https://www.elastic.co/security-labs/claude-code-cowork-monitoring-otel-elastic ThreatAft en 2026-04-25T00:00:00.000Z Monitoring Claude Code/Cowork at scale with OTel in Elastic https://www.reddit.com/r/Malware/comments/1suuii9/i_built_a_c2_framework_that_uses_discord_and/ ThreatAft en 2026-04-24T22:36:34.000Z I built a C2 framework that uses Discord and Telegram for communication https://www.reddit.com/r/cybersecurity/comments/1sutbtf/opinion_on_claude_mythos_and_firefox/ ThreatAft en 2026-04-24T21:48:50.000Z Opinion on Claude mythos and FIrefox? https://unit42.paloaltonetworks.com/monitoring-npm-supply-chain-attacks/ ThreatAft en 2026-04-24T21:40:33.000Z The npm Threat Landscape: Attack Surface and Mitigations https://www.reddit.com/r/cybersecurity/comments/1susnsa/potential_crucial_vulnerability/ ThreatAft en 2026-04-24T21:22:19.000Z potential crucial vulnerability? https://www.reddit.com/r/cybersecurity/comments/1susn6s/firestarter_malware_survives_cisco_firewall/ ThreatAft en 2026-04-24T21:21:40.000Z Firestarter malware survives Cisco firewall updates, security patches https://www.reddit.com/r/cybersecurity/comments/1sus5of/made_it_to_technical_round_for_soc_1/ ThreatAft en 2026-04-24T21:02:50.000Z Made it to technical round for Soc 1 https://www.reddit.com/r/cybersecurity/comments/1surs7t/second_interview/ ThreatAft en 2026-04-24T20:48:52.000Z Second Interview https://cyberscoop.com/section-702-fisa-reauthorization-bill-leaves-critics-unimpressed/ ThreatAft en 2026-04-24T20:45:17.000Z Latest spy power reauthorization bill leaves critics unimpressed https://www.reddit.com/r/cybersecurity/comments/1surob6/snapchat_servers/ ThreatAft en 2026-04-24T20:44:44.000Z snapchat servers https://www.reddit.com/r/netsec/comments/1surm99/detect_shulfar_malware_encrypted_tcp_cc_traffic/ ThreatAft en 2026-04-24T20:42:34.000Z Detect Shulfar Malware Encrypted TCP C&C Traffic Using PacketSmith Yara-X Detection Module https://www.reddit.com/r/cybersecurity/comments/1surkdb/anything_i_can_do_to_stopreduce_microsoft_auth/ ThreatAft en 2026-04-24T20:40:34.000Z Anything I can do to stop/reduce Microsoft auth app requests from random sources? https://www.reddit.com/r/cybersecurity/comments/1surfl0/as_an_elastic_security_engineer_what_is_you_day/ ThreatAft en 2026-04-24T20:35:28.000Z As an elastic security engineer, what is you day like. https://www.bleepingcomputer.com/news/security/firestarter-malware-survives-cisco-firewall-updates-security-patches/ ThreatAft en 2026-04-24T20:34:08.000Z Firestarter malware survives Cisco firewall updates, security patches https://unit42.paloaltonetworks.com/new-activity-central-south-america/ ThreatAft en 2026-04-24T20:30:19.000Z TGR-STA-1030: New Activity in Central and South America https://www.reddit.com/r/cybersecurity/comments/1sur7g0/failed_interview_hard_ranting/ ThreatAft en 2026-04-24T20:27:17.000Z Failed interview hard - ranting https://www.bleepingcomputer.com/news/microsoft/windows-update-gets-new-controls-to-reduce-forced-restarts/ ThreatAft en 2026-04-24T20:08:26.000Z Windows Update gets new controls to reduce forced restarts https://www.reddit.com/r/netsec/comments/1suq2kx/media_player_pivot_how_i_got_back_into_my_own/ ThreatAft en 2026-04-24T19:44:55.000Z Media player pivot: How I got back into my own server https://www.reddit.com/r/cybersecurity/comments/1supqng/54_days_of_ssh_honeypot_data_269k_connections_48k/ ThreatAft en 2026-04-24T19:32:28.000Z 54 days of SSH honeypot data: 269K connections, 48K unique passwords, 28 humans https://therecord.media/iran-cyber-warfare-haugh ThreatAft en 2026-04-24T19:15:00.000Z Iran’s cyber threat may be less ‘shock and awe’ than ‘low and slow,’ officials say https://therecord.media/ADT-data-breach-cyberattack ThreatAft en 2026-04-24T18:45:00.000Z ADT says customer data stolen in cyber intrusion https://www.bleepingcomputer.com/news/security/new-blackfile-extortion-gang-targets-retail-and-hospitality-orgs/ ThreatAft en 2026-04-24T18:26:27.000Z New BlackFile extortion group linked to surge of vishing attacks https://www.bleepingcomputer.com/news/microsoft/microsoft-to-roll-out-entra-passkeys-on-windows-in-late-april/ ThreatAft en 2026-04-24T18:13:55.000Z Microsoft to roll out Entra passkeys on Windows in late April https://www.reddit.com/r/cybersecurity/comments/1sumcfh/a_free_solution_to_the_github_actions_supply/ ThreatAft en 2026-04-24T17:28:58.000Z A free solution to the GitHub Actions supply chain crisis https://www.bleepingcomputer.com/news/security/new-pack2theroot-flaw-gives-hackers-root-linux-access/ ThreatAft en 2026-04-24T17:28:46.000Z New ‘Pack2TheRoot’ flaw gives hackers root Linux access https://therecord.media/pentagon-grapples-with-securing-ai-as-it-moves-towards-autonomous-warfare ThreatAft en 2026-04-24T17:14:00.000Z Pentagon grapples with securing AI as it moves toward autonomous warfare https://thehackernews.com/2026/04/firestarter-backdoor-hit-federal-cisco.html ThreatAft en 2026-04-24T17:06:00.000Z FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches https://www.darkreading.com/cyber-risk/us-busts-myanmar-ring-targeting-us-citizens-financial-fraud ThreatAft en 2026-04-24T16:48:04.000Z US Busts Myanmar Ring Targeting US Citizens in Financial Fraud https://www.reddit.com/r/cybersecurity/comments/1sul6vj/whats_with_this_error_detected/ ThreatAft en 2026-04-24T16:47:49.000Z What's with this error? Detected: Trojan:Win32/Suschil!rfn https://www.reddit.com/r/cybersecurity/comments/1sul6ic/virustotal_is_helpful_do_ai_agents_need_a/ ThreatAft en 2026-04-24T16:47:25.000Z VirusTotal is helpful. Do AI agents need a different type of scanner? https://www.reddit.com/r/netsec/comments/1sul66b/bitwarden_cli_compromesso_attacco_supply_chain/ ThreatAft en 2026-04-24T16:47:05.000Z Bitwarden CLI compromesso: attacco supply chain viola npm Trusted Publishing https://www.reddit.com/r/netsec/comments/1suksxl/backdoor_firestarter_cisa_aggiorna_la_direttiva/ ThreatAft en 2026-04-24T16:33:44.000Z Backdoor FIRESTARTER: CISA aggiorna la direttiva dopo violazione federale https://www.reddit.com/r/netsec/comments/1sukrbu/unc6692_nuova_minaccia_teams_colpisce_decisori/ ThreatAft en 2026-04-24T16:32:08.000Z UNC6692: nuova minaccia Teams colpisce decisori aziendali https://www.reddit.com/r/netsec/comments/1sukjpu/app_ue_verifica_età_hackerata_in_2_minuti_il_gap/ ThreatAft en 2026-04-24T16:24:33.000Z App