https://www.reddit.com/r/Malware/comments/1st49g3/malware_to_data_breach/ ThreatAft en 2026-04-23T01:13:03.000Z Malware to Data Breach. https://www.reddit.com/r/cybersecurity/comments/1st3q65/tool_recommendations_for_vulncve_research/ ThreatAft en 2026-04-23T00:49:00.000Z Tool recommendations for vuln/CVE research https://www.reddit.com/r/cybersecurity/comments/1st3iql/t0xique_password_story/ ThreatAft en 2026-04-23T00:39:31.000Z T0XIQUE PASSWORD STORY https://www.reddit.com/r/cybersecurity/comments/1st2wrg/reversing_the_gentlemen_ransomware_gogarble/ ThreatAft en 2026-04-23T00:12:16.000Z Reversing The Gentlemen ransomware (Go/Garble) — ephemeral X25519 keys persist in go routine stacks, enabling full decryption. https://www.reddit.com/r/cybersecurity/comments/1st1sjp/i_passed_the_technical_interview_and_am_on_the/ ThreatAft en 2026-04-22T23:24:07.000Z I passed the technical Interview and am on the last one with a VP but I still don't feel ready / imposter. https://www.reddit.com/r/netsec/comments/1st1hq2/static_analysis_of_paypal_android_app_reveals_13/ ThreatAft en 2026-04-22T23:11:21.000Z Static analysis of PayPal Android app reveals 13 embedded SDKs including Meta SDK and Adobe Analytics inside a payment app https://www.reddit.com/r/cybersecurity/comments/1sszu4j/i_wish_i_started_earlier/ ThreatAft en 2026-04-22T22:05:28.000Z I wish I started earlier https://www.reddit.com/r/netsec/comments/1ssyvow/thousands_of_live_secrets_found_across_four_cloud/ ThreatAft en 2026-04-22T21:28:54.000Z Thousands of Live Secrets Found Across Four Cloud Development Environments https://www.bleepingcomputer.com/news/security/apple-fixes-ios-bug-that-retained-deleted-notification-data/ ThreatAft en 2026-04-22T20:58:58.000Z Apple fixes iOS bug that retained deleted notification data https://www.darkreading.com/threat-intelligence/gentlemen-rapidly-rise-ransomware ThreatAft en 2026-04-22T20:51:55.000Z 'The Gentlemen' Rapidly Rises to Ransomware Prominence https://therecord.media/north-korean-hackers-siphon-12-million-from-crypto-users ThreatAft en 2026-04-22T20:48:00.000Z North Korean hackers siphon more than $12 million from crypto users in sprawling campaign https://www.reddit.com/r/cybersecurity/comments/1ssxl39/cisa_director_pick_sean_plankey_withdraws_his/ ThreatAft en 2026-04-22T20:39:51.000Z CISA director pick Sean Plankey withdraws his nomination https://cyberscoop.com/cisa-director-pick-sean-plankey-withdraws-his-nomination/ ThreatAft en 2026-04-22T20:29:41.000Z CISA director pick Sean Plankey withdraws his nomination https://www.reddit.com/r/cybersecurity/comments/1ssx4e5/researcher_claims_claude_desktop_installs_spyware/ ThreatAft en 2026-04-22T20:22:37.000Z Researcher claims Claude Desktop installs “spyware” on macOS https://cyberscoop.com/house-republicans-release-national-privacy-legislation/ ThreatAft en 2026-04-22T20:15:56.000Z House Republicans roll out national privacy bill https://www.reddit.com/r/cybersecurity/comments/1sswp5r/france_confirms_data_breach_at_government_agency/ ThreatAft en 2026-04-22T20:07:26.000Z France confirms data breach at government agency that manages citizens' IDs https://www.reddit.com/r/netsec/comments/1sswok7/pack2theroot_cve202641651_crossdistro_local/ ThreatAft en 2026-04-22T20:06:48.000Z Pack2TheRoot (CVE-2026-41651): Cross-Distro Local Privilege Escalation Vulnerability https://www.bleepingcomputer.com/news/security/new-mirai-campaign-exploits-rce-flaw-in-eol-d-link-routers/ ThreatAft en 2026-04-22T20:04:46.000Z New Mirai campaign exploits RCE flaw in EoL D-Link routers https://www.helpnetsecurity.com/2026/04/22/google-workspace-intelligence-feature/ ThreatAft en 2026-04-22T19:55:20.000Z Google’s Workspace Intelligence promises privacy while running on your data https://www.reddit.com/r/cybersecurity/comments/1ssw2jr/summer_plans_direction_advice/ ThreatAft en 2026-04-22T19:44:31.000Z Summer Plans / Direction Advice https://www.reddit.com/r/cybersecurity/comments/1ssv41q/att_data_vendor_breach_42026/ ThreatAft en 2026-04-22T19:09:49.000Z ATT data vendor breach 4/2026 https://www.reddit.com/r/cybersecurity/comments/1ssuveh/courses_on_grc_iso_27001_soc2_etc/ ThreatAft en 2026-04-22T19:01:20.000Z Courses on GRC, iso 27001, SOC2 etc…. https://therecord.media/hackers-venezuela-wiper-malware-oil ThreatAft en 2026-04-22T19:00:00.000Z Hackers deployed wiper malware in destructive attacks on Venezuela’s energy sector https://www.bleepingcomputer.com/news/security/kyber-ransomware-gang-toys-with-post-quantum-encryption-on-windows/ ThreatAft en 2026-04-22T18:52:29.000Z Kyber ransomware gang toys with post-quantum encryption on Windows https://www.reddit.com/r/cybersecurity/comments/1ssugyy/i_got_this_mail_and_i_am_worried_please_help_me/ ThreatAft en 2026-04-22T18:47:01.000Z I got this mail and I am worried. Please help me. https://www.reddit.com/r/Malware/comments/1sstlmp/just_out_of_curiosity/ ThreatAft en 2026-04-22T18:16:10.000Z just out of curiosity https://www.reddit.com/r/cybersecurity/comments/1sst5g4/the_boy_that_cried_mythos_verification_is/ ThreatAft en 2026-04-22T18:00:42.000Z The Boy That Cried Mythos: Verification is Collapsing Trust in Anthropic [ What Mythos 200+ pages raport really said ] https://thehackernews.com/2026/04/malicious-kics-docker-images-and-vs.html ThreatAft en 2026-04-22T17:55:00.000Z Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain https://thehackernews.com/2026/04/self-propagating-supply-chain-worm.html ThreatAft en 2026-04-22T17:33:00.000Z Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens https://blog.qualys.com/qualys-insights/2026/04/22/dont-wait-for-a-patch-mitigate-redsun-risk-in-microsoft-defender-today ThreatAft en 2026-04-22T17:12:34.000Z Don’t Wait for a Patch. Mitigate RedSun Zero-Day Risk in Microsoft Defender Today https://www.microsoft.com/en-us/security/blog/2026/04/22/ai-powered-defense-for-an-ai-accelerated-threat-landscape/ ThreatAft en 2026-04-22T17:00:00.000Z AI-powered defense for an AI-accelerated threat landscape https://www.reddit.com/r/cybersecurity/comments/1ssr072/uk_government_says_100_countries_have_spyware/ ThreatAft en 2026-04-22T16:46:12.000Z UK government says 100 countries have spyware that can hack people's phones https://www.helpnetsecurity.com/2026/04/22/france-titres-online-portal-data-breach/ ThreatAft en 2026-04-22T16:44:54.000Z Cyberattack on French government agency triggers phishing alert for users https://www.sentinelone.com/blog/hypersonic-supply-chain-attacks-one-solution-that-didnt-need-to-know-the-payload/ ThreatAft en 2026-04-22T16:44:53.000Z Hypersonic Supply Chain Attacks: One Solution That Didn’t Need to Know the Payload https://www.infosecurity-magazine.com/news/macos-lotl-techniques-enterprise/ ThreatAft en 2026-04-22T16:30:00.000Z MacOS Native Tools Enable Stealthy Enterprise Attacks