🕵️ ThreatIntel
(289)
CriticalCritical flaw in Protobuf library enables JavaScript code execution
CriticalU.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog
CriticalResearcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
CriticalAVEVA Pipeline Simulation
CriticalFortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808)
CriticalSweden reports cyberattack attempt on heating plant amid rising energy threats
CriticalCisco says critical Webex Services flaw requires customer action
CriticalHackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
CriticalCritical Nginx UI auth bypass flaw now actively exploited in the wild
CriticalMicrosoft Issues Massive Windows Patch for 160+ Bugs, Including Two Zero-Days
CriticalCVE-2026-33032: severe nginx-ui bug grants unauthenticated server access
CriticalApril Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
CriticalActively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
CriticalMicrosoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day
CriticalOpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers
CriticalSitehop’s SAFEcore Edge enables ultra-low-latency, hardware-enforced post-quantum encryption
CriticalAdobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months
CriticalPatch Tuesday, April 2026 Edition
CriticalMicrosoft and Adobe Patch Tuesday, April 2026 Security Update Review
CriticalWhy Data Trust Is Key to AI Success
CriticalwolfSSL Vulnerability Hits IoT, Routers and Military Systems, Update to 5.9.1 Now
CriticalPrivilege Elevation Dominates Massive Microsoft Patch Update
CriticalCritical Patches Issued for Microsoft Products, April 14, 2026
CriticalMicrosoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
CriticalAttackers target unpatched ShowDoc servers via CVE-2025-0520
CriticalShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
CriticalMarch 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, Interlock Ransomware Group Exploits Cisco FMC Zero-Day
CriticalAdobe rolls out emergency fix for Acrobat, Reader zero-day flaw
CriticalAdobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)
HighSmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
HighSinger loses life savings to fake wallet downloaded from the Apple App Store
HighOperation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
HighPowMix botnet targets Czech workforce
HighData breach at edtech giant McGraw Hill affects 13.5 million accounts
HighWindows is getting stronger RDP file protections to fight phishing attacks
High From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere
HighYour Supply Chain Breach Is Someone Else's Payday
HighEducational company McGraw Hill says Salesforce misconfiguration led to data leak
HighAI Tools Will Accelerate International Fraud at Scale
HighPHP Composer flaws enable remote command execution via Perforce VCS
HighMicrosoft, Salesforce Patch AI Agent Data Leak Flaws
HighRaspberry Pi OS 6.2 disables passwordless sudo by default
HighMicrosoft adds Windows protections for malicious Remote Desktop files
HighNew ‘JanaWare’ ransomware targeting Turkish citizens as cybercriminal ecosystem fragments
HighWhy Data Protection Vendor Commvault Is Eyeing Going Private
HighSecuring non-human identities: automated revocation, OAuth, and scoped permissions
HighUS, UK and Canada disrupt $45M crypto theft in Operation Atlantic
HighPersonal data of 1 million gym members compromised in Basic-Fit security incident
HighMultiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution
HighHow Hackers Are Thinking About AI
HighW3LL phishing service sold for $500 dismantled by the FBI
HighMicrosoft ends desktop detour for sensitivity labels in Office web apps
HighNew PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
High5 Ways Zero Trust Maximizes Identity Security
HighMcGraw-Hill confirms data breach following extortion threat
High Omnistealer uses the blockchain to steal everything it can
HighShinyHunters claim the hack of Rockstar Games breach and started leaking data
HighRansomware-Linked ViperTunnel Malware Hits UK and US Businesses
HighBooking.com Confirms Data Breach as Hackers Access Customer Details
High29 million leaked secrets in 2025: Why AI agents credentials are out of control
HighBooking.com data breach: Customer reservation data exposed
HighCitizen Lab: Webloc tracked 500M devices for global law enforcement
MediumNew CGrabber and Direct-Sys Malware Spread Through GitHub ZIP Files
MediumNew ZionSiphon Malware Discovered Targeting Israeli Water Systems
MediumApache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
MediumNIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
MediumFoxit, LibRaw vulnerabilities
MediumZionSiphon malware designed to sabotage water treatment systems
MediumCISA Adds One Known Exploited Vulnerability to Catalog
MediumA Deep Dive Into Attempted Exploitation of CVE-2023-33538
MediumFrom clinics to government: UAC-0247 expands cyber campaign across Ukraine
MediumAI platform n8n abused for stealthy phishing and malware delivery
MediumOpenAI Launches GPT-5.4-Cyber to Boost Defensive Cybersecurity
MediumUkrainian emergency services and hospitals hit by espionage campaign using new AgingFly malware
MediumCryptohack Roundup: $45 Million Fraud Operation Disrupted
