MATLOCK.CA
130Articles
9Categories
2026-04-29Date
🚨
U.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalogU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect f…
KEVSECURITYAFFAIRS.COM — 29 Apr 2026
🚨
CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEVThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are l…
KEVTHEHACKERNEWS.COM — 29 Apr 2026
🚨
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalogRussia has used one of the flaws, security experts said, while North Korea has used the other.
CYBERSECURITYDIVE.COM — 29 Apr 2026
πŸ›
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
THEHACKERNEWS.COM — 29 Apr 2026
πŸ›
GitHub.com and Enterprise Server Vulnerability Allows Remote Code Execution
GBHACKERS.COM — 29 Apr 2026
πŸ›
CISA Warns of Windows Shell Zero-Day Exploited in Attacks
KEVGBHACKERS.COM — 29 Apr 2026
πŸ›
CVE-2026-24051 OpenTelemetry-Go Affected by Arbitrary Code Execution via PATH Hijacking
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2017-3735
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2017-3736
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2019-1547 ECDSA remote timing attack
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2019-1549 Fork Protection
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2019-1563 Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31686 mm/kasan: fix double free for kasan pXds
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-41898 rust-openssl: Unchecked callback-returned length in PSK and cookie generate trampolines can cause OpenSSL to leak adjacent memory to the network peer
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-33999 Xorg: xwayland: x.org x server: denial of service via integer underflow in xkb compatibility map handling
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31689 EDAC/mc: Fix error path ordering in edac_mc_alloc()
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31688 driver core: enforce device_lock for driver_match_device()
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31548 wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31549 i2c: cp2615: fix serial string NULL-deref at probe
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31550 pmdomain: bcm: bcm2835-power: Increase ASB control timeout
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31551 wifi: mac80211: Fix static_branch_dec() underflow for aql_disable.
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31552 wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31584 media: mediatek: vcodec: fix use-after-free in encoder release path
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31661 wifi: brcmsmac: Fix dma_free_coherent() size
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31563 net: macb: Use dev_consume_skb_any() to free TX SKBs
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-31648 mm: filemap: fix nr_pages calculation overflow in filemap_map_pages()
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-40225
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-5435 Potential buffer overflow in ns_sprintrrf TSIG handling path
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-40556 Insecure Directory Permissions in GNU nano Leading to Privilege Abuse
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-6861 Emacs: emacs: memory corruption vulnerability when processing svg css
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-2708 Libsoup: libsoup: http request smuggling via duplicate content-length headers
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-6732 Libxml2: libxml2: denial of service via crafted xsd-validated document
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-6019 BaseCookie.js_output() does not neutralize embedded characters
