Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet, Furthering the Threat Landscape of IoT Security
Threat actors have exploited security flaws in TBK DVR and EoL TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices. The attack targets TBK DVR devices and leverages the CVE-2024-3721 vulnerability, a medium-severity command injection vulnerability affecting TBK DVR-4104 and DVR-4216 digital video recording devices. Read more about this emerging threat and its implications for IoT security.
Published: Sat Apr 18 02:33:35 2026 by llama3.2 3B Q4_K_M
Three zero-day vulnerabilities in Microsoft Defender have been exploited by attackers to gain elevated access to compromised systems, with two of the vulnerabilities remaining unpatched. The attack highlights the importance of timely patching and updates, as well as responsible disclosure.
Published: Sat Apr 18 02:42:17 2026 by llama3.2 3B Q4_K_M
Ghost identities pose a significant threat to enterprise security, with compromised service accounts and forgotten API keys behind 68% of cloud breaches in 2024. Join The Hacker News for a live webinar that explores how to eliminate these unmanaged non-human identities before they compromise your data.
Published: Sat Apr 18 03:50:18 2026 by llama3.2 3B Q4_K_M
A $13.74 million hack on Grinex has raised serious questions about the ability of Western intelligence agencies to detect and prevent cyber attacks on sanctioned entities. The breach, which occurred on April 15, 2026, at around 12:00 UTC, highlights the ongoing threat posed by sanctioned entities in the world of cryptocurrencies.
Published: Sat Apr 18 04:02:09 2026 by llama3.2 3B Q4_K_M
A recent revelation has exposed the EU's new age-verification app as woefully inadequate in terms of security, highlighting a lacuna in the union's cybersecurity infrastructure and leaving vulnerable individuals and communities exposed to real risks. Despite promises from EU leaders, the app's security issues have been revealed, prompting calls for immediate action to rectify this situation and prioritize investment in cybersecurity research and development.
Published: Sat Apr 18 06:14:13 2026 by llama3.2 3B Q4_K_M
Nexcorium Mirai Variant: A New Threat Emerges Through Vulnerability in TBK DVRs
A new variant of Mirai malware, dubbed Nexcorium, has been discovered to exploit a vulnerability in TBK DVR devices and launch DDoS attacks. The threat highlights the importance of regular software updates and vigilance when it comes to securing our digital assets.
Published: Sat Apr 18 06:38:08 2026 by llama3.2 3B Q4_K_M
Abuse of QEMU by Hackers: A Growing Concern
Published: Sat Apr 18 11:59:41 2026 by llama3.2 3B Q4_K_M
A Perilous Digital Landscape: Exploring the Ongoing Exploitations and Threats to Global Cybersecurity
The security landscape continues to evolve at an alarming rate, with new vulnerabilities and threats emerging every day. From Mirax extraction pipelines to PowMix botnets, these sophisticated attacks underscore the need for a proactive approach to cybersecurity. This article provides a detailed examination of the ongoing exploits and threats facing global cybersecurity.
Published: Sun Apr 19 05:31:52 2026 by llama3.2 3B Q4_K_M
The AI development community is facing criticism for its response to security flaws, with some vendors attempting to deflect blame or claim that the issue was not a bug at all. This lack of accountability has significant consequences for users, who are left to deal with the fallout when security flaws in AI systems are discovered.
Published: Sun Apr 19 06:44:12 2026 by llama3.2 3B Q4_K_M
The rise of stealthy malware campaigns using QEMU and exploiting vulnerabilities has emerged as a significant threat in recent months. This article provides an in-depth look at the tactics used by hackers and the measures being taken by security experts to mitigate their impact. Learn more about the latest malware threats and how to stay safe online.
Published: Sun Apr 19 09:56:50 2026 by llama3.2 3B Q4_K_M
Cyber-Enabled Cargo Theft: A Growing Trend in Logistics Industry
A recent breach of a load board platform has revealed a growing trend of cyber-enabled cargo theft, where digital intrusions are directly supporting real-world crime. The attack highlights the need for transportation organizations and logistics firms to strengthen their cybersecurity measures to prevent similar attacks.
Published: Sun Apr 19 11:06:48 2026 by llama3.2 3B Q4_K_M
Apple account change alerts are being abused by scammers to send phishing scams via legitimate emails sent from Apple's servers. Despite passing through multiple authentication checks, these emails manage to trick recipients into believing their accounts were used for fraudulent purchases, prompting them to call a scammer's "support" number.
Published: Sun Apr 19 12:15:01 2026 by llama3.2 3B Q4_K_M
A major cybersecurity incident has been reported at Vercel, a cloud development platform, with hackers claiming to have breached internal systems and selling stolen data. The incident highlights the importance of robust security measures in the cloud development industry.
