ICYMI: 2026-04-14
Latest Headlines
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
AI-Driven Pushpaganda Scam Exploits Google Discover to Spread Scareware and Ad Fraud
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
In the Wake of Anthropic’s Mythos, OpenAI Has a New Cybersecurity Model—and Strategy
Telegram Is Still Hosting a Sanctioned $21 Billion Crypto Scammer Black Market
The FCC Has a Fast Lane for Complaints About Trump’s Media Critics
Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities
‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats
Europe’s Largest Gym Chain Says Data Breach Impacts 1 Million Members
Google Adds Rust DNS Parser to Pixel Phones for Better Security
Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities
Security Risk Advisors Purple Team Participants Can Now Earn CPE Credits
Fortinet Patches 11 Vulnerabilities Across FortiSandbox, FortiOS, FortiAnalyzer, and FortiManager
Microsoft Patch Tuesday April 2026 – 168 Vulnerabilities Fixed, Including Actively Exploited 0-day
Critical etcd Auth Bypass Flaw Allows Unauthorized Access to Sensitive Cluster APIs
Ivanti Neurons for ITSM Vulnerabilities Allow Remote Attacker to Obtain User Sessions
CISA Warns of Microsoft Exchange and Windows CLFS Vulnerabilities Exploited in Attacks
Critical ShowDoc RCE Vulnerability Active Exploited in the Wild
Synology SSL VPN Client Vulnerabilities Let Remote Attackers Access Sensitive Files
Critical FortiSandbox Vulnerabilities Allow Attackers to Execute Unauthorized Commands
New Mirax Android RAT Turns Infected Phones Into Residential Proxy Nodes
Microsoft adds Windows protections for malicious Remote Desktop files
Crypto-exchange Kraken extorted by hackers after insider breach
Over 100 Chrome Web Store extensions steal user accounts, data
Microsoft releases Windows 10 KB5082200 extended security update
Windows 11 cumulative updates KB5083769 & KB5082052 released
Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
Fake Ledger Live app on Apple’s App Store stole $9.5M in crypto
Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
– MTZ