(289) Critical Critical flaw in Protobuf library enables JavaScript code execution
Critical U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog
Critical Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
Critical AVEVA Pipeline Simulation
Critical Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808)
Critical Sweden reports cyberattack attempt on heating plant amid rising energy threats
Critical Cisco says critical Webex Services flaw requires customer action
Critical Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
Critical Critical Nginx UI auth bypass flaw now actively exploited in the wild
Critical Microsoft Issues Massive Windows Patch for 160+ Bugs, Including Two Zero-Days
Critical CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access
Critical April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
Critical Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
Critical Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day
Critical OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers
Critical Sitehop’s SAFEcore Edge enables ultra-low-latency, hardware-enforced post-quantum encryption
Critical Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months
Critical Patch Tuesday, April 2026 Edition
Critical Microsoft and Adobe Patch Tuesday, April 2026 Security Update Review
Critical Why Data Trust Is Key to AI Success
Critical wolfSSL Vulnerability Hits IoT, Routers and Military Systems, Update to 5.9.1 Now
Critical Privilege Elevation Dominates Massive Microsoft Patch Update
Critical Critical Patches Issued for Microsoft Products, April 14, 2026
Critical Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
Critical Attackers target unpatched ShowDoc servers via CVE-2025-0520
Critical ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
Critical March 2026 CVE Landscape: 31 High-Impact Vulnerabilities Identified, Interlock Ransomware Group Exploits Cisco FMC Zero-Day
Critical Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
Critical Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)
High SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
High Singer loses life savings to fake wallet downloaded from the Apple App Store
High Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
High PowMix botnet targets Czech workforce
High Data breach at edtech giant McGraw Hill affects 13.5 million accounts
High Windows is getting stronger RDP file protections to fight phishing attacks
High From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere
High Your Supply Chain Breach Is Someone Else's Payday
High Educational company McGraw Hill says Salesforce misconfiguration led to data leak
High AI Tools Will Accelerate International Fraud at Scale
High PHP Composer flaws enable remote command execution via Perforce VCS
High Microsoft, Salesforce Patch AI Agent Data Leak Flaws
High Raspberry Pi OS 6.2 disables passwordless sudo by default
High Microsoft adds Windows protections for malicious Remote Desktop files
High New ‘JanaWare’ ransomware targeting Turkish citizens as cybercriminal ecosystem fragments
High Why Data Protection Vendor Commvault Is Eyeing Going Private
High Securing non-human identities: automated revocation, OAuth, and scoped permissions
High US, UK and Canada disrupt $45M crypto theft in Operation Atlantic
High Personal data of 1 million gym members compromised in Basic-Fit security incident
High Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution
High How Hackers Are Thinking About AI
High W3LL phishing service sold for $500 dismantled by the FBI
High Microsoft ends desktop detour for sensitivity labels in Office web apps
High New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
High 5 Ways Zero Trust Maximizes Identity Security
High McGraw-Hill confirms data breach following extortion threat
High Omnistealer uses the blockchain to steal everything it can
High ShinyHunters claim the hack of Rockstar Games breach and started leaking data
High Ransomware-Linked ViperTunnel Malware Hits UK and US Businesses
High Booking.com Confirms Data Breach as Hackers Access Customer Details
High 29 million leaked secrets in 2025: Why AI agents credentials are out of control
High Booking.com data breach: Customer reservation data exposed
High Citizen Lab: Webloc tracked 500M devices for global law enforcement
Medium New CGrabber and Direct-Sys Malware Spread Through GitHub ZIP Files
Medium New ZionSiphon Malware Discovered Targeting Israeli Water Systems
Medium Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
Medium NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
Medium Foxit, LibRaw vulnerabilities
Medium ZionSiphon malware designed to sabotage water treatment systems
Medium CISA Adds One Known Exploited Vulnerability to Catalog
Medium A Deep Dive Into Attempted Exploitation of CVE-2023-33538
Medium From clinics to government: UAC-0247 expands cyber campaign across Ukraine
Medium AI platform n8n abused for stealthy phishing and malware delivery
Medium OpenAI Launches GPT-5.4-Cyber to Boost Defensive Cybersecurity
Medium Ukrainian emergency services and hospitals hit by espionage campaign using new AgingFly malware
Medium Cryptohack Roundup: $45 Million Fraud Operation Disrupted
