https://threatdigest.io/article/iranian-attacks-on-us-critical-infrastructure-puts-3900-devices-in-crosshairs/ theAIcatchup en 2026-04-09T21:39:07.571964+00:00 Iran's Hidden Assault: 3,900 US PLCs Exposed in the Wild Iran cyber attacks, OT security, PLC vulnerabilities, critical infrastructure https://threatdigest.io/article/new-venom-phishing-attacks-steal-senior-executives-microsoft-logins/ theAIcatchup en 2026-04-09T21:32:24.134185+00:00 VENOM Phishing: QR Codes That Hijack C-Suite Microsoft Logins C-suite credential theft, Microsoft phishing, PhaaS attacks, VENOM phishing https://threatdigest.io/article/why-is-the-timeline-to-quantum-proof-everything-constantly-shrinking/ theAIcatchup en 2026-04-09T20:59:39.476096+00:00 Quantum Encryption's Deadline Just Slipped to 2030 China quantum advances, encryption migration, post-quantum cryptography, quantum computing threats https://threatdigest.io/article/the-agentic-socrethinking-secops-for-the-next-decade/ theAIcatchup en 2026-04-09T20:15:40.833655+00:00 Agentic SOC: AI Savior or Vendor Hype Reloaded? AI in cybersecurity, SOC automation, SecOps transformation, agentic SOC https://threatdigest.io/article/engagelab-sdk-flaw-exposed-50m-android-users-including-30m-crypto-wallets/ theAIcatchup en 2026-04-09T19:52:21.057286+00:00 EngageLab SDK Flaw Exposed 50M Android Devices — 30M Crypto Wallets in the Crosshairs Android vulnerability, EngageLab SDK, crypto wallet security, intent redirection https://threatdigest.io/article/several-dozen-high-value-corporations-hit-by-new-extortion-crew-in-helpdesk-phishing-spree/ theAIcatchup en 2026-04-09T19:42:21.194001+00:00 Dozens of Elite Corporations Rocked by UNC6783's Helpdesk Phishing Onslaught BPO attacks, UNC6783, extortion crew, helpdesk phishing https://threatdigest.io/article/februarys-patch-tuesday-assumes-battle-stations/ theAIcatchup en 2026-04-09T19:40:02.898794+00:00 Microsoft's February Patch Tuesday: 58 Fixes, 6 Active Exploits, Azure in the Crosshairs Azure vulnerabilities, Microsoft CVEs, Patch Tuesday, active exploits https://threatdigest.io/article/evil-evolution-clickfix-and-macos-infostealers/ theAIcatchup en 2026-04-09T19:37:50.106554+00:00 ClickFix Mutates: macOS Infostealers Get Sneakier ClickFix, MacSync, macOS infostealers, malvertising https://threatdigest.io/article/healthcare-it-solutions-provider-chipsoft-hit-by-ransomware-attack/ theAIcatchup en 2026-04-09T19:36:19.017319+00:00 ChipSoft Ransomware: When One Vendor's Glitch Cripples Dutch Hospitals ChipSoft ransomware, Dutch hospitals outage, EHR breach, healthcare IT attack https://threatdigest.io/article/oracle-vulnerability-cve-2026-21992-impacts-core-products/ theAIcatchup en 2026-04-09T19:35:47.088750+00:00 Oracle's CVE-2026-21992 Lets Hackers Run Wild on Identity Systems CVE-2026-21992, Fusion Middleware, Oracle vulnerability, remote code execution https://threatdigest.io/article/incident-responders-sil-vous-plait-invites-lead-to-odd-malware-events/ theAIcatchup en 2026-04-09T19:34:01.092782+00:00 Fake Party Invites Are Handing Hackers the Keys to Your PC LogMeIn Resolve, RMM malware, infostealer, phishing campaign https://threatdigest.io/article/google-chrome-adds-infostealer-protection-against-session-cookie-theft/ theAIcatchup en 2026-04-09T19:33:19.650547+00:00 Chrome's Hardware-Locked Sessions Crush Cookie-Stealing Malware — But Only If Sites Play Ball Chrome DBSC, TPM security, infostealer malware, session cookie theft https://threatdigest.io/article/march-patch-tuesday-visits-15-product-families/ theAIcatchup en 2026-04-09T19:32:02.336955+00:00 Microsoft's March Patch Bonanza: 84 Holes Plugged, But Obscure Gear Takes the Hits Elevation of Privilege, March 2026 updates, Microsoft CVEs, Patch Tuesday https://threatdigest.io/article/android-devices-ship-with-firmware-level-malware/ theAIcatchup en 2026-04-09T19:25:40.222634+00:00 Budget Android Phones Are Shipping Straight from Factories with Firmware Malware Android firmware infection, Android