UE verifica età hackerata in 2 minuti: il gap tra promesse e realtà https://www.reddit.com/r/cybersecurity/comments/1sukho8/app_ue_verifica_età_hackerata_in_2_minuti_il_gap/ ThreatAft en 2026-04-24T16:22:35.000Z App UE verifica età hackerata in 2 minuti: il gap tra promesse e realtà https://www.reddit.com/r/cybersecurity/comments/1sukfsn/automated_reverse_engineering_of_malicious/ ThreatAft en 2026-04-24T16:20:38.000Z Automated reverse engineering of malicious android streaming boxes https://www.reddit.com/r/netsec/comments/1sukfj1/exploit_su_lmdeploy_cve202633626_attacco_ssrf/ ThreatAft en 2026-04-24T16:20:23.000Z Exploit su LMDeploy CVE-2026-33626: attacco SSRF immediato dopo disclosure https://www.reddit.com/r/cybersecurity/comments/1sujye8/ai_hacking_fears_jolt_washington_as_anthropic/ ThreatAft en 2026-04-24T16:03:36.000Z AI hacking fears jolt Washington as Anthropic unveils Mythos https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-17-7/ ThreatAft en 2026-04-24T15:48:28.000Z The Good, the Bad and the Ugly in Cybersecurity – Week 17 https://www.reddit.com/r/cybersecurity/comments/1suj683/microsoft_defender_ml_flagging_all_adobe_urls/ ThreatAft en 2026-04-24T15:35:39.000Z Microsoft Defender ML flagging all Adobe URLs… again https://www.reddit.com/r/cybersecurity/comments/1suj19t/google_took_70_days_to_remove_music_downloader/ ThreatAft en 2026-04-24T15:30:27.000Z Google took 70 days to remove "Music Downloader - VKsaver" after it was publicly disclosed as malware https://www.wired.com/story/the-latest-push-to-extend-key-us-spy-powers-is-still-a-mess/ ThreatAft en 2026-04-24T15:10:03.000Z The Latest Push to Extend Key US Spy Powers Is Still a Mess https://www.darkreading.com/cyberattacks-data-breaches/glasswing-secured-code-stack-on-you ThreatAft en 2026-04-24T15:04:29.000Z Glasswing Secured the Code. The Rest of Your Stack Is Still on You https://www.securityweek.com/pre-stuxnet-sabotage-malware-fast16-linked-to-us-iran-cyber-tensions/ ThreatAft en 2026-04-24T14:57:18.000Z Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions https://therecord.media/norway-prime-minister-proposes-social-media-ban-for-young-teens ThreatAft en 2026-04-24T14:41:00.000Z Norway's prime minister proposes ban on social media access for young teens https://www.reddit.com/r/cybersecurity/comments/1suhjfu/another_spyware_maker_caught_distributing_fake/ ThreatAft en 2026-04-24T14:36:22.000Z Another spyware maker caught distributing fake Android snooping apps https://www.securityweek.com/in-other-news-unauthorized-mythos-access-plankey-cisa-nomination-ends-new-display-security-device/ ThreatAft en 2026-04-24T14:31:51.000Z In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device https://www.reddit.com/r/netsec/comments/1suh47t/cohere_terrarium_cve20265752_and_openai_codex_cli/ ThreatAft en 2026-04-24T14:20:13.000Z Cohere Terrarium (CVE-2026-5752) and OpenAI Codex CLI (CVE-2025-59532): a cross-CVE analysis of AI code sandbox escapes https://www.reddit.com/r/cybersecurity/comments/1sugxr8/a1m_axiom1_sovereign_matrix_for_governing_output/ ThreatAft en 2026-04-24T14:13:20.000Z A1M (AXIOM-1 Sovereign Matrix) for Governing Output Reliability in Stochastic Language Models https://thehackernews.com/2026/04/nasa-employees-duped-in-chinese.html ThreatAft en 2026-04-24T14:13:00.000Z NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software https://www.bleepingcomputer.com/news/security/dora-and-operational-resilience-credential-management-as-a-financial-risk-control/ ThreatAft en 2026-04-24T14:10:20.000Z DORA and operational resilience: Credential management as a financial risk control https://www.reddit.com/r/cybersecurity/comments/1sugqot/best_applications_for_learning_cybersecurity/ ThreatAft en 2026-04-24T14:05:45.000Z Best applications for learning cybersecurity? https://www.reddit.com/r/cybersecurity/comments/1sugb2p/hackers_text_me_please/ ThreatAft en 2026-04-24T13:48:56.000Z Hackers text me please https://therecord.media/canada-sms-blaster-cybercriminals ThreatAft en 2026-04-24T13:45:00.000Z Toronto police arrest three in Canada’s first mobile SMS blaster case https://www.bleepingcomputer.com/news/security/cisa-says-zimbra-flaw-now-exploited-over-10k-servers-vulnerable/ ThreatAft en 2026-04-24T13:35:33.000Z Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks https://www.reddit.com/r/cybersecurity/comments/1sufvza/tryhackme_teaches_security_yet_can_not_comply/ ThreatAft en 2026-04-24T13:32:21.000Z TryHackMe teaches security yet can not comply with a GDPR request. https://www.darkreading.com/cyber-risk/ai-phishing-no-1-cyberattackers ThreatAft en 2026-04-24T13:30:00.000Z AI Phishing Is No. 1 With a Bullet for Cyberattackers https://www.infosecurity-magazine.com/news/uk-biobank-data-beach-health-data/ ThreatAft en 2026-04-24T13:25:00.000Z UK Biobank Data Breach: Health Data of 500,000 Listed for Sale in China https://www.reddit.com/r/cybersecurity/comments/1sufdoq/shinyhunters_threaten_to_leak_14_million_udemy/ ThreatAft en 2026-04-24T13:12:14.000Z ShinyHunters threaten to leak 1.4 million Udemy records containing private data https://www.darkreading.com/threat-intelligence/north-koreas-lazarus-targets-macos-users-clickfix ThreatAft en 2026-04-24T13:00:00.000Z North Korea's Lazarus Targets macOS Users via ClickFix https://www.helpnetsecurity.com/2026/04/24/ncsc-passkey-adoption-cybersecurity/ ThreatAft en 2026-04-24T12:54:12.000Z Users advised to drop passwords and make room for passkeys https://www.reddit.com/r/netsec/comments/1sueoqu/shinyhunters_claims_sale_of_anthropic_claude/ ThreatAft en 2026-04-24T12:44:18.000Z ShinyHunters Claims Sale of Anthropic Claude Mythos AI Model Data and Internal Documents https://www.securityweek.com/why-cybersecurity-must-rethink-defense-in-the-age-of-autonomous-agents/ ThreatAft en 2026-04-24T12:34:53.000Z Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents https://www.malwarebytes.com/blog/news/2026/04/medical-data-of-500000-uk-volunteers-listed-for-sale-on-alibaba ThreatAft en 2026-04-24T12:32:20.000Z Medical data of 500,000 UK volunteers listed for sale on Alibaba https://www.securityweek.com/locked-shields-2026-41-nations-strengthen-cyber-resilience-in-worlds-biggest-exercise/ ThreatAft en 2026-04-24T12:32:08.000Z Locked Shields 2026: 41 Nations Strengthen Cyber Resilience in World’s Biggest Exercise