ICYMI: 2026-04-23
Latest Headlines
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
Project Glasswing Proved AI Can Find the Bugs. Who’s Going to Fix Them?
China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages
Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet
Chinese Cybersecurity Firm’s AI Hacking Claims Draw Comparisons to Claude Mythos
Rilian Raises $17.5 Million for AI-Native Security Orchestration
The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface
AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers
Recent Microsoft Defender Vulnerability Exploited as Zero-Day
North Korean Hackers Use Fake IT Worker Scheme to Infiltrate Companies and Evade Sanctions
Malicious npm Package Turns Hugging Face Into Malware CDN and Exfiltration Backend
AI-Assisted Lazarus Campaign Targets Developers With Backdoored Coding Challenges
Bitwarden CLI Compromised in Supply Chain Attack via GitHub Actions
Hackers Abuse Fake Wallpaper App and YouTube Channel to Spread notnullOSX Malware
Fake TradingView AI Agent Site is Delivering Needle Stealer Malware via Fake TradingClaw
Hackers Use Outlook Mailboxes to Hide Linux GoGra Backdoor Communications
Microsoft Teams Rolls Out Efficiency Mode to Optimize Performance on Low-End Devices
Vercel Confirms Security Breach – Set of Customer Account Compromised
New Tropic Trooper Attack Uses Custom Beacon Listener and VS Code Tunnels for Remote Access
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Bitwarden CLI npm package compromised to steal developer credentials
Trigona ransomware attacks use custom exfiltration tool to steal data
New Checkmarx supply-chain breach affects KICS analysis tool
Cosmetics giant Rituals discloses data breach affecting customers
Microsoft: Some Teams users can’t join meetings after Edge update
UK warns of Chinese hackers using proxy networks to evade detection
New GopherWhisper APT group abuses Outlook, Slack, Discord for comms
CISA orders feds to patch BlueHammer flaw exploited as zero-day
– MTZ