firmware malware, Keenadu backdoor, Keenadu malware, budget Android phones, budget Android security, supply chain attack, supply chain compromise https://threatdigest.io/article/axios-npm-package-compromised-to-deploy-malware/ theAIcatchup en 2026-04-09T19:23:10.234053+00:00 North Korean Hackers Compromise Axios NPM Package, Deploying RAT Across Platforms axios compromise, nickel gladstone, npm supply chain attack, remote access trojan https://threatdigest.io/article/hacktivist-campaigns-increase-as-united-states-iran-and-israel-conflict-intensifies/ theAIcatchup en 2026-04-09T19:22:37.521501+00:00 Iranian Hacktivists Light Up Chats as US-Israel Strikes Hit Iran DDoS threats, Iran cyber, Israel attacks, hacktivists https://threatdigest.io/article/initial-access-techniques-used-by-iran-based-threat-actors/ theAIcatchup en 2026-04-09T19:22:24.542592+00:00 Iranian Hackers Stick to Cheap Tricks: Phishing, Sprays, and Lazy Patches Fortinet exploits, Iranian threat actors, initial access techniques, password spraying, phishing T1566 https://threatdigest.io/article/chevin-pulls-the-handbrake-on-fleetwave-software-after-security-scare/ theAIcatchup en 2026-04-09T19:22:21.506372+00:00 FleetWave Blackout: Chevin's Azure Security Fumble Leaves Fleets Stranded Azure fleet management, Chevin security incident, FleetWave outage, SaaS cyber scare https://threatdigest.io/article/can-we-trust-ai-no-but-eventually-we-must/ theAIcatchup en 2026-04-09T19:18:53.881215+00:00 AI's Big Lie: We Can't Trust It, But Business Demands We Do AI hallucinations, AI trust issues, llm-vulnerabilities, model collapse https://threatdigest.io/article/security-researchers-tricked-apple-intelligence-into-cursing-at-users-it-could-have-been-a-lot-worse/ theAIcatchup en 2026-04-09T19:17:13.926127+00:00 Apple Intelligence Jailbroken to Curse and Fake Contacts Apple Intelligence, Neural Exec, RSAC security research, prompt injection https://threatdigest.io/article/opswat-adds-predictive-ai-engine-to-metadefender-for-pre-execution-threat-detection/ theAIcatchup en 2026-04-09T19:16:40.595667+00:00 OPSWAT's Predictive AI: Precision Filter or Just More Hype for Overworked SecOps? OPSWAT MetaDefender, Predictive AI, false positive reduction, pre-execution detection https://threatdigest.io/article/bitter-linked-hack-for-hire-campaign-targets-journalists-across-mena-region/ theAIcatchup en 2026-04-09T19:15:01.132489+00:00 Indian-Linked Hackers' Phishing Onslaught Hits MENA Journalists Hard Bitter APT, MENA phishing, hack-for-hire, journalist targeting https://threatdigest.io/article/nowhere-man-the-2026-active-adversary-report/ theAIcatchup en 2026-04-09T19:14:12.889398+00:00 Nowhere, Man: Cyber Threats Stuck in 2025's Same Old Groove active adversary report, cyber threats 2025, identity attacks, sophos ir https://threatdigest.io/article/webinar-from-noise-to-signal-what-threat-actors-are-targeting-next/ theAIcatchup en 2026-04-09T19:12:16.606990+00:00 Dark Web Chatter: Hackers Broadcasting Their Next Heist Before You Notice Telegram threats, dark web monitoring, proactive security, threat actor signals https://threatdigest.io/article/cisco-sd-wan-vulnerabilities-cve-2026-20127-cve-2022-20775-in-active-exploitation/ theAIcatchup en 2026-04-09T19:11:32.096025+00:00 Hackers Are Already Poking Holes in Cisco's SD-WAN – And Feds Are Scrambling CISA directive, CVE-2022-20775, CVE-2026-20127, Cisco SD-WAN https://threatdigest.io/article/google-api-keys-in-android-apps-expose-gemini-endpoints-to-unauthorized-access/ theAIcatchup en 2026-04-09T19:11:15.090209+00:00 Hidden Gemini Keys in Top Android Apps: 500 Million Users' Data on the Line API key leakage, Android API keys, Android security flaw, CloudSEK research, Gemini AI exposure, Gemini security flaw, Google API keys, Google Gemini https://threatdigest.io/article/mallory-brings-contextual-threat-intelligence-to-security-operations/ theAIcatchup en 2026-04-09T19:10:40.987009+00:00 Mallory's AI Threat Intel: Answers, Not Just