MediumZDI-26-265: Fortinet FortiWeb cgi_buf_alloc Integer Overflow Denial-of-Service Vulnerability
MediumZDI-26-284: DriveLock Directory Traversal Information Disclosure Vulnerability
MediumZDI-26-287: DriveLock Directory Traversal Information Disclosure Vulnerability
MediumZDI-26-288: DriveLock Directory Traversal Information Disclosure Vulnerability
MediumZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability
MediumWordPress plugin suite hacked to push malware to thousands of sites
MediumU.S. CISA adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog
MediumFake Claude AI Installer Targets Windows Users with PlugX Malware
MediumCISA flags Windows Task Host vulnerability as exploited in attacks
MediumMirax malware campaign hits 220K accounts, enables full remote control
MediumActive HanGhost Loader Campaign Targets Enterprise Payment and Logistics Workflows
MediumCISA Adds Two Known Exploited Vulnerabilities to Catalog
MediumYour Fraud Detection Model Is Already Too Late to the Party
MediumMirax RAT Targets Android Devices Through Meta Apps
MediumDavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend
MediumOligo enables real-time exploit detection and blocking at application runtime
MediumAI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
Medium16-31 March 2025 Cyber Attacks Timeline
MediumFake Claude AI installer abuses DLL sideloading to deploy PlugX
MediumU.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
MediumCISA Adds Seven Known Exploited Vulnerabilities to Catalog
MediumCSA: CISOs Should Prepare for Post-Mythos Exploit Storm
MediumCPUID watering hole attack spreads STX RAT malware
MediumRockstar Games receives “pay or leak” warning after cyberattack
InformationalGitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics
InformationalGoogle wipes out 602 million scam ads with Gemini on duty
InformationalGoogle Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
Informational “iCloud storage is full” scam is back, and now it wants your payment details
Informational'Harmless' Global Adware Transforms Into an AV Killer
InformationalNorth Korea Uses ClickFix to Target macOS Users' Data
InformationalPanorama del cibercrimen en América Latina y el Caribe
InformationalAI-powered website builders have come a long way - here's your best option in 2026
Informational A fake Slack download is giving attackers a hidden desktop on your machine
InformationalMore than pretty pictures: Wendy Bishop on visual storytelling in tech
InformationalMalicious WordPress Plugins with Backdoors Compromise Thousands of Websites
InformationalMicrosoft's Original Windows Secure Boot Certificate Is Expiring
InformationalTwo-Factor Authentication Breaks Free from the Desktop
InformationalTidal vs. Qobuz: I tried both hi-res streaming services, and they couldn't be more different
InformationalOpenAI's Codex Desktop can run your computer now - and has its own browser
InformationalMicrosoft: April Windows Server 2025 update may fail to install
InformationalUS nationals behind DPRK IT worker 'laptop farm' sent to prison
InformationalMost "AI SOCs" Are Just Faster Triage. That's Not Enough.
InformationalNew ATHR vishing platform uses AI voice agents for automated attacks
InformationalGoogle expands Gemini AI use to fight malicious ads on its platform
InformationalCargo thieving hackers running sophisticated remote access campaigns, researchers find
InformationalNew Jersey men given lengthy sentences for running North Korean laptop farms
InformationalObfuscation vs the Optimizer: An LLVM Middle-End Arms Race
InformationalWe're All Building a Single Digital Assistant
InformationalIran War: Future Scenario and Business Implications
InformationalThe same Microsoft Surface I bought 4 months ago is 69% more expensive now - here's why
InformationalNIST to limit work on CVE entries as submissions surge
InformationalMassive Chrome Extension Scam Exposes 20,000 Users to Data Theft
Informational108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users
InformationalHalf of all US employees use AI at work now - and waste almost 8 hours a week doing it
InformationalMicrosoft's latest Windows update now confirms if your PC is Secure Boot-protected - how it works
InformationalWhy Netgear just got the first FCC router ban exemption in the US
InformationalMicrosoft fixes bug behind Windows Server 2025 automatic upgrades
InformationalMicrosoft: April updates trigger BitLocker key prompts on some servers
InformationalRolling Networks: Securing the Transportation Sector
InformationalSigned software abused to deploy antivirus-killing scripts
InformationalSweden says pro-Russian hackers attempted to breach thermal power plant
Informational13.5M Device Botnet Drives 2 Tbps DDoS Attacks on FinTech, Qrator Finds
InformationalShinyHunters Leak Rockstar Games Data, No Player Records Impacted
InformationalRetaining defensive advantage in the age of frontier AI cyber capabilities
InformationalISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)
InformationalMicrosoft Bets $10 Billion to Boost Japan's AI, Cybersecurity
InformationalWhat changed in nginx 1.30.0 and what it means for your upstream config
InformationalOpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