https://www.helpnetsecurity.com/2026/04/24/indirect-prompt-injection-in-the-wild/ ThreatAft en 2026-04-24T12:27:25.000Z Indirect prompt injection is taking hold in the wild https://www.infosecurity-magazine.com/news/ai-old-cybersecurity-mistakes/ ThreatAft en 2026-04-24T12:10:00.000Z AI Rush is Reviving Old Cybersecurity Mistakes, Mandiant VP Warns https://www.cisa.gov/news-events/alerts/2026/04/24/cisa-adds-four-known-exploited-vulnerabilities-catalog ThreatAft en 2026-04-24T12:00:00.000Z CISA Adds Four Known Exploited Vulnerabilities to Catalog https://thehackernews.com/2026/04/bridging-ai-agent-authority-gap.html ThreatAft en 2026-04-24T11:49:00.000Z Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine https://thehackernews.com/2026/04/26-fakewallet-apps-found-on-apple-app.html ThreatAft en 2026-04-24T11:48:00.000Z 26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases https://www.bleepingcomputer.com/news/microsoft/microsoft-now-lets-admins-uninstall-copilot-on-enterprise-devices/ ThreatAft en 2026-04-24T11:38:00.000Z Microsoft now lets admins uninstall Copilot on enterprise devices https://www.reddit.com/r/cybersecurity/comments/1sud0xz/how_can_i_learn_about_web_security_quickly/ ThreatAft en 2026-04-24T11:28:56.000Z How can I learn about Web Security quickly ? https://www.securityweek.com/us-federal-agencys-cisco-firewall-infected-with-firestarter-backdoor/ ThreatAft en 2026-04-24T11:26:09.000Z US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor https://www.securityweek.com/trump-administration-vows-crackdown-on-chinese-companies-exploiting-ai-models-made-in-us/ ThreatAft en 2026-04-24T11:13:55.000Z Trump Administration Vows Crackdown on Chinese Companies ‘Exploiting’ AI Models Made in US https://www.reddit.com/r/cybersecurity/comments/1sucppo/how_do_you_deal_with_log_overload_and_alert/ ThreatAft en 2026-04-24T11:13:37.000Z How do you deal with log overload and alert fatigue? https://www.reddit.com/r/cybersecurity/comments/1suceqt/security_breach_and_credentials_phished/ ThreatAft en 2026-04-24T10:58:48.000Z Security Breach and credentials Phished https://www.reddit.com/r/cybersecurity/comments/1suc3ye/bitwarden_cli_was_compromised/ ThreatAft en 2026-04-24T10:43:07.000Z Bitwarden CLI Was Compromised https://ics-cert.kaspersky.com/publications/reports/2026/04/24/threat-landscape-for-industrial-automation-systems-middle-east-q4-2025/?utm_source=ics-cert.kaspersky.com&utm_medium=rss&utm_campaign=main ThreatAft en 2026-04-24T10:31:08.000Z Threat landscape for industrial automation systems. Middle East, Q4 2025 https://www.reddit.com/r/cybersecurity/comments/1subvhw/proofpoint_email_security_manager_audit_logs/ ThreatAft en 2026-04-24T10:30:41.000Z Proofpoint Email Security / Manager Audit Logs Forwarding to SIEM through Syslog https://www.reddit.com/r/cybersecurity/comments/1subt84/udemy_compromise_reported/ ThreatAft en 2026-04-24T10:27:25.000Z Udemy compromise reported https://www.reddit.com/r/cybersecurity/comments/1subt3q/costeffective_dns_security_infoblox_vs_cloudflare/ ThreatAft en 2026-04-24T10:27:13.000Z Cost-Effective DNS Security: Infoblox vs Cloudflare (and Alternatives?) https://www.helpnetsecurity.com/2026/04/24/ncsc-china-covert-networks-advisory/ ThreatAft en 2026-04-24T09:59:11.000Z Compromised everyday devices power Chinese cyber espionage operations https://www.helpnetsecurity.com/2026/04/24/cisco-firepower-firestarter-backdoor/ ThreatAft en 2026-04-24T09:56:31.000Z New Cisco firewall malware can only be killed by pulling the plug https://www.securityweek.com/vulnerabilities-patched-in-crowdstrike-tenable-products/ ThreatAft en 2026-04-24T09:49:27.000Z Vulnerabilities Patched in CrowdStrike, Tenable Products https://www.reddit.com/r/netsec/comments/1suaupb/what_really_happened_in_there_a_tamperevident/ ThreatAft en 2026-04-24T09:33:38.000Z What Really Happened In There? A Tamper-Evident Audit Trail for AI Agents https://thehackernews.com/2026/04/tropic-trooper-uses-trojanized.html ThreatAft en 2026-04-24T09:29:00.000Z Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2 https://www.reddit.com/r/cybersecurity/comments/1suarh7/advice_on_my_cybersecurity_cert_path_cdsa_cpts/ ThreatAft en 2026-04-24T09:28:11.000Z Advice on my cybersecurity cert path (CDSA, CPTS, AWS SAA, AZ-500) https://www.helpnetsecurity.com/2026/04/24/meta-account-settings-overview/ ThreatAft en 2026-04-24T09:19:27.000Z Meta is overhauling how you sign in, manage settings, and protect your accounts https://www.reddit.com/r/cybersecurity/comments/1su9hc8/sicherheitslücke_in_geutebrückkameras/ ThreatAft en 2026-04-24T08:12:17.000Z Sicherheitslücke in Geutebrück-Kameras: Befehlsinjektion ermöglichte Root-Zugriff über Weboberfläche https://www.infosecurity-magazine.com/news/npm-supply-chain-worm-canister/ ThreatAft en 2026-04-24T08:10:00.000Z Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation https://www.securityweek.com/bitwarden-npm-package-hit-in-supply-chain-attack/ ThreatAft en 2026-04-24T08:07:02.000Z Bitwarden NPM Package Hit in Supply Chain Attack https://www.helpnetsecurity.com/2026/04/24/ubuntu-26-04-lts-resolute-raccoon-released/ ThreatAft en 2026-04-24T07:48:55.000Z Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers https://www.securityweek.com/copperhelm-raises-7-million-for-agentic-cloud-security-platform/ ThreatAft en 2026-04-24T07:31:09.000Z Copperhelm Raises $7 Million for Agentic Cloud Security Platform https://thehackernews.com/2026/04/lmdeploy-cve-2026-33626-flaw-exploited.html ThreatAft en 2026-04-24T07:24:00.000Z LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure https://www.helpnetsecurity.com/2026/04/24/openai-gpt-5-5-cybersecurity-safeguards/ ThreatAft en 2026-04-24T07:03:44.000Z OpenAI’s GPT-5.5 is out with expanded cybersecurity safeguards https://www.reddit.com/r/cybersecurity/comments/1su7whd/kyber_ransomware_gang_toys_with_postquantum/ ThreatAft en 2026-04-24T06:39:56.000Z Kyber ransomware gang toys with post-quantum encryption on Windows https://www.reddit.com/r/cybersecurity/comments/1su7ovk/cisa_the_uks_ncsc_and_global_partners_warn_of/ ThreatAft en 2026-04-24T06:27:39.000Z CISA, the UK’s NCSC and global partners warn of Chinese state-linked covert cyber networks https://www.reddit.com/r/cybersecurity/comments/1su7iif/captcha_opening_when_site_opened_for_firstime/ ThreatAft en 2026-04-24T06:17:34.000Z Captcha Opening when Site opened for Firstime