Alarms AI security, CISO tools, Mallory, threat intelligence https://threatdigest.io/article/the-best-dedicated-web-hosting-of-2026-expert-tested-and-reviewed/ theAIcatchup en 2026-04-09T19:10:30.064046+00:00 Liquid Web Claims 2026's Dedicated Hosting Crown—But IONOS Steals Value Crown IONOS hosting, Liquid Web, WP Engine 2026, dedicated web hosting https://threatdigest.io/article/inside-the-fbis-router-takedown-that-cut-off-apt28s-tremendous-access/ theAIcatchup en 2026-04-09T19:10:06.180139+00:00 FBI's Precision Strike: Severing APT28's Grip on 18,000 Routers APT28, FBI takedown, Operation Masquerade, router compromise https://threatdigest.io/article/the-openclaw-experiment-is-a-warning-shot-for-enterprise-ai-security/ theAIcatchup en 2026-04-09T19:09:48.560012+00:00 OpenClaw's Exposed Underbelly: Agentic AI's Security Reckoning AI security risks, OpenClaw, agentic AI, prompt injection https://threatdigest.io/article/the-hidden-security-risks-of-shadow-ai-in-enterprises/ theAIcatchup en 2026-04-09T19:09:17.226618+00:00 Shadow AI: Enterprises' Invisible Data Leak Factory AI risks, data leaks, enterprise security, shadow AI https://threatdigest.io/article/claude-helps-researcher-dig-up-decade-old-apache-activemq-rce-vulnerability-cve-2026-34197/ theAIcatchup en 2026-04-09T19:07:00.322042+00:00 Claude Unearths 13-Year-Old ActiveMQ RCE Time Bomb (CVE-2026-34197) Apache ActiveMQ, CVE-2026-34197, Claude AI, Jolokia, RCE vulnerability https://threatdigest.io/article/when-attackers-already-have-the-keys-mfa-is-just-another-door-to-open/ theAIcatchup en 2026-04-09T19:05:25.619201+00:00 Figure Breach: When 967K Emails Turn MFA into a Speed Bump AiTM attacks, Figure breach, MFA bypass, credential stuffing https://threatdigest.io/article/zephyr-energy-loses-700k-in-cyber-hit-that-rerouted-contractor-payment/ theAIcatchup en 2026-04-09T19:04:27.243088+00:00 Zephyr Energy's £700K Payment Hijack: Old-School Scam Hits Oil Biz Hard Zephyr Energy cyber attack, business email compromise, oil gas cybersecurity, payment fraud https://threatdigest.io/article/113000-explicit-prompts-from-ai-girlfriend-platform-exposed-many-linked-to-user-ids/ theAIcatchup en 2026-04-09T19:03:09.363567+00:00 MyLovely.AI's Massive Leak: 113K Explicit Prompts Tied to User IDs AI data exposure, MyLovely.AI breach, NSFW AI leak, sextortion risk https://threatdigest.io/article/intent-redirection-vulnerability-in-third-party-sdk-exposed-millions-of-android-wallets-to-potential-risk/ theAIcatchup en 2026-04-09T19:02:58.564068+00:00 30 Million Android Wallets Nearly Drained by Sneaky SDK Flaw Android security, EngageSDK, crypto wallet risk, intent redirection vulnerability https://threatdigest.io/article/advenicas-file-scanner-kiosk-scans-usb-media-for-malware/ theAIcatchup en 2026-04-09T19:02:43.324217+00:00 Advenica's USB Kiosk Promises Malware-Free Transfers—But Is It Just Air-Gapping in a Box? Advenica kiosk, USB malware scanner, air-gapped security, file transfer protection https://threatdigest.io/article/claude-managed-agents-bring-execution-and-control-to-ai-agent-workflows/ theAIcatchup en 2026-04-09T19:00:44.732921+00:00 Claude Managed Agents: Anthropic Tames Wild AI Workflows AI agents, Anthropic, Claude Managed Agents, sandboxed execution https://threatdigest.io/article/threat-intelligence-executive-report-volume-2025-number-6/ theAIcatchup en 2026-04-09T19:00:29.167335+00:00 EDR Killers: Ransomware's Sneaky New Weapon BYOVD attacks, EDR killers, infostealers, ransomware precursors https://threatdigest.io/article/on-microsofts-lousy-cloud-security/ theAIcatchup en 2026-04-09T18:59:48.964625+00:00 Microsoft's Shoddy Cloud Docs Earn FedRAMP Nod Anyway—Taxpayers Foot the Bill FedRAMP, GCC High, Microsoft cloud security, ProPublica report https://threatdigest.io/article/adobe-reader-zero-day-exploited-for-months-researcher/ theAIcatchup en 2026-04-09T18:57:03.358505+00:00 Adobe Reader Zero-Day Sneaks Through PDFs for Months, Evading Detection Adobe Reader