Uphill Security

Updates every 30 minutes - Generated via RSS feed on: 2026-04-20 00:00:05 UTC Feedback and suggestions for other sources are welcome.

2026-04-19 #

• 17:32 UTC - [BleepingComputer] Vercel confirms breach as hackers claim to be selling stolen data
• 16:30 UTC - [0day Fans] CFITSIO Fuzzing: Memory Corruptions and a Codex-Assisted Pipeline
• 16:03 UTC - [BleepingComputer] Apple account change alerts abused to send phishing emails
• 14:27 UTC - [DataBreaches.Net] Qilin’s 2024 attack on NHS vendor continues to impact patient care for one NHS Trust
• 14:17 UTC - [BleepingComputer] NIST to stop rating non-priority flaws due to volume increase
• 06:48 UTC - [Cyber Security News] Microsoft Teams Right-Click Paste Broken Following Edge Browser Update
• 06:35 UTC - [Cyber Security News] OpenAI Expands Cyber Defense Program With GPT-5.4-Cyber Access for Trusted Organizations

2026-04-18 #

• 16:25 UTC - [Latest from TechRadar in Security] 'Update immediately': 60,000 WordPress websites at risk after experts discover flaw that allows hackers to create hidden admin accounts
• 15:09 UTC - [BleepingComputer] Critical flaw in Protobuf library enables JavaScript code execution
• 14:11 UTC - [BleepingComputer] Microsoft Teams right-click paste broken by Edge update bug
• 13:45 UTC - [BleepingComputer] NAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 Support
• 13:40 UTC - [DataBreaches.Net] Ukrainian emergency services and hospitals hit by espionage campaign using new AgingFly malware
• 13:38 UTC - [DataBreaches.Net] Tax documents for school employees potentially stolen across Los Angeles County
• 13:38 UTC - [DataBreaches.Net] Judge lets state auditor’s investigation into data breach affecting Blue Cross Blue Shield members move forward
• 12:55 UTC - [Microsoft Security Blog] Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook
• 12:50 UTC - [Cyber Security News] Apple Works on Fix for iPhone Passcode Bug Linked to Missing Czech Keyboard Character
• 12:16 UTC - [Cyber Security News] Researcher Uses Claude Opus to Build a Working Chrome Exploit Chain
• 10:30 UTC - [SecurityWeek] Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks
• 09:02 UTC - [Cyber Security News] Fiverr Allegedly Leaks User Information to Google Indexing, Researchers Say
• 08:42 UTC - [Cyber Security News] Nexcorium-Associated Mirai Variant Uses TBK DVR Exploit to Scale Botnet Operations
• 08:07 UTC - [The Hacker News] [Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data
• 07:59 UTC - [The Hacker News] $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
• 06:01 UTC - [The Hacker News] Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
• 04:18 UTC - [0day Fans] 1/1/01, 12:00 AM
• 02:43 UTC - [Cyber Security News] Nearly 6 Million Internet-Facing FTP Servers Still Exposed in 2026, Censys Warns
• 02:38 UTC - [Cyber Security News] PoC Exploit Released for FortiSandbox Vulnerability that Allows Attacker to Execute Commands
• 01:17 UTC - [0day Fans] 1/1/01, 12:00 AM

