(325) Critical Critical bug in CrowdStrike LogScale let attackers access files
Critical Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)
Critical The Top 8 Enterprise VPN Solutions
Critical Critical minerals and cyber operations
Critical Can AI Attack the Cloud? Lessons From Building an Autonomous Cloud Offensive Multi-Agent System
Critical Hackers exploit file upload bug in Breeze Cache WordPress plugin
Critical SpiceJet Online Booking System
Critical Intrado 911 Emergency Gateway (EGW)
Critical Yadea T5 Electric Bicycle
Critical Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera
Critical Carlson Software VASCO-B GNSS Receiver
Critical CISA orders feds to patch BlueHammer flaw exploited as zero-day
Critical Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed
Critical Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters
Critical Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw
Critical Don’t Wait for a Patch. Mitigate RedSun Zero-Day Risk in Microsoft Defender Today
Critical Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876)
Critical Microsoft releases emergency patches for critical ASP.NET flaw
Critical CISA flags new SD-WAN flaw as actively exploited in attacks
Critical Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk
Critical CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133)
Critical Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC)
Critical Siemens Industrial Edge Management
Critical Siemens SINEC NMS
Critical Zero Motorcycles Firmware
Critical Siemens SINEC NMS
Critical Hardy Barth Salia EV Charge Controller
Critical Siemens Analytics Toolkit
Critical SenseLive X3050
Critical Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary
Critical Silex Technology SD-330AC and AMC Manager
Critical 52M-Download protobuf.js Library Hit by RCE in Schema Handling
Critical Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
High Trigona ransomware adopts custom tool to steal data and evade detection
High Microsoft to roll out Entra passkeys on Windows in late April
High Windows Update gets new controls to reduce forced restarts
High Government adoption of AI agents could outpace the private sector
High White House Warns of AI Model 'Extraction' Campaigns
High Hacker with a special interest in breaching sports institutions ends behind bars
High AI is speeding up nation-state cyber programs
High Luxury cosmetics giant Rituals discloses data breach impacting member personal details
High Cosmetics giant Rituals discloses data breach affecting customers
High Trigona ransomware attacks use custom exfiltration tool to steal data
High Cloudsmith Raises $72M for Software Supply-Chain Security
High Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
High House Republicans unveil data privacy law that would override state protections
High Trigona Affiliates Deploy Custom Exfiltration Tool to Streamline Data Theft
High RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
High Hackers Use Hidden Website Instructions in New Attacks on AI Assistants
High Malicious trading website drops malware that hands your browser to attackers
High 'The Gentlemen' Rapidly Rises to Ransomware Prominence
High French police arrest suspected hacker behind dozens of data breaches
High Ransomware negotiator caught secretly assisting BlackCat extortion scheme
High French govt agency confirms breach as hacker offers to sell data
High The Ungoverned Workforce: Cybersecurity Insiders Finds 92% Lack Visibility Into AI Identities
High A single platform powers SIM farm proxy networks across 17 countries
High OpenAI’s Chronicle feature lets Codex read your screen, raising privacy concerns
High Ransomware negotiator admits role in attacks he was hired to resolve
High ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
High Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility
High Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand
High I tried to wipe my digital footprint without paying for a data removal service - 5 free ways
High Meta and PortSwigger drive offensive security further to find what others miss
High Vercel breached via compromised third-party AI tool
High ⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More
High Vercel Traces Customer Data Theft to Agentic AI Tool Breach
High Third-party AI hack triggers Vercel breach, internal environments accessed
Medium GopherWhisper: new China-linked APT targets Mongolia with Go-based malware
Medium SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 94
Medium U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog
Medium Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Medium Threat actor uses Microsoft Teams to deploy new “Snow” malware