zero-day, Expmon, Haifei Li, PDF exploit, sandbox escape https://threatdigest.io/article/nickel-alley-strategy-fake-it-til-you-make-it/ theAIcatchup en 2026-04-09T18:55:51.531676+00:00 North Korea's NICKEL ALLEY Fakes Tech Jobs to Slip PyLangGhost RAT onto Dev Machines NICKEL ALLEY, North Korea malware, PyLangGhost RAT, fake job interviews https://threatdigest.io/article/google-warns-of-new-threat-group-targeting-bpos-and-helpdesks/ theAIcatchup en 2026-04-09T18:55:39.995011+00:00 Helpdesk Hell: Google's UNC6783 Warning Exposes BPO Phishing Plague BPO phishing, Google Threat Intelligence, UNC6783, helpdesk extortion https://threatdigest.io/article/we-let-openclaw-loose-on-an-internal-network-heres-what-it-found/ theAIcatchup en 2026-04-09T18:55:24.050561+00:00 Sophos Red Team Arms OpenClaw: 23 Vulnerabilities Unearthed in Hours on Legacy Network AI pentesting, OpenClaw, red teaming, vulnerability assessment https://threatdigest.io/article/hackers-exploiting-acrobat-reader-zero-day-flaw-since-december/ theAIcatchup en 2026-04-09T18:54:18.456699+00:00 Adobe Reader Zero-Day: Hackers Feast for Months Adobe Reader zero-day, Haifei Li, PDF exploit, russian phishing https://threatdigest.io/article/sticky-note-security-turned-gym-into-hall-of-80s-horrors/ theAIcatchup en 2026-04-09T18:52:15.877336+00:00 Post-it Note Fiasco: How Gym Treadmills Became '80s Hack Targets IoT vulnerabilities, default password fail, gym equipment hack, sticky note security https://threatdigest.io/article/36-million-stolen-in-bitcoin-depot-hack/ theAIcatchup en 2026-04-09T18:50:48.464875+00:00 Bitcoin Depot's $3.6M Bitcoin Heist: Wallets Wide Open Bitcoin Depot hack, SEC filing breach, bitcoin ATM security, crypto theft https://threatdigest.io/article/uat-10362-targets-taiwanese-ngos-with-lucidrook-malware-in-spear-phishing-campaigns/ theAIcatchup en 2026-04-09T18:50:41.898630+00:00 LucidRook Malware: The Lua-Powered Spy Invading Taiwanese NGOs Cisco Talos, DLL side-loading, LucidRook malware, Taiwan NGOs, UAT-10362, spear phishing https://threatdigest.io/article/acrobat-reader-zero-day-exploited-in-the-wild-for-many-months/ theAIcatchup en 2026-04-09T18:50:23.258393+00:00 Adobe Acrobat Zero-Day Lurks for Months, Hits Russian Energy Targets Acrobat Reader zero-day, Adobe vulnerability, PDF exploit, Russian targets https://threatdigest.io/article/investigating-storm-2755-payroll-pirate-attacks-targeting-canadian-employees/ theAIcatchup en 2026-04-09T18:50:20.522440+00:00 Storm-2755's Payroll Pirates: Hijacking Canadian Paychecks via Session Theft AiTM attacks, MFA bypass, Storm-2755, payroll attacks https://threatdigest.io/article/prompt-injection-tags-along-as-genai-enters-daily-government-use/ theAIcatchup en 2026-04-09T18:49:46.617914+00:00 82% of State CIOs: GenAI's Daily in Government Workflows, Prompt Injection Crashes the Party GenAI security, government-ai-risks, llm-vulnerabilities, prompt injection https://threatdigest.io/article/300000-people-impacted-by-eurail-data-breach/ theAIcatchup en 2026-04-09T18:49:15.777645+00:00 Eurail Breach Exposes 300,000 Passports: Travelers' Nightmare Unfolds AWS S3 hack, Eurail data breach, passport theft, travel cybersecurity https://threatdigest.io/article/smart-slider-updates-hijacked-to-push-malicious-wordpress-joomla-versions/ theAIcatchup en 2026-04-09T18:47:46.004745+00:00 Smart Slider's Update Nightmare: Hackers Slip Backdoors into 900K+ WordPress Sites Joomla hack, Smart Slider malware, WordPress backdoor, plugin supply chain attack https://threatdigest.io/article/middle-east-hack-for-hire-operation-traced-to-south-asian-cyber-espionage-group/ theAIcatchup en 2026-04-09T18:47:11.754744+00:00 Journalists in Egypt and Lebanon Dodging South Asian Spyware Bullets Bitter APT, ProSpy spyware, hack-for-hire, spear phishing https://threatdigest.io/article/hackers-use-pixel-large-svg-trick-to-hide-credit-card-stealer/ theAIcatchup en 2026-04-09T18:46:12.948859+00:00 Pixel of Doom: How Tiny SVGs Steal Cards from Magento