https://industrialcyber.co/threat-landscape/ncsc-flags-widening-gap-between-cyber-threats-and-national-resilience-urges-action-as-ai-fuels-rise-in-disruptive-attacks/ ThreatAft en 2026-04-22T16:11:32.000Z NCSC flags widening gap between cyber threats and national resilience, urges action as AI fuels rise in disruptive attacks https://cyberscoop.com/supreme-court-geofence-warrants-chatrie-case/ ThreatAft en 2026-04-22T16:08:26.000Z The Supreme Court is about to decide how far geofence warrants can go https://industrialcyber.co/threat-landscape/zerofox-data-shows-ransomware-stabilizing-at-scale-with-manufacturing-absorbing-nearly-one-in-five-attacks/ ThreatAft en 2026-04-22T16:07:00.000Z ZeroFox data shows ransomware stabilizing at scale, with manufacturing absorbing nearly one in five attacks https://industrialcyber.co/reports/bridgebreak-reveals-22-vulnerabilities-in-serial-to-ip-converters-enabling-disruption-and-lateral-movement-across-ot/ ThreatAft en 2026-04-22T16:02:10.000Z BRIDGE:BREAK reveals 22 vulnerabilities in serial-to-IP converters enabling disruption and lateral movement across OT https://www.wired.com/story/ai-tools-are-helping-mediocre-north-korean-hackers-steal-millions/ ThreatAft en 2026-04-22T16:00:00.000Z AI Tools Are Helping Mediocre North Korean Hackers Steal Millions https://industrialcyber.co/regulation-standards-and-compliance/australias-cisc-tightens-cyber-reporting-rules-to-capture-ai-driven-incidents-in-critical-infrastructure/ ThreatAft en 2026-04-22T15:59:24.000Z Australia’s CISC tightens cyber reporting rules to capture AI-driven incidents in critical infrastructure https://www.reddit.com/r/cybersecurity/comments/1ssp6ov/mozilla_anthropics_mythos_found_271_security/ ThreatAft en 2026-04-22T15:41:37.000Z Mozilla: Anthropic's Mythos found 271 security vulnerabilities in Firefox 150 https://therecord.media/french-hacker-cyberattacks-arrest ThreatAft en 2026-04-22T15:30:00.000Z French police arrest suspected hacker behind dozens of data breaches https://thehackernews.com/2026/04/harvester-deploys-linux-gogra-backdoor.html ThreatAft en 2026-04-22T15:28:00.000Z Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API https://industrialcyber.co/news/servicenow-closes-armis-deal-to-extend-ai-powered-cyber-risk-visibility-across-ot-and-iot/ ThreatAft en 2026-04-22T15:22:38.000Z ServiceNow closes Armis deal to extend AI-powered cyber risk visibility across OT and IoT https://www.bleepingcomputer.com/news/security/spain-dismantles-major-47m-manga-piracy-platform-arrests-four/ ThreatAft en 2026-04-22T15:06:34.000Z Spain dismantles major $4.7M manga piracy platform, arrests four https://www.infosecurity-magazine.com/news/ncsc-silentglass-a-plugin-stop/ ThreatAft en 2026-04-22T15:00:00.000Z NCSC Unveils SilentGlass, a Plug-In Device to Protect Monitors from Cyber-Attacks https://www.darkreading.com/cyberattacks-data-breaches/dprk-fake-job-scams-self-propagate-contagious-interview ThreatAft en 2026-04-22T14:48:05.000Z DPRK Fake Job Scams Self-Propagate in 'Contagious Interview' https://www.helpnetsecurity.com/2026/04/22/claude-mythos-mozilla-vulnerabilities-scanning/ ThreatAft en 2026-04-22T14:40:09.000Z Claude Mythos finds 271 Firefox flaws, Mozilla believes zero-days are numbered https://blog.qualys.com/vulnerabilities-threat-research/2026/04/22/oracle-critical-patch-update-april-2026-security-update-review ThreatAft en 2026-04-22T14:34:25.000Z Oracle Critical Patch Update, April 2026 Security Update Review https://www.securityweek.com/after-bluesky-mastodon-targeted-in-ddos-attack/ ThreatAft en 2026-04-22T14:26:00.000Z After Bluesky, Mastodon Targeted in DDoS Attack https://www.reddit.com/r/netsec/comments/1ssmyig/reverseengineering_a_targeted_npm_supply_chain/ ThreatAft en 2026-04-22T14:21:24.000Z Reverse-engineering a targeted npm supply chain attack with two-stage C2 — full forensic analysis https://www.reddit.com/r/cybersecurity/comments/1ssmr2i/how_does_policy_review_work_palo_alto_firewalls/ ThreatAft en 2026-04-22T14:13:45.000Z How does policy review work (palo alto firewalls) ? https://www.infosecurity-magazine.com/news/uk-pledges-90m-for-cybersecurity/ ThreatAft en 2026-04-22T14:10:00.000Z UK Pledges £90m for Cybersecurity and Pushes for ‘Resilience Pledge’ https://www.reddit.com/r/cybersecurity/comments/1ssmke6/is_owasp_top_10_llm_08_2025_embedding_and_vector/ ThreatAft en 2026-04-22T14:06:55.000Z Is OWASP Top 10 LLM 08 2025 Embedding and Vector Weaknesses Outdated https://www.reddit.com/r/cybersecurity/comments/1ssmgfp/the_zerodays_are_numbered_mythos_numbers_are_real/ ThreatAft en 2026-04-22T14:02:56.000Z The zero-days are numbered | Mythos numbers are real? https://www.bleepingcomputer.com/news/security/inside-caller-as-a-service-fraud-the-scam-economy-has-a-hiring-process/ ThreatAft en 2026-04-22T14:01:11.000Z Inside Caller-as-a-Service Fraud: The Scam Economy Has a Hiring Process https://www.helpnetsecurity.com/2026/04/22/prove-identity-platform/ ThreatAft en 2026-04-22T13:50:28.000Z Prove Identity Platform connects verification, authentication, and fraud prevention https://therecord.media/china-cyber-capabilities-match-us-dutch-intel-says ThreatAft en 2026-04-22T13:33:00.000Z China’s cyber capabilities now equal to the US, warns Dutch intelligence https://www.helpnetsecurity.com/2026/04/22/new-mirai-variants-target-routers-and-dvrs-via-old-flaws/ ThreatAft en 2026-04-22T13:24:09.000Z New Mirai variants target routers and DVRs in parallel campaigns https://www.helpnetsecurity.com/2026/04/22/acronis-genai-protection/ ThreatAft en 2026-04-22T13:24:08.000Z Acronis GenAI Protection gives MSPs control over AI usage and data risks https://www.reddit.com/r/cybersecurity/comments/1sskv9h/lovable_denies_breach_after_bola_flaw_reportedly/ ThreatAft en 2026-04-22T13:02:32.000Z Lovable denies breach after BOLA flaw reportedly enabled cross-tenant access to source code and secrets https://www.infosecurity-magazine.com/news/silent-subject-phishing-campaigns/ ThreatAft en 2026-04-22T13:00:00.000Z Surge in Silent Subject Phishing Attacks Targets VIP Users https://www.bleepingcomputer.com/news/security/new-npm-supply-chain-attack-self-spreads-to-steal-auth-tokens/ ThreatAft en 2026-04-22T12:57:42.000Z New npm supply-chain attack self-spreads to steal auth tokens https://www.securityweek.com/most-serious-cyberattacks-against-the-uk-now-from-russia-iran-and-china-cyber-chief-says/ ThreatAft en 2026-04-22T12:57:01.000Z Most Serious Cyberattacks Against the UK Now From Russia, Iran and China, Cyber Chief Says https://www.helpnetsecurity.com/2026/04/22/elastic-mcp-apps/ ThreatAft en 2026-04-22T12:51:51.000Z Elastic MCP Apps bring security and observability workflows into AI tools https://therecord.media/UK-cyberattacks-ncsc-china ThreatAft en 2026-04-22T12:45:00.000Z UK cyber agency handling four