2026-04-17 #

• 23:08 UTC - [DataBreaches.Net] Tyler Robert Buchanan pleads guilty to one count of conspiracy to commit wire fraud and one count of aggravated identity theft.
• 23:01 UTC - [0day Fans] Breaking Opus 4.7 with ChatGPT (Hacking Claude's Memory)
• 22:35 UTC - [Unit 42] Threat Brief: Escalation of Cyber Risk Related to Iran (Updated April 17)
• 21:05 UTC - [Schneier on Security] Friday Squid Blogging: New Giant Squid Video
• 20:35 UTC - [Rapid7 Cybersecurity Blog] Metasploit Wrap-Up 04/17/2026
• 19:51 UTC - [darkreading] How NIST's Cutback of CVE Handling Impacts Cyber Teams
• 19:10 UTC - [BleepingComputer] Payouts King ransomware uses QEMU VMs to bypass endpoint security
• 19:05 UTC - [darkreading] Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing
• 19:00 UTC - [SecurityWeek] White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology
• 17:56 UTC - [DataBreaches.Net] Anthropic’s Dario Amodei heads to White House amid hacking fears over Mythos
• 17:53 UTC - [Cyber Security News] Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts
• 17:31 UTC - [CyberScoop] The surveillance law Congress can’t quit — and can’t explain
• 17:05 UTC - [Latest from TechRadar in Security] 'They mopped the floor with me and pulled every childish game they could': Disgruntled researcher releases second major Windows zero-day — claims Microsoft 'would ruin my life, and they did'
• 16:04 UTC - [Cyber Security News] Email-Borne Worm Surge Drives New Threat Wave Across Industrial Control Systems
• 15:35 UTC - [Latest from TechRadar in Security] 'As threats evolve, Gemini keeps our defenses one step ahead': Google claims its AI helped it block over 8.3 billion malicious ads in 2025
• 15:17 UTC - [Cyber Security News] Fake Zoom SDK Update Delivers Sapphire Sleet Malware in New macOS Intrusion Chain
• 15:16 UTC - [Cybersecurity Dive - Latest News] TP-Link routers face exploitation attempt linked to high-severity flaw
• 15:08 UTC - [BleepingComputer] Grinex exchange blames "Western intelligence" for $13.7M crypto hack
• 15:00 UTC - [SecurityWeek] CoChat Launches AI Collaboration Platform to Combat Shadow AI
• 14:51 UTC - [Microsoft Security Blog] Containing a domain compromise: How predictive shielding shut down lateral movement
• 14:47 UTC - [darkreading] Every Old Vulnerability Is Now an AI Vulnerability
• 14:20 UTC - [Latest from TechRadar in Security] Cisco tells Webex users to patch critical security flaws immediately, as experts find its Wi-Fi boxes may be filling their disks with undeletable data every day
• 14:14 UTC - [Cyber Security News] Attackers Weaponize CVE-2026-39987 to Spread Blockchain-Based Backdoor Via Hugging Face
• 14:09 UTC - [Cybersecurity Dive - Latest News] US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms
• 14:07 UTC - [Cyber Security News] Fake Ledger Hardware Wallets on Chinese Marketplaces Steal Crypto Seeds and PINs
• 14:01 UTC - [BleepingComputer] Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
• 13:28 UTC - [Cyber Security News] Anthropic Releases Claude Opus 4.7 with Automated Real-Time Cybersecurity Safeguards
• 13:26 UTC - [Cyber Security News] Hackers Use ATHR to Run AI-Powered Vishing, Credential Theft, and Phone-Based Phishing at Scale
• 13:21 UTC - [The Hacker News] Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
• 13:14 UTC - [bellingcat] Painkiller Pipeline: 300 Million Tapentadol Pills Sent from India to West Africa
• 13:10 UTC - [Latest from TechRadar in Security] Microsoft experts warn North Korean attackers target macOS users with 'a highly reliable infection chain' to steal passwords, financial data and more — here's how to stay safe
• 13:05 UTC - [DataBreaches.Net] AI ghost narratives create a minefield for entities and journalists
• 13:00 UTC - [darkreading] Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs
• 13:00 UTC - [All Fortinet Blog | Latest Posts] Tracking Mirai Variant Nexcorium: A Vulnerability-Driven IoT Botnet Campaign
• 12:39 UTC - [DataBreaches.Net] Brussels launched an age checking app. It took 2 minutes to hack it.
• 12:39 UTC - [DataBreaches.Net] Connecticut AG Puts Businesses on Notice: Old Laws Still Apply to AI
• 12:39 UTC - [DataBreaches.Net] Are Former Black Basta Affiliates Automating Executive Targeting?
• 12:39 UTC - [DataBreaches.Net] State to audit Ohio school districts’ cybersecurity plans
• 12:38 UTC - [DataBreaches.Net] Oklahoma State Tax Commission Fails To Notice Data Breach for 18 Months
• 12:38 UTC - [DataBreaches.Net] Northern Ireland school IT systems ‘largely restored’ after cyber attack
• 12:38 UTC - [DataBreaches.Net] Teen arrested in Northern Ireland over cyberattack on school network
• 12:38 UTC - [DataBreaches.Net] U.S. authorities conduct cyber operations as part of global crackdown on DDoS-for-hire services
• 12:20 UTC - [BleepingComputer] Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery
• 12:00 UTC - [SecurityWeek] In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested
• 11:36 UTC - [Graham Cluley] Singer loses life savings to fake wallet downloaded from the Apple App Store
• 11:02 UTC - [Schneier on Security] Mythos and Cybersecurity
• 10:47 UTC - [The Hacker News] Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
• 10:45 UTC - [SecurityWeek] Another DraftKings Hacker Sentenced to Prison
• 10:44 UTC - [Cyber Security News] Payouts King Rises as New Ransomware Threat Linked to Former BlackBasta Affiliates
• 10:36 UTC - [Cyber Security News] CISA Warns of Apache ActiveMQ Input Validation Vulnerability Exploited in Attacks
• 10:31 UTC - [Latest from TechRadar in Security] Solving the shadow IT crisis in travel
• 10:26 UTC - [Latest from TechRadar in Security] Agentic swarms will change how everyone uses AI – but how can organizations deploy them securely?
• 10:24 UTC - [Cyber Security News] Leaked Windows Defender 0-Day Vulnerability Actively Exploited in Attacks
• 10:15 UTC - [SecurityWeek] Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed
• 09:50 UTC - [SecurityWeek] Recent Apache ActiveMQ Vulnerability Exploited in the Wild
• 09:30 UTC - [BleepingComputer] CISA flags Apache ActiveMQ flaw as actively exploited in attacks
• 09:21 UTC - [SecurityWeek] Two North Korean IT Worker Scheme Facilitators Jailed in the US
• 09:17 UTC - [Latest from TechRadar in Security] Europol launches Operation PowerOFF — warns 75,000 DDoS users and takes down 53 domains
• 08:51 UTC - [Cyber Security News] Microsoft Confirms Windows Servers Enter Reboot Loops Following April Patches
• 08:41 UTC - [Cyber Security News] Windows Snipping Tool Vulnerability Allows Attacker to Perform Spoofing Over a Network
• 08:30 UTC - [Cyber Security News] One-Click RCE in Azure Windows Admin Center Allow Attacker to Execute Arbitrary Commands
• 08:30 UTC - [SecurityWeek] ZionSiphon Malware Targets ICS in Water Facilities
• 07:59 UTC - [BleepingComputer] Microsoft: Some Windows servers enter reboot loops after April patches
• 07:41 UTC - [Cyber Security News] Hackers Target Israeli Desalination Plants With ZionSiphon Sabotage Malware
• 07:29 UTC - [SecurityWeek] Cursor AI Vulnerability Exposed Developer Devices
• 07:14 UTC - [The Hacker News] NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
• 07:10 UTC - [BleepingComputer] Man gets 30 months for selling thousands of hacked DraftKings accounts
• 06:40 UTC - [SecurityWeek] 53 DDoS Domains Taken Down by Law Enforcement
• 06:14 UTC - [BleepingComputer] Recently leaked Windows zero-days now exploited in attacks
• 05:46 UTC - [The Hacker News] Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
• 05:40 UTC - [Cyber Security News] Hackers Target Trucking and Freight Firms to Steal Real-World Cargo Shipments
• 05:23 UTC - [Cyber Security News] Microsoft Confirms Windows 11 Updates May Force Users to Enter BitLocker Recovery Key
• 05:23 UTC - [Cyber Security News] Microsoft Confirms Windows 11 Updates May Force BitLocker Recovery Key Entry
• 05:08 UTC - [Cyber Security News] Microsoft Defender 0-Day Vulnerability “RedSun” Enables Full SYSTEM Access
• 04:54 UTC - [Have I Been Pwned latest breaches] Amtrak - 2,147,679 breached accounts
• 03:22 UTC - [The Hacker News] Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
• 03:04 UTC - [Cyber Security News] EU’s New Age Verification App Can Be Hacked Within 2 Minutes, Researchers Claim