Shops Magento vulnerability, PolyShell, SVG skimmer, credit card stealer https://threatdigest.io/article/microsoft-suspends-dev-accounts-for-high-profile-open-source-projects/ theAIcatchup en 2026-04-09T18:45:41.233709+00:00 Microsoft's Silent Account Purge Leaves Windows Users Exposed to Unpatched Security Tools Microsoft developer accounts, Windows security tools, WireGuard VeraCrypt, open source suspension https://threatdigest.io/article/threatsday-bulletin-hybrid-p2p-botnet-13-year-old-apache-rce-and-18-more-stories/ theAIcatchup en 2026-04-09T18:41:59.594655+00:00 Phorpiex's Hybrid P2P Botnet Defies Takedowns — Plus Apache's 13-Year Ghost and Surging Fraud Losses AI DDoS attacks, Apache RCE, Phorpiex botnet, cyber fraud losses https://threatdigest.io/article/intruder-expands-cloud-security-with-agentless-container-image-scanning/ theAIcatchup en 2026-04-09T18:40:37.033464+00:00 Intruder's Agentless Scanning Hits Container Vulnerabilities Head-On Intruder, agentless scanning, cloud vulnerabilities, container security https://threatdigest.io/article/cryptographers-place-5000-bet-whether-quantum-will-matter/ theAIcatchup en 2026-04-09T18:40:35.604498+00:00 Cryptographers Wager $5K: Quantum Break or PQC Flop First? Shor's algorithm, cryptography bet, post-quantum cryptography, quantum computing https://threatdigest.io/article/apple-intelligence-ai-guardrails-bypassed-in-new-attack/ theAIcatchup en 2026-04-09T18:39:35.094887+00:00 Apple Intelligence Cracked: Gibberish Prompts and Backward Unicode Slip Past Guardrails AI guardrails bypass, Apple Intelligence, Unicode attack, prompt injection https://threatdigest.io/article/google-warns-of-new-campaign-targeting-bpos-to-steal-corporate-data/ theAIcatchup en 2026-04-09T18:38:38.492875+00:00 Hackers Are Storming the Backdoor: Google's Warning on BPO Data Heists BPO phishing, Google Threat Intelligence, UNC6783, data extortion https://threatdigest.io/article/cisa-orders-feds-to-patch-exploited-ivanti-epmm-flaw-by-sunday/ theAIcatchup en 2026-04-09T18:38:37.050610+00:00 CISA's Sunday Patch Deadline: Ivanti EPMM Hack Hits Feds Hard BOD 22-01, CISA, CVE-2026-1340, Ivanti EPMM, zero-day exploit https://threatdigest.io/article/palo-alto-networks-sonicwall-patch-high-severity-vulnerabilities/ theAIcatchup en 2026-04-09T18:37:27.882071+00:00 Palo Alto and SonicWall Patch Flaws That Could Unlock Enterprise Doors CVE-2026-0234, CVE-2026-4112, Palo Alto Networks vulnerabilities, SonicWall patches https://threatdigest.io/article/google-new-unc6783-hackers-steal-corporate-zendesk-support-tickets/ theAIcatchup en 2026-04-09T18:36:58.130923+00:00 UNC6783 Hackers Are Pillaging Zendesk Tickets from Dozens of Firms BPO compromise, UNC6783, Zendesk phishing, social engineering extortion https://threatdigest.io/article/asqav-open-source-sdk-for-ai-agent-governance/ theAIcatchup en 2026-04-09T18:36:12.302293+00:00 Asqav Chains AI Agent Actions with Unbreakable Quantum-Safe Signatures AI agent governance, Asqav, open-source SDK, quantum-safe crypto https://threatdigest.io/article/this-fake-windows-support-website-delivers-password-stealing-malware/ theAIcatchup en 2026-04-09T18:35:54.460144+00:00 Fake Windows Update Scam Steals French Users' Passwords and Bank Data electron stealer, france data breaches, password stealer, windows update malware https://threatdigest.io/article/whatsapp-brings-long-awaited-privacy-control-over-who-can-contact-you/ theAIcatchup en 2026-04-09T18:35:02.709671+00:00 WhatsApp Usernames: The End of Forced Phone Number Swaps Meta platforms, WhatsApp username, privacy features, spam protection https://threatdigest.io/article/shaky-ceasefire-unlikely-to-stop-cyberattacks-from-iran-linked-hackers-for-long/ theAIcatchup en 2026-04-09T18:31:14.787050+00:00 Iran's Proxy Hackers Dismiss Ceasefire, Eye U.S. Critical Infrastructure Next Handala group, Iran hackers, PLC attacks, cyber ceasefire https://threatdigest.io/article/critical-vulnerability-in-ninja-forms-exposes-wordpress-sites/ theAIcatchup en 2026-04-09T18:31:00.705431+00:00 Ninja Forms' Gaping Hole: Unauthenticated Hackers Can Now Own Your WordPress Site CVSS 9.8, Ninja Forms vulnerability, WordPress RCE, file upload exploit https://threatdigest.io/article/the-hidden-roi-of-visibility-better-decisions-better-behavior-better-security/ theAIcatchup en 2026-04-09T18:30:45.831944+00:00 Cameras Silenced My Psycho Neighbor—Security's Wake-Up Call ROI visibility, app layer security, security visibility, user behavior monitoring https://threatdigest.io/article/we-were-not-ready-for-this-lebanons-emergency-system-is-hanging-by-a-thread/ theAIcatchup en 2026-04-09T18:30:18.525440+00:00 Lebanon's Wartime Database: Lifeline or Liability? Lebanon war tech, digital infrastructure crisis, emergency alert system, humanitarian aid tracking https://threatdigest.io/article/trellix-strengthens-data-security-for-the-genai-era/ theAIcatchup en 2026-04-09T18:30:10.513289+00:00 Trellix's GenAI Security Kit: Essential Fix or Corporate Band-Aid? GenAI security, Trellix, data loss prevention, shadow AI https://threatdigest.io/article/politicians-are-spending-more-money-on-security-as-they-increasingly-become-targets/ theAIcatchup en 2026-04-09T18:29:12.087816+00:00 Politicians' Security Tabs Explode 500% as Death Threats Pile Up campaign security spending, election violence, political threats, public official safety https://threatdigest.io/article/the-long-road-to-your-crypto-clipbanker-and-its-marathon-infection-chain/ theAIcatchup en 2026-04-09T18:28:51.305863+00:00 ClipBanker's Endless Infection Chain Hijacks Your Crypto Clipboard ClipBanker, crypto stealer, fileless malware, malware infection chain https://threatdigest.io/article/new-chaos-variant-targets-misconfigured-cloud-deployments-adds-socks-proxy/ theAIcatchup en 2026-04-09T18:27:34.575298+00:00 Chaos Botnet's Cloud Pivot: SOCKS Proxies Signal Cybercrime's Next Cash Cow Chaos malware, SOCKS proxy, botnet evolution, cloud security https://threatdigest.io/article/eurail-says-december-data-breach-impacts-300000-individuals/ theAIcatchup en 2026-04-09T18:27:22.668827+00:00 Eurail's Massive Breach Dumps 300K Passports on Dark Web Eurail breach, dark web sale, passport data leak, travel cybersecurity https://threatdigest.io/article/number-usage-in-passwords-take-two-thu-apr-9th/ theAIcatchup en 2026-04-09T18:25:16.619938+00:00 Honeypots Snag 496K Passwords: Bots Are Already Hitting '2027' botnets, honeypots, number usage in passwords, password cracking https://threatdigest.io/article/metas-muse-spark-takes-ai-a-step-closer-to-personal-superintelligence/ theAIcatchup en 2026-04-09T18:24:13.985804+00:00 Meta's Muse Spark: AI That Thinks, Sees, and Builds Your World AI safety, Meta AI, Muse Spark, multimodal reasoning https://threatdigest.io/article/criminal-wannabes-even-more-dangerous-than-the-pros-says-ex-fbi-cyber-chief/ theAIcatchup en 2026-04-09T18:23:06.790497+00:00 Ex-FBI Cyber Boss: Script-Kiddie Hackers Ruin More Than the Big Leagues Pay2Key-attack, Sicarii-malware, ex-FBI-cyber, ransomware-wannabes https://threatdigest.io/article/phishers-sneak-through-using-github-and-jiras-own-mail-delivery-infrastructure/ theAIcatchup en 2026-04-09T18:22:28.403961+00:00 Phishers Hijack GitHub and Jira Notifications to Bypass Email Defenses Jira abuse, email notifications, github-security, phishing https://threatdigest.io/article/new-macos-stealer-campaign-uses-script-editor-in-clickfix-attack/ theAIcatchup en 2026-04-09T18:22:10.780132+00:00 Hackers Weaponize macOS Script Editor for Atomic Stealer Sneak Attack Atomic Stealer, ClickFix attack, Script Editor exploit, macOS malware https://threatdigest.io/article/cracks-in-the-bedrock-agent-god-mode/ theAIcatchup en 2026-04-09T18:20:50.261472+00:00 Agent God Mode: AWS Bedrock's Starter Kit Unlocks Cloud Domination for Rogue AI Agents AI agent security, AWS Bedrock AgentCore, Agent God Mode, IAM privilege escalation