major incidents a week as nation-state attacks surge https://www.malwarebytes.com/blog/threat-intel/2026/04/malicious-trading-website-drop-malware-that-hands-over-your-browser-to-attackers ThreatAft en 2026-04-22T12:30:02.000Z Malicious trading website drops malware that hands your browser to attackers https://therecord.media/defense-cyber-strategy-warfare ThreatAft en 2026-04-22T12:30:00.000Z New Defense Department cyber strategy imminent, official says https://www.reddit.com/r/cybersecurity/comments/1ssk0hn/hr_8250_parents_decide_act_would_require_age/ ThreatAft en 2026-04-22T12:27:20.000Z H.R. 8250 (Parents Decide Act) would require age verification at the OS level https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-gets-efficiency-mode-for-hardware-constrained-devices/ ThreatAft en 2026-04-22T12:24:38.000Z Microsoft Teams to get efficiency mode on PCs with limited resources https://www.securityweek.com/new-wiper-malware-targeted-venezuelan-energy-sector-prior-to-us-intervention/ ThreatAft en 2026-04-22T12:10:28.000Z New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention https://www.cisa.gov/news-events/alerts/2026/04/22/cisa-adds-one-known-exploited-vulnerability-catalog ThreatAft en 2026-04-22T12:00:00.000Z CISA Adds One Known Exploited Vulnerability to Catalog https://www.malwarebytes.com/blog/news/2026/04/researcher-claims-claude-desktop-installs-spyware-on-macos ThreatAft en 2026-04-22T11:53:11.000Z Researcher claims Claude Desktop installs “spyware” on macOS https://www.reddit.com/r/cybersecurity/comments/1ssj4nm/new_gogra_malware_for_linux_uses_microsoft_graph/ ThreatAft en 2026-04-22T11:48:14.000Z New GoGra malware for Linux uses Microsoft Graph API for comms https://www.securityweek.com/mirai-botnet-targets-flaw-in-discontinued-d-link-routers/ ThreatAft en 2026-04-22T11:44:07.000Z Mirai Botnet Targets Flaw in Discontinued D-Link Routers https://www.reddit.com/r/cybersecurity/comments/1ssiqvs/where_to_find_entry_level_internjobs/ ThreatAft en 2026-04-22T11:30:09.000Z Where to find entry level intern/jobs https://www.securityweek.com/are-sboms-failing-supply-chain-attacks-rise-as-security-teams-struggle-with-sbom-data/ ThreatAft en 2026-04-22T11:30:00.000Z Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data https://www.helpnetsecurity.com/2026/04/22/progress-waf-bypass-cve-2026-21876/ ThreatAft en 2026-04-22T11:29:19.000Z Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876) https://www.reddit.com/r/cybersecurity/comments/1ssipz9/guidance_on_certifications/ ThreatAft en 2026-04-22T11:29:02.000Z Guidance on Certifications https://www.securityweek.com/claude-mythos-finds-271-firefox-vulnerabilities/ ThreatAft en 2026-04-22T11:27:46.000Z Claude Mythos Finds 271 Firefox Vulnerabilities https://www.reddit.com/r/Malware/comments/1ssim2j/19_confirmed_repos_tied_to_the_same_github/ ThreatAft en 2026-04-22T11:23:42.000Z 19 confirmed repos tied to the same GitHub malware campaign https://www.reddit.com/r/cybersecurity/comments/1ssihei/need_opinions_on_certs/ ThreatAft en 2026-04-22T11:17:22.000Z Need Opinions on Certs https://www.infosecurity-magazine.com/news/former-ransomware-negotiator/ ThreatAft en 2026-04-22T11:00:00.000Z Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang https://thehackernews.com/2026/04/lotus-wiper-malware-targets-venezuelan.html ThreatAft en 2026-04-22T10:55:00.000Z Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack https://www.securityweek.com/north-korean-hackers-use-applescript-clickfix-in-fresh-macos-attacks/ ThreatAft en 2026-04-22T10:49:52.000Z North Korean Hackers Use AppleScript, ClickFix in Fresh macOS Attacks https://thehackernews.com/2026/04/toxic-combinations-when-cross-app.html ThreatAft en 2026-04-22T10:41:36.000Z Toxic Combinations: When Cross-App Permissions Stack into Risk https://www.helpnetsecurity.com/2026/04/22/tencent-qclaw-ai-agent-windows-macos/ ThreatAft en 2026-04-22T10:32:02.000Z Tencent’s QClaw AI agent app arrives on Windows and macOS https://www.reddit.com/r/cybersecurity/comments/1sshfrk/uploaded_passport_scan_to_a_free_pdf_converter/ ThreatAft en 2026-04-22T10:24:01.000Z Uploaded passport scan to a free pdf converter online https://www.bleepingcomputer.com/news/microsoft/microsoft-graph-api-code-change-causes-universal-print-share-issues/ ThreatAft en 2026-04-22T10:15:09.000Z Microsoft traces Universal Print issues to Graph API code change https://www.reddit.com/r/cybersecurity/comments/1ssh7to/microsoft_shipped_a_broken_aspnet_patch/ ThreatAft en 2026-04-22T10:11:52.000Z Microsoft Shipped a Broken ASP.NET Patch https://unit42.paloaltonetworks.com/air-snitch-enterprise-wireless-attacks/ ThreatAft en 2026-04-22T10:00:22.000Z When Wi-Fi Encryption Fails: Protecting Your Enterprise from AirSnitch Attacks https://www.helpnetsecurity.com/2026/04/22/cisco-phishing-initial-access-2026/ ThreatAft en 2026-04-22T10:00:03.000Z Phishing reclaims the top initial access spot, attackers experiment with AI tools https://www.bleepingcomputer.com/news/security/new-gogra-malware-for-linux-uses-microsoft-graph-api-for-comms/ ThreatAft en 2026-04-22T10:00:00.000Z New GoGra malware for Linux uses Microsoft Graph API for comms https://cyberscoop.com/ciso-strategy-ai-real-time-risk-op-ed/ ThreatAft en 2026-04-22T10:00:00.000Z The AI era demands a different kind of CISO https://www.infosecurity-magazine.com/news/researchers-proxysmart-software-90/ ThreatAft en 2026-04-22T10:00:00.000Z Researchers Uncover ProxySmart Software Powering 90+ SIM Farms https://www.securityweek.com/google-antigravity-in-crosshairs-of-security-researchers-cybercriminals/ ThreatAft en 2026-04-22T09:53:05.000Z Google Antigravity in Crosshairs of Security Researchers, Cybercriminals https://www.reddit.com/r/cybersecurity/comments/1ssgs9r/extending_my_access_abusing_installed_extensions/ ThreatAft en 2026-04-22T09:47:30.000Z Extending my access: Abusing installed extensions for post compromise https://www.helpnetsecurity.com/2026/04/22/microsoft-onedrive-intelligence-collaboration-updates/ ThreatAft en 2026-04-22T09:47:07.000Z OneDrive updates focus on AI, access control, and compliance https://www.reddit.com/r/netsec/comments/1ssgrac/extending_my_access_abusing_installed_extensions/ ThreatAft en 2026-04-22T09:45:52.000Z Extending my access: Abusing installed extensions for post compromise https://thehackernews.com/2026/04/microsoft-patches-critical-aspnet-core.html ThreatAft en 2026-04-22T09:29:00.000Z Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug https://www.reddit.com/r/cybersecurity/comments/1ssgfik/national_vulnerability_database_tool/ ThreatAft en 2026-04-22T09:26:58.000Z National Vulnerability Database Tool https://www.reddit.com/r/cybersecurity/comments/1ssfufa/over_1300_microsoft_sharepoint_servers_vulnerable/ ThreatAft en 