130Articles
9Categories
2026-04-29Date
🚨 CISA KEV 3[−]
29 Apr KEVU.S. CISA adds Microsoft Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalogU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect f…SECURITYAFFAIRS.COM
29 Apr KEVCISA Adds Actively Exploited ConnectWise and Windows Flaws to KEVThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting ConnectWise ScreenConnect and Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are l…THEHACKERNEWS.COM
29 AprCISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalogRussia has used one of the flaws, security experts said, while North Korea has used the other.CYBERSECURITYDIVE.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 38[−]
29 AprLiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of DisclosureIn yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge. The vulnerabil…THEHACKERNEWS.COM
29 AprGitHub.com and Enterprise Server Vulnerability Allows Remote Code ExecutionWiz Research has identified a critical remote code execution (RCE) vulnerability, tracked as CVE-2026-3854, deeply embedded within GitHub’s internal git infrastructure. This high-severity flaw enabled any authenticated user to execute arbitrary commands on backend servers u…GBHACKERS.COM
29 Apr KEVCISA Warns of Windows Shell Zero-Day Exploited in AttacksThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered zero-day vulnerability affecting Microsoft Windows. On April 28, 2026, the agency officially added CVE-2026-32202 to its Known Exploited Vulnerabilities (KEV) catal…GBHACKERS.COM
29 AprCVE-2017-3735Information published.MSRC.MICROSOFT.COM
29 AprCVE-2017-3736Information published.MSRC.MICROSOFT.COM
29 AprCVE-2019-1547 ECDSA remote timing attackInformation published.MSRC.MICROSOFT.COM
29 AprCVE-2019-1549 Fork ProtectionInformation published.MSRC.MICROSOFT.COM
29 AprCVE-2026-31686 mm/kasan: fix double free for kasan pXdsInformation published.MSRC.MICROSOFT.COM
29 AprCVE-2026-31689 EDAC/mc: Fix error path ordering in edac_mc_alloc()Information published.MSRC.MICROSOFT.COM
29 AprCVE-2026-31549 i2c: cp2615: fix serial string NULL-deref at probeInformation published.MSRC.MICROSOFT.COM
29 AprCVE-2026-31661 wifi: brcmsmac: Fix dma_free_coherent() sizeInformation published.MSRC.MICROSOFT.COM
29 AprCVE-2026-31563 net: macb: Use dev_consume_skb_any() to free TX SKBsInformation published.MSRC.MICROSOFT.COM
29 AprCVE-2026-40225Information published.MSRC.MICROSOFT.COM
29 AprCISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202)Attackers are exploiting CVE-2026-32202, a zero-click Windows Shell spoofing vulnerability that causes victims’ systems to authenticate the attacker’s server, CISA and Microsoft have warned. About CVE-2026-32202 CVE-2026-32202 stems from an incomplete patch for CVE-20…HELPNETSECURITY.COM
29 AprCVE-2026-3854 Exposes a Critical Weak Point in GitHub’s Git Push PipelineCVE-2026-3854 Exposes a Critical Weak Point in GitHub’s Git Push Pipeline A newly disclosed GitHub vulnerability, CVE-2026-3854, has drawn attention because it turned a routine git push operation into a path to remote code execution. The issue affected GitHub’s git push pipeline …SOCRADAR.IO
29 Apr KEVCISA Warns of ConnectWise ScreenConnect Flaw Exploited in AttacksThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in ConnectWise ScreenConnect. CVE-2024-1708 is currently being exploited in real-world attacks. Because of this active threat, CISA officially added the fla…GBHACKERS.COM
29 AprCritical GitHub RCE bug exposed millions of repositoriesA critical remote code execution (RCE) vulnerability in GitHub could potentially allow attackers to execute arbitrary code on GitHub.com and GitHub Enterprise Server. Uncovered by Wiz researchers, the now-patched bug exploited how GitHub handles server-side “git push” operations.…CSOONLINE.COM
29 AprCVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosureAttackers quickly exploited a critical LiteLLM flaw (CVE-2026-42208) to access and modify sensitive database data via SQL injection. Attackers rapidly exploited a critical vulnerability in LiteLLM Python package, tracked as CVE-2026-42208, just days after it became public. The vu…SECURITYAFFAIRS.COM
29 Apr KEVCVE-2026-41940: cPanel & WHM Authentication BypassOverview On April 28, 2026, cPanel issued a security update to fix a critical vulnerability affecting the cPanel & WHM and WP Squared products. In the cPanel release notes, the bug was described as "an issue with session loading and saving." CVE-2026-41940 , the identifier subseq…RAPID7.COM
⚠️ VULNERABILITY DISCLOSURE 30[−]