https://threatdigest.io/article/why-i-stopped-using-modern-standby-on-my-windows-laptop-to-save-battery-overnight/ theAIcatchup en 2026-04-09T18:15:15.966819+00:00 Ditched Modern Standby — Reclaimed Full Battery Overnight on My Windows Laptop laptop hibernate, modern standby, power management, windows battery drain https://threatdigest.io/article/ai-agent-intent-is-a-starting-point-not-a-security-strategy/ theAIcatchup en 2026-04-09T18:15:07.045256+00:00 Dormant AI Agents: The Hidden Credentials Nightmare No One's Fixing AI agents, hard-coded credentials, prompt injection, security risks https://threatdigest.io/article/threat-digest-daily-briefing-april-09-2026/ theAIcatchup en 2026-04-09T17:03:27.045295+00:00 Threat Digest Daily Briefing: April 09, 2026 https://threatdigest.io/article/mobile-malware-evolution-in-2025/ theAIcatchup en 2026-04-08T17:11:05.310185+00:00 Mobile Malware's 2025 Firmware Takeover: Backdoors Baked Right In Android Trojans, Kaspersky 2025, firmware backdoors, mobile malware https://threatdigest.io/article/anatomy-of-a-cyber-world-global-report-2026/ theAIcatchup en 2026-04-08T17:10:51.635840+00:00 Kaspersky's 2026 Report: Fewer Big Bangs, More Creeping Dangers Kaspersky report, MDR services, MDR statistics, cyber threats 2025, incident response, incident response trends, trusted relationships https://threatdigest.io/article/financial-cyberthreats-in-2025-and-the-outlook-for-2026/ theAIcatchup en 2026-04-08T17:07:22.837289+00:00 Infostealers Eclipse Banking Trojans: Financial Cyberthreats Reshape in 2025 Kaspersky KSN, banking malware, financial cyberthreats, financial phishing, infostealers, infostealers 2025, phishing trends https://threatdigest.io/article/cve-2022-47426/ theAIcatchup en 2026-04-08T17:07:10.701456+00:00 Neshan Maps SQL Injection: CVE-2022-47426 Lets Hackers Hijack Your Maps CVE-2022-47426, Mapping Vulnerability, Neshan Maps, SQL injection, Web Vulnerability https://threatdigest.io/article/cve-2022-46860/ theAIcatchup en 2026-04-08T17:04:45.734227+00:00 CVE-2022-46860: SQL Injection Lets Hackers Hijack WordPress Short URLs CVE-2022-46860, KaizenCoders Short URL, SQL injection, WordPress plugin https://threatdigest.io/article/an-ai-gateway-designed-to-steal-your-data/ theAIcatchup en 2026-04-08T16:59:42.764787+00:00 LiteLLM's PyPI Poison: How Hackers Turned an AI Gateway into a Secret-Scavenger AI library hack, AI security breach, LiteLLM attack, PyPI malware, cloud credential theft, supply chain compromise https://threatdigest.io/article/cve-2022-44569/ theAIcatchup en 2026-04-08T16:58:09.321895+00:00 CVE-2022-44569: Low-Priv Attacker Slips Past Auth via Shoddy IPC CVE-2022-44569, IPC vulnerability, authentication bypass, local privilege escalation https://threatdigest.io/article/cve-2022-45805/ theAIcatchup en 2026-04-08T16:57:26.231100+00:00 Paytm's Gateway Cracked Open: The SQL Injection That Could've Emptied Wallets CVE-2022-45805, Payment Gateway Vulnerability, Paytm, SQL injection https://threatdigest.io/article/the-soc-files-time-to-sapecar-unpacking-a-new-horabot-campaign-in-mexico/ theAIcatchup en 2026-04-08T16:56:29.888429+00:00 Horabot's Sapecar Strike: Dissecting a Persistent Mexican Banking Trojan Campaign Horabot, Horabot malware, Mexico banking trojan, Mexico malware campaign, Sapecar, Sapecar campaign, banking trojan, polymorphic VBS, threat hunting https://threatdigest.io/article/coruna-the-framework-used-in-operation-triangulation/ theAIcatchup en 2026-04-08T16:54:18.611430+00:00 Coruna Framework Revives Triangulation's iPhone Exploits Coruna framework, Operation Triangulation, iOS exploits, iPhone exploits, zero-day vulnerabilities https://threatdigest.io/article/cve-2022-46808/ theAIcatchup en 2026-04-08T16:54:17.966696+00:00 CVE-2022-46808: The SQL Injection Lurking in ARMember's Membership Plugin ARMember, CVE-2022-46808, SQL injection, WordPress Vulnerability https://threatdigest.io/article/cve-2022-45373/ theAIcatchup en 2026-04-08T16:53:48.313732+00:00 Slimstat's SQL Injection Nightmare: CVE-2022-45373 Cracks