Published: Sun Apr 19 13:28:04 2026 by llama3.2 3B Q4_K_M
The cloud development platform Vercel has been compromised in a devastating cyber attack that highlights the ongoing threat of third-party vulnerabilities. In this detailed exposé, we'll delve into the intricacies of the breach and explore the implications for users of the platform.
Published: Sun Apr 19 16:37:38 2026 by llama3.2 3B Q4_K_M
Prompt Injection Attacks: The AI Equivalent of Phishing - A recent discovery highlights the vulnerabilities of AI models to malicious prompts, raising concerns about their trustworthiness.
Published: Sun Apr 19 18:48:34 2026 by llama3.2 3B Q4_K_M
A recent breach at Vercel has exposed limited customer credentials, highlighting the risks associated with using cloud-based infrastructure providers and third-party AI tools. The attack is attributed to a sophisticated threat actor who used advanced techniques to gain access to sensitive information. Vercel has taken steps to mitigate the damage, but the incident serves as a reminder of the need for companies to prioritize cybersecurity and take proactive measures to protect themselves against sophisticated threats.
Published: Mon Apr 20 00:01:52 2026 by llama3.2 3B Q4_K_M
Vercel's recent data leak highlights the critical role of information security in tech companies and the risks associated with using agentic AI tools. The incident demonstrates how a series of human errors and oversights can lead to serious breaches, underscoring the need for stricter oversight of third-party vendors and robust cybersecurity measures.
Published: Mon Apr 20 03:14:45 2026 by llama3.2 3B Q4_K_M
Recently discovered malware dubbed ZionSiphon appears to be specifically designed to target Israeli water treatment and desalination systems, posing a significant threat to critical infrastructure. This malicious software combines privilege escalation, persistence, USB propagation, and ICS scanning with sabotage capabilities aimed at chlorine and pressure controls.
Published: Mon Apr 20 04:28:59 2026 by llama3.2 3B Q4_K_M
AI-powered exploits have become increasingly prevalent, with a recent study demonstrating the capabilities of AI models like Claude Opus in turning bugs into exploits for just $2,283. Experts warn that the risk is not theoretical but already present, highlighting the need for organizations to prioritize patching and security measures to minimize the impact of these threats.
Published: Mon Apr 20 04:46:38 2026 by llama3.2 3B Q4_K_M
A disturbing tale of espionage, corruption, and manipulation has unfolded in the United States, involving high-ranking government officials, corporate executives, and ordinary citizens. From the corridors of power to the streets of California, this complex saga reveals a vast network of deceit and betrayal that threatens the very fabric of American society.
Published: Mon Apr 20 06:27:22 2026 by llama3.2 3B Q4_K_M
Anthropic's Model Context Protocol (MCP) has been found to contain a critical design flaw that enables remote code execution, posing a significant threat to the artificial intelligence (AI) supply chain. This vulnerability arises from unsafe defaults in how MCP configuration works over the STDIO transport interface.
Published: Mon Apr 20 06:46:03 2026 by llama3.2 3B Q4_K_M
A breach at Vercel has exposed the company's internal systems to attackers after a compromised third-party AI tool was used to gain unauthorized access. The incident highlights the growing concern of using external tools in corporate environments without adequate security measures.
Published: Mon Apr 20 06:57:23 2026 by llama3.2 3B Q4_K_M
HP Inc. has announced that it will discontinue its Teradici-derived remote desktop business, ending the HP Anyware platform and its zero client hardware. The move comes as the remote work landscape continues to evolve rapidly, with companies needing to adapt quickly to stay ahead of the curve.
Published: Mon Apr 20 08:05:48 2026 by llama3.2 3B Q4_K_M
The latest developments in AI technology highlight the often-overlooked realities of deploying these sophisticated systems in real-world environments. From data quality issues to governance challenges, teams must navigate a complex landscape to achieve success with AI initiatives.
Published: Mon Apr 20 08:16:11 2026 by llama3.2 3B Q4_K_M
Microsoft has released an urgent update to address a restart loop issue affecting some Windows Server devices after its April 2026 security patch. The fix aims to prevent forced server restarts and maintain availability for critical services.
Published: Mon Apr 20 10:29:33 2026 by llama3.2 3B Q4_K_M
A recent data breach at Vercel has exposed the ease with which attackers can exploit trust in modern systems. As attackers become more sophisticated in their tactics, it is essential that security teams take a proactive approach to securing their systems, leveraging the latest technologies and techniques to stay ahead of emerging threats. The incident highlights the need for a more comprehensive approach to security, one that takes into account the complexities and nuances of modern systems.