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-34001 Xorg: xwayland: x.org x server: use-after-free vulnerability leads to server crash and potential memory corruption
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CVE-2026-34003 Xorg: xwayland: x.org x server: information exposure and denial of service via out-of-bounds memory access
MSRC.MICROSOFT.COM — 29 Apr 2026
πŸ›
CISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202)
HELPNETSECURITY.COM — 29 Apr 2026
πŸ›
CVE-2026-3854 Exposes a Critical Weak Point in GitHub’s Git Push Pipeline
SOCRADAR.IO — 29 Apr 2026
πŸ›
CISA Warns of ConnectWise ScreenConnect Flaw Exploited in Attacks
KEVGBHACKERS.COM — 29 Apr 2026
πŸ›
Critical GitHub RCE bug exposed millions of repositories
CSOONLINE.COM — 29 Apr 2026
πŸ›
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure
SECURITYAFFAIRS.COM — 29 Apr 2026
πŸ›
CVE-2026-41940: cPanel & WHM Authentication Bypass
KEVRAPID7.COM — 29 Apr 2026
⚠️
CI/CD pipeline abuse: the problem no one is watching
ELASTIC.CO — 29 Apr 2026
⚠️
More fake extensions linked to GlassWorm found in Open VSX code marketplace
CSOONLINE.COM — 29 Apr 2026
⚠️
Product showcase: SimpleX Chat removes user identifiers from messaging
HELPNETSECURITY.COM — 29 Apr 2026
⚠️
Massive Python Supply Chain Hack, $2.1B Scam Losses, North Korea Targets Crypto Execs
CYBERSECURITYTODAY.LIBSYN.COM — 29 Apr 2026
⚠️
cPanel Releases Emergency Patch for Critical Authentication Flaw
GBHACKERS.COM — 29 Apr 2026
⚠️
Risky Business #835 -- Why the Fast16 malware is badass
RISKY.BIZ — 29 Apr 2026
⚠️
Vimeo Confirms Data Breach After Hackers Access User Database
GBHACKERS.COM — 29 Apr 2026
⚠️
ShinyHunters exploit Anodot incident to target Vimeo
SECURITYAFFAIRS.COM — 29 Apr 2026
⚠️
Virtue AI PolicyGuard turns AI policies into enforceable runtime guardrails
HELPNETSECURITY.COM — 29 Apr 2026
⚠️
SLOTAGENT Malware Hides API Calls and Strings to Thwart Analysis
GBHACKERS.COM — 29 Apr 2026
⚠️
DigitalOcean AI-Native Cloud unifies infrastructure, inference, and agents for production AI
HELPNETSECURITY.COM — 29 Apr 2026
⚠️
Claude Mythos Has Found 271 Zero-Days in Firefox
SCHNEIER.COM — 2026-04-29
⚠️
Critical cPanel Authentication Vulnerability Identified β€” Update Your Server Immediately
THEHACKERNEWS.COM — 29 Apr 2026
⚠️
AWS leans on prior ingenuity to face future AI and quantum threats
CSOONLINE.COM — 29 Apr 2026
⚠️
The Next Frontier: Autonomous Security and RSAC Interviews from Quantro & SandboxAQ - BSW #445
YOUTUBE.COM — 2026-04-29
⚠️
Cursor AI Coding Agent Vulnerability Lets Attackers Run Code on Developers’ Machines
GBHACKERS.COM — 29 Apr 2026
⚠️
U.S. Charges Suspected Scattered Spider Member Over Cyber Intrusions
GBHACKERS.COM — 29 Apr 2026
⚠️
Extending Ruzzy with LibAFL
TRAILOFBITS.COM — 29 Apr 2026
⚠️
Cursor AI Extension Flaw Exposes Developer Tokens to Credential Theft
GBHACKERS.COM — 29 Apr 2026
⚠️
Mastering agentic AI security through exposure management
TENABLE.COM — 29 Apr 2026
⚠️
Experts on Experts: The 2026 Threat Landscape is Moving Faster than Defenders Expect
RAPID7.COM — 29 Apr 2026
⚠️
Microsoft won’t patch PhantomRPC: Feature or bug?
MALWAREBYTES.COM — 29 Apr 2026
⚠️
All supported cPanel versions hit by critical auth bug, now patched
SECURITYAFFAIRS.COM — 29 Apr 2026
⚠️
Swiss police arrest 10 suspected members of Nigeria-linked crime group Black Axe
THERECORD.MEDIA — 29 Apr 2026
⚠️
AI Speeds Up Cyber Attacks
YOUTUBE.COM — 2026-04-29
⚠️
AI Finds 38 Security Flaws in Electronic Health Record Platform
DARKREADING.COM — 29 Apr 2026
⚠️
What It Takes to Run Marketing Solo with Sara Ceballos, Director of Marketing at BreachRx
THECYBERWIRE.COM — 29 Apr 2026
⚠️
A wake-up call on frontier AI.