2026-04-22T08:53:39.000Z Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks https://www.reddit.com/r/cybersecurity/comments/1ssfp3h/microsoft_releases_emergency_patches_for_critical/ ThreatAft en 2026-04-22T08:45:21.000Z Microsoft releases emergency patches for critical ASP.NET flaw https://www.securityweek.com/oracle-patches-450-vulnerabilities-with-april-2026-cpu/ ThreatAft en 2026-04-22T08:41:10.000Z Oracle Patches 450 Vulnerabilities With April 2026 CPU https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-security-updates-for-critical-aspnet-flaw/ ThreatAft en 2026-04-22T08:08:16.000Z Microsoft releases emergency patches for critical ASP.NET flaw https://www.infosecurity-magazine.com/news/uk-faces-a-cyber-perfect-storm-ncsc/ ThreatAft en 2026-04-22T08:07:00.000Z UK Faces a Cyber ‘Perfect Storm’ Driven by Tech Advances and Nation State Threats, NCSC Warns https://thehackernews.com/2026/04/mustang-pandas-new-lotuslite-variant.html ThreatAft en 2026-04-22T07:58:00.000Z Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles https://www.reddit.com/r/cybersecurity/comments/1ssev8c/whats_stopping_bec_at_the_email_layer_when_theres/ ThreatAft en 2026-04-22T07:56:17.000Z What's stopping BEC at the email layer when there's no payload to detect? https://www.reddit.com/r/cybersecurity/comments/1sseeol/vibe_coding_is_shipping_vulnerabilities_to/ ThreatAft en 2026-04-22T07:28:50.000Z Vibe coding is shipping vulnerabilities to production. Here's what the data actually shows. https://thehackernews.com/2026/04/cohere-ai-terrarium-sandbox-flaw.html ThreatAft en 2026-04-22T07:16:00.000Z Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape https://www.reddit.com/r/cybersecurity/comments/1sse1r3/have_you_ever_watched_a_threat_actor_accidentally/ ThreatAft en 2026-04-22T07:07:31.000Z Have you ever watched a threat actor accidentally dox themselves in real-time? 👀 https://www.bleepingcomputer.com/news/security/over-1-300-microsoft-sharepoint-servers-vulnerable-to-ongoing-attacks/ ThreatAft en 2026-04-22T06:53:02.000Z Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks https://www.reddit.com/r/cybersecurity/comments/1ssc2jq/unused_tech_cybersecurity_student_needs_help/ ThreatAft en 2026-04-22T05:17:32.000Z Unused tech - Cybersecurity student needs help consolidating/upgrading. https://www.reddit.com/r/cybersecurity/comments/1ssbzdl/coinbase_quantum_advisory_council_publishes/ ThreatAft en 2026-04-22T05:12:57.000Z Coinbase Quantum Advisory Council Publishes Position Paper on Quantum Computing and Blockchain https://www.helpnetsecurity.com/2026/04/22/pentagi-autonomous-ai-penetration-testing/ ThreatAft en 2026-04-22T05:00:31.000Z PentAGI: Open-source autonomous AI penetration testing system https://www.reddit.com/r/cybersecurity/comments/1ssbpft/22_flaws_in_obscure_bridge_devices_could_let/ ThreatAft en 2026-04-22T04:58:51.000Z 22 flaws in obscure “bridge” devices could let attackers mess with real-world systems https://www.reddit.com/r/cybersecurity/comments/1ssbk30/pgserve_1111_through_1113_are_compromised_and_the/ ThreatAft en 2026-04-22T04:51:00.000Z pgserve 1.1.11 through 1.1.13 are compromised, and the code is surprisingly clean https://www.helpnetsecurity.com/2026/04/22/apple-intelligence-token-vulnerability-serpent-attack/ ThreatAft en 2026-04-22T04:30:08.000Z Apple Intelligence flaw kept stolen tokens reusable on another device https://www.helpnetsecurity.com/2026/04/22/financial-sector-cyber-threats-report/ ThreatAft en 2026-04-22T04:00:16.000Z Shadow AI, deepfakes, and supply chain compromise are rewriting the financial sector threat playbook https://www.reddit.com/r/cybersecurity/comments/1ss8e0a/ai_governance_is_moving_into_the_machinery/ ThreatAft en 2026-04-22T02:21:08.000Z AI Governance Is Moving Into the Machinery https://isc.sans.edu/diary/rss/32918 ThreatAft en 2026-04-22T02:00:03.000Z ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd) https://isc.sans.edu/diary/rss/32888 ThreatAft en 2026-04-22T00:03:04.000Z [Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd) https://www.exploit-db.com/exploits/52510 ThreatAft en 2026-04-22T00:00:00.000Z [local] AVAST Antivirus 25.11 - Unquoted Service Path https://www.exploit-db.com/exploits/52511 ThreatAft en 2026-04-22T00:00:00.000Z [webapps] WordPress Plugin 5.2.0 - Broken Access Control https://www.exploit-db.com/exploits/52512 ThreatAft en 2026-04-22T00:00:00.000Z [local] Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation https://www.recordedfuture.com/blog/ai-hype-vs-reality ThreatAft en 2026-04-22T00:00:00.000Z AI Hype vs. Reality: Is AI Really Rewriting the Vulnerability Equation? https://www.reddit.com/r/cybersecurity/comments/1ss4qln/my_team_needs_to_get_started_with_ctem_but_i/ ThreatAft en 2026-04-21T23:40:49.000Z My team needs to get started with CTEM, but I genuinely don't know what to do. What did your first 90 days look like? https://www.reddit.com/r/cybersecurity/comments/1ss4n59/looking_for_cyber_advice_first_cybersecurity_job/ ThreatAft en 2026-04-21T23:36:38.000Z Looking for cyber advice/ first cybersecurity job https://www.reddit.com/r/cybersecurity/comments/1ss44lh/how_often_do_clients_ask_for_soc_2_before_they/ ThreatAft en 2026-04-21T23:15:00.000Z How often do clients ask for SOC 2 before they actually need it? https://www.reddit.com/r/cybersecurity/comments/1ss3y67/anthropics_mythos_model_accessed_by_unauthorized/ ThreatAft en 2026-04-21T23:07:51.000Z Anthropic's Mythos model accessed by unauthorized users, Bloomberg News reports https://www.reddit.com/r/cybersecurity/comments/1ss3v48/early_version_of_eus_age_verification_app_is/ ThreatAft en 2026-04-21T23:04:29.000Z Early version of EU's age verification app is apparently hackable in less than two minutes https://www.reddit.com/r/cybersecurity/comments/1ss3jx6/lab_review/ ThreatAft en 2026-04-21T22:52:16.000Z Lab review https://www.reddit.com/r/netsec/comments/1ss3e38/vercel_oauth_breach_analysis_contextai_compromise/ ThreatAft en 2026-04-21T22:45:42.000Z Vercel OAuth breach analysis: Context.ai compromise, MITRE T1199 trust-chain attack, IOC for Google Workspace admins https://www.reddit.com/r/Malware/comments/1ss3ct3/free_ai_detection_app_designed_specifically_for/ ThreatAft en 2026-04-21T22:44:18.000Z Free AI Detection app designed specifically for Social Media posts https://www.reddit.com/r/cybersecurity/comments/1ss2y2u/cybercx_academy/ ThreatAft en 2026-04-21T22:27:41.000Z CyberCX academy https://www.reddit.com/r/cybersecurity/comments/1ss2xn2/an_alternative_to_identity_at_the_edge/ ThreatAft en 2026-04-21T22:27:12.000Z An Alternative to Identity at the Edge https://www.reddit.com/r/Malware/comments/1ss24rn/sentinelones_credential_abuse_report_is_bleak/ ThreatAft en 2026-04-21T21:56:18.000Z SentinelOne's credential abuse report is bleak https://www.reddit.com/r/cybersecurity/comments/1ss242a/our_company_just_got_chatgpt_enterprise_i/ ThreatAft en 2026-04-21T21:55:34.000Z Our company just got ChatGPT Enterprise. I realized any employee can paste client data into it and we'd never know. How is everyone handling this? https://www.bleepingcomputer.com/news/security/french-govt-agency-confirms-breach-as-hacker-offers-to-sell-data/ ThreatAft en 2026-04-21T21:46:04.000Z French govt agency confirms breach as hacker offers to sell data https://www.darkreading.com/insider-threats/ransomware-negotiator-pleads-guilty-blackcat-scheme ThreatAft en 2026-04-21T21:12:43.000Z Ransomware Negotiator Pleads Guilty to BlackCat Scheme https://cyberscoop.com/digitalmint-ransomware-negotiator-angelo-martino-guilty-plea/ ThreatAft en 2026-04-21T21:03:58.000Z Former DigitalMint ransomware negotiator pleads guilty to extortion scheme https://www.tenable.com/blog/oracle-april-2026-critical-patch-update-addresses-241-cves ThreatAft en 2026-04-21T20:59:27.000Z Oracle April 2026 Critical Patch Update Addresses 241 CVEs https://www.reddit.com/r/cybersecurity/comments/1ss0dyw/iran_claims_us_used_backdoors_in_networking/ ThreatAft en 2026-04-21T20:51:48.000Z Iran claims US used backdoors in networking equipment https://www.reddit.com/r/cybersecurity/comments/1srzo0h/job_interview_in_2_days_installation_technician/ ThreatAft en 2026-04-21T20:26:14.000Z Job interview in 2 days - Installation Technician https://www.reddit.com/r/cybersecurity/comments/1srzmi7/bluerock_found_critical_rce_in_awss/ ThreatAft en 2026-04-21T20:24:44.000Z BlueRock found critical RCE in AWS’s aws-diagram-mcp-server: exec() denylist bypass (HackerOne #3557138) https://www.reddit.com/r/netsec/comments/1sryptw/quantum_computers_are_not_a_threat_to_128bit/ ThreatAft en 2026-04-21T19:52:21.000Z Quantum Computers Are Not a Threat to 128-bit Symmetric Keys https://www.reddit.com/r/cybersecurity/comments/1sryb1k/i_am_down_to_my_final_interview_and_im_nervous/ ThreatAft en 2026-04-21T19:37:36.000Z I am down to my final interview and I'm nervous https://www.reddit.com/r/cybersecurity/comments/1srxz5a/cybersecurity_statistics_of_the_week_april_13th/ ThreatAft en 2026-04-21T19:25:35.000Z Cybersecurity statistics of the week (April 13th - April 19th) https://www.helpnetsecurity.com/2026/04/21/thunderbird-150-released/ ThreatAft en 2026-04-21T19:19:57.000Z Thunderbird 150 arrives with encrypted message search and OpenPGP improvements https://www.darkreading.com/cyberattacks-data-breaches/exploits-turn-windows-defender-attacker-tool ThreatAft en 2026-04-21T19:12:40.000Z Exploits Turn Windows Defender into Attacker Tool https://www.reddit.com/r/cybersecurity/comments/1srxc83/bls_cybersecurity_job_outlook_vs_reality/ ThreatAft en 2026-04-21T19:03:06.000Z BLS Cybersecurity Job Outlook vs reality https://cyberscoop.com/the-com-scattered-spider-hacker-tyler-robert-buchanan-guilty-plea/ ThreatAft en 2026-04-21T18:51:01.000Z Scottish man pleads guilty to attack spree that created Scattered Spider’s notoriety https://cyberscoop.com/lawmakers-ponder-terrorism-designations-homicide-charges-over-hospital-ransomware-attacks/ ThreatAft en 2026-04-21T18:49:46.000Z Lawmakers ponder terrorism designations, homicide charges over hospital ransomware attacks https://www.reddit.com/r/cybersecurity/comments/1srwqpa/is_bug_bounty_actually_worth_it_for_new_comers_in/ ThreatAft en 2026-04-21T18:42:24.000Z Is bug bounty actually worth it for new comers in 2026? Need real talk, not motivation. https://www.reddit.com/r/cybersecurity/comments/1srwp3b/title_spvm_gross_negligence_i_handed_pdq_20_a/ ThreatAft en 2026-04-21T18:40:49.000Z Title: SPVM gross negligence: I handed PDQ 20 a frozen extortion node and a human trafficking threat. They laughed and closed the file https://www.bleepingcomputer.com/news/security/new-lotus-data-wiper-used-against-venezuelan-energy-utility-firms/ ThreatAft en 2026-04-21T18:38:40.000Z New Lotus data wiper used against Venezuelan energy, utility firms https://www.wired.com/story/mozilla-used-anthropics-mythos-to-find-271-bugs-in-firefox/ ThreatAft en 2026-04-21T18:30:00.000Z Mozilla Used Anthropic’s Mythos to Find and Fix 151 Bugs in Firefox https://thehackernews.com/2026/04/systembc-c2-server-reveals-1570-victims.html ThreatAft en 2026-04-21T18:18:00.000Z SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation https://www.helpnetsecurity.com/2026/04/21/virtualbox-7-2-8-released/ ThreatAft en 2026-04-21T18:16:39.000Z VirtualBox 7.2.8 is out with Linux kernel 7.0 support and crash fixes https://www.reddit.com/r/cybersecurity/comments/1srvr5x/how_to_build_a_career_in_hardware_security/ ThreatAft en 2026-04-21T18:08:15.000Z How to build a career in hardware security? https://www.reddit.com/r/netsec/comments/1srvol6/two_new_critical_spinnaker_vulns_allow_rce_and/ ThreatAft en 2026-04-21T18:05:51.000Z Two new critical Spinnaker vulns allow RCE and production access https://www.reddit.com/r/cybersecurity/comments/1sruoty/behavior_validation_for_agentic_ai_applications/ ThreatAft en 2026-04-21T17:32:46.000Z Behavior validation for Agentic AI Applications https://www.reddit.com/r/cybersecurity/comments/1sru854/i_discovered_a_covert_wifienabled_camera/ ThreatAft en 2026-04-21T17:17:04.000Z “I discovered a covert Wi-Fi–enabled camera concealed inside a power adapter in a hotel room. The device was transmitting live footage to an overseas server (likely China-based). No cctv footage, used vpn, hotel denies their involvement https://www.reddit.com/r/cybersecurity/comments/1srteqo/hacker_como_se_tornar_um/ ThreatAft en 2026-04-21T16:49:31.000Z Hacker - como se tornar um ? https://therecord.media/uk-regulator-to-probe-telegram-over-csam-allegations ThreatAft en 2026-04-21T16:46:00.000Z UK regulator to probe Telegram, teen chat sites for potential child safety violations https://www.wired.com/story/meta-is-sued-over-scam-ads-on-facebook-and-instagram/ ThreatAft en 2026-04-21T16:24:41.000Z Meta Is Sued Over Scam Ads on Facebook and Instagram https://industrialcyber.co/news/ssh-brings-privx-ot-to-nokia-industrial-edge-to-secure-remote-access-in-ot-environments/ ThreatAft en 2026-04-21T16:15:48.000Z SSH brings PrivX OT to Nokia Industrial Edge to secure remote access in OT environments https://industrialcyber.co/news/txone-introduces-stellar-discover-to-extend-ot-security-from-discovery-to-risk-insight/ ThreatAft en 2026-04-21T16:15:14.000Z TXOne introduces Stellar Discover to extend OT security from discovery to risk insight https://industrialcyber.co/news/industrial-defender-partners-with-kyron-to-boost-ot-resilience-and-nis2-readiness-in-france/ ThreatAft en 2026-04-21T16:14:56.000Z Industrial Defender partners with KYrON to boost OT resilience and NIS2 readiness in France https://industrialcyber.co/news/semperis-extends-purple-knight-identity-security-assessment-tool-to-us-federal-defense-gcc-high-environments/ ThreatAft en 2026-04-21T16:14:37.000Z Semperis extends Purple Knight identity security assessment tool to US federal, defense GCC High environments https://www.reddit.com/r/cybersecurity/comments/1srs3mh/who_is_rasoul_jalili_the_socalled_father_of/ ThreatAft en 2026-04-21T16:04:07.000Z Who is Rasoul Jalili, the So-Called “Father of Filtering” of the Islamic Republic? https://www.microsoft.com/en-us/security/blog/2026/04/21/detection-strategies-cloud-identities-against-infiltrating-it-workers/ ThreatAft en 2026-04-21T16:03:09.000Z Detection strategies across cloud and identities against infiltrating IT workers https://www.infosecurity-magazine.com/news/trojanized-android-handle-nfc/ ThreatAft en 2026-04-21T16:00:00.000Z Trojanized Android App Fuels New Wave of NFC Fraud https://thehackernews.com/2026/04/22-bridgebreak-flaws-expose-20000.html ThreatAft en 2026-04-21T15:46:00.000Z 22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters https://www.darkreading.com/cyberattacks-data-breaches/surge-bomgar-rmm-exploitation-demonstrates-supply-chain-risk ThreatAft en 2026-04-21T15:29:17.000Z Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk https://www.reddit.com/r/cybersecurity/comments/1srqrcg/android_moto_5g/ ThreatAft en 2026-04-21T15:18:44.000Z Android Moto 5G+ https://www.helpnetsecurity.com/2026/04/21/ransomware-negotiator-blackcat-alphv-group/ ThreatAft en 2026-04-21T15:02:06.000Z Ransomware negotiator admits role in attacks he was hired to resolve https://www.darkreading.com/vulnerabilities-threats/google-fixes-critical-rce-flaw-ai-based-antigravity-tool ThreatAft en 2026-04-21T15:00:50.000Z Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool https://www.reddit.com/r/cybersecurity/comments/1srq47h/p4wned_how_insecure_defaults_in_perforce_expose/ ThreatAft en 2026-04-21T14:57:42.000Z P4WNED: How Insecure Defaults in Perforce Expose Source Code Across the Internet https://krebsonsecurity.com/2026/04/scattered-spider-member-tylerb-pleads-guilty/ ThreatAft en 2026-04-21T14:53:59.000Z ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty https://www.reddit.com/r/netsec/comments/1srpyuj/p4wned_how_insecure_defaults_in_perforce_expose/ ThreatAft en 2026-04-21T14:52:27.000Z P4WNED: How Insecure Defaults in Perforce Expose Source Code Across the Internet https://www.reddit.com/r/cybersecurity/comments/1srpyms/is_dlp_dspm_evolving/ ThreatAft en 2026-04-21T14:52:15.000Z Is DLP / DSPM evolving? https://www.reddit.com/r/cybersecurity/comments/1srpwfs/i_needed_a_replacement_for_paul_jerimys_roadmap/ ThreatAft en 2026-04-21T14:50:01.000Z I needed a replacement for Paul Jerimy's roadmap so I built one for my students https://www.securityweek.com/third-us-security-expert-admits-helping-ransomware-gang/ ThreatAft en 2026-04-21T14:44:24.000Z Third US Security Expert Admits Helping Ransomware Gang https://www.reddit.com/r/cybersecurity/comments/1srpp79/runtime_security_for_ai_agents_is_becoming_a/ ThreatAft en 2026-04-21T14:42:54.000Z Runtime security for AI agents is becoming a practical defense problem https://thehackernews.com/2026/04/ransomware-negotiator-pleads-guilty-to.html ThreatAft en 2026-04-21T14:31:00.000Z Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023 https://www.reddit.com/r/cybersecurity/comments/1srp248/white_house_integrating_anthropics_mythos_ai_into/ ThreatAft en 2026-04-21T14:19:39.000Z White House integrating Anthropic’s Mythos AI into federal cybersecurity strategy to harden critical infrastructure https://www.reddit.com/r/cybersecurity/comments/1srot2i/webpage_takedown/ ThreatAft en 2026-04-21T14:10:30.000Z Webpage takedown https://www.securityweek.com/dozens-of-malicious-crypto-apps-land-in-apple-app-store/ ThreatAft en 2026-04-21T14:05:01.000Z Dozens of Malicious Crypto Apps Land in Apple App Store https://www.malwarebytes.com/blog/threat-intel/2026/04/fake-google-antigravity-downloads-are-stealing-accounts-in-minutes ThreatAft en 2026-04-21T14:04:51.000Z Fake Google Antigravity downloads are stealing accounts in minutes https://www.bleepingcomputer.com/news/security/stopping-fraud-at-each-stage-of-the-customer-journey-without-adding-friction/ ThreatAft en 2026-04-21T14:02:12.000Z Stopping Fraud at Each Stage of the Customer Journey Without Adding Friction https://www.infosecurity-magazine.com/news/gentlemen-ransomware-rapid/ ThreatAft en 2026-04-21T14:00:00.000Z The Gentlemen Ransomware Expands With Rapid Affiliate Growth https://www.bleepingcomputer.com/news/security/uk-probes-telegram-teen-chat-sites-over-csam-sharing-concerns/ ThreatAft en 2026-04-21T13:49:10.000Z UK probes Telegram, teen chat sites over CSAM sharing concerns https://www.reddit.com/r/cybersecurity/comments/1sro7tb/do_users_rage_on_you_after_failing_phishing/ ThreatAft en 2026-04-21T13:48:32.000Z Do users rage on you after failing phishing campaign? "I didn't click the link" etc? https://www.reddit.com/r/cybersecurity/comments/1sro7g5/agentic_ai_is_now_the_1_attack_surface_nobody_is/ ThreatAft en 2026-04-21T13:48:11.000Z Agentic AI is now the #1 attack surface nobody is talking about in enterprise SOCs — thoughts? https://therecord.media/eu-targets-russian-propaganda-networks-sanctions ThreatAft en 2026-04-21T13:48:00.000Z EU targets two Russian propaganda networks with new sanctions https://www.reddit.com/r/cybersecurity/comments/1srnv4f/cisa_flags_new_sdwan_flaw_as_actively_exploited/ ThreatAft en 2026-04-21T13:35:14.000Z CISA flags new SD-WAN flaw as actively exploited in attacks https://www.helpnetsecurity.com/2026/04/21/british-national-scattered-spider-guilty-sms-phishing/ ThreatAft en 2026-04-21T13:16:47.000Z Scattered Spider hacker pleads guilty to stealing $8 million in cryptocurrency https://therecord.media/cloud-platform-vercel-says-company-breached-through-ai-tool ThreatAft en 2026-04-21T13:10:00.000Z Cloud platform Vercel says company breached through third-party AI tool https://thehackernews.com/2026/04/5-places-where-mature-socs-keep-mttr.html ThreatAft en 2026-04-21T13:00:00.000Z 5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time https://www.infosecurity-magazine.com/news/unchecked-ai-agents-cause/ ThreatAft en 2026-04-21T13:00:00.000Z Unchecked AI Agents Cause Cybersecurity Incidents at Two Thirds of Firms https://www.malwarebytes.com/blog/news/2026/04/real-apple-notifications-are-being-used-to-drive-tech-support-scams ThreatAft en 2026-04-21T12:59:31.000Z Real Apple notifications are being used to drive tech support scams https://www.helpnetsecurity.com/2026/04/21/ivanti-neurons-ai/ ThreatAft en 2026-04-21T12:56:11.000Z Ivanti Neurons AI automates IT operations, reducing manual work and security risk https://www.helpnetsecurity.com/2026/04/21/silobreaker-mimir-adds-agentic-ai-to-intelligence-workflows-with-governance-and-transparency/ ThreatAft en 