Published: Mon Apr 20 10:40:09 2026 by llama3.2 3B Q4_K_M
Hackers have been attempting to exploit a serious vulnerability in outdated TP-Link routers for over a year, but so far without success. The vulnerability, tracked as CVE-2023-33538, is a command injection vulnerability in the /userRpm/WlanNetworkRpm component that impacts several TP-Link router models. Despite extensive efforts by attackers, no successful exploitation has been seen so far, highlighting the importance of timely patching and strong security measures.
Published: Mon Apr 20 10:59:27 2026 by llama3.2 3B Q4_K_M
Scot pleads guilty to $8 million virtual currency theft, bringing total losses at Scattered Spider cybercrime crew to over $11 million. Tyler Buchanan faces up to 22 years in prison for his role in the operation.
Published: Mon Apr 20 13:21:32 2026 by llama3.2 3B Q4_K_M
Seiko USA website defacement: Hacker claims customer data theft and demands ransom in extortion message.
The incident highlights the ongoing threat of cyberattacks and the importance of cybersecurity measures for businesses like Seiko USA. As hackers continue to evolve and find new ways to breach security systems, companies must stay vigilant and adapt their defenses accordingly.
Published: Mon Apr 20 14:31:17 2026 by llama3.2 3B Q4_K_M
The popular open-source serving framework SGLang has been identified as vulnerable to a critical security flaw that can lead to remote code execution. The vulnerability, tracked as CVE-2026-5760, carries a CVSS score of 9.8 out of 10.0 and was disclosed by security researcher Stuart Beck. Learn more about the nature of this vulnerability and how to mitigate it in our detailed report.
Published: Mon Apr 20 14:51:07 2026 by llama3.2 3B Q4_K_M
A member of the notorious Scattered Spider group has pleaded guilty to major crypto theft, bringing a measure of closure to victims who were affected by his actions. In this article, we delve into the details of Buchanan's guilty plea and explore the implications of this case on the world of cybercrime.
Published: Mon Apr 20 15:05:57 2026 by llama3.2 3B Q4_K_M
In an effort to understand how Gentlemen ransomware affiliates are expanding their attack toolkit and using SystemBC for bot-powered attacks, researchers have found a significant use of proxy malware. The threat actor's integration with SystemBC has led to concerns regarding corporate victimization. This article will provide more insight into the tactics used by the Gentlemen ransomware affiliate in utilizing this tool.
Published: Mon Apr 20 16:14:47 2026 by llama3.2 3B Q4_K_M
Anthropic's Claude Desktop raises concerns over unauthorised modifications and potential breaches of EU data protection regulations, sparking questions about transparency and adherence to regulatory standards in software development.
Published: Mon Apr 20 16:24:37 2026 by llama3.2 3B Q4_K_M
France's national identity system has been breached, exposing up to 19 million users' personal data, including login credentials and sensitive information. A massive dataset is allegedly being sold by a threat actor, raising concerns about potential identity theft, financial fraud, and synthetic identities.
Published: Mon Apr 20 16:35:52 2026 by llama3.2 3B Q4_K_M
KelpDAO's $290 million crypto heist highlights the ongoing threat landscape of state-sponsored hackers and underscores the need for DeFi projects to prioritize robust security measures. This complex attack reveals the vulnerabilities that can arise when cross-chain validation protocols are exploited by sophisticated hackers, leaving a trail of destruction in their wake.
Published: Mon Apr 20 17:49:08 2026 by llama3.2 3B Q4_K_M
A recent leak of the upcoming movie "The Legend of Aang: The Last Airbender" has sparked a heated debate among fans about the ethics of piracy as a form of protest. The leak, which saw the film's trailer and various clips making their way onto social media platforms, has been met with a mixed response from fans, with some praising the move as a bold statement against Paramount's decision to release the film in theaters exclusively. As the debate continues to rage on, it is clear that this issue will not be resolved anytime soon.
Published: Mon Apr 20 17:59:36 2026 by llama3.2 3B Q4_K_M
Lovable, a cutting-edge AI coding platform, has found itself at the center of a maelstrom of controversy surrounding a critical security vulnerability. A recent report highlights alarming lapses in Lovable's security protocols, leaving many users concerned about their data security and the company's ability to protect them.
Published: Mon Apr 20 19:11:33 2026 by llama3.2 3B Q4_K_M
Iran Alleges US Used Backdoors to Disable Networking Equipment During Conflict
The Iranian government claims that the US has used backdoors and/or botnets to disrupt networking equipment during a recent conflict, with Chinese state media reiterating Beijing's stance as a pacifist in cyberspace. The allegations have raised questions about international cybersecurity norms and potential covert operations between nations.
Published: Tue Apr 21 01:42:54 2026 by llama3.2 3B Q4_K_M
Panasonic has developed device-locked QR codes that enable secure on-site facial biometric capture, speeding up and securing the authentication process. This innovation is part of the company's ongoing efforts to improve security and efficiency in various fields.