THECYBERWIRE.COM — 29 Apr 2026
⚠️
Reverse Engineering With AI Unearths High-Severity GitHub Bug
DARKREADING.COM — 29 Apr 2026
⚠️
Five Things we Took Away from Gartner SRM Sydney 2026
RAPID7.COM — 29 Apr 2026
πŸ“‹
Microsoft Confirms Remote Desktop Warning Issue After April Update
GBHACKERS.COM — 29 Apr 2026
πŸ“’
amazee.ai’s amazeeClaw simplifies production deployment of AI agents with regional control
HELPNETSECURITY.COM — 29 Apr 2026
πŸ“’
Alleged Silk Typhoon hacker extradited to the United States to face charges
BITDEFENDER.COM — 29 Apr 2026
πŸ“’
Sri Lanka discloses another missing payment, days after hackers stole $2.5M from its finance ministry
TECHCRUNCH.COM — 29 Apr 2026
πŸ”₯
BlueNoroff Deploys Fileless PowerShell in AI-Generated Zoom Lure Campaign
GBHACKERS.COM — 29 Apr 2026
πŸ”₯
Vect 2.0 RaaS Expands Attacks Across Windows, Linux, and ESXi
GBHACKERS.COM — 29 Apr 2026
πŸ”₯
LofyStealer Targets Minecraft Players via Node.js Loader and Browser Injection
GBHACKERS.COM — 29 Apr 2026
πŸ”₯
VECT 2.0 Ransomware Wipes Large Files Across Windows, Linux & ESXi
GBHACKERS.COM — 29 Apr 2026
πŸ”₯
Critical Flaw Turns Vect Ransomware into Data Destroying Wiper
INFOSECURITY-MAGAZINE.COM — 29 Apr 2026
πŸ”₯
Researchers Track 2.9 Billion Compromised Credentials
INFOSECURITY-MAGAZINE.COM — 29 Apr 2026
πŸ”₯
OpenAI and Anthropic brief Congress on cyber-capable AI models.
THECYBERWIRE.COM — 29 Apr 2026
πŸ”₯
European Commission accuses Meta of breaching child safety rules
THERECORD.MEDIA — 29 Apr 2026
πŸ”₯
Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error
DARKREADING.COM — 29 Apr 2026
πŸ”₯
SAP npm Packages Compromised by β€œMini Shai-Hulud” Credential-Stealing Malware
THEHACKERNEWS.COM — 29 Apr 2026
πŸ”₯
Google AppSheet abused to compromise 30,000 Facebook accounts
CYBERINSIDER.COM — 29 Apr 2026
πŸ”₯
Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions
GRAHAMCLULEY.COM — 29 Apr 2026
πŸ•΅οΈ
ISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910, (Wed, Apr 29th)
ISC.SANS.EDU — 29 Apr 2026
πŸ•΅οΈ
The Exchange Online security controls organizations keep getting wrong
HELPNETSECURITY.COM — 29 Apr 2026
πŸ•΅οΈ
AI prompt confidentiality and false citations worry researchers
HELPNETSECURITY.COM — 29 Apr 2026
πŸ•΅οΈ
Identity discovery: The overlooked lever in strategic risk reduction
HELPNETSECURITY.COM — 29 Apr 2026
πŸ•΅οΈ
Fedora Linux 44 ships with GNOME 50 and KDE Plasma 6.6
HELPNETSECURITY.COM — 29 Apr 2026
πŸ•΅οΈ
Margin vs. Madness: Fixing MSSP Top 5 Operational Nightmares
ANY.RUN — 29 Apr 2026
πŸ•΅οΈ
Eino’s agentic network observability platform enables real-time, AI-driven network insights
HELPNETSECURITY.COM — 29 Apr 2026
πŸ•΅οΈ
Microchip expands Trust Shield with PQC-ready root of trust and secure boot controllers
HELPNETSECURITY.COM — 29 Apr 2026
πŸ•΅οΈ
Kaseya agentic IT management unifies data and automates ticketing, security and backups
HELPNETSECURITY.COM — 29 Apr 2026
πŸ•΅οΈ
At Machine Speed
PROGRAMMING.DEV — 29 Apr 2026
πŸ•΅οΈ
AI-powered honeypots: Turning the tables on malicious AI agents
