#unpatched-software-exploitation
#unpatched-software-exploitation

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

fromYahoo Tech

Privacy technologies

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

23 hours ago

Information security

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

Information security

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Pro-Iranian Actor Claims L.A. Metro Cyberattack

L.A. Metro is recovering from a cyberattack attributed to the pro-Iranian group Ababil of Minab, which claims significant data destruction and exfiltration.

21 hours ago

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

A cluster of 108 malicious Chrome extensions collects user data and injects ads, compromising browser security.

Silicon Valley

fromWIRED

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

Privacy technologies

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

23 hours ago

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

CISA added six security flaws to its KEV catalog due to evidence of active exploitation.

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.

Information security

Pro-Iranian Actor Claims L.A. Metro Cyberattack

21 hours ago

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

A cluster of 108 malicious Chrome extensions collects user data and injects ads, compromising browser security.

more#cybersecurity

18 hours ago

Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads

Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real time, enhancing its operational value significantly.

Roam Research

fromArs Technica

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect processed fraudulent charges using real customer data, including names and addresses, to make the charges appear legitimate and maintain a low chargeback ratio.

Privacy professionals

Deliverability

fromZDNET

3 hours ago

This simple email trick saves me from annoying marketing spam (and it's free to do)

Using a dedicated shopping email can effectively reduce spam and clutter in your primary inbox.

US news

fromwww.npr.org

Law enforcement is trying to combat abusive AI. Experts say easier said than done

An Ohio man was convicted under the 2025 Take It Down Act for creating and distributing AI-generated abusive sexual images.

Digital life

fromwww.dw.com

17 hours ago

Dangerous Apps In the Web of Data Brokers

Smartphone apps collect detailed location data, often shared with data brokers, posing security risks to users, including soldiers and government officials.

Node JS

fromNist

NVD

Axios library versions prior to 1.15.0 are vulnerable to Prototype Pollution, leading to Remote Code Execution and Full Cloud Compromise.

#data-breach

EU data protection

fromTNW | Data-Security

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

EU data protection

fromTNW | Data-Security

Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands

Basic-Fit experienced a data breach affecting 200,000 members, exposing personal and bank details but not passwords or identity documents.

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Information security

Runtime security becomes critical as AI accelerates threats

fromFortune

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromwww.theguardian.com

Information security

Anthropic says its latest AI model can expose weaknesses in software security

Claude Mythos exposes thousands of software vulnerabilities, prompting Anthropic to limit its release and collaborate with cybersecurity specialists.

Artificial intelligence

fromFast Company

3 days ago

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

fromFortune

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromwww.theguardian.com

Anthropic says its latest AI model can expose weaknesses in software security

Claude Mythos exposes thousands of software vulnerabilities, prompting Anthropic to limit its release and collaborate with cybersecurity specialists.

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

#microsoft

fromZero Day Initiative

Zero Day Initiative - The April 2026 Security Update Review

Several critical vulnerabilities in Microsoft products require attention, particularly those related to Office, RDP, Active Directory, and .NET Framework.

fromComputerWeekly.com

10 hours ago

Information security

April Patch Tuesday brings zero-days in Defender, SharePoint Server | Computer Weekly

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft's Patch Tuesday updates address 165 vulnerabilities, including a critical SharePoint zero-day exploit tracked as CVE-2026-32201.

9 hours ago

Information security

Microsoft's massive Patch Tuesday: It's raining bugs

A spoofing vulnerability in Microsoft SharePoint Server was exploited before a fix was issued, allowing unauthorized access to sensitive information.

fromZero Day Initiative

Zero Day Initiative - The April 2026 Security Update Review

Several critical vulnerabilities in Microsoft products require attention, particularly those related to Office, RDP, Active Directory, and .NET Framework.

fromComputerWeekly.com

10 hours ago

April Patch Tuesday brings zero-days in Defender, SharePoint Server | Computer Weekly

Microsoft's April Patch Tuesday update addresses over 160 issues, including two critical zero-day vulnerabilities, marking one of the largest updates in history.

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft's Patch Tuesday updates address 165 vulnerabilities, including a critical SharePoint zero-day exploit tracked as CVE-2026-32201.

9 hours ago

Microsoft's massive Patch Tuesday: It's raining bugs

A spoofing vulnerability in Microsoft SharePoint Server was exploited before a fix was issued, allowing unauthorized access to sensitive information.

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

Privacy professionals

Hack-for-hire group caught targeting Android devices and iCloud backups | TechCrunch

A hack-for-hire group is targeting journalists and officials in the Middle East and North Africa using phishing and spyware tactics.

Adobe Patches 55 Vulnerabilities Across 11 Products

Adobe's Patch Tuesday updates address 55 vulnerabilities across 11 products, with critical ColdFusion flaws requiring immediate attention.

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe released an emergency patch for a critical vulnerability in its products, exploited since December 2025, with a CVSS score of 8.6.