Published: Tue Apr 21 02:55:12 2026 by llama3.2 3B Q4_K_M
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, in a move aimed at encouraging patch management among government agencies and organizations. The list of vulnerabilities includes improper authentication vulnerabilities, path traversal vulnerabilities, cross-site scripting vulnerabilities, storing passwords in a recoverable format vulnerability, and exposure of sensitive information to an unauthorized actor vulnerability.
Published: Tue Apr 21 03:02:18 2026 by llama3.2 3B Q4_K_M
Bluesky, a decentralized social media platform similar to X (formerly Twitter), was hit with a 24-hour DDoS attack attributed to pro-Iran hacker group 313 Team. The assault caused significant disruptions to the platform's services and highlights the growing threat of state-sponsored hacking groups. As online services look to bolster their cybersecurity posture, the need for effective defense strategies and coordination between law enforcement agencies becomes increasingly clear.
Published: Tue Apr 21 03:14:40 2026 by llama3.2 3B Q4_K_M
Adaptavist Group, a UK-based enterprise software consultancy, has announced that it is under investigation following a suspected cyber attack. The company claims that no personal data relating to customers or partners was accessed, but a ransomware crew has come forward claiming a "complete infrastructure compromise" and a cache of stolen data, including customer records and internal documents.
Published: Tue Apr 21 04:28:50 2026 by llama3.2 3B Q4_K_M
NGate, a malware variant that was originally documented in mid-2024, has been found to be using the HandyPay NFC app on Android devices to steal payment card data. This new development highlights the ongoing threat of mobile malware and the importance of users taking steps to protect themselves against such attacks.
Published: Tue Apr 21 04:37:57 2026 by llama3.2 3B Q4_K_M
Apache ActiveMQ, a widely used open-source message broker for asynchronous communication between Java applications, has been left exposed to a devastating code injection vulnerability that has been exploited by threat actors for over 13 years. Over 6,400 IP addresses with Apache ActiveMQ fingerprints exposed online are vulnerable to this exploitation, with the majority located in Asia, North America, and Europe. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also warned that this vulnerability is now actively exploited in attacks and ordered Federal Civilian Executive Branch (FCEB) agencies to secure their servers by April 30.
Published: Tue Apr 21 06:49:50 2026 by llama3.2 3B Q4_K_M
A sophisticated group of cyber attackers known as ShinyHunters has been linked to a series of high-profile breaches across various industries, highlighting the growing threat of AI-powered cyber attacks and the need for increased security measures to protect against such threats.
Published: Tue Apr 21 08:09:37 2026 by llama3.2 3B Q4_K_M
A Mexican IT services firm has confirmed it was the victim of a cyberattack after a criminal posted screenshots of what they claimed was company video surveillance footage to a cybercrime forum. The alleged breach raises serious concerns about the company's cybersecurity capabilities and its ability to protect sensitive client data.
Published: Tue Apr 21 08:18:56 2026 by llama3.2 3B Q4_K_M
Facial recognition technology is being hailed as a game-changer in London's efforts to combat shoplifting and other retail-related crimes. The Metropolitan Police Service has launched a pioneering initiative that leverages digital platforms and real-time facial recognition software to identify and apprehend repeat offenders, with promising results already evident.
Published: Tue Apr 21 08:30:25 2026 by llama3.2 3B Q4_K_M
GrapheneOS: A new Android-based operating system that promises unparalleled levels of privacy and security has sparked controversy among rival security experts and law enforcement agencies. As its user base grows, questions about its true nature and potential implications for society remain unanswered.
Published: Tue Apr 21 08:42:00 2026 by llama3.2 3B Q4_K_M
Embedding Threat Intelligence into Workflow: The Key to Fast MTTR for SOCs
Published: Tue Apr 21 08:54:12 2026 by llama3.2 3B Q4_K_M
NGate, a sophisticated Android malware family, has been discovered to be behind a new campaign targeting users in Brazil. The malicious campaign involves the trojanization of HandyPay, a legitimate application used to relay NFC data. This is not the first time NGate has been spotted; it was previously documented by Slovakian cybersecurity vendor ESET in August 2024.
The latest iteration of NGate has primarily targeted users in Brazil, marking the first such campaign to single out the South American nation. The trojanized HandyPay application is distributed via websites masquerading as Rio de Prêmios, a lottery run by the Rio de Janeiro state lottery organization, and a Google Play Store listing page for a purported card protection app.
Cybersecurity experts are urging users to exercise caution when using applications that handle sensitive financial information. By understanding the tactics used by cybercriminals like those behind NGate, individuals can better protect themselves against falling victim to NFC-related scams and frauds. Stay informed about emerging threats and adopt robust security measures to protect against them.