Medium CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network
Medium CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
Medium 12-year-old Pack2TheRoot bug lets Linux users gain root privileges
Medium TeamPCP Hijacks Bitwarden CLI, Uses Dependabot to Deploy Shai-Hulud Malware
Medium The npm Threat Landscape: Attack Surface and Mitigations
Medium New Cisco firewall malware can only be killed by pulling the plug
Medium Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks
Medium New ‘Pack2TheRoot’ flaw gives hackers root Linux access
Medium Firestarter malware survives Cisco firewall updates, security patches
Medium PhantomRPC: A new privilege escalation technique in Windows RPC
Medium Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
Medium ZDI-26-296: Delta Electronics ASDA-Soft PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Medium ZDI-26-297: Siemens SINEC NMS Improper Authentication Privilege Escalation Vulnerability
Medium ZDI-26-298: Siemens SINEC NMS Authentication Bypass Vulnerability
Medium ZDI-26-299: Docker Desktop Enhanced Container Isolation Exposed Dangerous Function Local Privilege Escalation Vulnerability
Medium With AI’s help, North Korean hackers stumbled into a near-undetectable attack
Medium UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
Medium Surveillance companies exploiting telecom system to spy on targets’ locations, research shows
Medium CISA: US agency breached through Cisco vulnerability, FIRESTARTER backdoor allowed access through March
Medium iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix
Medium Harvester APT Expands Spying Operations with New GoGra Linux Malware
Medium UAT-4356's Targeting of Cisco Firepower Devices
Medium Bad Memories Still Haunt AI Agents
Medium Apple just fixed an iOS flaw exploited by the FBI - here's what happened
Medium Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages
Medium ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
Medium Milesight Cameras
Medium FIRESTARTER Backdoor
Medium CISA Adds One Known Exploited Vulnerability to Catalog
Medium Microsoft Graph API misused by new GoGra Linux malware for hidden communication
Medium U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog
Medium Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd)
Medium Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950)
Medium Hackers deployed wiper malware in destructive attacks on Venezuela’s energy sector
Medium North Korean hackers siphon more than $12 million from crypto users in sprawling campaign
Medium Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers
Medium Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
Medium ZDI-26-294: (0Day) Microsoft Windows library-ms NTLM Response Information Disclosure Vulnerability
Medium ZDI-26-295: (0Day) PublicCMS getXml Server-Side Request Forgery Information Disclosure Vulnerability
Medium Phishing reclaims the top initial access spot, attackers experiment with AI tools
Medium New GoGra malware for Linux uses Microsoft Graph API for comms
Medium CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
Medium Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution
Medium NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs
Medium 22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters
Medium Siemens TPM 2.0
Medium U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog
Medium 2026’s Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable
Medium Handling the CVE Flood With EPSS, (Mon, Apr 20th)
Medium Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
Medium A Token Flaw Turned Azure's AI Agent Into a Spy
Medium AI Model Claude Opus turns bugs into exploits for just $2,283
Informational How to audit what ChatGPT knows about you - and reclaim your data privacy
Informational Framework Laptop 13 Pro vs. MacBook Neo: These Windows rivals are more similar than expected
Informational Own a Hisense TV? I'd change these expert settings to noticeably improve the picture quality
Informational American utility firm Itron discloses breach of internal IT network
Informational Checkmarx supply chain attack impacts Bitwarden npm distribution path
Informational Zorin OS vs. Solus: I tested two great Linux distros for beginners to find out which is best
Informational The Apple Music student discount saves you $5/month and gives you free Apple TV - here's how
Informational I drove a bulldozer over this SSD enclosure so you don't have to - here's the result
Informational Microsoft rolls out revamped Windows Insider Program
Informational Fake CAPTCHA Scam Abuses Verification Clicks to Send Costly International Texts