Medium ZDI-26-265: Fortinet FortiWeb cgi_buf_alloc Integer Overflow Denial-of-Service Vulnerability
Medium ZDI-26-284: DriveLock Directory Traversal Information Disclosure Vulnerability
Medium ZDI-26-287: DriveLock Directory Traversal Information Disclosure Vulnerability
Medium ZDI-26-288: DriveLock Directory Traversal Information Disclosure Vulnerability
Medium ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability
Medium WordPress plugin suite hacked to push malware to thousands of sites
Medium U.S. CISA adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog
Medium Fake Claude AI Installer Targets Windows Users with PlugX Malware
Medium CISA flags Windows Task Host vulnerability as exploited in attacks
Medium Mirax malware campaign hits 220K accounts, enables full remote control
Medium Active HanGhost Loader Campaign Targets Enterprise Payment and Logistics Workflows
Medium CISA Adds Two Known Exploited Vulnerabilities to Catalog
Medium Your Fraud Detection Model Is Already Too Late to the Party
Medium Mirax RAT Targets Android Devices Through Meta Apps
Medium DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend
Medium Oligo enables real-time exploit detection and blocking at application runtime
Medium AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
Medium 16-31 March 2025 Cyber Attacks Timeline
Medium Fake Claude AI installer abuses DLL sideloading to deploy PlugX
Medium U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
Medium CISA Adds Seven Known Exploited Vulnerabilities to Catalog
Medium CSA: CISOs Should Prepare for Post-Mythos Exploit Storm
Medium CPUID watering hole attack spreads STX RAT malware
Medium Rockstar Games receives “pay or leak” warning after cyberattack
Informational GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics
Informational Google wipes out 602 million scam ads with Gemini on duty
Informational Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
Informational “iCloud storage is full” scam is back, and now it wants your payment details
Informational 'Harmless' Global Adware Transforms Into an AV Killer
Informational North Korea Uses ClickFix to Target macOS Users' Data
Informational Panorama del cibercrimen en América Latina y el Caribe
Informational AI-powered website builders have come a long way - here's your best option in 2026
Informational A fake Slack download is giving attackers a hidden desktop on your machine
Informational More than pretty pictures: Wendy Bishop on visual storytelling in tech
Informational Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites
Informational Microsoft's Original Windows Secure Boot Certificate Is Expiring
Informational Two-Factor Authentication Breaks Free from the Desktop
Informational Tidal vs. Qobuz: I tried both hi-res streaming services, and they couldn't be more different
Informational OpenAI's Codex Desktop can run your computer now - and has its own browser
Informational Microsoft: April Windows Server 2025 update may fail to install
Informational US nationals behind DPRK IT worker 'laptop farm' sent to prison
Informational Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
Informational New ATHR vishing platform uses AI voice agents for automated attacks
Informational Google expands Gemini AI use to fight malicious ads on its platform
Informational Cargo thieving hackers running sophisticated remote access campaigns, researchers find
Informational New Jersey men given lengthy sentences for running North Korean laptop farms
Informational Obfuscation vs the Optimizer: An LLVM Middle-End Arms Race
Informational We're All Building a Single Digital Assistant
Informational Iran War: Future Scenario and Business Implications
Informational The same Microsoft Surface I bought 4 months ago is 69% more expensive now - here's why
Informational NIST to limit work on CVE entries as submissions surge
Informational Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft
Informational 108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users
Informational Half of all US employees use AI at work now - and waste almost 8 hours a week doing it
Informational Microsoft's latest Windows update now confirms if your PC is Secure Boot-protected - how it works
Informational Why Netgear just got the first FCC router ban exemption in the US
Informational Microsoft fixes bug behind Windows Server 2025 automatic upgrades
Informational Microsoft: April updates trigger BitLocker key prompts on some servers
Informational Rolling Networks: Securing the Transportation Sector
Informational Signed software abused to deploy antivirus-killing scripts
Informational Sweden says pro-Russian hackers attempted to breach thermal power plant
Informational 13.5M Device Botnet Drives 2 Tbps DDoS Attacks on FinTech, Qrator Finds
Informational ShinyHunters Leak Rockstar Games Data, No Player Records Impacted
Informational Retaining defensive advantage in the age of frontier AI cyber capabilities
Informational ISC Stormcast For Wednesday, April 15th, 2026 https://isc.sans.edu/podcastdetail/9892, (Wed, Apr 15th)
Informational Microsoft Bets $10 Billion to Boost Japan's AI, Cybersecurity
Informational What changed in nginx 1.30.0 and what it means for your upstream config
