1. A critical authentication bypass vulnerability in Nginx UI with Model Context Protocol support is currently being exploited in the wild for full server takeover. (https://www.bleepingcomputer.com/news/security/critical-nginx-ui-auth-bypass-flaw-now-actively-exploited-in-the-wild/)
2. A new zero day vulnerability in Microsoft SharePoint has been identified as actively exploited and is subject to a CISA remediation deadline. (https://www.reddit.com/r/cybersecurity/comments/1smf2gz/new_microsoft_sharepoint_zeroday_cve_april_15/)
3. CISA has issued a warning regarding the active exploitation of a Windows Task Host vulnerability in ongoing attacks. (https://www.reddit.com/r/cybersecurity/comments/1smh6eh/cisa_flags_windows_task_host_vulnerability_as/)
4. The UAC 0247 threat actor group is conducting a data theft malware campaign targeting Ukrainian government and municipal healthcare institutions. (https://thehackernews.com/2026/04/uac-0247-targets-ukrainian-clinics-and.html)
5. Researchers identified 108 malicious Chrome extensions that compromised 20000 users by stealing credentials and hijacking Telegram sessions. (https://www.bitdefender.com/en-us/blog/hotforsecurity/malicious-chrome-extensions-steal-google-telegram-data)
6. Threat actors have been weaponizing the n8n workflow automation platform since October 2025 to bypass security filters and deliver phishing payloads. (https://thehackernews.com/2026/04/n8n-webhooks-abused-since-october-2025.html)
7. Germany has seen a significant resurgence in cyber extortion activity with data leak site posts impacting infrastructure at levels comparable to 2022 and 2023. (https://cloud.google.com/blog/topics/threat-intelligence/europe-data-leak-landscape/)
8. Sweden reported that Russian hackers attempted a destructive cyberattack against a thermal power plant. (https://www.reddit.com/r/cybersecurity/comments/1smdmoj/sweden_blames_russian_hackers_for_attempting/)
9. Two US nationals were imprisoned for operating a laptop farm that enabled North Korean IT workers to infiltrate over 100 companies, including Fortune 500 firms. (https://www.bleepingcomputer.com/news/security/us-nationals-behind-north-korean-it-worker-laptop-farm-sent-to-prison/)
10. A long running six year ransomware campaign has been targeting residential users and small businesses in Turkey. (https://www.darkreading.com/cyberattacks-data-breaches/6-year-ransomware-campaign-turkish-homes-smbs)
11. Vishing attacks targeting Okta identity systems are currently on the rise. (https://www.reddit.com/r/cybersecurity/comments/1smw07e/vishing_attacks_on_okta_identity_systems_on_the/)
12. Anthropic accidentally leaked the source code for Claude Code due to a packaging error. (https://grahamcluley.com/smashing-security-podcast-463/)
13. Microsoft is investigating an issue where the April KB5082063 security update fails to install on certain Windows Server 2025 systems. (https://www.bleepingcomputer.com/news/microsoft/microsoft-april-windows-server-2025-update-may-fail-to-install/)
14. Telegram based recruitment campaigns are being used as a potential low cost espionage vector across Europe. (https://www.reddit.com/r/cybersecurity/comments/1smyzic/telegrambased_recruitment_campaigns_offering/)
Be First to Comment