Informational US Busts Myanmar Ring Targeting US Citizens in Financial Fraud
Informational ADT says customer data stolen in cyber intrusion
Informational OpenAI’s GPT-5.5 is out with expanded cybersecurity safeguards
Informational Compromised everyday devices power Chinese cyber espionage operations
Informational New BlackFile extortion group linked to surge of vishing attacks
Informational White House Says China-Linked Actors Tried to ‘Steal American AI’
Informational What Is Cloud Security? A 2026 Guide
Informational Health Records of 500,000 UK Biobank Volunteers Listed Online in China
Informational Glasswing Secured the Code. The Rest of Your Stack Is Still on You
Informational The best website builder for SEO in 2026: Expert tested and reviewed
Informational The best inventory management software of 2026: Expert tested and reviewed
Informational The Microsoft Surface Pro is nearly 40% off at Best Buy - and we highly recommend it
Informational The 4 streaming services I swear by - and my bill is just $40 a month
Informational How I used Claude AI to plan an entire hiking trip to the Adirondacks in 30 minutes - for free
Informational I'm automating these 5 unexpected home devices - and life has been so much easier
Informational FCC's router ban expands to portable hotspots - 4 things this means for you
Informational 26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
Informational Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
Informational Norway's prime minister proposes ban on social media access for young teens
Informational Pentagon grapples with securing AI as it moves toward autonomous warfare
Informational China-linked threat actors use consumer device botnets to evade detection, warn UK and partners
Informational Checkmarx supply chain attack impacts Bitwarden npm distribution path
Informational French Police Arrest HexDex Hacker Over Mass Data Theft and Leaks
Informational 1-15 April 2026 Cyber Attacks Timeline
Informational Microsoft now lets admins uninstall Copilot on enterprise devices
Informational Coding is a Meta-Task
Informational China-Backed Hackers Are Industrializing Botnets
Informational Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets
Informational This high-tech eye massager makes a great Mother's Day gift - and it's on sale
Informational How indirect prompt injection attacks on AI work - and 6 ways to shut them down
Informational I tried this free Windows cleanup tool to see if it'd speed up my PC - and it worked
Informational Where AI in CI/CD is working for engineering teams
Informational IT spending to hit $6.31 trillion record, thanks to AI
Informational A study of 1,000 Android apps finds a privacy policy logging gap
Informational US sanctions Cambodian senator for millions earned through scam compounds
Informational Today, trust is the superpower that makes innovation possible
Informational fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet
Informational Frontier AI and the Future of Defense: Your Top Questions Answered
Informational FBI Extracts Deleted Signal Messages from iPhone Notification Database
Informational UK warns of Chinese hackers using proxy networks to evade detection
Informational Microsoft: Some Teams users can’t join meetings after Edge update
Informational Regular Password Resets Aren’t as Safe as You Think
Informational New Checkmarx supply-chain breach affects KICS analysis tool
Informational Bitwarden CLI npm package compromised to steal developer credentials
Informational Roblox clamps down on chats and age checks as legal pressure builds
Informational It pays to be a forever student
Informational Google’s Pixel Update Sparks ‘Severe’ Battery Drain Across Multiple Models
Informational Apple Fixes iPhone Bug After FBI Retrieved Signal Messages
Informational International cyber agencies share fresh advice to defend against China-linked covert networks
Informational Defending against China-nexus covert networks of compromised devices
Informational Executive Summary: Defending against China-nexus covert networks of compromised devices
Informational Electricity Is a Growing Area of Cyber Risk
Informational Africa Relinquishes Cyberattack Lead to Latin America — For Now
Informational 'Zealot' Shows What AI's Capable of in Staged Cloud Attack
Informational Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
Informational The best smart TV VPNs of 2026: Expert tested and reviewed
Informational Sonos Era 300 vs. Denon Home 400: Why I'm pulling the plug on the more popular speaker
Informational 98% of IT leaders want digital sovereignty: Now SUSE is operationalizing it for companies everywhere