29 AprCI/CD pipeline abuse: the problem no one is watchingHow we built an open-source, drop-in CI template that uses signal extraction and LLM reasoning to catch CI/CD abuse in GitHub Actions, GitLab CI, and Azure DevOps pipelines.ELASTIC.CO
29 AprMore fake extensions linked to GlassWorm found in Open VSX code marketplaceThe threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has uploaded 73 more impersonated links, as its attempt to infect software supply chains continues. Philipp Burckhardt , head of threat intelligence at Socket, wh…CSOONLINE.COM
29 AprProduct showcase: SimpleX Chat removes user identifiers from messagingSimpleX Chat is a free, private, open-source messenger that uses encryption and does not require user identifiers. It is available on mobile and desktop platforms, including iOS, Android, Windows, macOS, and Linux. After downloading the app, the user creates a profile by entering…HELPNETSECURITY.COM
29 AprMassive Python Supply Chain Hack, $2.1B Scam Losses, North Korea Targets Crypto ExecsA major open source Python tool was hijacked in a supply chain attack, exposing developer credentials, cloud secrets, and crypto wallets. Meanwhile, the FTC says Americans lost more than $2.1 billion to scams that began on social media, with Facebook leading reported losses. Cybe…CYBERSECURITYTODAY.LIBSYN.COM
29 AprcPanel Releases Emergency Patch for Critical Authentication FlawWeb hosting administrators must take immediate action, as cPanel has rolled out an emergency security update to address a critical vulnerability. Disclosed on April 28, 2026, this flaw impacts various authentication paths within the cPanel and WebHost Manager (WHM) ecosystem. Con…GBHACKERS.COM
29 AprRisky Business #835 -- Why the Fast16 malware is badassOn this week’s show, Patrick Gray and James Wilson are joined by special guest-host Dmitri Alperovitch. They discuss the week’s cybersecurity news, including: The US government is mad as hell about Chinese firms stealing American AI technology Dmitri has an opinion or two about t…RISKY.BIZ
29 AprVimeo Confirms Data Breach After Hackers Access User DatabaseVimeo has officially confirmed a data breach affecting its user database. The security incident did not originate with Vimeo, but rather with Anodot, a third-party analytics vendor used by the video hosting platform. This event highlights the ongoing risks associated with softwar…GBHACKERS.COM
29 AprShinyHunters exploit Anodot incident to target VimeoThe video platform Vimeo confirmed a security breach via Anodot that exposed metadata, video titles, and some user emails. Vimeo said some user data was accessed after a breach at Anodot. Anodot is a company that provides AI-driven data analytics and anomaly detection tools. Most…SECURITYAFFAIRS.COM
29 AprVirtue AI PolicyGuard turns AI policies into enforceable runtime guardrailsVirtue AI has announced PolicyGuard, a system that enables enterprises to define, edit, and enforce custom AI runtime protection guardrails across models, agents, and applications. Most organizations have “AI acceptable use policies.” When they need to enforce those p…HELPNETSECURITY.COM
29 AprSLOTAGENT Malware Hides API Calls and Strings to Thwart AnalysisA previously unknown remote access trojan (RAT), dubbed SLOTAGENT, after analyzing a suspicious ZIP archive uploaded from Japan to a public malware repository in early 2026. The malware demonstrates advanced evasion techniques and flexible post-exploitation capabilities, making i…GBHACKERS.COM
29 AprDigitalOcean AI-Native Cloud unifies infrastructure, inference, and agents for production AIDigitalOcean has introduced the AI-Native Cloud, an end-to-end platform built for the inference and agentic era. Spanning infrastructure, core cloud, inference, data, and managed agents, it already supports production workloads at Higgsfield AI, Hippocratic AI, ISMG, Bright Data,…HELPNETSECURITY.COM
29 AprClaude Mythos Has Found 271 Zero-Days in FirefoxThat’s a lot . No, it’s an extraordinary number: Since February, the Firefox team has been working around the clock using frontier AI models to find and fix latent security vulnerabilities in the browser. We wrote previously about our collaboration with Anthropic to s…SCHNEIER.COM
29 AprCritical cPanel Authentication Vulnerability Identified — Update Your Server ImmediatelycPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the control panel software. The problem affects all currently supported versions, according to an alert released by cPanel on T…THEHACKERNEWS.COM