https://industrialcyber.co/cisa/cybersecurity-agencies-flags-use-of-covert-networks-by-china-linked-actors-for-espionage-offensive-operations/ ThreatAft en 2026-04-24T06:13:29.000Z Cybersecurity agencies flags use of covert networks by China-linked actors for espionage, offensive operations https://industrialcyber.co/industrial-cyber-attacks/cato-traces-large-scale-modbus-tcp-activity-targeting-plcs-exposing-persistent-gaps-in-ot-security/ ThreatAft en 2026-04-24T06:03:56.000Z Cato traces large-scale Modbus/TCP activity targeting PLCs, exposing persistent gaps in OT security https://industrialcyber.co/industrial-cyber-attacks/dragos-dismisses-zionsiphon-narrative-says-code-flaws-and-weak-ics-logic-render-ot-malware-operationally-ineffective/ ThreatAft en 2026-04-24T05:59:42.000Z Dragos dismisses ZionSiphon narrative, says code flaws and weak ICS logic render OT malware operationally ineffective https://www.reddit.com/r/cybersecurity/comments/1su6z16/plc_cybersecurity_securing_industrial_control/ ThreatAft en 2026-04-24T05:47:27.000Z PLC Cybersecurity — Securing Industrial Control Systems https://www.helpnetsecurity.com/2026/04/24/kaja-ciglic-microsoft-nation-state-cyber-programs/ ThreatAft en 2026-04-24T05:30:29.000Z AI is speeding up nation-state cyber programs https://www.reddit.com/r/cybersecurity/comments/1su6m12/firestarterbackdoor_cisa_und_ncsc_warnen_vor/ ThreatAft en 2026-04-24T05:27:49.000Z FIRESTARTER-Backdoor: CISA und NCSC warnen vor APT-Malware auf Cisco-Firewalls https://www.helpnetsecurity.com/2026/04/24/android-privacy-policy-logging-research/ ThreatAft en 2026-04-24T05:00:57.000Z A study of 1,000 Android apps finds a privacy policy logging gap https://www.reddit.com/r/cybersecurity/comments/1su5wy5/can_anyone_tell_me_the_test_cases_after_the_3rd/ ThreatAft en 2026-04-24T04:51:54.000Z Can anyone tell me the test cases after the 3rd one in this tool? https://www.reddit.com/r/Malware/comments/1su5ugt/fast16_mystery_shadowbrokers_reference_reveals/ ThreatAft en 2026-04-24T04:48:33.000Z fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet. https://www.reddit.com/r/cybersecurity/comments/1su5t04/high_school_junior_with_zero_experience_how_do_i/ ThreatAft en 2026-04-24T04:46:29.000Z High school junior with zero experience — how do I start learning cybersecurity? https://www.helpnetsecurity.com/2026/04/24/2026-global-it-spending-forecast/ ThreatAft en 2026-04-24T04:30:12.000Z IT spending to hit $6.31 trillion record, thanks to AI https://www.reddit.com/r/cybersecurity/comments/1su5esk/sitewall_waf_function/ ThreatAft en 2026-04-24T04:26:51.000Z Sitewall WAF function https://www.reddit.com/r/cybersecurity/comments/1su57o5/vmware_setting_up_isolated_environment_but_need/ ThreatAft en 2026-04-24T04:17:02.000Z VMWare - Setting up isolated environment but need to be able to connect to the internet? https://www.helpnetsecurity.com/2026/04/24/ai-in-ci-cd-engineering-teams/ ThreatAft en 2026-04-24T04:00:20.000Z Where AI in CI/CD is working for engineering teams https://www.reddit.com/r/netsec/comments/1su3l2z/fixing_the_exploit_didnt_fix_the_system_an/ ThreatAft en 2026-04-24T02:59:39.000Z Fixing the Exploit Didn’t Fix the System: An Exploration of Trust Boundaries https://www.reddit.com/r/cybersecurity/comments/1su3ama/claude_for_android_source_code/ ThreatAft en 2026-04-24T02:46:21.000Z Claude for Android Source Code https://www.reddit.com/r/cybersecurity/comments/1su394i/can_someone_tell_me_what_this_cybersecurity/ ThreatAft en 2026-04-24T02:44:28.000Z Can someone tell me what this Cybersecurity dataset is about? Is this data related to a Cobalt Strike malware incident? https://www.reddit.com/r/cybersecurity/comments/1su2v59/the_mythos_breach_breakdown_no_zeroday_needed/ ThreatAft en 2026-04-24T02:26:30.000Z The Mythos "breach" breakdown — no zero-day needed, just a supply chain failure and a leaked URL convention. Here's the full attack chain. https://www.reddit.com/r/netsec/comments/1su2evy/why_purellm_ctfs_dont_work_a_hybrid_architecture/ ThreatAft en 2026-04-24T02:05:37.000Z Why Pure-LLM CTFs Don't Work: A Hybrid Architecture for AI Security Challenges https://isc.sans.edu/diary/rss/32924 ThreatAft en 2026-04-24T02:00:02.000Z ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th) https://www.darkreading.com/threat-intelligence/tropic-trooper-apt-takes-aim-home-routers-japanese-targets ThreatAft en 2026-04-24T01:00:00.000Z Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets https://www.darkreading.com/cyberattacks-data-breaches/chinese-apt-abuses-cloud-tools-spy-mongolia ThreatAft en 2026-04-24T01:00:00.000Z Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia https://www.reddit.com/r/cybersecurity/comments/1stzy3s/the_behavioral_shift_why_trusted_relationships/ ThreatAft en 2026-04-24T00:12:20.000Z The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface https://www.recordedfuture.com/blog/rethinking-threat-intelligence-in-2026 ThreatAft en 2026-04-24T00:00:00.000Z From Overwhelmed to Autonomous: Rethinking Threat Intelligence in 2026 https://www.reddit.com/r/cybersecurity/comments/1stywcz/mythos_and_traditional_appsec/ ThreatAft en 2026-04-23T23:25:46.000Z Mythos and traditional AppSec https://www.reddit.com/r/Malware/comments/1sty77p/newly_deciphered_sabotage_malware_may_have/ ThreatAft en 2026-04-23T22:55:55.000Z Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet https://www.reddit.com/r/netsec/comments/1stxtw3/bitwarden_cli_compromised_in_ongoing_checkmarx/ ThreatAft en 2026-04-23T22:40:20.000Z Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain ... https://www.reddit.com/r/netsec/comments/1stxk5z/uk_biobank_health_data_of_500k_listed_for_sale_in/ ThreatAft en 2026-04-23T22:29:12.000Z UK Biobank Health Data of 500K Listed for Sale in China https://www.reddit.com/r/cybersecurity/comments/1stxa7g/what_are_the_minimum_security_policies_a_small/ ThreatAft en 2026-04-23T22:17:52.000Z What are the minimum security policies a small team actually needs? https://cyberscoop.com/vercel-attack-fallout-expands/ ThreatAft en 2026-04-23T22:05:51.000Z Vercel attack fallout expands to more customers and third-party systems https://www.wired.com/story/fast16-malware-stuxnet-precursor-iran-nuclear-attack/ ThreatAft en 2026-04-23T22:00:00.000Z Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet https://www.reddit.com/r/cybersecurity/comments/1stwp88/are_security_workflows_shifting_from/ ThreatAft en 2026-04-23T21:54:41.000Z Are security workflows shifting from detection-first to validation-first? https://www.reddit.com/r/Malware/comments/1stwiff/psa_awstorecloud_is_a_malicious_fake_claude_api/ ThreatAft en 2026-04-23T21:47:17.000Z PSA: awstore.cloud is a MALICIOUS fake Claude API provider - warn your fellow devs https://www.reddit.com/r/cybersecurity/comments/1stwgaw/recent_college_graduate_with_a_bachelors_and/ ThreatAft en 2026-04-23T21:44:57.000Z Recent College Graduate with a bachelors and masters in Computer Science. Looking for advise for what to do next when trying to get jobs, outside of certifications. https://www.bleepingcomputer.com/news/security/hackers-exploit-file-upload-bug-in-breeze-cache-wordpress-plugin/ ThreatAft en 2026-04-23T21:33:45.000Z Hackers exploit file upload bug in Breeze Cache WordPress plugin https://www.reddit.com/r/cybersecurity/comments/1stvuy8/i_feel_bad_for_turning_down_an_ot_opportunity_can/ ThreatAft en 2026-04-23T21:22:07.000Z I feel bad for turning down an OT opportunity, can you cheer me up? https://www.reddit.com/r/cybersecurity/comments/1stvskz/attempted_hack_on_my_microsoft_account_was_it_a/ ThreatAft en 2026-04-23T21:19:35.000Z Attempted hack on my Microsoft account. Was it a VPN node? https://www.darkreading.com/cyber-risk/china-hackers-industrializing-botnets ThreatAft en 2026-04-23T20:52:24.000Z China-Backed Hackers Are Industrializing Botnets https://unit42.paloaltonetworks.com/frontier-ai-top-questions-answered/ ThreatAft en 2026-04-23T20:45:50.000Z Frontier AI and the Future of Defense: Your Top Questions Answered https://cyberscoop.com/cisco-firestarter-malware-cisa-warning/ ThreatAft en 2026-04-23T20:25:05.000Z US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied https://therecord.media/us-sanctions-cambodian-senator-scam-compounds ThreatAft en 2026-04-23T20:07:00.000Z US sanctions Cambodian senator for millions earned through scam compounds https://www.reddit.com/r/cybersecurity/comments/1sttosq/bitwarden_cli_npm_package_compromised_to_steal/ ThreatAft en 2026-04-23T20:01:05.000Z Bitwarden CLI npm package compromised to steal developer credentials https://cyberscoop.com/dragos-zionsiphon-ai-malware-targeting-water-sector-hype/ ThreatAft en 2026-04-23T19:50:24.000Z Dragos: Despite AI use, new malware targeting water plants is ‘hype’ https://www.bleepingcomputer.com/news/security/bitwarden-cli-npm-package-compromised-to-steal-developer-credentials/ ThreatAft en 2026-04-23T19:21:01.000Z Bitwarden CLI npm package compromised to steal developer credentials https://cyberscoop.com/surveillance-campaigns-use-commercial-surveillance-tools-to-exploit-long-known-telecom-vulnerabilities/ ThreatAft en 2026-04-23T19:19:32.000Z Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities https://therecord.media/cisa-us-agency-breached-cisco-vulnerability-backdoor ThreatAft en 2026-04-23T19:03:00.000Z CISA: US agency breached through Cisco vulnerability, FIRESTARTER backdoor allowed access through March https://www.bleepingcomputer.com/news/security/trigona-ransomware-attacks-use-custom-exfiltration-tool-to-steal-data/ ThreatAft en 2026-04-23T18:59:39.000Z Trigona ransomware attacks use custom exfiltration tool to steal data https://therecord.media/surveillance-companies-exploiting-telecom-systems-to-track-location ThreatAft en 2026-04-23T18:43:00.000Z Surveillance companies exploiting telecom system to spy on targets’ locations, research shows https://www.reddit.com/r/netsec/comments/1str4k9/cve202634621_adobe_acrobat_reader_zeroday_was_on/ ThreatAft en 2026-04-23T18:27:39.000Z CVE-2026-34621: Adobe Acrobat Reader zero-day was on VirusTotal for 136 days before Adobe named it a CVE https://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.html ThreatAft en 2026-04-23T18:16:00.000Z UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware https://www.reddit.com/r/cybersecurity/comments/1stqivn/opportunity_to_pivot_from_technical_writing_to/ ThreatAft en 2026-04-23T18:06:32.000Z Opportunity to pivot from Technical Writing to GRC AI Governance (with a bad catch)... Need advice!! https://www.reddit.com/r/cybersecurity/comments/1stq84j/realistic_entrepreneurship_paths_in_cybersecurity/ ThreatAft en 2026-04-23T17:56:13.000Z Realistic entrepreneurship paths in cybersecurity? https://www.reddit.com/r/cybersecurity/comments/1stppt3/anyone_pursuing_btech_cybersecurity_from_upsifs/ ThreatAft en 2026-04-23T17:38:27.000Z Anyone pursuing btech cybersecurity from upsifs lucknow? How's your experience till now? https://www.reddit.com/r/cybersecurity/comments/1sto6j0/final_interview_with_the_ciso_tomorrow_any_advice/ ThreatAft en 2026-04-23T16:45:08.000Z Final interview with the CISO tomorrow, any advice? https://www.infosecurity-magazine.com/news/google-gemini-over-cyber-specific/ ThreatAft en 2026-04-23T16:40:00.000Z Google Favors General‑Purpose Gemini Models Over Cybersecurity‑Specific AI https://www.tenable.com/blog/5-steps-to-become-mythos-ready-ai-cybersecurity ThreatAft en 2026-04-23T16:18:00.000Z Five steps to become Mythos ready https://cyberscoop.com/china-nexus-covert-networks-advisory/ ThreatAft en 2026-04-23T16:13:51.000Z A dozen allied agencies say China is building covert hacker networks out of everyday routers https://www.bleepingcomputer.com/news/security/new-checkmarx-supply-chain-breach-affects-kics-analysis-tool/ ThreatAft en 2026-04-23T16:05:12.000Z New Checkmarx supply-chain breach affects KICS analysis tool https://therecord.media/china-linked-hackers-target-mongolian-gov-slack-discord ThreatAft en 2026-04-23T16:03:00.000Z China-linked hackers targeted Mongolian government using Slack, Discord for covert communications https://www.reddit.com/r/netsec/comments/1stmva0/oauth_20_bcp_414_reuse_detection_in_practice_race/ ThreatAft en 2026-04-23T15:57:57.000Z OAuth 2.0 BCP §4.14 reuse detection in practice — race vs theft disambiguation https://www.malwarebytes.com/blog/privacy/2026/04/how-cyberattacks-on-companies-affect-everyone ThreatAft en 2026-04-23T15:34:09.000Z How cyberattacks on companies affect everyone https://www.securityweek.com/cloudsmith-raises-72-million-in-series-c-funding/ ThreatAft en 2026-04-23T15:03:59.000Z Cloudsmith Raises $72 Million in Series C Funding https://www.helpnetsecurity.com/2026/04/23/hexagonalrodent-north-korean-hackers-targeting-developers/ ThreatAft en 2026-04-23T14:56:46.000Z With AI’s help, North Korean hackers stumbled into a near-undetectable attack https://www.reddit.com/r/cybersecurity/comments/1stl5h9/i_gave_some_experienced_grc_folks_a_few_ai_risk/ ThreatAft en 2026-04-23T14:56:33.000Z I gave some experienced GRC folks a few AI risk scenarios. Most scored around 60 percent. Curious how you would answer these. https://www.reddit.com/r/cybersecurity/comments/1stl0fq/bitwarden_cli_compromised_in_ongoing_checkmarx/ ThreatAft en 2026-04-23T14:51:29.000Z Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign https://www.reddit.com/r/cybersecurity/comments/1stkh3x/pyscan_vulnerability_scanner_that_beats_industry/ ThreatAft en 2026-04-23T14:32:17.000Z Pyscan: vulnerability scanner that beats industry standards like pip-audit, safety cli, etc. https://www.darkreading.com/vulnerabilities-threats/bad-memories-haunt-ai-agents ThreatAft en 2026-04-23T14:30:31.000Z Bad Memories Still Haunt AI Agents https://www.reddit.com/r/Malware/comments/1stk7yh/budgiekit_gdi_malware_maker_for_educational/ ThreatAft en 2026-04-23T14:22:53.000Z Budgiekit - gdi malware maker (for educational purporses only) https://www.bleepingcomputer.com/news/security/cosmetics-giant-rituals-discloses-data-breach-affecting-customers/ ThreatAft en 2026-04-23T14:16:21.000Z Cosmetics giant Rituals discloses data breach affecting customers https://www.helpnetsecurity.com/2026/04/23/france-hacker-arrested-data-breaches-sports-federations/ ThreatAft en 2026-04-23T14:13:37.000Z Hacker with a special interest in breaching sports institutions ends behind bars https://www.reddit.com/r/cybersecurity/comments/1stjx22/stuck_in_tutorial_hell_i_know_the_theory_of_idor/ ThreatAft en 2026-04-23T14:11:44.000Z Stuck in "Tutorial Hell": I know the theory of IDOR perfectly, but can't find anything in the wild. How do I bridge the gap? https://www.reddit.com/r/cybersecurity/comments/1stjwkc/cheaper_way_to_get_licences_for_jamf_crowdstrike/ ThreatAft en 2026-04-23T14:11:12.000Z Cheaper way to get licences for Jamf, Crowdstrike and Okta for SMBs? Do you know resellers that would do it for cheaper? https://www.reddit.com/r/cybersecurity/comments/1stjvs9/microsoft_issues_emergency_update_for_macos_and/ ThreatAft en 2026-04-23T14:10:24.000Z Microsoft issues emergency update for macOS and Linux ASP.NET threat https://www.bleepingcomputer.com/news/security/regular-password-resets-arent-as-safe-as-you-think/ ThreatAft en 2026-04-23T14:10:20.000Z Regular Password Resets Aren’t as Safe as You Think https://cloud.google.com/blog/topics/threat-intelligence/unc6692-social-engineering-custom-malware/ ThreatAft en 2026-04-23T14:00:00.000Z Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite https://www.reddit.com/r/cybersecurity/comments/1stj6h2/cve_reassessment_platform/ ThreatAft en 2026-04-23T13:43:43.000Z CVE reassessment platform https://thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html ThreatAft en 2026-04-23T13:42:00.000Z Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign https://therecord.media/trump-pick-to-lead-cisa-withdraws-from-consideration ThreatAft en 2026-04-23T13:35:00.000Z Trump’s pick for CISA director withdraws from consideration https://therecord.media/house-republicans-unveil-data-privacy-law-override-state-measures ThreatAft en 2026-04-23T13:30:00.000Z House Republicans unveil data privacy law that would override state protections https://www.bleepingcomputer.com/news/microsoft/microsoft-some-teams-users-cant-join-meetings-after-edge-update/ ThreatAft en 2026-04-23T13:18:10.000Z Microsoft: Some Teams users can’t join meetings after Edge update https://thehackernews.com/2026/04/threatsday-bulletin-290m-defi-hack.html ThreatAft en 2026-04-23T13:17:00.000Z ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories https://www.reddit.com/r/cybersecurity/comments/1stigg7/vercel_breach_explained_shadow_ai_oauth_sprawl/ ThreatAft en 2026-04-23T13:14:51.000Z Vercel Breach Explained: Shadow AI, OAuth sprawl, and why some security tools could miss it, from someone at a SaaS Security company. https://www.reddit.com/r/cybersecurity/comments/1stidkn/from_apt29_logs_to_real_detection_rules/ ThreatAft en 2026-04-23T13:11:43.000Z From APT29 Logs to Real Detection Rules https://therecord.media/medical-data-on-500000-britons-put-on-sale-alibaba ThreatAft en 2026-04-23T13:02:00.000Z Medical data of 500,000 Britons put up for sale on Chinese website https://www.helpnetsecurity.com/2026/04/23/ip-fabric-mcp-server/ ThreatAft en 2026-04-23T13:00:12.000Z IP Fabric MCP server adds governance and control to enterprise AIOps workflows https://www.infosecurity-magazine.com/news/apple-ios-notification-bug-deleted/ ThreatAft en 2026-04-23T13:00:00.000Z Apple Fixes iOS Notification Bug Exposing Deleted Messages https://www.helpnetsecurity.com/2026/04/23/aqua-security-compass/ ThreatAft en 2026-04-23T12:48:19.000Z Aqua Compass MCP server enables real-time investigation and containment of runtime threats https://www.securityweek.com/chinese-cybersecurity-firms-ai-hacking-claims-draw-comparisons-to-claude-mythos/ ThreatAft en 2026-04-23T12:36:45.000Z Chinese Cybersecurity Firm’s AI Hacking Claims Draw Comparisons to Claude Mythos https://www.reddit.com/r/cybersecurity/comments/1sthhx6/high_reverse_dns_queries/ ThreatAft en 2026-04-23T12:35:24.000Z High Reverse DNS queries https://www.reddit.com/r/cybersecurity/comments/1sthfrn/ioc_block_in_cortex_xdr/ ThreatAft en 2026-04-23T12:32:49.000Z IOC Block in Cortex XDR https://www.bleepingcomputer.com/news/security/uk-warns-of-chinese-hackers-using-botnets-of-hijacked-consumer-devices-to-evade-detection/ ThreatAft en 2026-04-23T12:28:39.000Z UK warns of Chinese hackers using proxy networks to evade detection https://www.reddit.com/r/cybersecurity/comments/1stgxij/virustotal_0_detections_but_sandbox_result_shows/ ThreatAft en 2026-04-23T12:10:59.000Z VirusTotal, 0 detections but sandbox result shows OS Credential Dumping = false positive or malware? https://www.bleepingcomputer.com/news/security/new-gopherwhisper-apt-group-abuses-outlook-slack-discord-for-comms/ ThreatAft en 2026-04-23T12:06:18.000Z New GopherWhisper APT group abuses Outlook, Slack, Discord for comms https://thehackernews.com/2026/04/webinar-mythos-reality-check-beating.html ThreatAft en 2026-04-23T12:03:00.000Z [Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed https://www.helpnetsecurity.com/2026/04/23/android-verified-email-credentials-feature/ ThreatAft en 2026-04-23T12:01:20.000Z Google brings instant email verification to Android, no OTP needed https://www.cisa.gov/news-events/alerts/2026/04/23/cisa-adds-one-known-exploited-vulnerability-catalog ThreatAft en 2026-04-23T12:00:00.000Z CISA Adds One Known Exploited Vulnerability to Catalog https://www.infosecurity-magazine.com/news/google-ai-agent-identities-gemini/ ThreatAft en 2026-04-23T12:00:00.000Z Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform https://www.securityweek.com/rilian-raises-17-5-million-for-ai-native-security-orchestration/ ThreatAft en 2026-04-23T11:45:30.000Z Rilian Raises $17.5 Million for AI-Native Security Orchestration https://thehackernews.com/2026/04/project-glasswing-proved-ai-can-find.html ThreatAft en 2026-04-23T11:30:00.000Z Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them? https://www.reddit.com/r/cybersecurity/comments/1stfx8e/sharepoint_phishing_advice/ ThreatAft en 2026-04-23T11:24:13.000Z SharePoint Phishing Advice https://www.helpnetsecurity.com/2026/04/23/ncsc-silentglass-cybersecurity-tool-hdmi-displayport/ ThreatAft en 2026-04-23T11:16:41.000Z If cyber espionage via HDMI worries you, NCSC built a device to stop it https://www.helpnetsecurity.com/2026/04/23/cve-2026-28950-iphone-vulnerability-notifications-signal/ ThreatAft en 2026-04-23T11:15:27.000Z Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950) https://www.reddit.com/r/cybersecurity/comments/1stfnys/built_a_small_network_monitoring_threat_detection/ ThreatAft en 2026-04-23T11:11:37.000Z built a small network monitoring + threat detection tool, looking for thoughts on where to take it next https://www.reddit.com/r/cybersecurity/comments/1stfntk/zealot_shows_what_ais_capable_of_in_staged_cloud/ ThreatAft en 2026-04-23T11:11:27.000Z 'Zealot' Shows What AI's Capable of in Staged Cloud Attack https://www.securityweek.com/the-behavioral-shift-why-trusted-relationships-are-the-newest-attack-surface/ ThreatAft en 2026-04-23T11:06:44.000Z The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-microsoft-defender-flaw-exploited-in-zero-day-attacks/ ThreatAft en 2026-04-23T11:05:57.000Z CISA orders feds to patch BlueHammer flaw exploited as zero-day https://www.securityweek.com/luxury-cosmetics-giant-rituals-discloses-data-breach/ ThreatAft en 2026-04-23T11:04:51.000Z Luxury Cosmetics Giant Rituals Discloses Data Breach https://www.reddit.com/r/cybersecurity/comments/1stfeea/uk_security_agency_officially_declares_passkeys/ ThreatAft en 2026-04-23T10:58:05.000Z UK security agency officially declares passkeys superior to passwords – and passkeys should be the 'first choice' for authentication https://www.reddit.com/r/cybersecurity/comments/1stf8d3/apple_fixes_bug_that_let_the_fbi_recover_deleted/ ThreatAft en 2026-04-23T10:49:20.000Z Apple fixes bug that let the FBI recover deleted Signal messages https://www.reddit.com/r/cybersecurity/comments/1stexyj/how_can_anyone_trust_an_identity_theft_protection/ ThreatAft en 2026-04-23T10:33:51.000Z How can anyone trust an identity theft protection service? https://www.infosecurity-magazine.com/news/cyberattacks-surge-63-annually/ ThreatAft en 2026-04-23T10:30:00.000Z Cyber-Attacks Surge 63% Annually in Education Sector https://ics-cert.kaspersky.com/publications/reports/2026/04/23/threat-landscape-for-industrial-automation-systems-russia-q4-2025/?utm_source=ics-cert.kaspersky.com&utm_medium=rss&utm_campaign=main ThreatAft en 2026-04-23T10:30:00.000Z Threat landscape for industrial automation systems. Russia, Q4 2025 https://www.malwarebytes.com/blog/news/2026/04/apple-fixes-ios-bug-that-kept-deleted-notifications-including-chat-previews ThreatAft en 2026-04-23T10:27:32.000Z Apple fixes iOS bug that kept deleted notifications, including chat previews https://isc.sans.edu/diary/rss/32922 ThreatAft en 2026-04-23T10:18:30.000Z Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd) https://industrialcyber.co/regulation-standards-and-compliance/enisa-updates-ncaf-2-0-to-help-governments-measure-and-close-cybersecurity-gaps-push-cyber-maturity-benchmarking/ ThreatAft en 2026-04-23T10:16:10.000Z ENISA updates NCAF 2.0 to help governments measure and close cybersecurity gaps, push cyber maturity benchmarking https://www.reddit.com/r/cybersecurity/comments/1stelbg/dutch_databreach_season_continues_as_rituals/ ThreatAft en 2026-04-23T10:14:51.000Z Dutch data-breach season continues as Rituals confirms a breach of its loyalty program (41M members across 33+ countries). Exact count not disclosed. Stolen: names, dates of birth, gender, addresses, email, phone nr, store & account types. https://industrialcyber.co/regulation-standards-and-compliance/uk-ncsc-details-cross-domain-model-to-secure-data-flows-across-trust-boundaries-prescribes-six-design-principles/ ThreatAft en 2026-04-23T10:13:51.000Z UK NCSC details cross domain model to secure data flows across trust boundaries, prescribes six design principles https://www.securityweek.com/ai-can-autonomously-hack-cloud-systems-with-minimal-oversight-researchers/ ThreatAft en 2026-04-23T10:09:40.000Z AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers https://industrialcyber.co/threat-landscape/anthropics-mythos-signals-new-era-of-autonomous-cyber-threats-raising-stakes-for-ai-governance-and-cyber-resilience/ ThreatAft en 2026-04-23T10:08:23.000Z Anthropic’s Mythos signals new era of autonomous cyber threats, raising stakes for AI governance and cyber resilience https://www.reddit.com/r/cybersecurity/comments/1steh1u/the_news_about_an_ai_finding_decadeold/ ThreatAft en 2026-04-23T10:08:12.000Z The news about an AI finding decade-old vulnerabilities across every major OS made me think differently about our supply chain program https://unit42.paloaltonetworks.com/autonomous-ai-cloud-attacks/ ThreatAft en 2026-04-23T10:00:31.000Z Can AI Attack the Cloud? Lessons From Building an Autonomous Cloud Offensive Multi-Agent System https://www.darkreading.com/cyber-risk/zealot-shows-ai-execute-full-cloud-attacks ThreatAft en 2026-04-23T10:00:00.000Z 'Zealot' Shows What AI's Capable of in Staged Cloud Attack https://www.reddit.com/r/cybersecurity/comments/1ste3qp/please_help/ ThreatAft en 2026-04-23T09:47:12.000Z Please help