2026-04-16 #

• 23:38 UTC - [Proofpoint Threat Insight] Beyond the breach: inside a cargo theft actor’s post-compromise playbook
• 23:05 UTC - [CyberScoop] US nationals sentenced for aiding North Korea’s tech worker scheme
• 22:26 UTC - [BleepingComputer] Operation PowerOFF identifies 75k DDoS users, takes down 53 domains
• 22:04 UTC - [BleepingComputer] ZionSiphon malware designed to sabotage water treatment systems
• 22:00 UTC - [Unit 42] A Deep Dive Into Attempted Exploitation of CVE-2023-33538
• 21:47 UTC - [darkreading] NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities
• 20:19 UTC - [BleepingComputer] New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
• 19:44 UTC - [Rapid7 Cybersecurity Blog] CVE-2026-33032: Nginx UI Missing MCP Authentication
• 19:42 UTC - [darkreading] North Korea Uses ClickFix to Target macOS Users' Data
• 19:37 UTC - [DataBreaches.Net] Double trouble: Hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.
• 19:37 UTC - [DataBreaches.Net] Unpatched Microsoft Defender flaw lets hackers gain admin access
• 19:37 UTC - [DataBreaches.Net] Defendant Sentenced To Prison For Hacking Betting Website
• 19:10 UTC - [Latest from TechRadar in Security] China completes testing on ‘deep-sea electro-hydrostatic actuator’ capable of slicing undersea cables as deep as 3.5 kilometers – new compact subsea vessel testing bridges the ‘last mile’ and could deploy in 2026
• 19:07 UTC - [darkreading] 'Harmless' Global Adware Transforms Into an AV Killer
• 18:59 UTC - [0day Fans] Foxit, LibRaw vulnerabilities
• 17:52 UTC - [The Hacker News] Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
• 17:35 UTC - [Latest from TechRadar in Security] Many are still leaving the door open': Security experts warn FIFA World Cup partners could be putting customers at risk of email attacks
• 17:31 UTC - [Cyber Security News] SpankRAT Exploits Windows Explorer Processes for Stealth and Delayed Detection
• 17:26 UTC - [CyberScoop] Officials seize 53 DDoS-for-hire domains in ongoing crackdown
• 17:00 UTC - [SecurityWeek] Government Can’t Win the Cyber War Without the Private Sector
• 16:58 UTC - [BleepingComputer] Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face
• 16:00 UTC - [Microsoft Security Blog] Building your cryptographic inventory: A customer strategy for cryptographic posture management
• 15:45 UTC - [Cybersecurity Dive - Latest News] CIOs fret over rising security concerns amid AI adoption
• 15:37 UTC - [Graham Cluley] Sometimes changing the password on your email mailbox isn’t enough
• 15:35 UTC - [Latest from TechRadar in Security] 'Anyone with $10 could have walked straight through': Report warns this legit-looking software is actually antivirus-killing adware
• 15:28 UTC - [darkreading] Two-Factor Authentication Breaks Free from the Desktop
• 15:24 UTC - [BleepingComputer] Google expands Gemini AI use to fight malicious ads on its platform
• 15:21 UTC - [Cybersecurity Dive - Latest News] CISA cancels prestigious summer internships, citing government shutdown
• 15:16 UTC - [darkreading] Microsoft's Original Windows Secure Boot Certificate Is Expiring
• 15:00 UTC - [Microsoft Security Blog] Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise
• 14:35 UTC - [Latest from TechRadar in Security] An ancient Microsoft Excel security flaw could let hackers hijack your entire system, so patch now
• 14:27 UTC - [SecurityWeek] OpenAI Widens Access to Cybersecurity Model After Anthropic’s Mythos Reveal
• 14:09 UTC - [BleepingComputer] New ATHR vishing platform uses AI voice agents for automated attacks
• 14:09 UTC - [Cybersecurity Dive - Latest News] NIST limits vulnerability analysis as CVE backlog swells
• 14:02 UTC - [BleepingComputer] Most "AI SOCs" Are Just Faster Triage. That's Not Enough.
• 13:05 UTC - [The Hacker News] ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories
• 13:00 UTC - [Rapid7 Cybersecurity Blog] ClickFix Phishing Campaign Masquerading as a Claude Installer
• 12:54 UTC - [Cyber Security News] Microsoft 365 Web Services Hit by Google Chrome 147 Compatibility Issue
• 12:40 UTC - [SecurityWeek] Data Breach at Tennessee Hospital Affects 337,000
• 12:22 UTC - [SecurityWeek] Artemis Emerges From Stealth With $70 Million in Funding
• 12:05 UTC - [Latest from TechRadar in Security] 'This is not a traditional coding error': Experts flag potentially critical security issues at the heart of Anthropic's MCP, exposes 150 million downloads and thousands of servers to complete takeover
• 12:01 UTC - [BleepingComputer] Cisco says critical Webex Services flaw requires customer action
• 11:55 UTC - [The Hacker News] [Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment
• 11:51 UTC - [SecurityWeek] Splunk Enterprise Update Patches Code Execution Vulnerability
• 11:49 UTC - [Cyber Security News] Two U.S. Nationals Sentenced for Running Laptop Farm for DPRK Remote Workers
• 11:32 UTC - [Cyber Security News] New UAC-0247 Campaign Steals Browser and WhatsApp Data From Hospitals and Governments
• 11:32 UTC - [Cyber Security News] Critical Cisco ISE Vulnerabilities Let Remote Attackers Execute Malicious Code
• 11:27 UTC - [The Hacker News] Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
• 11:21 UTC - [Cyber Security News] McGraw Hill Confirms Data Breach Exposing 13.5 Million Users’ Personal Data
• 11:21 UTC - [SecurityWeek] Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest
• 11:02 UTC - [The Hacker News] Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
• 11:01 UTC - [Latest from TechRadar in Security] Your OpenClaw agents can empty your inbox and leak your data. Here's how to secure them
• 11:00 UTC - [DataBreaches.Net] P3 Advertised 20+ Years and 0 Security Breaches. You Can Guess What Happened Next.
• 10:50 UTC - [Cyber Security News] Fake Proton VPN Sites and Gaming Mods Spread NWHStealer in New Windows Malware Campaign
• 10:47 UTC - [SecurityWeek] NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software
• 10:35 UTC - [BleepingComputer] Data breach at edtech giant McGraw Hill affects 13.5 million accounts
• 10:30 UTC - [The Hacker News] Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
• 10:25 UTC - [Latest from TechRadar in Security] Russia hits European thermal power plant in attempted ‘destructive’ cyberattack – Pro-Kremlin hackers are engaging in ‘riskier and more reckless behavior’ in latest attempt to cripple Western critical infrastructure
• 10:24 UTC - [Latest from TechRadar in Security] The war in Iran is reaching cyberspace - here’s how to prepare
• 10:07 UTC - [Cyber Security News] Hackers Abuse n8n AI Workflow Automation to Deliver Malware Through Trusted Webhooks
• 10:04 UTC - [SecurityWeek] Cisco Patches Critical Vulnerabilities in Webex, ISE
• 10:00 UTC - [CyberScoop] Ghost breaches: How AI-mediated narratives have become a new threat vector
• 09:51 UTC - [Latest from TechRadar in Security] Millions of hotel goers may have been exposed after hackers steal data and leak it on Telegram
• 09:41 UTC - [Schneier on Security] Human Trust of AI Agents
• 09:37 UTC - [Cyber Security News] Cisco Webex Services Vulnerability Let Remote Attacker Impersonate Any User
• 09:30 UTC - [SecurityWeek] Ransomware Hits Automotive Data Expert Autovista
• 09:27 UTC - [Cyber Security News] Nginx-ui Vulnerability Actively Exploited in Attack – Enables Full Server Takeover
• 08:51 UTC - [Cyber Security News] 31 High-Impact Vulnerabilities Exploited in March as Interlock Hits Cisco FMC Zero-Day
• 08:36 UTC - [Cyber Security News] New Chrome Privacy Analysis Shows How Fingerprinting and Header Leaks Can Expose Users
• 08:33 UTC - [SecurityWeek] Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments
• 08:32 UTC - [BleepingComputer] US nationals behind DPRK IT worker 'laptop farm' sent to prison
• 07:42 UTC - [Cyber Security News] Splunk Enterprise and Cloud Platform Vulnerability Enables Remote Code Execution Attacks
• 07:40 UTC - [Cyber Security News] Critical Chrome Vulnerabilities Let Attackers Execute Arbitrary Code – Update Now!
• 07:37 UTC - [BleepingComputer] Microsoft: April Windows Server 2025 update may fail to install
• 07:17 UTC - [Cyber Security News] Fake Adobe Reader Download Delivers ScreenConnect Through Stealthy In-Memory Loader
• 06:20 UTC - [The Hacker News] UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
• 06:14 UTC - [Cyber Security News] 1,250+ C2 Servers Mapped Across Russian Hosting Across 165 Providers
• 06:00 UTC - [darkreading] 6-Year Ransomware Campaign Targets Turkish Homes & SMBs
• 04:34 UTC - [Cyber Security News] Hackers Abuse Google Discover With AI-Generated Content to Push Malicious Notifications
• 01:31 UTC - [Have I Been Pwned latest breaches] McGraw Hill - 13,500,136 breached accounts