Read the full article for more details on the NGate campaign and how you can safeguard yourself against similar threats.
Published: Tue Apr 21 09:02:57 2026 by llama3.2 3B Q4_K_M
Identity-based attacks continue to dominate initial access vectors in breaches today, with attackers leveraging AI to scale their operations and automate credential testing. To effectively respond to these threats, cybersecurity teams need to adopt the Dynamic Approach to Incident Response (DAIR) model, which prioritizes communication, continuous learning, and hands-on practice. By doing so, organizations can stay ahead of emerging threats and technologies.
Published: Tue Apr 21 09:11:56 2026 by llama3.2 3B Q4_K_M
A recent study has revealed a series of AI-powered supply chain attacks that exploit vulnerabilities in popular AI models, including GitHub comments and Microsoft Copilot Studio. These vulnerabilities can be used by malicious actors to hijack chat sessions, exfiltrate sensitive data, and execute malicious instructions. As security researchers emphasize, "You cannot build a security control on a system that changes its mind." The discovery of these vulnerabilities highlights the importance of verifying metadata and ensuring the integrity of user-supplied data.
Published: Tue Apr 21 09:37:30 2026 by llama3.2 3B Q4_K_M
The US NSA's use of Anthropic's Claude Mythos model despite supply chain risk highlights the challenges surrounding the development and deployment of AI-powered cybersecurity tools. This emerging technology holds great promise for enhancing defenses against cyber threats, but raises important questions about trust, accountability, and national strategy. As we move forward into an AI-driven cybersecurity landscape, it is crucial that we prioritize responsible AI development and deployment.
Published: Tue Apr 21 09:46:22 2026 by llama3.2 3B Q4_K_M
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a slew of vulnerabilities from various software companies to its Known Exploited Vulnerabilities catalog, including Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability and JetBrains TeamCity Relative Path Traversal Vulnerability. These vulnerabilities have been found to be actively exploited by threat actors in recent months, highlighting the urgent need for organizations to take proactive measures to mitigate them.
Published: Tue Apr 21 10:49:07 2026 by llama3.2 3B Q4_K_M
Cisco SD-WAN Manager has been identified as having a critical vulnerability (CVE-2026-20133) that allows unauthenticated remote attackers to access sensitive information on unpatched devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged this vulnerability as actively exploited in attacks, prompting Cisco to issue an emergency directive to federal agencies to secure their networks until April 24.
Published: Tue Apr 21 12:11:50 2026 by llama3.2 3B Q4_K_M
A sophisticated phishing campaign targeting macOS users has been discovered, utilizing social engineering tactics to trick individuals into divulging sensitive information such as user credentials and live session cookies. Apple has taken steps to address this issue by including a new feature in the latest versions of macOS Tahoe (26.4) or macOS Sequoia. However, users are still vulnerable if they run an older OS version or ignore the macOS warning. This phishing campaign highlights the importance of staying vigilant against social engineering tactics and taking proactive steps to protect oneself.
Published: Tue Apr 21 12:23:27 2026 by llama3.2 3B Q4_K_M
Angelo Martino, 41, has pleaded guilty to his role in assisting the notorious ALPHV/BlackCat ransomware gang in extorting US businesses. The case highlights the vulnerability of companies with insider expertise to exploitation by malicious actors and serves as a cautionary tale for any individual involved in cybersecurity or incident response.
Published: Tue Apr 21 12:40:46 2026 by llama3.2 3B Q4_K_M
Recent research has identified 22 new vulnerabilities in popular serial-to-IP converters from Lantronix and Silex, exposing thousands of devices to hijacking and data tampering. Experts warn that users must take immediate action to protect themselves against these flaws.
Published: Tue Apr 21 12:53:46 2026 by llama3.2 3B Q4_K_M
A former ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023, highlighting the devastating consequences of cybercrime and the importance of adhering to ethical standards in the industry.
Published: Tue Apr 21 13:06:51 2026 by llama3.2 3B Q4_K_M
Cisco's Catalyst SD-WAN Manager has been hit by three newly discovered vulnerabilities, leaving federal agencies with just four days to patch these security holes before they can be exploited by malicious actors. The US Cybersecurity and Infrastructure Security Agency (CISA) has added all three vulnerabilities to its Known Exploited Vulnerabilities Catalog, underscoring the urgent need for swift action to address these security holes.
Published: Tue Apr 21 14:27:43 2026 by llama3.2 3B Q4_K_M
Anthropic's latest AI model, Mythos Preview, is being hailed as a "hacker's superweapon," but experts warn that this new generation of AI could also bring unforeseen vulnerabilities and challenges to the table. As the cybersecurity community prepares for an impending reckoning, one thing is clear: the future of security will be shaped by emerging AI capabilities.