https://www.reddit.com/r/cybersecurity/comments/1ste193/need_opinions_on_grc_for_operational_technology/ ThreatAft en 2026-04-23T09:43:16.000Z Need opinions on GRC for Operational Technology (OT)/plant level systems from the experts https://www.infosecurity-magazine.com/news/researchers-10-wild-indirect/ ThreatAft en 2026-04-23T09:30:00.000Z Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents https://www.reddit.com/r/cybersecurity/comments/1stdoef/a_selfpropagating_npm_worm_is_actively_spreading/ ThreatAft en 2026-04-23T09:21:30.000Z A Self-Propagating npm Worm Is Actively Spreading Through Developer Environments https://thehackernews.com/2026/04/china-linked-gopherwhisper-infects-12.html ThreatAft en 2026-04-23T09:04:00.000Z China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors https://www.helpnetsecurity.com/2026/04/23/gopherwhisper-apt-group/ ThreatAft en 2026-04-23T09:00:10.000Z GopherWhisper APT group hides command and control traffic in Slack and Discord https://www.welivesecurity.com/en/eset-research/gopherwhisper-burrow-full-malware/ ThreatAft en 2026-04-23T08:59:18.000Z GopherWhisper: A burrow full of malware https://www.securityweek.com/apple-patches-ios-flaw-allowing-recovery-of-deleted-chats/ ThreatAft en 2026-04-23T08:50:19.000Z Apple Patches iOS Flaw Allowing Recovery of Deleted Chats https://www.infosecurity-magazine.com/news/ncsc-backs-passkeys-new-era-of/ ThreatAft en 2026-04-23T08:45:00.000Z NCSC Backs Passkeys, Hailing a New Era of Sign-in https://www.helpnetsecurity.com/2026/04/23/openai-privacy-filter-personally-identifiable-information/ ThreatAft en 2026-04-23T08:42:44.000Z OpenAI tackles a bad habit people have when interacting with AI https://thehackernews.com/2026/04/vercel-finds-more-compromised-accounts.html ThreatAft en 2026-04-23T08:40:00.000Z Vercel Finds More Compromised Accounts in Context.ai-Linked Breach https://www.reddit.com/r/cybersecurity/comments/1stcz8e/ccdl1_vs_btl1_vs_psaa_which_certificate_out_of/ ThreatAft en 2026-04-23T08:39:43.000Z CCDL1 vs BTL1 vs PSAA - Which certificate out of these 3 provides the most quality learning? All opinions and insights are appreciated! https://thehackernews.com/2026/04/apple-patches-ios-flaw-that-stored.html ThreatAft en 2026-04-23T08:06:00.000Z Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case https://www.securityweek.com/recent-microsoft-defender-vulnerability-exploited-as-zero-day/ ThreatAft en 2026-04-23T08:00:36.000Z Recent Microsoft Defender Vulnerability Exploited as Zero-Day https://www.malwarebytes.com/blog/news/2026/04/roblox-clamps-down-on-chats-and-age-checks-as-legal-pressure-builds ThreatAft en 2026-04-23T07:57:37.000Z Roblox clamps down on chats and age checks as legal pressure builds https://www.reddit.com/r/cybersecurity/comments/1stbw1m/any_chance_something_happened/ ThreatAft en 2026-04-23T07:34:35.000Z Any Chance Something Happened? https://www.reddit.com/r/cybersecurity/comments/1stbu1t/agent_memory_protector_free_poc/ ThreatAft en 2026-04-23T07:31:08.000Z Agent memory protector free Poc https://www.reddit.com/r/cybersecurity/comments/1stbm6e/are_security_compliance_demands_actually/ ThreatAft en 2026-04-23T07:18:19.000Z Are security & compliance demands actually increasing, or just getting more visibility? https://www.darkreading.com/threat-intelligence/african-organizations-see-easing-of-cyberattacks ThreatAft en 2026-04-23T07:01:00.000Z Africa Relinquishes Cyberattack Lead to Latin America — For Now https://www.reddit.com/r/netsec/comments/1stanq5/llm_security_automation_isnt_a_dropin_scanner_yet/ ThreatAft en 2026-04-23T06:23:15.000Z LLM Security Automation Isn’t a Drop-In Scanner Yet https://www.reddit.com/r/cybersecurity/comments/1stanad/third_blackcat_insider_pleads_guilty_as_doj/ ThreatAft en 2026-04-23T06:22:36.000Z Third BlackCat Insider Pleads Guilty as DOJ Signals Crackdown on Ransomware Response Firms https://www.reddit.com/r/cybersecurity/comments/1stacwc/firefox_v_150_three_of_271_vulnerabilities_fixed/ ThreatAft en 2026-04-23T06:06:45.000Z Firefox v. 150. Three of 271 vulnerabilities fixed? https://www.helpnetsecurity.com/2026/04/23/sandra-mcleod-zoom-ciso-leadership/ ThreatAft en 2026-04-23T05:30:34.000Z A year in, Zoom’s CISO reflects on balancing security and business https://www.helpnetsecurity.com/2026/04/23/scenario-open-source-framework-for-automated-ai-app-red-teaming/ ThreatAft en 2026-04-23T05:00:54.000Z Scenario: Open-source framework for automated AI app red-teaming https://www.helpnetsecurity.com/2026/04/23/gdpr-enforcement-measurement-study/ ThreatAft en 2026-04-23T04:30:03.000Z GDPR works, but only where someone enforces it https://www.reddit.com/r/Malware/comments/1st7xly/show_hn_dead_dialect_malware_speaks_dead_language/ ThreatAft en 2026-04-23T04:01:30.000Z Show HN: Dead Dialect — Malware speaks dead language, cannot execute in session https://www.helpnetsecurity.com/2026/04/23/cyber-insurance-claims-report/ ThreatAft en 2026-04-23T04:00:36.000Z Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks https://www.reddit.com/r/cybersecurity/comments/1st6yz3/cibc_bank_impersonation_and_phishing_scam/ ThreatAft en 2026-04-23T03:15:26.000Z Cibc bank impersonation and phishing scam 1-888-274-5552 https://isc.sans.edu/diary/rss/32920 ThreatAft en 2026-04-23T02:00:03.000Z ISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904, (Thu, Apr 23rd) https://www.reddit.com/r/Malware/comments/1st49g3/malware_to_data_breach/ ThreatAft en 2026-04-23T01:13:03.000Z Malware to Data Breach. https://www.reddit.com/r/cybersecurity/comments/1st3q65/tool_recommendations_for_vulncve_research/ ThreatAft en 2026-04-23T00:49:00.000Z Tool recommendations for vuln/CVE research https://www.reddit.com/r/cybersecurity/comments/1st3iql/t0xique_password_story/ ThreatAft en 2026-04-23T00:39:31.000Z T0XIQUE PASSWORD STORY https://www.reddit.com/r/cybersecurity/comments/1st2wrg/reversing_the_gentlemen_ransomware_gogarble/ ThreatAft en 2026-04-23T00:12:16.000Z Reversing The Gentlemen ransomware (Go/Garble) — ephemeral X25519 keys persist in go routine stacks, enabling full decryption. https://www.recordedfuture.com/research/critical-minerals-and-cyber-operations ThreatAft en 2026-04-23T00:00:00.000Z Critical minerals and cyber operations https://www.recordedfuture.com/blog/trust-is-a-superpower ThreatAft en 2026-04-23T00:00:00.000Z Today, trust is the superpower that makes innovation possible