1. Cloud development platform Vercel confirmed a security breach involving unauthorized access to internal systems following the compromise of a third party AI tool used by an employee (The Hacker News). 2. Threat actors are actively exploiting a 17 year old Microsoft Excel vulnerability which has been flagged by the US cyber defense agency (Reddit). 3. Researchers identified a new malware strain named ZionSiphon targeting…
Posts tagged as “malware”
1. A critical authentication bypass vulnerability in Nginx UI with Model Context Protocol support is currently being exploited in the wild for full server takeover. (https://www.bleepingcomputer.com/news/security/critical-nginx-ui-auth-bypass-flaw-now-actively-exploited-in-the-wild/) 2. A new zero day vulnerability in Microsoft SharePoint has been identified as actively exploited and is subject to a CISA remediation deadline. (https://www.reddit.com/r/cybersecurity/comments/1smf2gz/new_microsoft_sharepoint_zeroday_cve_april_15/) 3. CISA has issued a warning regarding the active exploitation of a Windows Task Host…
1. A cluster of 108 malicious Google Chrome extensions was identified stealing user data and Telegram information from approximately 20000 users (thehackernews.com). 2. The critical ShowDoc remote code execution vulnerability CVE-2025-0520 is currently being actively exploited in the wild (thehackernews.com). 3. CISA added six vulnerabilities to its Known Exploited Vulnerabilities catalog including a critical SQL injection flaw in Fortinet FortiClient EMS tracked as CVE-2026-21643 (thehackernews.com).…
1. Adobe released an emergency patch for CVE-2026-34621, a critical vulnerability in Acrobat Reader currently under active exploitation in the wild (The Hacker News). 2. Threat actors compromised the CPUID website to distribute trojanized versions of CPU-Z and HWMonitor, which deployed the STX RAT to unsuspecting users (The Hacker News). 3. ShinyHunters claimed a data breach affecting Rockstar Games, allegedly facilitated through a Snowflake integration…
1. Threat actors have been actively exploiting a zero-day vulnerability in Adobe Reader via malicious PDF files since December 2025 (thehackernews.com). 2. The update system for the Smart Slider 3 Pro plugin was hijacked to distribute a backdoored version to WordPress and Joomla users (bleepingcomputer.com). 3. A new Lua-based malware strain named LucidRook is being deployed in spear-phishing campaigns targeting NGOs and universities in Taiwan…
1. A remote unauthenticated RCE to root chain vulnerability has been identified in CUPS (https://www.reddit.com/r/netsec/comments/1sflk3t/spooler_alert_remote_unauthd_rcetoroot_chain_in/). 2. A path traversal vulnerability in an MCP server allows AI agents to access sensitive SSH keys (https://www.reddit.com/r/netsec/comments/1sfhmaa/we_found_a_path_traversal_in_an_mcp_server_with/). 3. A self propagating credential worm has compromised npm packages under the fairwords scope to steal tokens and infect PyPI packages (https://www.reddit.com/r/Malware/comments/1sfjg9f/fairwords_npm_packages_compromised_by_a/). 4. Authorities have disrupted a campaign involving router DNS hijacks…
1. Fortinet released an emergency patch for a critical vulnerability in FortiClient EMS that is currently being exploited in the wild (BleepingComputer). 2. German authorities identified a 31 year old Russian national as the leader of the REvil and GandCrab ransomware gangs responsible for over 130 attacks (The Hacker News). 3. A six month social engineering campaign by DPRK threat actors resulted in the theft…
1. ShinyHunters compromised Cisco source code and AWS keys by exploiting a supply chain vulnerability in Trivy. The breach resulted in the unauthorized cloning of over 300 repositories (https://www.reddit.com/r/netsec/comments/1sa8nld/cisco_source_code_stolen_by_shinyhunters_via/). 2. Google released a patch for a high severity Chrome zero day vulnerability identified as CVE 2026 5281 which is currently under active exploitation (https://thehackernews.com/2026/04/new-chrome-zero-day-cve-2026-5281-under.html). 3. Apple expanded the availability of iOS 18.7.7 and iPadOS 18.7.7…
1. Region: Middle East. The United Arab Emirates is preparing to join U.S.-led efforts to reopen the Strait of Hormuz by military force, marking a significant shift in regional combat involvement. Source: The Wall Street Journal. 2. Region: Middle East. President Donald Trump announced he will address the nation at 9:00 p.m. ET on Wednesday to provide an update on the ongoing war with Iran.…
1. The Axios npm package was compromised via a stolen maintainer account to distribute a malicious dependency and a cross platform remote access trojan. (thehackernews.com) 2. CISA issued an emergency directive for federal agencies to patch an actively exploited vulnerability in Citrix NetScaler appliances. (bleepingcomputer.com) 3. Iranian state affiliated hackers breached the personal email account of the FBI director and leaked personal documents and photos…