InformationalA New Way to Buy Recorded Future: Solutions and Packages Built for the 2026 Threat Landscape
InformationalYou can try Linux 7.0 now on these distros - here's what's new
InformationalIs your Pixel battery draining faster lately? These 4 temporary fixes helped me
InformationalTired of Gemini interrupting you? This Google Home update fixes that and more
InformationalI love Sony's new Bluetooth turntable, so why do I feel so conflicted using it
InformationalA data removal service helped me reclaim my privacy - see if you need one, too
InformationalThis simple email trick saves me from annoying marketing spam (and it's free to do)
InformationalOver 100 Chrome Web Store extensions steal user accounts, data
InformationalCrypto-exchange Kraken extorted by hackers after insider breach
InformationalBig tech fails to opt-out users requesting not to be tracked much of the time, new research says
InformationalStudy: Off-the-Shelf LLMs Not Ready for Clinical Prime Time
InformationalCISA Workers Recalled Despite Shutdown
InformationalOpenAI Touts Wider Access to Its New Cyber Model
InformationalManaged OAuth for Access: make internal apps agent-ready in one click
InformationalScaling MCP adoption: Our reference architecture for simpler, safer and cheaper enterprise deployments of MCP
InformationalState-sponsored threats: Different objectives, similar access paths
InformationalMicrosoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities
InformationalKraken Exchange Faces Extortion After Insider Recorded System Footage
InformationalSecurity Risk Advisors Purple Team Participants Can Now Earn CPE Credits
InformationalHow Digital Annotations Are Replacing Paper Markups in Business
InformationalMicrosoft Patch Tuesday April 2026., (Tue, Apr 14th)
InformationalScanning for AI Models, (Tue, Apr 14th)
InformationalWhy Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads
InformationalWar Game Exercise Demonstrates How Social Media Manipulation Works
InformationalEDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses
InformationalMultiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
InformationalUpcoming Speaking Engagements
InformationalBasic-Fit hack compromises data of up to 1 million members
InformationalClaroty advances CPS security with Visibility Orchestration in xDome
InformationalTesting reveals Claude Mythos’s offensive capabilities and limits
InformationalOpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support
InformationalGoogle Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
InformationalGoogle $135M Settlement: Millions of Android Users May Qualify for Payout
InformationalIran War: Future Scenario and Business Improvements
InformationalAfter using these JBL headphones, I'm wondering if we're all too distracted by Sony and Bose
InformationalI added a MagSafe charger to my nightstand and realized its untapped potential: 3 ways it's useful
InformationalI'm ready for a foldable iPhone, but only if Apple does this right
InformationalWhy the Apple Watch's 20-minute calibration test is worth your time - especially if you're data curious
InformationalHow to use Google Messages' new Trash feature to recover texts you accidentally deleted
InformationalHow to share audio from your Android phone to multiple earbuds (and why it's genius)
InformationalChrome's new 'Skills' update lets you save AI prompts now - for one-click reuse
InformationalI tested every 'allergy-friendly' smart home gadget - these 6 actually keep the pollen out
InformationalMicrosoft rolls out fast-track to reinstate Windows hardware dev accounts
InformationalFake Ledger Live app on Apple’s App Store stole $9.5M in crypto
InformationalRussia appears to block social media platform Bluesky amid wider internet restrictions
InformationalVirginia enacts ban on precise geolocation data sales as momentum for similar prohibitions builds
InformationalBSIM explained once and for all!
InformationalAgentic AI memory attacks spread across sessions and users, and most organizations aren’t ready
InformationalGoogle to penalize sites that hijack the back button
InformationalBinary Defense expands NightBeacon with threat-aligned Detection Coverage Index
InformationalMirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
InformationalOpenAI Rotates macOS Certificates Following Axios Supply Chain Breach
InformationalAPT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
InformationalThe best Zoom alternatives in 2026: Expert tested and reviewed
InformationalAs an Android user, this MagSafe wallet is the clearest reason why Qi2 magnets shouldn't be ignored
InformationalI bought an earwax camera for my toolkit and use it for everything but my ears
InformationalOpenAI rotates macOS certs after Axios attack hit code-signing workflow
InformationalInteractive Brokers Phishing Scam: Fake IRS W-8BEN Renewal Alert
InformationalPreparing for Post-Quantum Cryptography: The Secure Firewall Roadmap
InformationalIran-linked group Handala claims to have breached three major UAE organizations
InformationalAlleged German DDoS-for-Hire Kingpin Behind Fluxstress Caught in Thailand
InformationalHack at Dutch gym chain Basic-Fit exposes customer data in several EU countries