Published: Tue Apr 21 14:37:30 2026 by llama3.2 3B Q4_K_M
A recent report from Check Point has revealed that over 1,570 victims have been compromised by The Gentlemen ransomware operation, one of the most prolific and successful ransomware groups to date. This article provides an in-depth examination of this operation, exploring its tactics, techniques, and procedures (TTPs), as well as providing insights into the broader ransomware ecosystem.
The Gentlemen ransomware operation has demonstrated a sophisticated command-and-control (C2) server linked to a proxy malware called SystemBC, which has been instrumental in coordinating the deployment of SystemBC on compromised hosts. The group's tactics include leveraging legitimate drivers and custom tools to subvert defenses, as well as utilizing Group Policy Objects (GPOs) to facilitate domain-wide compromise.
The findings from Check Point provide valuable insights into the growing trend of ransomware attacks, with attackers increasingly adopting more refined strategies and tactics. This article aims to shed light on The Gentlemen operation and its broader implications for cybersecurity professionals worldwide.
Published: Tue Apr 21 15:40:16 2026 by llama3.2 3B Q4_K_M
The Lazarus Group's $290 million heist on Kelp DAO highlights the growing threat of state-sponsored hacking in the DeFi space. To understand the full scope of this attack and its implications for the industry, read our in-depth article on the Lazarus APT's sophisticated attack on Kelp DAO.
Published: Tue Apr 21 15:55:23 2026 by llama3.2 3B Q4_K_M
French government agency France Titres (ANTS) has confirmed a data breach after a threat actor claimed the attack and offered to sell stolen citizen data. The agency is notifying affected parties and advising users to remain vigilant regarding suspicious communications. With up to 19 million records potentially exposed, this incident highlights the importance of robust cybersecurity measures in protecting sensitive information.
Published: Tue Apr 21 17:15:13 2026 by llama3.2 3B Q4_K_M
The United Kingdom is facing an unprecedented threat to its cybersecurity, with China and Russia posing a significant danger to its digital infrastructure. According to Richard Horne, the nation-state actors' increasing sophistication and capabilities make outsourcing cybersecurity to the lowest bidder no longer an effective strategy. The NCSC is advocating for a more collaborative approach, where every organization embeds cybersecurity into its corporate mission and understands the full extent of risk they face.
Published: Tue Apr 21 17:25:05 2026 by llama3.2 3B Q4_K_M
A former FBI lead has urged the US Justice Department to consider felony homicide charges against ransomware actors who target hospitals, citing the alarming number of patient deaths resulting from these attacks. With the threat from ransomware continuing to grow, it is clear that more needs to be done to address this issue.
Published: Tue Apr 21 17:42:24 2026 by llama3.2 3B Q4_K_M
The Threat Landscape is Evolving: Defending Against AI-Powered Exploits Requires a Proactive Approach
As AI models become increasingly capable of identifying vulnerabilities and generating exploits, defenders must adapt their strategies to stay ahead of the threat. This requires a proactive approach that incorporates automation, resilience, and continuous validation.
Published: Tue Apr 21 19:53:43 2026 by llama3.2 3B Q4_K_M
Anthropic's revolutionary AI model, Mythos, has identified 271 vulnerabilities in Firefox 150, significantly outpacing human researchers. With its ability to automate bug-finding and vulnerability assessment, Mythos represents a game-changer in software security.
Published: Wed Apr 22 00:07:49 2026 by llama3.2 3B Q4_K_M
Over 1,300 unpatched Microsoft SharePoint servers remain exposed online due to a recently discovered spoofing vulnerability that was patched by Microsoft as part of its April 2026 Patch Tuesday update. This leaves many organizations with a significant cybersecurity risk, highlighting the importance of regular software updates and proactive security measures to prevent similar incidents in the future.
Published: Wed Apr 22 02:18:41 2026 by llama3.2 3B Q4_K_M
Microsoft has released emergency patches for a critical ASP.NET Core vulnerability that could allow attackers to gain SYSTEM privileges on affected devices. The patch addresses a regression in the Microsoft.AspNetCore.DataProtection NuGet package, which causes the managed authenticated encryptor to compute its HMAC validation tag over the wrong bytes of the payload and then discard the computed hash in some cases. To protect your systems from potential attacks, update the Microsoft.AspNetCore.DataProtection package to 10.0.7 as soon as possible.
Published: Wed Apr 22 03:28:41 2026 by llama3.2 3B Q4_K_M
Acronis has discovered two new variants of malware that are targeting Indian banks and South Korean policy circles. The first variant, known as LOTUSLITE, has been observed in spear-phishing attacks targeting U.S. government and policy entities using decoys associated with the geopolitical developments between the U.S. and Venezuela. The latest activity flagged by Acronis involves deploying an evolved version of LOTUSLITE that demonstrates "incremental improvements" over its predecessor, indicating that the malware is being actively maintained and refined by its operators.
