ICYMI: 2026-04-07
Latest Headlines
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk
Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign
New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure
Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything
Anthropic Unveils ‘Claude Mythos’ – A Cybersecurity Breakthrough That Could Also Supercharge Attacks
GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data
GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack
Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems
New BPFDoor Variants Use Stateless C2 and ICMP Relays to Evade Detection
Hackers Exploit Kubernetes Misconfigurations to Move From Containers to Cloud Accounts
Hackers Use Fake Gemini npm Package to Steal Tokens From Claude, Cursor, and Other AI Tools
Hackers Exploit Next.js React2Shell Flaw to Steal Credentials From 766 Hosts in 24 Hours
Hackers Use ClickFix Lure to Drop Node.js-Based Windows RAT With Tor-Powered C2
Russian Hackers Exploiting Home and Small-office Routers in Massive DNS hijacking Attack
Fake Software Installers Used to Drop RATs and Monero Miners in Long-Running Malware Campaign
New GPUBreach Attack Enables System-Wide Compromise Up to a Root Shell
From Alert Overload to Rapid Response: Why Threat Intelligence Is a Top Solution for Fast MTTR
Critical Android “Zero-Interaction” Vulnerability Enables DoS Attacks
Hackers exploit critical flaw in Ninja Forms WordPress plugin
FBI: Americans lost a record $21 billion to cybercrime last year
Snowflake customers hit in data theft attacks after SaaS integrator breach
US warns of Iranian hackers targeting critical infrastructure
Max severity Flowise RCE vulnerability now exploited in attacks
Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
– MTZ