2026-04-15 #

• 23:24 UTC - [Graham Cluley] Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying
• 22:35 UTC - [BleepingComputer] Critical Nginx UI auth bypass flaw now actively exploited in the wild
• 21:57 UTC - [BleepingComputer] New AgingFly malware used in attacks on Ukraine govt, hospitals
• 21:45 UTC - [darkreading] Critical MCP Integration Flaw Puts NGINX at Risk
• 21:15 UTC - [Latest from TechRadar in Security] 'Every Apple user needs to know about this nasty scam': Fake warnings tell users their iCloud data will be deleted — but don't fall for this devious phishing trick
• 20:33 UTC - [BleepingComputer] WordPress plugin suite hacked to push malware to thousands of sites
• 20:17 UTC - [CyberScoop] NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities
• 19:30 UTC - [darkreading] Navigating the Unique Security Risks of Asia's Digital Supply Chain
• 18:51 UTC - [CyberScoop] Executive orders likely ahead in next steps for national cyber strategy
• 17:59 UTC - [BleepingComputer] Signed software abused to deploy antivirus-killing scripts
• 17:09 UTC - [The Hacker News] n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
• 16:55 UTC - [Latest from TechRadar in Security] WordPress websites under attack — expert report says dozens of plugins hijacked to target thousands of sites
• 16:46 UTC - [SecurityWeek] Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure
• 16:20 UTC - [BleepingComputer] Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest
• 16:00 UTC - [Microsoft Security Blog] Incident response for AI: Same fire, different fuel
• 16:00 UTC - [Cisco Security Advisory] Cisco Webex Services Certificate Validation Vulnerability
• 16:00 UTC - [Cisco Security Advisory] Cisco Webex Contact Center Cross-Site Scripting Vulnerability
• 16:00 UTC - [Cisco Security Advisory] Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities
• 16:00 UTC - [Cisco Security Advisory] Cisco Unity Connection Arbitrary File Download Vulnerabilities
• 16:00 UTC - [Cisco Security Advisory] Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability
• 16:00 UTC - [Cisco Security Advisory] Cisco Secure Web Appliance Authentication Bypass Vulnerability
• 16:00 UTC - [Cisco Security Advisory] Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities
• 16:00 UTC - [Cisco Security Advisory] Cisco Identity Services Engine Remote Code Execution Vulnerabilities
• 16:00 UTC - [Cisco Security Advisory] Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities
• 16:00 UTC - [Cisco Security Advisory] Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability
• 15:35 UTC - [Latest from TechRadar in Security] 'We are currently being extorted' — crypto giant Kraken says it is facing extortion attack, here's what we know
• 15:12 UTC - [darkreading] Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now
• 15:05 UTC - [Cybersecurity Dive - Latest News] FCC exempts Netgear from foreign router ban
• 15:05 UTC - [Cybersecurity Dive - Latest News] Medium-severity flaw in Microsoft SharePoint exploited
• 15:05 UTC - [Cybersecurity Dive - Latest News] Medium-severity flaw in Microsoft SharePoint already under exploitation
• 14:51 UTC - [BleepingComputer] CISA flags Windows Task Host vulnerability as exploited in attacks
• 14:45 UTC - [SecurityWeek] Exploited Vulnerability Exposes Nginx Servers to Hacking
• 14:38 UTC - [darkreading] Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests
• 14:29 UTC - [0day Fans] Slowburn: Looking through AMD Platform Configuration Blobs infrastructure
• 14:16 UTC - [Cyber Security News] Google, Microsoft, Meta Tracking You Even if You Opt Out – New Research
• 14:15 UTC - [Latest from TechRadar in Security] 'This activity appears to be part of a broader issue': education company McGraw Hill becomes latest to see its Salesforce data hacked
• 14:14 UTC - [Cyber Security News] Microsoft Releases Cumulative Update KB5083769 for Windows 11, Version 25H2 and 24H2
• 14:11 UTC - [Cyber Security News] Windows Active Directory Vulnerability Allows Attackers to Execute Malicious Code
• 14:11 UTC - [Cyber Security News] Windows Active Directory Vulnerability Allow Attackers to Execute Malicious Code
• 14:08 UTC - [Cyber Security News] New PHP Composer Vulnerability Let Attackers Execute Arbitrary Commands
• 14:05 UTC - [Cyber Security News] Adobe Acrobat Reader Vulnerabilities Let Attackers Execute Arbitrary Code
• 14:00 UTC - [BleepingComputer] Rolling Networks: Securing the Transportation Sector
• 14:00 UTC - [Black Hills Information Security, Inc.] Signed, Trusted, and Abused: Proxy Execution via WebView2
