ICYMI: 2026-04-30
Latest Headlines
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts
90,000 Screenshots of One Celebrity’s Phone Were Exposed Online
Anthropic Unveils Claude Security to Counter AI-Powered Exploit Surge
AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours
SonicWall Urges Immediate Patching of Firewall Vulnerabilities
Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks
EnOcean SmartServer Flaws Expose Buildings to Remote Hacking
Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months
‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover
Microsoft Windows 11 April 2026 Security Update Breaks Third-Party Backup Applications
Qilin Ransomware Enumerates RDP Authentication History on a Compromised Server
Targeted Large-Scale Campaign Attacking U.S. Organizations with Fake Event Invitations
FBI and CISA Released Zero Trust Principles Implementation Guide for OT Environments
Popular Python Package lightning Hacked in Supply Chain Attack
Google Gemini CLI Vulnerabilities Allow Attackers to Execute Commands on Host Systems
Jenkins Patches High-Severity Plugin Flaws Including Path Traversal and Stored XSS
WordPress Plugin Hacked Since 2020 to Inject Malicious Code Silently
OpenAI Releases 5-Point Action Plan to Strengthen AI-Powered Cyber Defense
New Bluekit phishing service includes an AI assistant, 40 templates
Romanian leader of online swatting ring gets 4 years in prison
FBI links cybercriminals to sharp surge in cargo theft attacks
April KB5083769 Windows 11 update causes backup software failures
What Happens in the First 24 Hours After a New Asset Goes Live
New Linux ‘Copy Fail’ flaw gives hackers root on major distros
Critical cPanel and WHM bug exploited as a zero-day, PoC now available
Police dismantles 9 crypto scam centers, arrests 276 suspects
– MTZ