AttackFeed by Joe Wagner

The Cybersecurity and Infrastructure Security Agency has informed participants of the federal government’s Scholarship for Service program that it has canceled this year’s summer internship programs due to the current funding issues at the Department of Homeland Security.  Emails from CISA obtained by CyberScoop recently informed applicants that the agency will not bring any CyberCorps: … Read More “CISA cancels summer internships for cyber scholarship students amid DHS funding lapse  – CyberScoop” »

Digital Annotations replace paper markups in business, enabling real time collaboration, version control, and secure document workflows across teams.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in Windows Defender dubbed “BlueHammer.” Separately, Google Chrome fixed its fourth zero-day of 2026, and an emergency update for Adobe Reader nixes an actively exploited … Read More “Patch Tuesday, April 2026 Edition  – Krebs on Security” »

Microsoft addressed 165 vulnerabilities affecting its various products and underlying systems, including one actively exploited vulnerability in Microsoft Office SharePoint, in this month’s Patch Tuesday update.  “By my count, this is the second-largest monthly release in Microsoft’s history,” Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative, wrote in a blog post … Read More “Microsoft drops its second-largest monthly batch of defects on record  – CyberScoop” »

A malicious Ledger Live app for macOS available from Apple’s App Store has drained approximately $9.5 million in cryptocurrency from 50 victims in just a few days this month. […]  – Read More  – BleepingComputer 

Today is Microsoft’s April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities. […]  – Read More  – BleepingComputer 

Microsoft has released Windows 11 KB5083769 and KB5082052 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. […]  – Read More  – BleepingComputer 

Education company McGraw-Hill has confirmed in a statement to BleepingComputer that hackers exploited a Salesforce misconfiguration and accessed its internal data. […]  – Read More  – BleepingComputer 

Microsoft has released the Windows 10 KB5082200 extended security update to fix the April 2026 Patch Tuesday vulnerabilities, including 2 zero-days. […]  – Read More  – BleepingComputer 

Seth Whitworth, who is both acting Associate Deputy Chief of Space Operations for Cyber and Data and acting chief information security officer, said he believes AI tools are shifting the way defenders review cyber risk, both for individual systems and more holistically throughout an enterprise.   In particular, Large Language Models can be used to systematically … Read More “Space Force official touts AI’s impact on cyber compliance  – CyberScoop” »

Philadelphia, United States / Pennsylvania, 14th April 2026, CyberNewswire  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Critical wolfSSL flaw CVE-2026-5194 allows digital ID forgery across billions of devices, update to version 5.9.1 to fix the issue and reduce risk.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

It’s time once again for Patch Tuesday, and this one is huge. We’ve also got multiple exploits in the wild, which adds another layer of urgency to this month’s release. Take a break from your regularly scheduled activities, and let’s take a look at the latest security patches from Adobe and Microsoft. If you’d rather … Read More “The April 2026 Security Update Review  – Zero Day Initiative – Blog” »

Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities have been described as command injection flaws affecting the Perforce VCS (version control software) driver. Details of the two flaws are below – CVE-2026-40176 (CVSS  – Read More  – The Hacker News 

A small group of former Black Basta affiliates have targeted more than 100 employees across dozens of organizations to intrude network systems for potential data theft, ransomware deployment and extortion, according to ReliaQuest. The social engineering campaign, which involves mass email bombing and Microsoft Teams help desk impersonation, surged last month and dates back to … Read More “Black Basta’s playbook lives on as former affiliates launch fast-scale intrusion campaign  – CyberScoop” »

Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google’s Discover feed and trick users into enabling persistent browser notifications that lead to scareware and financial scams. The campaign, which has been  – Read More  – … Read More “AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud  – The Hacker News” »

Google has announced the integration of a Rust-based Domain Name System (DNS) parser into the modem firmware as part of its ongoing efforts to beef up the security of Pixel devices and push memory-safe code at a more foundational level. “The new Rust-based DNS parser significantly reduces our security risk by mitigating an entire class of … Read More “Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security  – The Hacker News” »

ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Booking.com confirms a data breach exposing customer details to hackers. No payment data accessed, but users face risk of targeted phishing scams now!  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly 400%. The surge in AI-assisted development is creating a “velocity gap” where the density of high-impact vulnerabilities is scaling faster than  – Read More  – The Hacker News 

On March 23, the Senate confirmed Senator Markwayne Mullin as the next homeland security secretary, marking an important step in strengthening leadership during a critical moment for our nation’s security. But only half of the job is done. The Cybersecurity and Infrastructure Security Agency (CISA), the federal government’s main civilian cyber defense agency, still lacks … Read More “Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey  – CyberScoop” »

Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with the goal of collecting user data and enabling browser-level abuse by injecting ads and arbitrary JavaScript code into every web page visited. According to Socket, the extensions are … Read More “108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users  – The Hacker News” »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2026-21643 (CVSS score: 9.1) –  An SQL injection vulnerability in  Fortinet FortiClient EMS that could allow an unauthenticated attacker to  – Read … Read More “CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software  – The Hacker News” »

A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which carries a CVSS score of 9.4 out of 10.0. It relates to a case of unrestricted file upload that stems from improper validation of  – Read More  – … Read More “ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers  – The Hacker News” »

A joint report from the Cloud Security Alliance (CSA), the SANS Institute and the Open Worldwide Application Security Project (OWASP) concludes that in the near term, organizations are “likely to be overwhelmed” by threat actors using AI to find and exploit vulnerabilities faster than defenders can patch them. While those organizations can use AI tools … Read More “Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos  – CyberScoop” »

OpenAI rotates macOS certificates after downloading a compromised Axios version, urging users to update apps before revoked certificates are blocked in May 2026.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

OpenAI updated its security certificates and is requiring all macOS users to update to the latest versions after determining its products, along with many others, were impacted by a widespread supply-chain attack that briefly infected a popular open-source library in late March, the company said in a blog post Friday. The artificial intelligence vendor said … Read More “OpenAI’s Mac apps need updates thanks to the Axios hack  – CyberScoop” »

Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to be the target of a malware family called JanelaRAT. A modified version of BX RAT, JanelaRAT is known to steal financial and cryptocurrency data associated with specific financial entities, as well as track mouse inputs, log keystrokes, take screenshots, and … Read More “JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025  – The Hacker News” »

The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an off-the-shelf toolkit called W3LL to steal thousands of victims’ account credentials and attempt more than $20 million in fraud. In tandem, authorities detained the alleged developer, who has&  – Read … Read More “FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts  – The Hacker News” »

BITTER APT spreads ProSpy and ToSpy via Signal, Google, and Zoom lures, targeting journalists through LinkedIn and iMessage spearphishing.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings where the gap between a quiet shift and a … Read More “⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More  – The Hacker News” »

Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks’ Wendi Whitmorewarned that similar capabilities are weeks or months from proliferation. CrowdStrike’s 2026 Global Threat Report puts average eCrime breakout time at 29 minutes. Mandiant’s M-Trends 2026  – Read More  – … Read More “Your MTTD Looks Great. Your Post-Alert Gap Doesn’t  – The Hacker News” »

Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Ghost APIs are deprecated endpoints left active, exposing systems to attack. Learn how they differ from shadow APIs and why they create hidden security risks  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More