15 hours ago

Adobe fixes PDF zero-day security bug that hackers have exploited for months | TechCrunch

Adobe patched a critical vulnerability in Acrobat DC and Reader DC that allowed hackers to remotely install malware via malicious PDF files.

Adobe finally patches PDF pest after months of abuse

Adobe released a patch for a critical zero-day vulnerability in Acrobat and Reader that allowed arbitrary code execution via malicious PDFs.

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for a critical zero-day vulnerability in Acrobat and Reader that has been exploited for several months.

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe released emergency updates for a critical security flaw in Acrobat Reader that is actively exploited, allowing arbitrary code execution.

13 hours ago

Adobe Patches 55 Vulnerabilities Across 11 Products

Adobe's Patch Tuesday updates address 55 vulnerabilities across 11 products, with critical ColdFusion flaws requiring immediate attention.

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe released an emergency patch for a critical vulnerability in its products, exploited since December 2025, with a CVSS score of 8.6.

15 hours ago

Adobe fixes PDF zero-day security bug that hackers have exploited for months | TechCrunch

Adobe patched a critical vulnerability in Acrobat DC and Reader DC that allowed hackers to remotely install malware via malicious PDF files.

Adobe finally patches PDF pest after months of abuse

Adobe released a patch for a critical zero-day vulnerability in Acrobat and Reader that allowed arbitrary code execution via malicious PDFs.

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for a critical zero-day vulnerability in Acrobat and Reader that has been exploited for several months.

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

Adobe released emergency updates for a critical security flaw in Acrobat Reader that is actively exploited, allowing arbitrary code execution.

more#adobe

Privacy professionals

fromWIRED

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.

12 hours ago

New PHP Composer Flaws Enable Arbitrary Command Execution - Patches Released

Two high-severity vulnerabilities in Composer could allow arbitrary command execution through command injection flaws in the Perforce VCS driver.

Ransomware scum, other crims exploit 4 old Microsoft bugs

Four Microsoft vulnerabilities are actively exploited, including one from 2012, prompting CISA to urge federal agencies to patch them within two weeks.

19 hours ago

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

Critical risk findings surged by nearly 400% amid a 52% increase in raw alert volume, driven by AI-assisted development.

Someone planted backdoors in dozens of WordPress plugins used in thousands of websites | TechCrunch

Dozens of WordPress plugins were compromised by a backdoor, distributing malicious code after a change in ownership of the plugin maker.

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

A critical vulnerability in Ninja Forms allows file uploads that could lead to remote code execution on affected websites.

Someone planted backdoors in dozens of WordPress plugins used in thousands of websites | TechCrunch

Dozens of WordPress plugins were compromised by a backdoor, distributing malicious code after a change in ownership of the plugin maker.

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

A critical vulnerability in Ninja Forms allows file uploads that could lead to remote code execution on affected websites.

Attackers are targeting developers via Slack and Google Sites

A targeted phishing campaign exploits trust in the open-source community, tricking developers into providing credentials and installing malicious software.

18 hours ago

SAP Patches Critical ABAP Vulnerability

SAP released 20 new and updated security notes addressing critical vulnerabilities, including a severe SQL injection flaw with a CVSS score of 9.9.

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.

fromBitcoin Magazine

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

fromFinbold

17 hours ago

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.

fromBitcoin Magazine

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

more#kraken

Artificial intelligence

fromFuturism

AI Tools Are Supercharging Hackers

AI systems are increasingly weaponized for cybercrime, enabling hackers to exploit vulnerabilities at scale with minimal technical expertise, as demonstrated by recent attacks on Mexican government networks and global firewall systems.

fromArs Technica

10 hours ago

UK gov's Mythos AI tests help separate cybersecurity threat from hype

Mythos outperformed previous models in TLO tests, showing capability in attacking vulnerable systems but still facing limitations in complex scenarios.

fromInfoQ

New Rowhammer Attacks on NVIDIA GPUs Enable Full System Takeover

New Rowhammer attacks target NVIDIA GPUs, escalating from memory corruption to full system compromise, highlighting significant hardware security risks.

23 hours ago

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

[In] ShowDoc version before 2.8.7, an unrestricted and unauthenticated file upload issue is found and [an] attacker is able to upload a web shell and execute arbitrary code on server.

Information security

0APT ransomware gang extorts Krybit amid doxxing threat

0APT threatens to expose Krybit members, highlighting the bizarre rivalry between ransomware gangs.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

17 hours ago

0APT ransomware gang extorts Krybit amid doxxing threat

0APT threatens to expose Krybit members, highlighting the bizarre rivalry between ransomware gangs.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

Fake Linux Foundation leader using Slack to phish devs

A malware campaign targets open source developers via Slack, impersonating a Linux Foundation official to steal credentials and compromise systems.

Adobe patches vulnerability that steals data via PDFs

A sophisticated attack exploits a vulnerability in Adobe Reader via malicious PDF files to gather sensitive information and potentially execute arbitrary code.