• 13:59 UTC - [CyberScoop] OpenAI expands Trusted Access for Cyber program with new GPT 5.4 Cyber model 
• 13:56 UTC - [SecurityWeek] Capsule Security Emerges From Stealth With $7 Million in Funding
• 13:34 UTC - [SecurityWeek] ‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks
• 13:24 UTC - [SecurityWeek] 100 Chrome Extensions Steal User Data, Create Backdoor
• 13:08 UTC - [Cyber Security News] MuddyWater-Style Hackers Scan 12,000+ Systems Before Hitting Middle East Critical Sectors
• 13:00 UTC - [SecurityWeek] CISO Conversations: Ross McKerchar, CISO at Sophos
• 13:00 UTC - [All Fortinet Blog | Latest Posts] AI Security Is an Architectural Decision
• 12:56 UTC - [The Hacker News] Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
• 12:47 UTC - [Cyber Security News] Hackers Using Google Cloud Storage to Bypass Email Filters and Deliver Remcos RAT
• 12:37 UTC - [Rapid7 Cybersecurity Blog] A Clearer Path from Prioritized Exposures to Remediation Progress
• 12:37 UTC - [The Hacker News] April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
• 12:14 UTC - [Cyber Security News] Hackers Hide Backdoor in Trusted WordPress Plugins for 8 Months Before Activating Malware
• 12:10 UTC - [SecurityWeek] Mirax RAT Targeting Android Users in Europe
• 12:00 UTC - [darkreading] Microsoft, Salesforce Patch AI Agent Data Leak Flaws
• 11:41 UTC - [BleepingComputer] Microsoft: April updates trigger BitLocker key prompts on some servers
• 11:38 UTC - [SecurityWeek] Two Vulnerabilities Patched in Ivanti Neurons for ITSM 
• 11:34 UTC - [Cyber Security News] Hackers Create Hidden Mailbox Rules in Microsoft 365 to Intercept Sensitive Business Emails
• 11:30 UTC - [The Hacker News] Deterministic + Agentic AI: The Architecture Exposure Validation Requires
• 11:25 UTC - [Latest from TechRadar in Security] Google Chrome users beware — experts warn over 100 Web Store extensions found stealing user data from thousands of accounts
• 11:05 UTC - [Graham Cluley] 108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users
• 10:58 UTC - [SecurityWeek] $10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks
• 10:47 UTC - [Schneier on Security] Defense in Depth, Medieval Style
• 10:45 UTC - [Cyber Security News] Agentic LLM Browsers Expose New Attack Surface for Prompt Injection and Data Theft
• 10:25 UTC - [SecurityWeek] Trump Urges Extending Foreign Surveillance Program as Some Lawmakers Push for US Privacy Protections
• 10:24 UTC - [BleepingComputer] Microsoft fixes bug behind Windows Server 2025 automatic upgrades
• 10:00 UTC - [CyberScoop] We’re only seeing the tip of the chip-smuggling iceberg
• 09:50 UTC - [Latest from TechRadar in Security] 'Trusted access for the next era of cyber defense': OpenAI reveals its Mythos rival, designed for cybersecurity pros to spot the next level of attacks
• 09:37 UTC - [SecurityWeek] Fortinet Patches Critical FortiSandbox Vulnerabilities
• 09:19 UTC - [Cyber Security News] FUNNULL-Linked Triad Nexus Resurfaces With 175+ Rotating CNAME Domains and Global Scam Portals
• 09:06 UTC - [Cyber Security News] Windows BitLocker Vulnerability Allows Attacker to Bypass Security Feature
• 08:51 UTC - [Latest from TechRadar in Security] When cyberattacks are inevitable, recovery becomes the strategy
• 08:40 UTC - [The Hacker News] Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
• 08:37 UTC - [Latest from TechRadar in Security] Closing the cloud complexity gap
• 07:38 UTC - [Cyber Security News] New JanaWare Ransomware Targets Turkish Users Through Customized Adwind RAT
• 07:33 UTC - [Cyber Security News] Microsoft Defender 0-Day Vulnerability Enables Privilege Escalation Attack
• 07:14 UTC - [SecurityWeek] ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories
• 05:24 UTC - [Cyber Security News] 25,000+ Endpoints Exposed by Dragon Boss Solutions Update Domain Supply Chain Attack
• 04:30 UTC - [The Hacker News] OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
• 03:09 UTC - [Cyber Security News] OpenAI Launches GPT-5.4 with Reverse Engineering, Vulnerability and Malware Analysis Features
• 03:09 UTC - [Cyber Security News] OpenAI Launches GPT-5.4 with Reverse Engineering, Vulnerability Analysis and Malware Analysis Features
• 02:30 UTC - [Cyber Security News] Microsoft SharePoint Server 0-Day Vulnerability Actively Exploited in Attacks
• 00:00 UTC - [darkreading] Microsoft Bets $10B to Boost Japan's AI, Cybersecurity
• 00:00 UTC - [darkreading] Microsoft Bets $10 Billion to Boost Japan's AI, Cybersecurity

