ICYMI: 2026-04-28
Latest Headlines
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
The Race Is on to Keep AI Agents From Running Wild With Your Credit Cards
The Mythos Moment: Enterprises Must Fight Agents with Agents
Dozens of Open VSX Extension Clones Linked to GlassWorm Malware
Sevii Launches Cyber Swarm Defense to Make Agentic AI Security Costs Predictable
Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety
No Patch for New PhantomRPC Privilege Escalation Technique in Windows
New BlobPhish Attack Leverages Browser Blob Objects to Steal Users’ Login Credentials
Critical GitHub.com and Enterprise Server RCE Vulnerability Enables Full Server Compromise
Microsoft Confirms Remote Desktop Warnings May Display Incorrectly After April Update
Checkmarx Confirms GitHub Repository Data Published on Dark Web
Critical LiteLLM SQL Injection Vulnerability Exploited in the Wild
Chinese Silk Typhoon Hacker Extradited to the U.S. from Italy
WhatsApp Testing Own Cloud Backup Provider for Default End-to-End Encryption
New Windows 0-Click Vulnerability Exploited to Bypass Defender SmartScreen
New Silver Fox Campaign Uses Fake Tax Audit Alerts and Software Updates to Deliver Malware
Chinese-Backed Smishing Services Use OTT Messaging and SMS to Scale Credential Theft
Broken VECT 2.0 ransomware acts as a data wiper for large files
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
Video service Vimeo confirms Anodot breach exposed user data
US reportedly charges Scattered Spider hacker arrested in Finland
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Microsoft to deprecate legacy TLS in Exchange Online starting July
Microsoft: New Remote Desktop warnings may display incorrectly
Microsoft asks iPhone users to reauthenticate after Outlook outage
– MTZ