Informational OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
Informational A New Way to Buy Recorded Future: Solutions and Packages Built for the 2026 Threat Landscape
Informational You can try Linux 7.0 now on these distros - here's what's new
Informational Is your Pixel battery draining faster lately? These 4 temporary fixes helped me
Informational Tired of Gemini interrupting you? This Google Home update fixes that and more
Informational I love Sony's new Bluetooth turntable, so why do I feel so conflicted using it
Informational A data removal service helped me reclaim my privacy - see if you need one, too
Informational This simple email trick saves me from annoying marketing spam (and it's free to do)
Informational Over 100 Chrome Web Store extensions steal user accounts, data
Informational Crypto-exchange Kraken extorted by hackers after insider breach
Informational Big tech fails to opt-out users requesting not to be tracked much of the time, new research says
Informational Study: Off-the-Shelf LLMs Not Ready for Clinical Prime Time
Informational CISA Workers Recalled Despite Shutdown
Informational OpenAI Touts Wider Access to Its New Cyber Model
Informational Managed OAuth for Access: make internal apps agent-ready in one click
Informational Scaling MCP adoption: Our reference architecture for simpler, safer and cheaper enterprise deployments of MCP
Informational State-sponsored threats: Different objectives, similar access paths
Informational Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities
Informational Kraken Exchange Faces Extortion After Insider Recorded System Footage
Informational Security Risk Advisors Purple Team Participants Can Now Earn CPE Credits
Informational How Digital Annotations Are Replacing Paper Markups in Business
Informational Microsoft Patch Tuesday April 2026., (Tue, Apr 14th)
Informational Scanning for AI Models, (Tue, Apr 14th)
Informational Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads
Informational War Game Exercise Demonstrates How Social Media Manipulation Works
Informational EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses
Informational Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Informational Upcoming Speaking Engagements
Informational Basic-Fit hack compromises data of up to 1 million members
Informational Claroty advances CPS security with Visibility Orchestration in xDome
Informational Testing reveals Claude Mythos’s offensive capabilities and limits
Informational OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support
Informational Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
Informational Google $135M Settlement: Millions of Android Users May Qualify for Payout
Informational Iran War: Future Scenario and Business Improvements
Informational After using these JBL headphones, I'm wondering if we're all too distracted by Sony and Bose
Informational I added a MagSafe charger to my nightstand and realized its untapped potential: 3 ways it's useful
Informational I'm ready for a foldable iPhone, but only if Apple does this right
Informational Why the Apple Watch's 20-minute calibration test is worth your time - especially if you're data curious
Informational How to use Google Messages' new Trash feature to recover texts you accidentally deleted
Informational How to share audio from your Android phone to multiple earbuds (and why it's genius)
Informational Chrome's new 'Skills' update lets you save AI prompts now - for one-click reuse
Informational I tested every 'allergy-friendly' smart home gadget - these 6 actually keep the pollen out
Informational Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
Informational Fake Ledger Live app on Apple’s App Store stole $9.5M in crypto
Informational Russia appears to block social media platform Bluesky amid wider internet restrictions
Informational Virginia enacts ban on precise geolocation data sales as momentum for similar prohibitions builds
Informational BSIM explained once and for all!
Informational Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready
Informational Google to penalize sites that hijack the back button
Informational Binary Defense expands NightBeacon with threat-aligned Detection Coverage Index
Informational Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
Informational OpenAI Rotates macOS Certificates Following Axios Supply Chain Breach
Informational APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
Informational The best Zoom alternatives in 2026: Expert tested and reviewed
Informational As an Android user, this MagSafe wallet is the clearest reason why Qi2 magnets shouldn't be ignored
Informational I bought an earwax camera for my toolkit and use it for everything but my ears
Informational OpenAI rotates macOS certs after Axios attack hit code-signing workflow
Informational Interactive Brokers Phishing Scam: Fake IRS W-8BEN Renewal Alert
Informational Preparing for Post-Quantum Cryptography: The Secure Firewall Roadmap
Informational Iran-linked group Handala claims to have breached three major UAE organizations
Informational Alleged German DDoS-for-Hire Kingpin Behind Fluxstress Caught in Thailand
Informational Hack at Dutch gym chain Basic-Fit exposes customer data in several EU countries