2026-04-14 #

• 23:17 UTC - [CyberScoop] CISA cancels summer internships for cyber scholarship students amid DHS funding lapse
• 22:23 UTC - [BleepingComputer] Microsoft adds Windows protections for malicious Remote Desktop files
• 21:58 UTC - [BleepingComputer] Crypto-exchange Kraken extorted by hackers after insider breach
• 21:48 UTC - [Rapid7 Cybersecurity Blog] Patch Tuesday - April 2026
• 21:47 UTC - [Krebs on Security] Patch Tuesday, April 2026 Edition
• 21:22 UTC - [darkreading] Privilege Elevation Dominates Massive Microsoft Patch Update
• 20:33 UTC - [BleepingComputer] Over 100 Chrome extensions in Web Store target users accounts and data
• 20:33 UTC - [BleepingComputer] Over 100 Chrome Web Store extensions steal user accounts, data
• 20:27 UTC - [CyberScoop] Microsoft drops its second-largest monthly batch of defects on record
• 20:20 UTC - [darkreading] EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses
• 20:00 UTC - [CyberScoop] Space Force official touts AI’s impact on cyber compliance
• 18:16 UTC - [0day Fans] Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game
• 18:14 UTC - [SecurityWeek] Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities
• 18:09 UTC - [BleepingComputer] Microsoft releases Windows 10 KB5082200 extended security update
• 18:09 UTC - [Cyber Security News] Security Risk Advisors Purple Team Participants Can Now Earn CPE Credits
• 18:07 UTC - [BleepingComputer] McGraw-Hill confirms data breach following extortion threat
• 17:59 UTC - [Cyber Security News] Fortinet Patches 11 Vulnerabilities Across FortiSandbox, FortiOS, FortiAnalyzer, and FortiManager
• 17:46 UTC - [BleepingComputer] Windows 11 cumulative updates KB5083769 & KB5082052 released
• 17:41 UTC - [BleepingComputer] Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
• 17:19 UTC - [Cyber Security News] Microsoft Patch Tuesday April 2026 – 168 Vulnerabilities Fixed, Including Actively Exploited 0-day
• 17:10 UTC - [DataBreaches.Net] California’s cybersecurity audit rule is now in effect: its impact for class litigation
• 16:59 UTC - [Cyber Security News] Critical etcd Auth Bypass Flaw Allows Unauthorized Access to Sensitive Cluster APIs
• 16:52 UTC - [Cyber Security News] Ivanti Neurons for ITSM Vulnerabilities Allow Remote Attacker to Obtain User Sessions
• 16:48 UTC - [SecurityWeek] Adobe Patches 55 Vulnerabilities Across 11 Products
• 16:37 UTC - [BleepingComputer] Fake Ledger Live app on Apple’s App Store stole $9.5M in crypto
• 16:31 UTC - [Cyber Security News] CISA Warns of Microsoft Exchange and Windows CLFS Vulnerabilities Exploited in Attacks
• 16:28 UTC - [Cyber Security News] Critical ShowDoc RCE Vulnerability Active Exploited in the Wild
• 16:25 UTC - [Cyber Security News] Synology SSL VPN Client Vulnerabilities Let Remote Attackers Access Sensitive Files
• 16:25 UTC - [CyberScoop] Black Basta’s playbook lives on as former affiliates launch fast-scale intrusion campaign
• 16:10 UTC - [Cyber Security News] Critical FortiSandbox Vulnerabilities Allow Attackers to Execute Unauthorized Commands
• 16:06 UTC - [darkreading] Wargame Exercise Demonstrates How Social Media Manipulation Works
• 16:06 UTC - [darkreading] War Game Exercise Demonstrates How Social Media Manipulation Works
• 16:01 UTC - [Schneier on Security] Upcoming Speaking Engagements
• 15:57 UTC - [The Hacker News] New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
• 15:55 UTC - [Latest from TechRadar in Security] 'It's more common than you think': Experts reveal how hackers are trying to hijack your inbox with these clever tactics
• 15:53 UTC - [BleepingComputer] Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
• 14:44 UTC - [Cybersecurity Dive - Latest News] Brute-force cyberattacks originating in Middle East surge in Q1
• 14:35 UTC - [Latest from TechRadar in Security] 'This wasn’t just phishing — it was a full-service cybercrime platform': FBI reveals takedown of notorious W3LL phishing operation targeting thousands of victims
• 14:30 UTC - [The Hacker News] AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
• 14:27 UTC - [Latest from TechRadar in Security] From cloud to Agentic AI: Why security must evolve faster than innovation
• 14:24 UTC - [Cybersecurity Dive - Latest News] FCC signals continued commitment to Cyber Trust Mark program
• 14:02 UTC - [BleepingComputer] 5 Ways Zero Trust Maximizes Identity Security
• 13:55 UTC - [The Hacker News] Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
• 13:39 UTC - [Cyber Security News] New Mirax Android RAT Turns Infected Phones Into Residential Proxy Nodes