2026-04-21T12:39:41.000Z Silobreaker Mimir adds agentic AI to intelligence workflows with governance and transparency https://www.reddit.com/r/cybersecurity/comments/1srmfq1/best_cyber_security_course_in_usa/ ThreatAft en 2026-04-21T12:38:41.000Z Best Cyber Security Course in USA https://www.securityweek.com/unsecured-perforce-servers-expose-sensitive-data-from-major-orgs/ ThreatAft en 2026-04-21T12:37:49.000Z Unsecured Perforce Servers Expose Sensitive Data From Major Orgs https://www.reddit.com/r/cybersecurity/comments/1srmefq/seen_the_cyber_side_of_modern_conflicts_ask/ ThreatAft en 2026-04-21T12:37:06.000Z Seen the cyber side of modern conflicts. Ask questions. https://www.bleepingcomputer.com/news/security/cisa-flags-new-sd-wan-flaw-as-actively-exploited-in-attacks/ ThreatAft en 2026-04-21T12:30:50.000Z CISA flags new SD-WAN flaw as actively exploited in attacks https://www.helpnetsecurity.com/2026/04/21/openai-chronicle-codex-screen-context-memories/ ThreatAft en 2026-04-21T12:25:41.000Z OpenAI’s Chronicle feature lets Codex read your screen, raising privacy concerns https://www.reddit.com/r/cybersecurity/comments/1srlvkn/ai_models_are_now_finding_bank_vulnerabilities/ ThreatAft en 2026-04-21T12:14:38.000Z AI Models Are Now Finding Bank Vulnerabilities Faster Than Regulators Can Respond https://www.securityweek.com/progress-patches-multiple-vulnerabilities-in-moveit-waf-loadmaster/ ThreatAft en 2026-04-21T12:14:26.000Z Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster https://www.reddit.com/r/Malware/comments/1srluxa/iocx_v070_deterministic_heuristics_adversarial_pe/ ThreatAft en 2026-04-21T12:13:50.000Z IOCX v0.7.0 — deterministic heuristics + adversarial PE samples https://www.reddit.com/r/netsec/comments/1srlroo/sim_farms_as_a_service_a_shared_control_plane/ ThreatAft en 2026-04-21T12:09:43.000Z SIM Farms as a Service: A Shared Control Plane Spanning 87 Farms https://www.reddit.com/r/netsec/comments/1srlroo/removed_by_reddit/ ThreatAft en 2026-04-21T12:09:43.000Z [ Removed by Reddit ] https://www.reddit.com/r/cybersecurity/comments/1srlrbd/a_single_platform_powers_sim_farm_proxy_networks/ ThreatAft en 2026-04-21T12:09:15.000Z A single platform powers SIM farm proxy networks across 17 countries https://www.reddit.com/r/cybersecurity/comments/1srlrbd/removed_by_reddit/ ThreatAft en 2026-04-21T12:09:15.000Z [ Removed by Reddit ] https://www.darkreading.com/cyberattacks-data-breaches/chinese-apt-indian-banks-korean-policy ThreatAft en 2026-04-21T12:00:00.000Z Chinese APT Targets Indian Banks, Korean Policy Circles https://www.reddit.com/r/cybersecurity/comments/1srli4x/secure_boot_cert_renewal/ ThreatAft en 2026-04-21T11:57:55.000Z Secure Boot Cert renewal https://www.reddit.com/r/cybersecurity/comments/1srl68g/meetups_in_navi_mumbai/ ThreatAft en 2026-04-21T11:43:04.000Z Meetups in Navi Mumbai? https://thehackernews.com/2026/04/no-exploit-needed-how-attackers-walk.html ThreatAft en 2026-04-21T11:30:00.000Z No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks https://www.reddit.com/r/netsec/comments/1srks4e/we_analysed_almost_100_uk_charity_websites_and/ ThreatAft en 2026-04-21T11:24:24.000Z We analysed almost 100 UK charity websites and found that ~1 in 6 are running vulnerable JavaScript dependencies. https://www.securityweek.com/organizations-warned-of-exploited-cisco-kentico-zimbra-vulnerabilities/ ThreatAft en 2026-04-21T11:19:45.000Z Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities https://www.bleepingcomputer.com/news/security/actively-exploited-apache-activemq-flaw-impacts-6-400-servers/ ThreatAft en 2026-04-21T11:17:51.000Z Actively exploited Apache ActiveMQ flaw impacts 6,400 servers https://www.reddit.com/r/cybersecurity/comments/1srkl9u/thinking_about_a_pivot_into_security_leadership/ ThreatAft en 2026-04-21T11:14:55.000Z Thinking about a pivot into security leadership https://www.reddit.com/r/cybersecurity/comments/1srkig6/clearwater_library_computer_disruption_leads_to/ ThreatAft en 2026-04-21T11:11:01.000Z Clearwater library computer disruption leads to felony charge https://www.reddit.com/r/cybersecurity/comments/1srkdae/misp_events_deletion/ ThreatAft en 2026-04-21T11:03:42.000Z MISP events deletion? https://www.reddit.com/r/cybersecurity/comments/1srkcyx/appsec_e_devsecops/ ThreatAft en 2026-04-21T11:03:16.000Z AppSec e DevSecOps https://www.securityweek.com/data-breaches-at-healthcare-organizations-in-illinois-and-texas-affect-600000/ ThreatAft en 2026-04-21T11:02:29.000Z Data Breaches at Healthcare Organizations in Illinois and Texas Affect 600,000 https://www.reddit.com/r/cybersecurity/comments/1srk8me/how_can_i_start_my_path_in_soc_analysis/ ThreatAft en 2026-04-21T10:57:38.000Z How can I start my path in SOC analysis https://www.reddit.com/r/cybersecurity/comments/1srk7l6/how_attackers_are_actually_getting_in/ ThreatAft en 2026-04-21T10:56:11.000Z How Attackers Are Actually Getting In https://thehackernews.com/2026/04/ngate-campaign-targets-brazil.html ThreatAft en 2026-04-21T10:40:00.000Z NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs https://www.reddit.com/r/cybersecurity/comments/1srjtur/why_forensic_readiness_is_emerging_as_a_real/ ThreatAft en 2026-04-21T10:36:08.000Z Why forensic readiness is emerging as a real enterprise security market https://www.reddit.com/r/cybersecurity/comments/1srjm74/hi_all_i_am_currently_in_a_grc_role_at_one_of_the/ ThreatAft en 2026-04-21T10:24:54.000Z Hi all, I am currently in a GRC role at one of the top universities in EU. I in this post want some guidance on how do I transition into red teaming roles. Any guidance on this will be extremely helpful. https://thehackernews.com/2026/04/google-patches-antigravity-ide-flaw.html ThreatAft en 2026-04-21T10:22:00.000Z Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution https://industrialcyber.co/ransomware/vect-formalizes-breachforums-and-teampcp-alliance-to-push-model-for-industrialized-ransomware-scale-raas-operations/ ThreatAft en 2026-04-21T10:18:47.000Z Vect formalizes BreachForums and TeamPCP alliance to push model for industrialized ransomware, scale RaaS operations https://industrialcyber.co/ransomware/darktrace-identifies-zionsiphon-malware-engineered-for-ot-disruption-in-israeli-water-sector-environments/ ThreatAft en 2026-04-21T10:15:48.000Z Darktrace identifies ZionSiphon malware engineered for OT disruption in Israeli water sector environments https://www.malwarebytes.com/blog/mobile/2026/04/android-17-ends-all-or-nothing-access-to-your-contacts ThreatAft en 2026-04-21T10:12:27.000Z Android 17 ends all-or-nothing access to your contacts https://www.bleepingcomputer.com/news/security/former-ransomware-negotiator-pleads-guilty-to-blackcat-attacks/ ThreatAft en 2026-04-21T10:12:21.000Z Former ransomware negotiator pleads guilty to BlackCat attacks