Adobe Reader Zero-Day Exploited for Months: Researcher

A zero-day vulnerability in Adobe Reader has been discovered, capable of exploiting user data and enabling remote code execution.

Adobe patches vulnerability that steals data via PDFs

A sophisticated attack exploits a vulnerability in Adobe Reader via malicious PDF files to gather sensitive information and potentially execute arbitrary code.

Adobe Reader Zero-Day Exploited for Months: Researcher

A zero-day vulnerability in Adobe Reader has been discovered, capable of exploiting user data and enabling remote code execution.

more#adobe-reader

fromYcombinator

14 hours ago

Information security

Show HN: OpenParallax: OS-level privilege separation for AI agent execution | Hacker News

An open-source AI agent was developed with a secure, sandboxed architecture to prevent data exfiltration and unauthorized actions.

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

CVSS-9.3 vulnerability in Marimo allows unauthenticated remote code execution, exploited shortly after disclosure.

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical vulnerability in Marimo allows unauthenticated remote code execution, exploited within hours of disclosure, affecting all versions prior to 0.20.4.

fromInfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

CVSS-9.3 vulnerability in Marimo allows unauthenticated remote code execution, exploited shortly after disclosure.

Critical Marimo Flaw Exploited Hours After Public Disclosure

A critical vulnerability in Marimo was exploited within hours of its public disclosure, allowing unauthenticated remote code execution.

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

A critical vulnerability in Marimo allows unauthenticated remote code execution, exploited within hours of disclosure, affecting all versions prior to 0.20.4.

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

APT37 employs social engineering on Facebook to deliver RokRAT via a compromised PDF viewer.

3 days ago

Two different attackers poisoned popular open source tools

Two major supply chain attacks in March compromised open source tools, stealing data from numerous organizations.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000

Google released Chrome 147, fixing 60 vulnerabilities, including two critical ones affecting WebML, with significant bug bounties awarded to researchers.

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A critical flaw in the EngageLab SDK allowed malicious apps to exploit trusted permissions, affecting over 50 million Android users.

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Palo Alto Networks and SonicWall released patches for multiple vulnerabilities, including high-severity bugs that could allow unauthorized access and code execution.

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

Attackers exploit a zero-day vulnerability in Adobe Acrobat Reader to steal data and potentially take over systems using malicious PDF files.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

Is 46% of your AI-generated code vulnerable?

46% of AI-generated code contains security vulnerabilities, necessitating integrated governance throughout the software delivery lifecycle.

Critical Flowise Vulnerability in Attacker Crosshairs

A critical vulnerability in Flowise allows remote code execution, posing severe security risks to systems and sensitive data.

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Anthropic's Project Glasswing uses Claude Mythos to identify and address cybersecurity vulnerabilities, surpassing human capabilities in some instances.

'BlueHammer' Exploit Targets Windows, Potentially Impacting 1 Billion+ Devices

A security researcher released exploit code for a Windows zero-day vulnerability called BlueHammer, allowing privilege escalation without an official Microsoft patch.

New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy

Chaos malware targets misconfigured cloud deployments, expanding its reach beyond routers and edge devices.

Data Leakage Vulnerability Patched in OpenSSL

Seven vulnerabilities in OpenSSL have been patched, including a moderate severity flaw that can lead to sensitive data leakage.

Attackers exploited the FortiClient EMS bug as a 0-day

Fortinet released an emergency patch for a critical vulnerability in FortiClient EMS, which is being actively exploited.

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.

Attackers exploited the FortiClient EMS bug as a 0-day

Fortinet released an emergency patch for a critical vulnerability in FortiClient EMS, which is being actively exploited.

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Exploitation of a critical Citrix NetScaler vulnerability began shortly after its public disclosure, with active attempts detected within days.

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

Teams must reduce unnecessary internet-facing exposure to minimize vulnerability exploitation risk, as time-to-exploit windows are shrinking to hours or minutes.

Vulnerability exploits now dominate intrusions

Exploit of disclosed vulnerabilities now causes most intrusions, with attackers weaponizing new flaws within hours while many organizations patch slowly.

BeyondTrust Remote Support has a critical vulnerability

Unauthenticated remote-code-execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access enables full system compromise; affected versions require urgent patching or upgrades.

Researchers hack malware gang via its own weak spot

An XSS flaw in StealC’s web panel allowed takeover of operator sessions, revealing millions of stolen cookies, passwords, and YouTube-based malware distribution.

Why cyberattacks don't require advanced hacking

Poor cyber hygiene, weak identity security, overdue IT maintenance, and incomplete logging make organizations vulnerable to financially motivated attacks such as ransomware and email fraud.

#cve-2026-1731

Information security

BeyondTrust Patches Critical RCE Vulnerability

Information security

BeyondTrust Vulnerability Exploited in Ransomware Attacks

Information security

BeyondTrust Patches Critical RCE Vulnerability