• 13:27 UTC - [Cyber Security News] New PlugX USB Worm Spreads Across Multiple Continents Using DLL Sideloading
• 13:00 UTC - [The Cloudflare Blog] Securing non-human identities: automated revocation, OAuth, and scoped permissions
• 13:00 UTC - [The Cloudflare Blog] Scaling MCP adoption: Our reference architecture for simpler, safer and cheaper enterprise deployments of MCP
• 13:00 UTC - [The Cloudflare Blog] Managed OAuth for Access: make internal apps agent-ready in one click
• 13:00 UTC - [Cyber Security News] Hackers Leave Credential Stuffing Botnet Wide Open With Full Worker Access and Root Passwords
• 12:53 UTC - [SecurityWeek] ‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats
• 12:45 UTC - [Latest from TechRadar in Security] Basic-Fit gym group data breach exposes details of over 1 million members — here's what we know
• 12:43 UTC - [SecurityWeek] Europe’s Largest Gym Chain Says Data Breach Impacts 1 Million Members
• 12:31 UTC - [Rapid7 Cybersecurity Blog] Your Cloud Detection Strategy in 2026: What to Expect at the Global Cybersecurity Summit
• 12:30 UTC - [Cyber Security News] Codex Hacks Samsung TV to Root by Exploiting World-Writable Driver Interfaces
• 12:14 UTC - [Cyber Security News] CISA Warns of Fortinet SQL Injection Vulnerability Actively Exploited in Attacks
• 12:07 UTC - [Cyber Security News] New Janela RAT Campaign Uses Fake MSI Installers and Malicious Browser Extensions to Steal Data
• 12:05 UTC - [Latest from TechRadar in Security] ‘Authorities can ask them to hand over data’: Report claims over 80% of Europeans don’t trust US and Chinese businesses to handle their data – Europe is desperate for homegrown AI, cloud, and telecoms as the rift with the US grows
• 11:39 UTC - [Cyber Security News] Hackers Weaponize Obsidian Shell Commands Plugin to Launch Cross-Platform Malware Attacks
• 11:25 UTC - [Latest from TechRadar in Security] Booking.com confirms reservation data breach — tells customers hackers 'may have been able to access certain booking information'
• 11:21 UTC - [SecurityWeek] SAP Patches Critical ABAP Vulnerability
• 10:57 UTC - [Cyber Security News] Hackers Bypass Phishing Emails and Target Okta Identity Systems Instead
• 10:53 UTC - [SecurityWeek] Triad Nexus Evades Sanctions to Fuel Cybercrime
• 10:49 UTC - [Schneier on Security] How Hackers Are Thinking About AI
• 10:31 UTC - [Latest from TechRadar in Security] Agility is the key to protecting against Malware-as-a-Service (MaaS)
• 10:28 UTC - [Cyber Security News] Booking.com Confirms Data Breach — Hackers Accessed Customers’ Personal Information
• 10:21 UTC - [SecurityWeek] Google Adds Rust DNS Parser to Pixel Phones for Better Security
• 10:20 UTC - [Latest from TechRadar in Security] Rockstar hackers publish 78.6 million stolen records — but many of us will be disappointed
• 10:20 UTC - [The Hacker News] Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
• 10:07 UTC - [Latest from TechRadar in Security] Adobe issues emergency security patch — Reader and Acrobat users need to update now
• 10:00 UTC - [The Hacker News] Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
• 10:00 UTC - [CyberScoop] Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey
• 09:51 UTC - [netbiosX]
• 09:44 UTC - [Cyber Security News] APT41 Turns Linux Cloud Servers Into Credential Theft Targets With New Winnti Backdoor
• 09:41 UTC - [Cyber Security News] W3LL Phishing Kit Takedown Hits Global Credential Theft and MFA Bypass Operation
• 09:39 UTC - [Cyber Security News] Researcher Reverse Engineered 0-Day Used to Disable CrowdStrike EDR
• 09:35 UTC - [SecurityWeek] Nightclub Giant RCI Hospitality Reports Data Breach
• 09:34 UTC - [Cyber Security News] Hackers Use 108 Chrome Extensions to Steal User Data Through Shared C2 Infrastructure
• 09:04 UTC - [Latest from TechRadar in Security] What 2025 taught us about the importance of resilience in retail
• 08:57 UTC - [SecurityWeek] Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities
• 08:53 UTC - [Latest from TechRadar in Security] Governing the hidden risks of generative AI in the enterprise
• 08:35 UTC - [The Hacker News] 108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
• 05:50 UTC - [The Hacker News] ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
• 05:39 UTC - [The Hacker News] CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
• 04:56 UTC - [Cyber Security News] Hackers Use Fake Proxifier Installer on GitHub to Spread ClipBanker Crypto-Stealing Malware
• 02:01 UTC - [Cyber Security News] Rockstar’s GTA Game Hacked – Attackers published 78.6 Million Records Online