29 AprAWS leans on prior ingenuity to face future AI and quantum threatsAs Amazon celebrates the 20th anniversary of its AWS cloud this year, the world’s biggest cloud computing provider now faces two giant cybersecurity threats — AI and quantum. How the company will navigate these emerging issues to ensure the security and resilience of systems used…CSOONLINE.COM
29 AprThe Next Frontier: Autonomous Security and RSAC Interviews from Quantro & SandboxAQ - BSW #445Attackers are increasingly weaponizing frontier models to accelerate the entire attack lifecycle, with current and emerging models reducing the time and expertise needed to start disruptive attacks. As offensive capabilities become more automated and agentic, organizations will n…YOUTUBE.COM
29 AprCursor AI Coding Agent Vulnerability Lets Attackers Run Code on Developers’ MachinesA newly disclosed high-severity vulnerability in the Cursor AI-powered coding environment could allow attackers to execute arbitrary code on a developer’s machine, raising fresh concerns about the security of AI-assisted development workflows. The vulnerability was officially pub…GBHACKERS.COM
29 AprU.S. Charges Suspected Scattered Spider Member Over Cyber IntrusionsFederal authorities have charged 19-year-old Peter Stokes, known online as “Bouquet,” for his alleged role in the notorious cybercriminal group Scattered Spider. Law enforcement arrested the dual U.S. and Estonian citizen earlier this month in Helsinki as he attempted…GBHACKERS.COM
29 AprExtending Ruzzy with LibAFLLibAFL is all the rage in the fuzzing community these days, especially with LLVM’s libFuzzer being placed in maintenance mode . Written in Rust, LibAFL claims improved performance, modularity, state-of-the-art fuzzing techniques, and libFuzzer compatibility . For these reasons, I…TRAILOFBITS.COM
29 AprCursor AI Extension Flaw Exposes Developer Tokens to Credential TheftSecurity researchers at LayerX have uncovered a high-severity vulnerability in the popular AI-powered development environment, Cursor. Dubbed “CursorJacking,” this flaw carries a CVSS score of 8.2 and exposes developers to immediate credential theft. Any installed ext…GBHACKERS.COM
29 AprMastering agentic AI security through exposure managementAs AI tools evolve from siloed chatbots to autonomous, hyperconnected systems, they create a vast new attack surface. Discover how to manage this risk by focusing on visibility, agency, and semantic security to protect your organization’s increasingly complex landscape of agentic…TENABLE.COM
29 AprExperts on Experts: The 2026 Threat Landscape is Moving Faster than Defenders ExpectThis week on Experts on Experts, I’m joined by Christiaan Beek, Rapid7’s VP of Threat Analytics, to talk through what we’re seeing in the 2026 threat landscape and how it connects to recent research coming out of Rapid7 Labs. We start with the report, but quickly move into what’s…RAPID7.COM
29 AprMicrosoft won’t patch PhantomRPC: Feature or bug?A researcher has detailed five ways to exploit PhantomRPC, which Microsoft rates “moderate” and does not plan to fix.MALWAREBYTES.COM
29 AprAll supported cPanel versions hit by critical auth bug, now patchedcPanel fixed a critical authentication flaw that could let attackers access servers. The issue affects all supported versions. cPanel released security updates to address a critical authentication vulnerability that could allow attackers to gain unauthorized access to its control…SECURITYAFFAIRS.COM
29 AprSwiss police arrest 10 suspected members of Nigeria-linked crime group Black AxeSwiss and German law enforcement have arrested 10 suspected members of the Nigerian criminal network Black Axe, including a regional leader believed to oversee operations in Southern Europe.THERECORD.MEDIA
29 AprAI Speeds Up Cyber AttacksAI is accelerating existing attack patterns rather than replacing them. Identity-based attacks account for the majority of cloud compromises, with human and system failures still the root cause. The real shift isn’t new tactics—it’s speed and scale. Attackers can move faster, aut…YOUTUBE.COM
29 AprAI Finds 38 Security Flaws in Electronic Health Record PlatformFlaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code execution, and data theft.DARKREADING.COM
29 AprWhat It Takes to Run Marketing Solo with Sara Ceballos, Director of Marketing at BreachRxRunning marketing as a team of one means you’re responsible for everything, from attribution to brand to pipeline. Sara Ceballos, Director of Marketing, joins the show to talk through her time at Inspectiv, where she was brought in to support two new product launches, rethink the…THECYBERWIRE.COM