Informational I paired headphones to my streaming stick for the first time - and fixed a big TV annoyance
Informational Built for a hostile internet: Canonical VP of Engineering on Ubuntu 26.04 LTS
Informational My favorite MagSafe car charger easily handles bumpy roads (and it's on sale)
Informational Why I recommend this $450 Samsung phone over competing models by Google and OnePlus
Informational Want free e-books? Stuff Your Kindle Day has 150+ titles discounted - today only
Informational Watch out, Whoop: I'd switch to Google's new Fitbit tracker if these features are true
Informational China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
Informational Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Informational Medical data of 500,000 Britons put up for sale on Chinese website
Informational Trump’s pick for CISA director withdraws from consideration
Informational China-linked hackers targeted Mongolian government using Slack, Discord for covert communications
Informational Defending Against China-Nexus Covert Networks of Compromised Devices
Informational ISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904, (Thu, Apr 23rd)
Informational Evolution of Chinese-Language Guarantee Telegram Marketplaces
Informational [local] AVAST Antivirus 25.11 - Unquoted Service Path
Informational [webapps] WordPress Plugin 5.2.0 - Broken Access Control
Informational [local] Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation
Informational NCSC: Leave passwords in the past - passkeys are the future
Informational Harvester: APT Group Expands Toolset With New GoGra Linux Backdoor
Informational Microsoft: Most Windows 11 Users Don’t Need Third-Party Antivirus
Informational Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens
Informational China’s cyber capabilities now equal to the US, warns Dutch intelligence
Informational Venezuela energy sector targeted by highly destructive Lotus wiper
Informational Thunderbird 150 arrives with encrypted message search and OpenPGP improvements
Informational Apple Intelligence flaw kept stolen tokens reusable on another device
Informational [Podcast] It's not you, it's your printer: State-sponsored and phishing threats in 2025
Informational North Korea’s Lazarus APT stole $290M from Kelp DAO
Informational UK regulator to probe Telegram, teen chat sites for potential child safety violations
Informational Grinex crypto exchange shuts down, blames Western agencies for $13.7M breach
Informational Threat Intel Scraping Without Burning Your Cover or Your Stack
Informational Moonshot AI's new Kimi K2.6 swarms your complex tasks with 1,000 collaborating agents
Informational Samsung is ending Messages in July: 5 replacements I'd switch to now
Informational 5 Apple products explain my optimism for John Ternus as the next CEO
Informational Scaling agentic AI demands a strong data foundation - 4 steps to take first
Informational Silobreaker Mimir adds agentic AI to intelligence workflows with governance and transparency
Informational Scattered Spider hacker pleads guilty to stealing $8 million in cryptocurrency
Informational 5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time
Informational Siemens SCALANCE
Informational Chrome Privacy Concerns Rise as Expert Warns of Fingerprinting Risks
Informational British Hacker Tyler Buchanan Pleads Guilty to $8M Hacking Scheme in US
Informational How to Remove Objects from Video: AI Tools & Pro Tips (2026)
Informational Fake TikTok Downloaders on Chrome and Edge Spying on 130,000 Users
Informational WhatsApp Leaks User Metadata to Attackers
Informational The best website builders for small businesses in 2026: Expert tested and reviewed
Informational I tested DJI's tiny 4K action camera for weeks - and now I'm ditching my GoPro for it
Informational T-Mobile is practically giving away the Apple Watch Series 11 - here's how to get one
Informational Apple's foldable iPhone hinges on one key feature for me - and it's not the hardware
Informational There's a right way to wear your Apple Watch - and it affects your data
Informational The new Roku City screensaver game has me hooked - and it's free to play
Informational Google Pixel phones have a useful voicemail feature that's hidden by default - how to enable it
Informational FakeWallet crypto stealer spreading through iOS apps in the App Store
Informational EU pushes for stronger cloud sovereignty, awards €180 million to four providers
Informational AI platform ATHR makes voice phishing a one-person job
Informational Why Most AI Deployments Stall After the Demo
Informational Making opportunistic cyberattacks harder by design