TALOSINTELLIGENCE.COM — 29 Apr 2026
πŸ•΅οΈ
Scam-checking just got a lot easier: Malwarebytes is now in Claude
MALWAREBYTES.COM — 29 Apr 2026
πŸ•΅οΈ
9 Best Project Management Software in 2026
TECHREPUBLIC.COM — 29 Apr 2026
πŸ•΅οΈ
State CISOs losing confidence in ability to manage cyber risks
CYBERSECURITYDIVE.COM — 29 Apr 2026
πŸ•΅οΈ
Apple removes AdGuard’s TrustTunnel iOS app from Russian App Store
CYBERINSIDER.COM — 29 Apr 2026
πŸ•΅οΈ
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
THEHACKERNEWS.COM — 29 Apr 2026
πŸ•΅οΈ
Phishing Attacks Target Executives via Microsoft Teams
KNOWBE4.COM — 29 Apr 2026
πŸ•΅οΈ
Lazarus Targets macOS Users With New β€œMach-O Man” Malware Kit
GBHACKERS.COM — 29 Apr 2026
πŸ•΅οΈ
A Practical Guide to BloodHound Data Collection
BLACKHILLSINFOSEC.COM — 29 Apr 2026
πŸ•΅οΈ
Set AI Security Red Lines Now
YOUTUBE.COM — 2026-04-29
πŸ•΅οΈ
This $30 Subscription Will Bring AI Into Your Business
TECHREPUBLIC.COM — 29 Apr 2026
πŸ•΅οΈ
Congress, industry ponder government posture for protecting data centers
CYBERSCOOP.COM — 29 Apr 2026
πŸ•΅οΈ
SAS Launches AI Governance Tools to Tame Agentic AI in the Enterprise
TECHREPUBLIC.COM — 29 Apr 2026
πŸ•΅οΈ
AWS to Resell OpenAI Products After Microsoft Loses Exclusive License
TECHREPUBLIC.COM — 29 Apr 2026
πŸ•΅οΈ
New Apple Rumor: iOS 27 Could Add AI Editing Tools to Photos
TECHREPUBLIC.COM — 29 Apr 2026
πŸ•΅οΈ
Hackers Abuse Robinhood Signup Process to Deliver Phishing Emails
TECHREPUBLIC.COM — 29 Apr 2026
πŸ•΅οΈ
CISOs Step Into the Boardroom
YOUTUBE.COM — 2026-04-29
🌐
Lotus Wiper Attack Targeted Venezuelan Energy Firms, Utilities
DARKREADING.COM — 29 Apr 2026
🌐
New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
THEHACKERNEWS.COM — 29 Apr 2026
πŸ“‘
Weekly Threat Bulletin – April 29th, 2026
F5.COM — 29 Apr 2026
πŸ“‘
A Quarter of Healthcare Organizations Report Medical Device Cyber-Attacks
INFOSECURITY-MAGAZINE.COM — 29 Apr 2026
πŸ“‘
What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)
THEHACKERNEWS.COM — 29 Apr 2026
πŸ“‘
Today's Odd Web Requests, (Wed, Apr 29th)
ISC.SANS.EDU — 29 Apr 2026
πŸ“‘
Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets
INFOSECURITY-MAGAZINE.COM — 29 Apr 2026
πŸ“‘
What Is Dark Web Monitoring?
SOCRADAR.IO — 29 Apr 2026
πŸ“‘
Cursor Extension Flaw Exposes Developer API Keys
INFOSECURITY-MAGAZINE.COM — 29 Apr 2026
πŸ“‘
Internet censorship index reveals Russia’s lead and widespread content blocking
SECURITYAFFAIRS.COM — 29 Apr 2026
πŸ“‘
Vehicle-based surveillance tools | Kaspersky official blog
KASPERSKY.COM — 29 Apr 2026
πŸ“‘
Designing trust and safety into Amazon Bedrock powered applications
AWS.AMAZON.COM — 29 Apr 2026
πŸ“‘
Cloudsmith raises $72 million in Series C funding.
THECYBERWIRE.COM — 29 Apr 2026
πŸ“‘
US, China partner on scam center takedown in Dubai
THERECORD.MEDIA — 29 Apr 2026
πŸ“‘
Researchers built a chatbot that only knows the world before 1931
MALWAREBYTES.COM — 29 Apr 2026
πŸ“‘
House approves spy program on second attempt, Senate fate murky
THERECORD.MEDIA — 29 Apr 2026