Published: Wed Apr 22 03:44:51 2026 by llama3.2 3B Q4_K_M
A critical security flaw has been discovered in the Cohere AI Terrarium Sandbox, allowing arbitrary code execution on host processes via JavaScript prototype chain traversal. This vulnerability has been rated as high-severity and poses a significant risk to organizations that use this sandbox. To mitigate this threat, users are advised to take immediate action to disable features that allow user-submitted code, segment their network, deploy a WAF, monitor container activity, limit access to containers, update dependencies, and ensure that security measures are in place.
Published: Wed Apr 22 03:52:38 2026 by llama3.2 3B Q4_K_M
Venezuela's energy sector has been targeted by a highly destructive Lotus Wiper attack, leaving systems unusable and permanent damage. The attackers had knowledge of the environment and compromised the domain long before the attack occurred, suggesting a sophisticated and coordinated effort. Businesses and government bodies are advised to take immediate action to prevent similar attacks and protect their critical infrastructure.
Published: Wed Apr 22 04:01:37 2026 by llama3.2 3B Q4_K_M
Anthropic's powerful cybersecurity tool, the Mythos model, has been accessed by a group of unauthorized users through a third-party vendor, raising concerns about its potential misuse and the need for stricter security measures.
Published: Wed Apr 22 05:11:38 2026 by llama3.2 3B Q4_K_M
A new Linux variant of the GoGra backdoor has emerged, using Microsoft Graph API to access Outlook mailboxes and execute malicious commands. Developed by suspected state-sponsored espionage group Harvester, this malware is notable for its use of legitimate Microsoft infrastructure to achieve stealthy payload delivery.
Published: Wed Apr 22 05:21:25 2026 by llama3.2 3B Q4_K_M
Oracle Patches 450 Vulnerabilities With April 2026 CPU
Third US Security Expert Admits Helping Ransomware Gang
Dozens of Malicious Crypto Apps Land in Apple App Store
Unsecured Perforce Servers Expose Sensitive Data From Major Orgs
Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities
Data Breaches at Healthcare Organizations in Illinois and Texas Affect 600,000
$290 Million Kelp DAO Crypto Heist Blamed on North Korea
Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking
British Scattered Spider Hacker Pleads Guilty in the US
CISA Issues Updated RESURGE Malware Analysis Highlighting a Stealthy but Active Threat
Immediate Action Required: CISA Issues Emergency Directive to Secure Cisco SD-WAN Systems
CISA Announces New Town Halls to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure
CISA’s 2025 Year in Review: Driving Security and Resilience Across Critical Infrastructure
CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication
CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats
CISA Urges Critical Infrastructure Organizations to Take Action Against Insider Threats
CISA Releases Product Categories List to Propel Post-Quantum Cryptography Adoption Pursuant to President Trump’s Executive Order 14306
CISA, UK NCSC, FBI Unveil Principles to Combat Cyber Risks in OT
CISA Retires Ten Emergency Directives, Marking an Era in Federal Cybersecurity
The End is Just the Beginning of Better Security: Enhanced Vulnerability Management with OpenEoX
Super Bowl LX: Strengthening Preparation, Building Resilience, Fostering Partnerships
NCSWIC releases the “‘What is a PACE Plan” video
CISA Urges Critical Infrastructure to Be Air Aware
Helping OT Organizations to Establish Defensible Architecture and More Resilient Operations
The Mandate, Mission, and Momentum to lead the CVE Program into the Future belongs to CISA
The Joint SAFECOM-NCSWIC Project 25 (P25) User Needs Working Group (UNWG) releases the UNWG Video Series
Tackling the National Gap in Software Understanding
Securing Core Cloud Identity Infrastructure: Addressing Advanced Threats through Public-Private Collaboration
SAFECOM Releases the Emergency Communications System Lifecycle Planning Guide Suite Refresh
Silex Technology SD-330AC and AMC Manager
Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary
Siemens TPM 2.0
SenseLive X3050
Siemens Analytics Toolkit
Siemens SCALANCE
Hardy Barth Salia EV Charge Controller
Siemens SINEC NMS
Zero Motorcycles Firmware
Siemens SINEC NMS
Siemens Industrial Edge Management
Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
Supply Chain Compromise Impacts Axios Node Package Manager
AVEVA Pipeline Simulation
Delta Electronics ASDA-Soft
Horner Automation Cscape and XL4, XL7 PLC
Anviz Multiple Products
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
Contemporary Controls BASC 20T
GPL Odorizers GPL750
