ICYMI: 2026-04-15
Latest Headlines
n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
Deterministic + Agentic AI: The Architecture Exposure Validation Requires
Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities
OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams
The Deepfake Nudes Crisis in Schools Is Much Worse Than You Thought
Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure
Capsule Security Emerges From Stealth With $7 Million in Funding
‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks
$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks
Trump Urges Extending Foreign Surveillance Program as Some Lawmakers Push for US Privacy Protections
Google, Microsoft, Meta Tracking You Even if You Opt Out – New Research
Microsoft Releases Cumulative Update KB5083769 for Windows 11, Version 25H2 and 24H2
Windows Active Directory Vulnerability Allow Attackers to Execute Malicious Code
New PHP Composer Vulnerability Let Attackers Execute Arbitrary Commands
Adobe Acrobat Reader Vulnerabilities Let Attackers Execute Arbitrary Code
MuddyWater-Style Hackers Scan 12,000+ Systems Before Hitting Middle East Critical Sectors
Hackers Using Google Cloud Storage to Bypass Email Filters and Deliver Remcos RAT
Hackers Hide Backdoor in Trusted WordPress Plugins for 8 Months Before Activating Malware
Hackers Create Hidden Mailbox Rules in Microsoft 365 to Intercept Sensitive Business Emails
Agentic LLM Browsers Expose New Attack Surface for Prompt Injection and Data Theft
Critical Nginx UI auth bypass flaw now actively exploited in the wild
New AgingFly malware used in attacks on Ukraine govt, hospitals
WordPress plugin suite hacked to push malware to thousands of sites
Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest
CISA flags Windows Task Host vulnerability as exploited in attacks
Microsoft: April updates trigger BitLocker key prompts on some servers
Microsoft fixes bug behind Windows Server 2025 automatic upgrades
– MTZ