Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vuln…
Vulnerability in AdaptiveGRC software
CVE ID CVE-2026-4313 Publication date 24 April 2026 Vendor C&F Product AdaptiveGRC Vulnerable versions released before December 2025.…
French Police Arrest HexDex Hacker Over Mass Data Theft and Leaks
French police have arrested a 20-year-old male suspected of alleged data exfiltration from dozens of websites and stealing private…
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2…
Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation
Malicious npm packages have been identified distributing malware that steals credentials and attempts to spread across developer ecosystems.…
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active…
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams…
Harvester APT Expands Spying Operations with New GoGra Linux Malware
A nation-state-backed Advanced Persistent Threat (APT) group identified as Harvester has, reportedly, developed a new, malicious backdoor…
Google Favors General-Purpose Gemini Models Over Cybersecurity‑Specific AI
Google Cloud’s operations chief said the tech giant does not plan to release a separate, cyber‑focused frontier model like…
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from…
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small…
Apple Fixes iOS Notification Bug Exposing Deleted Messages
Apple has issued an emergency update to fix a Notification Services flaw that caused deleted alerts to remain stored on devices,…
![[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed](https://x86.se/wp-content/uploads/2026/04/webinar-mythos-reality-check-beating-automated-exploitation-at-ai-speed-400x225.jpg)
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
Imagine a world where hackers don't sleep, don't take breaks, and find weak spots in your systems instantly. Well, that world is already here.…
Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform
Google is betting big on agentic AI and wants professionals to track their AI agents on its new hub Gemini Enterprise Agent Platform.…
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the…
Cyber-Attacks Surge 63% Annually in Education Sector
Schools and universities across the globe experienced a sharp increase in attacks last year thanks to the combined threat from…
Hackers Use Hidden Website Instructions in New Attacks on AI Assistants
Threat actors are now using a method called Indirect Prompt Injection (IPI) to trick Large Language Models (LLMs) by hiding secret commands on…
Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents
Security researchers have discovered 10 new indirect prompt injection (IPI) payloads targeting AI agents with malicious instructions designed…
China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
Mongolian governmental institutions have emerged as the target of a previously undocumented China-aligned advanced persistent threat (APT)…
NCSC Backs Passkeys, Hailing a New Era of Sign-in
The UK’s National Cyber Security Centre (NSCS) has fully backed passkeys, stating that it should be “should now be…
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security…
Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages
Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion…
Discord-Linked Group Accessed Anthropic’s Claude Mythos AI in Vendor Breach
Two weeks after Anthropic announced Claude Mythos Preview (aka Claude Mythos and Mythos AI) as part of its Project Glasswing initiative, the…
MacOS Native Tools Enable Stealthy Enterprise Attacks
A growing range of native macOS features are being repurposed by attackers to execute code, move laterally and evade detection, according to…
NCSC Unveils SilentGlass, a Plug-In Device to Protect Monitors from Cyber-Attacks
The UK National Cyber Security Centre (NCSC) has unveiled a new technology designed to protect video connections from cyber-attacks. The…
UK Commits £90m for Cybersecurity and Pushes for ‘Resilience Pledge’
The UK government has announced a £90m ($120m) injection into cybersecurity aiming to strengthen the nation’s cyber…
Surge in Silent Subject Phishing Attacks Targets VIP Users
A surge in phishing emails lacking subject lines has been identified as part of a widespread campaign targeting high-value users. According to…
Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang
A former ransomware negotiator has pleaded guilty to secretly working with the BlackCat ransomware group and consipring to launch attacks…
The case for dependency cooldowns in a post-axios world
Application security has reached a crossroads between velocity and security. In the past, teams focused on the risks of outdated dependencies,…
Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8562
In the previous post, we continued our series on the unpatchable vulnerabilities of Kubernetes, examining how CVE-2020-8561 combined multiple…
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages to distribute malicious Visual Basic Script (VBS) files.…
Block the Prompt, Not the Work: The End of "Doctor No"
There is a character that keeps appearing in enterprise security departments, and most CISOs know exactly who that is. It doesn’t build.…
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
A multi-pronged phishing campaign is targeting Spanish-speaking users in organizations across Latin America and Europe to deliver Windows…
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
Google on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said…
3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
For years, cybersecurity has followed a familiar model: block malware, stop the attack. Now, attackers are moving on to what’s next.…
Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts
Cybersecurity researchers have disclosed a security "blind spot" in Google Cloud's Vertex AI platform that could allow artificial intelligence…
The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority
The cybersecurity landscape is accelerating at an unprecedented rate. What is emerging is not simply a rise in the number of vulnerabilities…
Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains
Chinese-speaking users are the target of an active campaign that uses typosquatted domains impersonating trusted software brands to deliver a…
Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a…
Compromised axios npm package delivers cross-platform RAT
Key points and observations On March 31, 2026, an attacker hijacked an axios npm maintainer account and published two malicious releases:…
⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods…
3 SOC Process Fixes That Unlock Tier 1 Productivity
What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest delays do not come from the threat…
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of…