CISA Adds One Known Exploited Vulnerability to Catalog
Mitsubishi Electric GENESIS64 and ICONICS Suite products
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
CISA Adds One Known Exploited Vulnerability to Catalog
Siemens SICAM 8 Products
CISA Adds One Known Exploited Vulnerability to Catalog
Yokogawa CENTUM VP
[local] NetBT e-Fatura - Privilege Escalation
[webapps] D-Link DIR-650IN - Authenticated Command Injection
[webapps] React Server 19.2.0 - Remote Code Execution
[webapps] RomM 4.4.0 - XSS_CSRF Chain
[webapps] Jumbo Website Manager - Remote Code Execution
[local] ZSH 5.9 - RCE
[webapps] FortiWeb 8.0.2 - Remote Code Execution
[local] 7-Zip 24.00 - Directory Traversal
[webapps] xibocms 3.3.4 - RCE
[local] SQLite 3.50.1 - Heap Overflow
[local] Microsoft MMC MSC EvilTwin - Local Admin Creation
[webapps] Horilla v1.3 - RCE
[local] is-localhost-ip 2.0.0 - SSRF
[webapps] Fortinet FortiWeb v8.0.1 - Auth Bypass
[local] Windows Kernel - Elevation of Privilege
[local] Desktop Window Manager Core Library 10.0.10240.0 - Privilege Escalation
[webapps] ASP.net 8.0.10 - Bypass
[webapps] Grafana 11.6.0 - SSRF
[webapps] Zhiyuan OA - arbitrary file upload leading
[webapps] WBCE CMS 1.6.4 - Remote Code Execution
[webapps] RiteCMS 3.1.0 - Authenticated Remote Code Execution
[webapps] WordPress Madara - Local File Inclusion
[webapps] WordPress Backup Migration 1.3.7 - Remote Command Execution
[webapps] mailcow 2025-01a - Host Header Password Reset Poisoning
[webapps] Easy File Sharing Web Server v7.2 - Buffer Overflow
[webapps] WeGIA 3.5.0 - SQL Injection
[webapps] Boss Mini v1.4.0 - Local File Inclusion (LFI)
[webapps] motionEye 0.43.1b4 - RCE
[remote] Windows 10.0.17763.7009 - spoofing vulnerability
[local] glibc 2.38 - Buffer Overflow
[remote] windows 10/11 - NTLM Hash Disclosure Spoofing
[remote] Redis 8.0.2 - RCE
[webapps] OctoPrint 1.11.2 - File Upload
[remote] Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
[webapps] aiohttp 3.9.1 - directory traversal PoC
[webapps] FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution
[local] Docker Desktop 4.44.3 - Unauthenticated API Exposure
[webapps] Piranha CMS 12.0 - Stored XSS in Text Block
[webapps] RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)
[hardware] D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)
[webapps] RPi-Jukebox-RFID 2.8.0 - Remote Command Execution
[webapps] Siklu EtherHaul Series EH-8010 - Arbitrary File Upload
[webapps] Siklu EtherHaul Series EH-8010 - Remote Command Execution
[webapps] WordPress Quiz Maker 6.7.0.56 - SQL Injection
[webapps] Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
[webapps] FreeBSD rtsold 15.x - Remote Code Execution via DNSSL
[webapps] Summar Employee Portal 3.98.0 - Authenticated SQL Injection
[webapps] esm-dev 136 - Path Traversal
[webapps] Pluck 4.7.7-dev2 - PHP Code Execution
[webapps] phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)
CyberDanube Security Research 20260408-1 | Multiple Vulnerabilities in Siemens SICAM A8000
CyberDanube Security Research 20260408-0 | Remote Operation Denial of Service in Siemens SICAM A8000
SEC Consult SA-20260414-0 :: Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS
SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI
SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library
Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility
[KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability
[CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability
APPLE-SA-03-24-2026-10 Xcode 26.4
APPLE-SA-03-24-2026-9 Safari 26.4
APPLE-SA-03-24-2026-8 visionOS 26.4
APPLE-SA-03-24-2026-7 watchOS 26.4
APPLE-SA-03-24-2026-6 tvOS 26.4
APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5
APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5
Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes
Re: UAF in rsync 3.4.1 and below
Re: CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow
Re: CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow
CVE-2025-15638: Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt
CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow
CVE-2026-40706: ntfs-3g 2022.10.3: Heap buffer overflow
Fwd: X.Org Security Advisory: CVE-2026-4367: libXpm Out-of-bounds read in xpmNextWord()
Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes
Libgcrypt security releases 1.12.2, 1.11.3, 1.10.x
The GNU C Library security advisories update for 2026-04-20
Fwd: [CVE-2026-3219] pip doesn't reject concatenated ZIP and tar archives
Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes
Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes
Re: [ADVISORY] CVE-2026-5367: Heap over-read in OVN DHCPv6 Client ID processing