29 AprA wake-up call on frontier AI.OpenAI and Anthropic brief Congress on cyber-capable AI. The GAO flags improper DOGE access to Treasury payment systems. Greece moves to end online anonymity. CISA orders agencies to patch an exploited Windows zero-day. Researchers uncover ransomware that destroys data instead of…THECYBERWIRE.COM
29 AprReverse Engineering With AI Unearths High-Severity GitHub BugWiz used an AI reverse-engineering tool to pinpoint a vulnerability that previously would have been too costly and time-consuming to undertake.DARKREADING.COM
29 AprFive Things we Took Away from Gartner SRM Sydney 2026At this year's Gartner Security and Risk Management Summit in Sydney, Rapid7 CISO Brian Castagna joined industry CISO Nigel Hedges for a fireside chat on the decisions security leaders are actually making right now. They discussed the real decisions being made right now about bud…RAPID7.COM
📋 SECURITY BULLETINS 1[−]
29 AprMicrosoft Confirms Remote Desktop Warning Issue After April UpdateMicrosoft has officially confirmed a known issue affecting Remote Desktop Protocol (RDP) connections following the April 14, 2026, Patch Tuesday updates. Specifically impacting Windows 11 version 26H1 (KB5083768, OS Build 28000.1836), the update was intended to harden systems aga…GBHACKERS.COM
📢 SECURITY ADVISORIES 3[−]
29 Apramazee.ai’s amazeeClaw simplifies production deployment of AI agents with regional controlamazee.ai has announced the launch of amazeeClaw, a managed OpenClaw hosting platform that enables developers and enterprises to deploy production-ready AI agents with data sovereignty and regional control without having to set up their own infrastructure. As adoption of AI agent…HELPNETSECURITY.COM
29 AprAlleged Silk Typhoon hacker extradited to the United States to face chargesA man accused of working as a hacker for China's Ministry of State Security has been extradited to the USA from Italy, and faces - if found guilty - the prospect of decades behind bars. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
29 AprSri Lanka discloses another missing payment, days after hackers stole $2.5M from its finance ministryThe government of Sri Lanka has lost more than $3 million in two recent, separate cybersecurity incidents as the country continues to recover from its 2022 debt crisis.TECHCRUNCH.COM
🔥 INCIDENT REPORTING 12[−]
29 AprBlueNoroff Deploys Fileless PowerShell in AI-Generated Zoom Lure CampaignA sophisticated BlueNoroff campaign targeting cryptocurrency executives through fake Zoom meetings enhanced with AI-generated deepfakes and fileless PowerShell malware. The North Korean state-sponsored group successfully compromised a North American Web3 company in January 2026, …GBHACKERS.COM
29 AprVect 2.0 RaaS Expands Attacks Across Windows, Linux, and ESXiVect 2.0 Ransomware‑as‑a‑Service (RaaS) operation is rapidly evolving into a multi‑platform threat that can encrypt Windows, Linux, and VMware ESXi environments across modern hybrid infrastructures. The group runs a classic affiliate model, renting out its ransomware and TOR‑base…GBHACKERS.COM
29 AprLofyStealer Targets Minecraft Players via Node.js Loader and Browser InjectionMinecraft players are being lured with a fake hacking tool called “Slinky” that secretly installs a powerful infostealer dubbed LofyStealer (also tracked as GrabBot), linked to the Brazilian cybercrime group LofyGang. The malware uses a Node. js-based loader and an in-memory C++ …GBHACKERS.COM
29 AprVECT 2.0 Ransomware Wipes Large Files Across Windows, Linux & ESXiThe “new” VECT 2.0 ransomware is essentially a cross‑platform data wiper that permanently destroys most enterprise files rather than encrypting them for recovery. For any file larger than 131,072 bytes (128 KB), VECT processes four separate chunks using four different randomly ge…GBHACKERS.COM
29 AprCritical Flaw Turns Vect Ransomware into Data Destroying WiperThe Vect 2.0 ransomware wipes large files instead of merely encrypting them, making recovery impossible – even for the attackersINFOSECURITY-MAGAZINE.COM
29 AprResearchers Track 2.9 Billion Compromised CredentialsKELA claims infostealers remained the primary access vector for attacks in 2025INFOSECURITY-MAGAZINE.COM
29 AprOpenAI and Anthropic brief Congress on cyber-capable AI models.Rival ransomware gangs list each other as victims. Business news: Silverfort will acquire Fabrix Security.THECYBERWIRE.COM
29 AprEuropean Commission accuses Meta of breaching child safety rulesThe platforms allegedly flouted the bloc’s Digital Services Act (DSA) by “failing to diligently identify, assess and mitigate the risks of minors under 13 years old accessing their services,” the commission said.THERECORD.MEDIA