2026-04-13 #

• 21:50 UTC - [BleepingComputer] European Gym giant Basic-Fit data breach affects 1 million members
• 21:48 UTC - [darkreading] Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads
• 21:43 UTC - [CyberScoop] Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos
• 21:29 UTC - [darkreading] CSA: CISOs Should Prepare for Post-Mythos Exploit Storm
• 20:52 UTC - [darkreading] Adobe Patches Actively Exploited Zero-Day That Lingered for Months
• 20:24 UTC - [CyberScoop] OpenAI’s Mac apps needs an update thanks to the Axios hack
• 20:24 UTC - [CyberScoop] OpenAI’s Mac apps need updates thanks to the Axios hack
• 20:08 UTC - [BleepingComputer] Stolen Rockstar Games analytics data leaked by extortion gang
• 19:56 UTC - [BleepingComputer] Critical flaw in wolfSSL library enables forged certificate use
• 19:10 UTC - [darkreading] Empty Attestations: OT Lacks the Tools for Cryptographic Readiness
• 18:55 UTC - [BleepingComputer] FBI takedown of W3LL phishing service leads to developer arrest
• 18:46 UTC - [DataBreaches.Net] City of Anthony, NM, public records have been suspiciously disappeared, locked, or wiped
• 18:10 UTC - [Latest from TechRadar in Security] Russia launched a covert operation to deploy undersea sabotage vessels in UK waters while the world was distracted by the Middle East - UK threatens Putin with ‘serious consequences’ if subversion continues
• 17:39 UTC - [BleepingComputer] OpenAI rotates macOS certs after Axios attack hit code-signing workflow
• 17:30 UTC - [BleepingComputer] New Booking.com data breach forces reservation PIN resets
• 17:25 UTC - [Latest from TechRadar in Security] 'Industrial-scale scam operations': Global criminal organization operated slave compounds in Asia behind huge malware-as-a-service hydra targeting 35+ government agencies monthly
• 17:15 UTC - [The Hacker News] JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
• 17:07 UTC - [DataBreaches.Net] A Silent Threat, Loud Consequences: Ransom Group Hits Law Firms Hard
• 16:52 UTC - [Schneier on Security] On Anthropic’s Mythos Preview and Project Glasswing
• 16:52 UTC - [Cyber Security News] Claude AI Reportedly Down for Hundreds of Users With Intermittent 500 Errors
• 16:05 UTC - [Latest from TechRadar in Security] OpenAI flags third-party data issue — all macOS users should update now
• 15:52 UTC - [Cyber Security News] Hackers Abuse GitHub and Jira Notifications to Deliver Phishing Through Trusted SaaS Channels
• 15:37 UTC - [BleepingComputer] Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
• 15:18 UTC - [Cybersecurity Dive - Latest News] CISOs see gaps in their incident response playbooks
• 15:08 UTC - [Cybersecurity Dive - Latest News] US, Indonesia shut down ‘sophisticated’ phishing kit
• 15:08 UTC - [darkreading] APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
• 15:00 UTC - [All Fortinet Blog | Latest Posts] Fortinet Training Institute Wins Industry Accolades
• 14:53 UTC - [Cyber Security News] Mozilla Criticizes Microsoft for Installing Copilot on Windows Without User Consent
• 14:51 UTC - [Cyber Security News] How Threat Intelligence Drives a Real ROI Boost for Your SOC 
• 14:48 UTC - [Proofpoint Threat Insight] Mailbox rules in O365—a post-exploitation tactic in cloud ATO
• 14:46 UTC - [The Hacker News] FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
• 14:32 UTC - [Cyber Security News] Nginx 1.29.8 and FreeNginx Released With Critical Security Updates
• 14:29 UTC - [Cyber Security News] Marimo RCE Vulnerability Exploited in the Within 10 Hours of Disclosure
• 14:26 UTC - [Cyber Security News] Critical Axios Vulnerability Allows Remote Code Execution – PoC Released
• 14:25 UTC - [SecurityWeek] Booking.com Says Hackers Accessed User Information
• 14:21 UTC - [Cyber Security News] Hackers Abuse MSBuild LOLBin to Evade Detection and Launch Fileless Windows Attacks
• 14:20 UTC - [Latest from TechRadar in Security] Hackers use Claude and ChatGPT in 'a significant evolution in offensive capability' to breach government agencies, leak hundreds of millions of citizen records
• 14:19 UTC - [Cyber Security News] Apache Tomcat Vulnerabilities Enables Bypass of EncryptInterceptor
• 14:05 UTC - [BleepingComputer] The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
• 14:00 UTC - [SecurityWeek] BrowserGate: Claims of LinkedIn ‘Spying’ Clash With Security Research Findings
• 13:36 UTC - [Cyber Security News] Iran-Linked CyberAv3ngers Sets Sights on Water Utilities and Industrial Controllers
• 13:01 UTC - [The Hacker News] ⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
• 12:57 UTC - [Rapid7 Cybersecurity Blog] Turning Log Lines into Answers: Instant Clarity for SOC Teams
• 12:34 UTC - [Cyber Security News] Hackers Hide VIPERTUNNEL Python Backdoor Inside Fake DLL and Obfuscated Loader Chain
• 12:34 UTC - [SecurityWeek] OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack
• 11:50 UTC - [Latest from TechRadar in Security] 'This is not your typical run-of-the-mill malware': CPUID download page hacked and tools replaced with links to malicious files
• 11:41 UTC - [The Hacker News] Your MTTD Looks Great. Your Post-Alert Gap Doesn't
• 11:34 UTC - [SecurityWeek] International Operation Targets Multimillion-Dollar Crypto Theft Schemes
• 11:19 UTC - [DataBreaches.Net] Booking.com warns customers their private travel details may have been accessed by ‘unauthorised party’
• 11:18 UTC - [DataBreaches.Net] GTA-maker Rockstar Games hacked again but downplays impact
• 11:17 UTC - [DataBreaches.Net] MN: Spring Lake Park Schools Closed After Suspected Ransomware Attack
• 10:53 UTC - [Latest from TechRadar in Security] How businesses can turn AI pilots into scalable solutions
• 10:52 UTC - [SecurityWeek] CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads
• 10:37 UTC - [Cyber Security News] APT37 Abuses Facebook, Telegram, and Tampered Installer in New Targeted Intrusion Attack
• 10:34 UTC - [Cyber Security News] Basic-Fit Data Breach Exposes Millions of Users Across Multiple Countries
• 10:10 UTC - [Schneier on Security] AI Chatbots and Trust
• 10:09 UTC - [Latest from TechRadar in Security] ‘No Decision’ is the new breach: Why inaction is becoming a career risk for CISOs in 2026
• 09:52 UTC - [SecurityWeek] Fake Claude Website Distributes PlugX RAT
• 09:15 UTC - [The Hacker News] North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
• 09:08 UTC - [Latest from TechRadar in Security] Rockstar confirms major third-party data breach: GTA VI maker says 'no impact on our organization or our players'
• 08:31 UTC - [SecurityWeek] Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users
• 08:23 UTC - [Cyber Security News] Adobe Patches Acrobat Reader 0-Day Vulnerability Exploited in the Wild
• 08:15 UTC - [Cyber Security News] Elon Musk Announces to Launch XChat With Self-Destruct Message Features
• 08:09 UTC - [Cyber Security News] Microsoft Confirms Recent Windows 11 Updates Break Push Button Reset
• 07:17 UTC - [Cyber Security News] Critical WordPress Plugin Flaw Lets Attackers Bypass Authentication and Gain Admin Access
• 06:50 UTC - [The Hacker News] OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
• 02:46 UTC - [Cyber Security News] WhatsApp’s ‘End-to-End Encryption by Default’ Claim Called Major Consumer Fraud by Pavel Durov
• 00:00 UTC - [0day Fans] Hyperbridge ISMP Forged Proof DOT Mint
• 00:00 UTC - [0day Fans] Exploit Investigator
• 00:00 UTC - [0day Fans] Contract Auditor
• 00:00 UTC - [0day Fans] Client Auditor

2026-04-12 #

• 14:20 UTC - [BleepingComputer] Critical Marimo pre-auth RCE flaw now under active exploitation
• 07:45 UTC - [SecurityWeek] Adobe Patches Reader Zero-Day Exploited for Months
• 05:54 UTC - [The Hacker News] CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
• 04:25 UTC - [The Hacker News] Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
• 02:01 UTC - [Have I Been Pwned latest breaches] Hallmark - 1,736,520 breached accounts