1. A remote unauthenticated RCE to root chain vulnerability has been identified in CUPS (https://www.reddit.com/r/netsec/comments/1sflk3t/spooler_alert_remote_unauthd_rcetoroot_chain_in/).
2. A path traversal vulnerability in an MCP server allows AI agents to access sensitive SSH keys (https://www.reddit.com/r/netsec/comments/1sfhmaa/we_found_a_path_traversal_in_an_mcp_server_with/).
3. A self propagating credential worm has compromised npm packages under the fairwords scope to steal tokens and infect PyPI packages (https://www.reddit.com/r/Malware/comments/1sfjg9f/fairwords_npm_packages_compromised_by_a/).
4. Authorities have disrupted a campaign involving router DNS hijacks used to steal Microsoft 365 login credentials (https://www.reddit.com/r/cybersecurity/comments/1sfnltx/authorities_disrupt_router_dns_hijacks_used_to/).
5. Unit 42 discovered critical sandbox escape vulnerabilities in Amazon Bedrock AgentCore that enable DNS tunneling and credential exposure (https://unit42.paloaltonetworks.com/bypass-of-aws-sandbox-network-isolation-mode/).
6. North Korean hackers are spreading 1700 malicious packages across npm, PyPI, Go, and Rust ecosystems to function as malware loaders (https://thehackernews.com/2026/04/n-korean-hackers-spread-1700-malicious.html).
7. Iran linked hackers are targeting internet exposed programmable logic controllers in U.S. critical infrastructure, causing operational disruptions (https://thehackernews.com/2026/04/iran-linked-hackers-disrupt-us-critical.html).
8. A critical vulnerability in the Ninja Forms WordPress plugin allows unauthenticated users to upload arbitrary files and achieve remote code execution (https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-flaw-in-ninja-forms-wordpress-plugin/).
9. A high severity vulnerability tracked as CVE 2026 34040 in Docker Engine allows attackers to bypass authorization plugins and gain host access (https://thehackernews.com/2026/04/docker-cve-2026-34040-lets-attackers.html).
10. Russian state linked APT28 is exploiting insecure MikroTik and TP-Link routers to conduct a global DNS hijacking and espionage campaign (https://thehackernews.com/2026/04/russian-state-linked-apt28-exploits.html).
11. A new zero day exploit for Windows privilege escalation has been reported, allowing users to gain administrative rights via a malicious executable (https://www.reddit.com/r/cybersecurity/comments/1sewcwa/run_the_funnyappexe_and_youre_a_windows_admin_an/).
12. CVE 2026 34197 has been identified as a remote code execution vulnerability in ActiveMQ via the Jolokia API (https://www.reddit.com/r/netsec/comments/1sf7sno/cve202634197_activemq_rce_via_jolokia_api/).
Be First to Comment