29 AprVect 2.0 Ransomware Acts as Wiper, Thanks to Design ErrorThe emerging ransomware has been deployed against victims of the TeamPCP supply chain attacks, but organizations should think twice before paying for a decryptor.DARKREADING.COM
29 AprSAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing MalwareCybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware. According to reports from Aikido Security, SafeDep, Socket, StepSecurity, and Google-owned Wiz, the campaign – calling it…THEHACKERNEWS.COM
29 AprGoogle AppSheet abused to compromise 30,000 Facebook accountsA large-scale phishing operation abusing Google’s AppSheet platform has compromised at least 30,000 Facebook accounts, using fully authenticated emails that bypass traditional security checks. Guardio Labs uncovered the campaign while investigating a wave of phishing emails sent …CYBERINSIDER.COM
29 AprSmashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millionsA developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. All for some free in-game curr…GRAHAMCLULEY.COM
🕵️ THREAT INTELLIGENCE 27[−]
29 AprISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910, (Wed, Apr 29th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
29 AprThe Exchange Online security controls organizations keep getting wrongIn this Help Net Security interview, Scott Schnoll, Microsoft MVP for Exchange, breaks down the Shared Responsibility Model, where Microsoft secures the cloud while organizations must protect their own data, identities, and configurations. The discussion covers default settings w…HELPNETSECURITY.COM
29 AprAI prompt confidentiality and false citations worry researchersAcademic researchers using commercial AI tools for literature review and idea generation are sending unpublished research questions, draft hypotheses, and proprietary domain knowledge into systems whose data handling they do not understand. A think-aloud study of 15 researchers d…HELPNETSECURITY.COM
29 AprIdentity discovery: The overlooked lever in strategic risk reductionIf you ask a CISO what keeps them up at night, the answer usually isn’t “lack of tools.” It’s uncertainty. Uncertainty about what they don’t see. Uncertainty about how far an attacker could move once inside. Uncertainty about whether identity programs are actually reducing risk, …HELPNETSECURITY.COM
29 AprFedora Linux 44 ships with GNOME 50 and KDE Plasma 6.6The Fedora Project released Fedora Linux 44, delivering updated desktop environments, revised installer behavior, and several lower-level system changes across its editions and spins. The release covers the project’s flagship editions, including Workstation, KDE Plasma Desk…HELPNETSECURITY.COM
29 AprMargin vs. Madness: Fixing MSSP Top 5 Operational NightmaresLeading a managed security services provider has never been a comfortable job. And it isn’t now, though the demand for MSSPs has never been higher. The global threat landscape is expanding faster than most enterprise security teams can keep pace with, and orga…ANY.RUN
29 AprEino’s agentic network observability platform enables real-time, AI-driven network insightsEino has introduced a new class of solution for enterprises known as agentic network observability. Designed for enterprises with multiple network technologies and mission-critical use cases, Eino’s agentic solution uses a 3D digital twin approach of the physical environment to d…HELPNETSECURITY.COM
29 AprMicrochip expands Trust Shield with PQC-ready root of trust and secure boot controllersMicrochip Technology is expanding its portfolio of Trust Shield, PQC‑ready devices with the TS1800 Platform Root of Trust controller and the TS50x secure boot controller. The devices are designed to help system architects address emerging cybersecurity mandates, including the Eur…HELPNETSECURITY.COM
29 AprKaseya agentic IT management unifies data and automates ticketing, security and backupsKaseya has introduced an agentic IT management platform powered by Kaseya Intelligence, combining unified data across IT operations, cybersecurity, and resilience with an execution layer that autonomously triages tickets, contains threats, verifies backups, and optimizes workflow…HELPNETSECURITY.COM
29 AprAt Machine Speedsubmitted by codeinabox to security 1 points | 0 comments https://matthiasott.com/notes/at-machine-speedPROGRAMMING.DEV
