems can autonomously attack cloud environments. Learn critical insights and vital lessons for proactive security. The post Can AI Attack the Cloud? Lessons From Building an Autonomous Cloud Offensive Multi-Agent System appeared first on Unit…UNIT42.PALOALTONETWORKS.COM
23 AprFBI Extracts Deleted Signal Messages from iPhone Notification Database404 Media reports (alternate site ): The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification database…. The news shows h…SCHNEIER.COM
23 AprGitLab Fixes Flaws That Could Allow Attackers to Hijack User SessionsGitLab has released emergency security patches addressing 11 vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE), including three high-severity flaws that could allow attackers to execute malicious code, forge requests, and steal user session tokens. On …GBHACKERS.COM
23 AprOutlook Mailboxes Abused to Conceal Linux GoGra Backdoor TrafficThe Harvester APT group has quietly expanded its espionage arsenal with a new Linux variant of its GoGra backdoor, one that cleverly hides its command-and-control (C2) traffic within Microsoft Outlook mailboxes, making it significantly harder to detect with traditional network de…GBHACKERS.COM
23 AprSelf-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokenssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/04/self-propagating-supply-chain-worm.htmlSH.ITJUST.WORKS
23 AprFBI: Americans Lost More Than $20 billion to Fraud Last YearCyber-enabled crimes cost Americans nearly $21 billion in 2025, a 26% increase from the previous year, according to the FBI’s latest Internet Crime Report. Phishing, extortion, and investment scams were the most commonly reported attacks, with AI-related scams driving some of the…KNOWBE4.COM
23 AprPhishing reclaims the top initial access spot, attackers experiment with AI tools - Help Net Securitysubmitted by kid to cybersecurity 8 points | 0 comments https://www.helpnetsecurity.com/2026/04/22/cisco-phishing-initial-access-2026/SH.ITJUST.WORKS
23 AprMicrosoft releases emergency patches for critical ASP.NET flawsubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-security-updates-for-critical-aspnet-flaw/SH.ITJUST.WORKS
23 AprCloud Security Isn’t What You ThinkCloud computing relies on storing data in third-party environments under a shared responsibility model. Security outcomes depend less on the cloud itself and more on how systems are designed. Embedding controls early and continuously validating configurations can lead to stronger…YOUTUBE.COM
23 AprApple’s $599 Mac mini Just Sold Out EverywhereApple’s $599 Mac mini is now sold out, with shortages spreading across configurations amid supply and demand pressures. The post Apple’s $599 Mac mini Just Sold Out Everywhere appeared first on TechRepublic .TECHREPUBLIC.COM
23 AprAI-written software creates hassles for wary security teamsA new report explains what cybersecurity practitioners need to see before they trust AI coding tools. CYBERSECURITYDIVE.COM
23 AprGoogle’s Pixel Update Sparks ‘Severe’ Battery Drain Across Multiple ModelsGoogle Pixel users are reporting severe battery drain after recent Android updates, with complaints spanning multiple models and no confirmed fix yet. The post Google’s Pixel Update Sparks ‘Severe’ Battery Drain Across Multiple Models appeared first on TechRepublic .TECHREPUBLIC.COM
23 AprResearcher claims Claude Desktop installs “spyware” on macOSsubmitted by kid to cybersecurity 1 points | 0 comments https://www.malwarebytes.com/blog/news/2026/04/researcher-claims-claude-desktop-installs-spyware-on-macosSH.ITJUST.WORKS
23 AprIran-nexus threat groups refine attacks against critical infrastructureState-sponsored and hacktivist groups have shown greater determination to damage or disable energy, water and other key sectors.CYBERSECURITYDIVE.COM
23 AprNew Pentagon Plan Would Pour $54B Into Drones, AI Combat SystemsThe Pentagon is seeking about $54 billion for autonomous warfare and drone systems, a huge bet that is raising concerns about doctrine, training, and oversight. The post New Pentagon Plan Would Pour $54B Into Drones, AI Combat Systems appeared first on TechRepublic .TECHREPUBLIC.COM
23 AprApple Fixes iPhone Bug After FBI Retrieved Signal MessagesApple patched an iPhone notification bug that let deleted messages linger in system storage, closing a privacy gap exposed by an FBI Signal case. The post Apple Fixes iPhone Bug After FBI Retrieved Signal Messages appeared first on TechRepublic .TECHREPUBLIC.COM
23 AprTikTok Invests $1.16 Billion in New Finland Facility to Localize European DataTikTok is building a second data center in Finland as part of its Project Clover push to keep European user data stored within Europe. The post TikTok Invests $1.16 Billion in New Finland Facility to Localize European Data appeared first on TechRepublic .TECHREPUBLIC.COM
23 AprSamsung Galaxy Connect Now Works on Any Windows 11 PCSamsung Galaxy Connect now works on non-Samsung Windows 11 PCs with Intel or AMD chips, bringing continuity features beyond Galaxy Book laptops. The post Samsung Galaxy Connect Now Works on Any Windows 11 PC appeared first on TechRepublic .TECHREPUBLIC.COM
23 AprHackers Use Hidden Website Instructions in New Attacks on AI Assistantssubmitted by kid to cybersecurity 5 points | 0 comments https://hackread.com/hackers-hidden-site-instruction-attack-ai-assistants/SH.ITJUST.WORKS