https://industrialcyber.co/cisa/cisa-warns-organizations-of-supply-chain-compromise-in-axios-npm-package-delivering-remote-access-trojan/ ThreatAft en 2026-04-21T10:11:54.000Z CISA warns organizations of supply chain compromise in Axios npm package delivering remote access trojan https://www.securityweek.com/290-million-kelp-dao-crypto-heist-blamed-on-north-korea/ ThreatAft en 2026-04-21T10:02:09.000Z $290 Million Kelp DAO Crypto Heist Blamed on North Korea https://www.wired.com/story/they-built-privacy-tool-grapheneos-now-sworn-enemies/ ThreatAft en 2026-04-21T10:00:00.000Z They Built a Legendary Privacy Tool. Now They’re Sworn Enemies https://cyberscoop.com/anthropic-mythos-vulnerability-discovery-op-ed/ ThreatAft en 2026-04-21T10:00:00.000Z Mythos can find the vulnerability. It can’t tell you what to do about it. https://www.reddit.com/r/cybersecurity/comments/1srj393/ai_prompt_injection_the_new_security_nightmare/ ThreatAft en 2026-04-21T09:55:55.000Z AI Prompt Injection: The New Security Nightmare https://www.reddit.com/r/cybersecurity/comments/1srj1qm/full_day_technical_test_for_a_penetration_tester/ ThreatAft en 2026-04-21T09:53:28.000Z Full day technical test for a penetration tester role - is that normal? https://www.reddit.com/r/cybersecurity/comments/1sriofz/first_cyber_sec_analyst_job_interview_with_asda_uk/ ThreatAft en 2026-04-21T09:31:32.000Z First cyber sec analyst job interview with Asda (UK). https://www.infosecurity-magazine.com/news/vercel-cyber-incident-threat-actor/ ThreatAft en 2026-04-21T09:10:00.000Z Vercel Confirms Cyber Incident After Sophisticated Attacker Exploits Third‑Party Tool https://www.reddit.com/r/cybersecurity/comments/1sri8i7/research_microsoft_meta_google_shamelessly_track/ ThreatAft en 2026-04-21T09:05:30.000Z Research: Microsoft, Meta, Google shamelessly track you even if you opt out https://www.bleepingcomputer.com/news/security/ngate-android-malware-uses-handypay-nfc-app-to-steal-card-data/ ThreatAft en 2026-04-21T09:00:00.000Z NGate Android malware uses HandyPay NFC app to steal card data https://www.welivesecurity.com/en/eset-research/new-ngate-variant-hides-in-a-trojanized-nfc-payment-app/ ThreatAft en 2026-04-21T08:55:00.000Z New NGate variant hides in a trojanized NFC payment app https://www.infosecurity-magazine.com/news/north-korean-blamed-290m-kelpdao/ ThreatAft en 2026-04-21T08:30:00.000Z North Korean Blamed for $290m KelpDAO Crypto Heist https://www.reddit.com/r/cybersecurity/comments/1srgsts/in_my_recent_projects_i_dont_rely_on_a_single_llm/ ThreatAft en 2026-04-21T07:38:37.000Z In my recent projects, I don’t rely on a single LLM for security analysis anymore. https://isc.sans.edu/diary/rss/32910 ThreatAft en 2026-04-21T07:14:56.000Z A .WAV With A Payload, (Tue, Apr 21st) https://www.crowdstrike.com/en-us/blog/crowdstrike-falcon-platform-achieves-441-percent-roi-in-three-years/ ThreatAft en 2026-04-21T07:00:00.000Z CrowdStrike Falcon Platform Achieves 441% ROI in Three Years https://www.reddit.com/r/cybersecurity/comments/1srfst6/i_need_url_of_discord_server_to_learn_cyber/ ThreatAft en 2026-04-21T06:40:24.000Z I need url of discord server to learn cyber security https://thehackernews.com/2026/04/cisa-adds-8-exploited-flaws-to-kev-sets.html ThreatAft en 2026-04-21T06:23:00.000Z CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines https://www.reddit.com/r/cybersecurity/comments/1sreu19/vercel_got_exploited_again/ ThreatAft en 2026-04-21T05:46:31.000Z Vercel got exploited AGAIN https://www.reddit.com/r/cybersecurity/comments/1sreoqm/how_important_is_reconnaissance_in_bug_bounties/ ThreatAft en 2026-04-21T05:38:35.000Z How important is reconnaissance in bug bounties or actual hacking? When you do subdomain enumeration, etc., you only feel like you're getting further away from the actual target. https://www.reddit.com/r/netsec/comments/1sreolc/command_execution_via_draganddrop_in_terminal/ ThreatAft en 2026-04-21T05:38:22.000Z Command Execution via Drag-and-Drop in Terminal Emulators https://www.reddit.com/r/cybersecurity/comments/1srejs1/vertex_solutions_ai_cyber_security_app_vertex/ ThreatAft en 2026-04-21T05:31:12.000Z Vertex Solutions AI Cyber Security App (Vertex Security) https://www.reddit.com/r/cybersecurity/comments/1srehuk/did_the_vercel_incident_change_your_threat_model/ ThreatAft en 2026-04-21T05:28:26.000Z Did the Vercel incident change your threat model? https://www.reddit.com/r/cybersecurity/comments/1srdltb/can_anybody_offer_a_more_detailed_tutorial_on/ ThreatAft en 2026-04-21T04:42:28.000Z Can anybody offer a more detailed tutorial on using JtR password cracker https://www.reddit.com/r/cybersecurity/comments/1srdk07/being_gaslit_about_email_being_e2ee/ ThreatAft en 2026-04-21T04:39:49.000Z Being gaslit about email being E2EE https://www.reddit.com/r/cybersecurity/comments/1srdhrn/pictures_not_allowed/ ThreatAft en 2026-04-21T04:36:31.000Z Pictures not allowed?!? https://www.reddit.com/r/cybersecurity/comments/1srdeu5/could_someone_tell_me_realistically_how_grc_is/ ThreatAft en 2026-04-21T04:32:14.000Z Could someone tell me realistically how GRC is? https://www.helpnetsecurity.com/2026/04/21/securerouter-encrypted-ai-inference/ ThreatAft en 2026-04-21T04:30:41.000Z Researchers build an encrypted routing layer for private AI inference https://www.reddit.com/r/cybersecurity/comments/1srdai8/why_selfattestation_is_the_biggest_weakness_in/ ThreatAft en 2026-04-21T04:25:52.000Z Why "Self-Attestation" is the biggest weakness in current AI Governance (and how to fix it with telemetry) https://www.reddit.com/r/cybersecurity/comments/1srd29h/i_have_nothing_to_hide_the_last_words_of_every/ ThreatAft en 2026-04-21T04:14:16.000Z “I Have Nothing to Hide” — The Last Words of Every Cybercrime Victim: Cybersecurity 101 https://www.reddit.com/r/cybersecurity/comments/1srcw4c/dose_it_only_happen_with_me/ ThreatAft en 2026-04-21T04:05:52.000Z Dose it only happen with me ? https://www.helpnetsecurity.com/2026/04/21/cybersecurity-jobs-available-right-now-april-21-2026/ ThreatAft en 2026-04-21T04:00:53.000Z Cybersecurity jobs available right now: April 21, 2026 https://www.crowdstrike.com/en-us/blog/crowdstrike-shadow-AI-visibility-service/ ThreatAft en 2026-04-21T04:00:00.000Z Introducing the CrowdStrike Shadow AI Visibility Service https://www.reddit.com/r/cybersecurity/comments/1src7g4/i_made_a_demo/ ThreatAft en 2026-04-21T03:32:33.000Z I Made a Demo https://www.reddit.com/r/cybersecurity/comments/1srbffq/browser_extension_inventory_problem/ ThreatAft en 2026-04-21T02:56:10.000Z Browser Extension Inventory problem https://www.reddit.com/r/cybersecurity/comments/1sram3b/agentbom_0801_open_security_scanner_for_ai_supply/ ThreatAft en 2026-04-21T02:19:28.000Z Agent-bom 0.80.1: Open security scanner for AI supply chain: agents, MCP, containers, cloud, GPU, and runtime.