29 AprAI-powered honeypots: Turning the tables on malicious AI agentsJust as AI brings time-saving advantages to our lives, it brings similar advantages to threat actors. We can take the advantage back. This blog shows how generative AI can be used to rapidly deploy adaptive honeypot systems.TALOSINTELLIGENCE.COM
29 AprScam-checking just got a lot easier: Malwarebytes is now in ClaudeWe're in Claude! Now everyone can use our threat intel to check suspicious links, phone numbers, or email addresses. We're committed to helping you spot scams.MALWAREBYTES.COM
29 Apr9 Best Project Management Software in 2026We tested 10 leading project management tools and found monday.com best overall for its multiple views and extensive customization. ClickUp shines for affordability, while Confluence excels in project documentation. The post 9 Best Project Management Software in 2026 appeared fir…TECHREPUBLIC.COM
29 AprState CISOs losing confidence in ability to manage cyber risksDeloitte-NASCIO study shows AI, budget pressures are forcing states to make tough decisions.CYBERSECURITYDIVE.COM
29 AprApple removes AdGuard’s TrustTunnel iOS app from Russian App StoreApple has removed AdGuard’s TrustTunnel VPN client for iOS from Russia’s App Store following a request by the country’s internet regulator. Apple notified AdGuard via email of the app’s removal due to alleged violations of Russian law. According to the notice, the app “includes c…CYBERINSIDER.COM
29 AprWebinar: How to Automate Exposure Validation to Match the Speed of AI AttacksIn February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI setups to automate attacks directly into the kill chain. We aren't just talking about AI writing better phishing emails anymore. We’re talking about autonomous …THEHACKERNEWS.COM
29 AprPhishing Attacks Target Executives via Microsoft TeamsA phishing campaign is targeting senior executives with social engineering attacks conducted over Microsoft Teams, according to researchers at ReliaQuest. The researchers believe former associates of the Black Basta criminal gang are running this operation.KNOWBE4.COM
29 AprLazarus Targets macOS Users With New “Mach-O Man” Malware KitLazarus Group is abusing “ClickFix” social engineering to push a new macOS malware kit dubbed “Mach-O Man,” giving attackers a direct path to credentials, Keychain secrets, and corporate access in fintech and crypto environments. This research is authored by Mauro Eldritch, an of…GBHACKERS.COM
29 AprA Practical Guide to BloodHound Data CollectionThis blog will not dive too deeply into BloodHound itself; instead, we will focus on various methods to collect AD data to provide BloodHound as input. The post A Practical Guide to BloodHound Data Collection appeared first on Black Hills Information Security, Inc. .BLACKHILLSINFOSEC.COM
29 AprSet AI Security Red Lines NowSecurity leaders are prioritizing speed and accuracy in AI adoption, while defining strict governance “red lines” around critical systems like identity and access. Without clear boundaries, AI deployments can introduce instability and risk into core enterprise functions. Governan…YOUTUBE.COM
29 AprThis $30 Subscription Will Bring AI Into Your BusinessTap into the power of OpenAI, Meta, Midjourney, and additional powerful AI models with 1min.AI. The post This $30 Subscription Will Bring AI Into Your Business appeared first on TechRepublic .TECHREPUBLIC.COM
29 AprCongress, industry ponder government posture for protecting data centersA hearing of the House Homeland Security panel’s cyber subcommittee weighed whether to designate data centers as a standalone critical infrastructure sector. The post Congress, industry ponder government posture for protecting data centers appeared first on CyberScoop .CYBERSCOOP.COM
29 AprSAS Launches AI Governance Tools to Tame Agentic AI in the EnterpriseSAS expands Viya with governed AI agents, copilots, and new governance tools aimed at helping enterprises manage shadow AI and build trust in automation. The post SAS Launches AI Governance Tools to Tame Agentic AI in the Enterprise appeared first on TechRepublic .TECHREPUBLIC.COM
29 AprAWS to Resell OpenAI Products After Microsoft Loses Exclusive LicenseAmazon is bringing OpenAI's models and Codex to AWS after Microsoft’s shift away from exclusivity, giving cloud customers more ways to use AI tools. The post AWS to Resell OpenAI Products After Microsoft Loses Exclusive License appeared first on TechRepublic .TECHREPUBLIC.COM
29 AprNew Apple Rumor: iOS 27 Could Add AI Editing Tools to PhotosApple reportedly plans new AI editing tools for Photos in iOS 27, including image expansion, spatial photo reframing, and smarter enhancements. The post New Apple Rumor: iOS 27 Could Add AI Editing Tools to Photos appeared first on TechRepublic .TECHREPUBLIC.COM