23 AprIndia’s App Boom Has a Revenue ProblemIndia’s app market is booming in downloads and usage, but much of the money still flows to global platforms rather than local developers. The post India’s App Boom Has a Revenue Problem appeared first on TechRepublic .TECHREPUBLIC.COM
23 AprDragos: Despite AI use, new malware targeting water plants is ‘hype’ZionSiphon was designed to find and sabotage Israelis’ water supply. An OT expert said it appears to be ineffective and the work of amateurs using AI. The post Dragos: Despite AI use, new malware targeting water plants is ‘hype’ appeared first on CyberScoop .CYBERSCOOP.COM
23 AprFrontier AI and the Future of Defense: Your Top Questions AnsweredWhat are the next steps for security leaders in this new age of frontier AI? We answer the top 10 questions customers are asking. The post Frontier AI and the Future of Defense: Your Top Questions Answered appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
23 AprTrendAI™’s AI Security Brief podcast joins the N2K CyberWire network.N2K Networks today announced the launch of AI Security Brief, the flagship podcast for global AI security leader TrendAI™ on the N2K CyberWire network. Drawing on TrendAI™’s global threat research and operational expertise, the show delivers strategic insights on the intersection…THECYBERWIRE.COM
23 AprChina-linked hackers targeted Mongolian government using Slack, Discord for covert communicationsThe group, which researchers at cybersecurity firm ESET named GopherWhisper, has been active since at least November 2023 and was discovered in January 2025 after investigators found a previously unknown backdoor on the network of a Mongolian government institution.THERECORD.MEDIA
23 AprNewly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates StuxnetResearchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation software. It was created in 2005—and likely deployed by the US or an ally.WIRED.COM
📡 INFOSEC NEWS 14[−]
23 AprSection 702 survives for now.This week, Dave and Ben revisit several key stories including the Senate reauthorizing Section 702 and top White House officials meeting with Anthropic's CEO. Alongside these story updates, the two also look into how conversations surrounding AI liability and insurance coverage a…THECYBERWIRE.COM
23 AprRoblox clamps down on chats and age checks as legal pressure buildsRoblox is paying millions to settle child safety claims while rolling out strict age checks and chat limits that could reshape how kids use the platform.MALWAREBYTES.COM
23 AprCyber-Attacks Surge 63% Annually in Education SectorQuorum Cyber report finds higher and further education institutions experienced 63% increase in attacks over a yearINFOSECURITY-MAGAZINE.COM
23 AprGoogle Introduces Unique AI Agent Identities in New Gemini Enterprise PlatformGoogle Cloud will attribute a unique cryptographic ID every AI agent that will be tied to “traceable and auditable” authorization policiesINFOSECURITY-MAGAZINE.COM
23 AprProject Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the extraordinary step of postponing its public release. Instead, the company has given access to Apple, Microsoft, Google, Amazon, and a coalition of…THEHACKERNEWS.COM
23 AprSurveillance vendors caught abusing access to telcos to track people’s phone locations, researchers sayThe Citizen Lab found two separate surveillance vendors abusing the backbone of cellular networks to spy on several victims across the world.TECHCRUNCH.COM
23 AprApple Fixes iOS Notification Bug Exposing Deleted MessagesApple patches iOS flaw that retained deleted notifications, exposing message dataINFOSECURITY-MAGAZINE.COM
23 AprMedical data of 500,000 Britons put up for sale on Chinese websiteThe data is held by the UK Biobank charity and includes genetic sequences, blood samples, medical scans and lifestyle information.THERECORD.MEDIA
23 AprSpam and phishing targeting taxpayers | Kaspersky official blogHow to identify tax-related phishing and fraud: fake portals, bogus crypto wallet verifications, and malicious files. We break down the steps you need to take to protect both your money and your data.KASPERSKY.COM
23 AprGoogle Favors General‑Purpose Gemini Models Over Cybersecurity‑Specific AIGoogle Cloud’s COO advocated for combining general-purpose frontier large language models with task-specific AI agentsINFOSECURITY-MAGAZINE.COM
23 AprIt pays to be a forever studentIn this newsletter, Joe discusses why understanding other disciplines can often flow back into the macro and micro of cybersecurity, especially in a world of AI.TALOSINTELLIGENCE.COM
23 AprIndia drops national ID app mandate.New cyber tools calm tensions between Anthropic and Trump.THECYBERWIRE.COM
23 AprUS sanctions Cambodian senator for millions earned through scam compoundsThe Treasury Department said Cambodian senator Kok An was being sanctioned alongside 28 others involved in his scam center operation.THERECORD.MEDIA
23 Aprfast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before StuxnetA previously unknown 2005 cyber sabotage framework patches high-precision calculation software in memory to silently corrupt results.SENTINELONE.COM