⚠️ LiveThreat Vulnerability Brief — Apr 19, 2026
📊 3 vulnerabilities & exploits tracked impacting the supply chain
━━━━━━━━━━━━━━━━━━━━━━
⚠️ Critical Remote Code Execution in ShowDoc (CVE‑2025‑0520) Enables Global Server Takeover
A five‑year‑old RCE flaw in ShowDoc (CVE‑2025‑0520) is being actively exploited to drop web shells and seize control of vulnerable servers worldwide. Third‑part…
🔗 https://www.livethreat.ai/intelligence/showdoc-vulnerability-patched-in-2020-now-used-in-active-server-takeovers-16259
💥 Zero‑Day Exploits Target Microsoft Defender; Two Critical Flaws Remain Unpatched
Researchers have confirmed active exploitation of three Microsoft Defender zero‑days—BlueHammer, RedSun, and UnDefend. Only BlueHammer (CVE‑2026‑33825) is patch…
🔗 https://www.livethreat.ai/intelligence/microsoft-defender-under-attack-as-three-zero-days-two-of-them-still-unpatched-enable-elevated-access-16220
💥 Mirai Variant Nexcorium Exploits CVE‑2024‑3721 to Hijack TBK DVRs, Fueling Large‑Scale DDoS Botnet
Threat actors are weaponizing a command‑injection flaw (CVE‑2024‑3721) in TBK DVRs to build a Mirai‑based botnet capable of launching massive DDoS attacks. The …
🔗 https://www.livethreat.ai/intelligence/mirai-variant-nexcorium-exploits-cve-2024-3721-to-hijack-tbk-dvrs-for-ddos-botnet-16148
━━━━━━━━━━━━━━━━━━━━━━
🛡️ How many of your vendors are running these affected systems?
📖 View all → https://www.livethreat.ai/vulnerabilities
🔔 Follow LiveThreat for daily TPRM intelligence
#Cybersecurity #ThreatIntel #TPRM #InfoSec #VendorRisk #BreachWatch #DoNotBeLarry #VerisqAI #LiveThreat