29 AprHackers Abuse Robinhood Signup Process to Deliver Phishing EmailsRobinhood fixed an account-creation flaw that hackers abused to send convincing phishing emails from its own system to some users over the weekend. The post Hackers Abuse Robinhood Signup Process to Deliver Phishing Emails appeared first on TechRepublic .TECHREPUBLIC.COM
29 AprCISOs Step Into the BoardroomCISOs are increasingly engaging in direct, strategic conversations at the board level, shifting beyond traditional reporting roles. As AI automates operational security tasks, leaders have more capacity—and expectation—to focus on governance, risk, and organizational direction. T…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
29 AprLotus Wiper Attack Targeted Venezuelan Energy Firms, UtilitiesAn analysis of the destructive malware reveals sophisticated living-off-the-land (LotL) techniques and detailed strategies for the widespread deletion of data.DARKREADING.COM
29 AprNew Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATsCybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic's Claude Opus large language model (LLM). The package in question is "@validate-sdk/v2," which is listed on npm as a utility software d…THEHACKERNEWS.COM
📡 INFOSEC NEWS 14[−]
29 AprWeekly Threat Bulletin – April 29th, 2026These are the top threats you should know about this week.F5.COM
29 AprA Quarter of Healthcare Organizations Report Medical Device Cyber-AttacksRunSafe report reveals most attacks on medical devices disrupt patient careINFOSECURITY-MAGAZINE.COM
29 AprWhat to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting with green. Then someone in a leadership meeting asks: "So, are we actually safer now?" Crickets. The room goes quiet because an honest answe…THEHACKERNEWS.COM
29 AprToday's Odd Web Requests, (Wed, Apr 29th)Today, two different "new" requests hit our honeypots. Both appear to be recon requests and not associated with specific vulnerabilities. But as always, please let me know if you have additional information ISC.SANS.EDU
29 AprMalicious npm Dependency Linked to AI Assisted Commit Targets Crypto WalletsResearchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes crypto walletsINFOSECURITY-MAGAZINE.COM
29 AprWhat Is Dark Web Monitoring?What Is Dark Web Monitoring? Every day, stolen credentials, leaked records, and sensitive data show up in hidden corners of the internet. Most security tools never reach those places. Dark Web Monitoring does. In this guide, you will learn the Dark Web Monitoring meaning, how it …SOCRADAR.IO
29 AprCursor Extension Flaw Exposes Developer API KeysCursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerXINFOSECURITY-MAGAZINE.COM
29 AprInternet censorship index reveals Russia’s lead and widespread content blockingGlobal study shows targeted internet censorship worldwide, with Russia leading; VPNs, news, and adult content are most frequently blocked categories. The Global Internet Censorship Index 2026 offers a clear view of how governments around the world control online access. Researche…SECURITYAFFAIRS.COM
29 AprVehicle-based surveillance tools | Kaspersky official blogAn inside look at who uses built-in automotive tracking and how you can avoid being monitoredKASPERSKY.COM
29 AprDesigning trust and safety into Amazon Bedrock powered applicationsGenerative AI brings promising innovation, transforming how individuals and organizations approach everything from customer service to content creation and more. As AI continues to expand its capabilities, organizations are increasingly focused on how they can integrate the respo…AWS.AMAZON.COM
29 AprCloudsmith raises $72 million in Series C funding.Spectrum Security emerges from stealth with $19 million. Israeli data security company Cyera acquires Ryft.THECYBERWIRE.COM
29 AprUS, China partner on scam center takedown in DubaiThe Justice Department said the operation began last year following “numerous” victim complaints to the FBI by U.S. victims who lost millions through cryptocurrency investment fraud schemes.THERECORD.MEDIA
29 AprResearchers built a chatbot that only knows the world before 1931What happens when you strip the internet out of AI? Researchers built a chatbot that only knows the world before 1931.MALWAREBYTES.COM
29 AprHouse approves spy program on second attempt, Senate fate murkyThe bill, which passed 235-191, would renew Section 702 of the Foreign Intelligence Surveillance Act for three years.THERECORD.MEDIA