Open Analytics Doors CVE-2022-45373, SQL injection, Slimstat Analytics, WordPress Vulnerability https://threatdigest.io/article/hack-for-hire-spyware-campaign-targets-journalists-in-middle-east-north-africa/ theAIcatchup en 2026-04-08T16:50:35.160011+00:00 Exiled Journalists Can't Escape This Indian-Linked Spyware Dragnet Bitter APT, MENA journalists, ProSpy spyware, hack-for-hire https://threatdigest.io/article/cve-2022-3172/ theAIcatchup en 2026-04-08T16:50:22.590798+00:00 CVE-2022-3172: Kube-Apiserver's Redirect to Credential Hell API redirect attack, CVE-2022-3172, Kubernetes vulnerability, kube-apiserver https://threatdigest.io/article/teampcp-supply-chain-campaign-update-007-cisco-source-code-stolen-via-trivy-linked-breach-google-gtig-tracks-teampcp-as-unc6780-and-cisa-kev-deadline-arrives-with-no-standalone-advisory-wed-apr-8th/ theAIcatchup en 2026-04-08T16:49:31.962792+00:00 Cisco Source Code Vanishes in TeamPCP's Trivy Supply Chain Heist Cisco breach, TeamPCP, Trivy CVE, UNC6780 https://threatdigest.io/article/cve-2022-43554/ theAIcatchup en 2026-04-08T16:49:03.041216+00:00 Ivanti Avalanche's Sneaky Priv-Esc Hole: No Auth Needed, Local Root Awaits CVE-2022-43554, Ivanti Avalanche, MDM security, local vulnerability, privilege escalation https://threatdigest.io/article/cve-2018-25092/ theAIcatchup en 2026-04-08T16:48:59.282756+00:00 CVE-2018-25092 Cracks Open Discord Bot Defenses CVE-2018-25092, DiscordSailv2, Vaerys-Dawn, improper access control https://threatdigest.io/article/masjesu-botnet-emerges-as-ddos-for-hire-service-targeting-global-iot-devices/ theAIcatchup en 2026-04-08T16:47:14.341985+00:00 Masjesu Botnet: The Low-Key IoT Army Renting DDoS Power on Telegram DDoS-for-hire, IoT malware, Masjesu botnet, XorBot https://threatdigest.io/article/cve-2022-46859/ theAIcatchup en 2026-04-08T16:47:10.729477+00:00 Spiffy Calendar SQL Injection Lets Hackers Hijack WordPress Databases CVE-2022-46859, SQL injection, Spiffy Calendar, WordPress Vulnerability https://threatdigest.io/article/apt28-deploys-prismex-malware-in-campaign-targeting-ukraine-and-nato-allies/ theAIcatchup en 2026-04-08T16:46:47.005218+00:00 APT28's PRISMEX: Zero-Days and Hidden Payloads Assault Ukraine's Lifelines APT28, PRISMEX malware, steganography, zero-day exploits https://threatdigest.io/article/cve-2022-43555/ theAIcatchup en 2026-04-08T16:45:36.534601+00:00 CVE-2022-43555: Ivanti Avalanche's Printer Flaw Hands Attackers Local Admin Rights CVE-2022-43555, Ivanti Avalanche, Printer Vulnerability, privilege escalation https://threatdigest.io/article/free-real-estate-gopix-the-banking-trojan-living-off-your-memory/ theAIcatchup en 2026-04-08T16:45:07.631837+00:00 GoPix: Brazil's Sneaky Banking Trojan Squatting in Your RAM Brazil cybersecurity, Brazil malware, GoPix, Pix malware, banking trojan, malvertising, memory malware https://threatdigest.io/article/cve-2017-7252/ theAIcatchup en 2026-04-08T16:44:24.190634+00:00 CVE-2017-7252: Botan's Bcrypt Glitch That Turns Long Passwords Against You Botan, CVE-2017-7252, bcrypt vulnerability, password hashing https://threatdigest.io/article/cve-2022-46818/ theAIcatchup en 2026-04-08T16:43:56.779020+00:00 CVE-2022-46818: SQL Injection Lets Attackers Raid WordPress Subscriber Lists CVE-2022-46818, Email Posts to Subscribers, Gopi Ramasamy, SQL injection, WordPress Vulnerability, WordPress plugin https://threatdigest.io/article/data-leakage-vulnerability-patched-in-openssl/ theAIcatchup en 2026-04-08T16:40:02.352854+00:00 OpenSSL's Sneaky Data Leak Fix: Uninitialized Memory Spills Secrets CVE-2026-31790, OpenSSL vulnerability, RSASVE, data leakage https://threatdigest.io/article/addressing-the-owasp-top-10-risks-in-agentic-ai-with-microsoft-copilot-studio/ theAIcatchup en 2026-04-08T16:39:05.702978+00:00 OWASP's Agentic AI Top 10: Autonomy's Hidden Cascade Risks Exposed AI security risks, Microsoft Copilot Studio, OWASP Top 10, agentic AI https://threatdigest.io/article/exploits-and-vulnerabilities-in-q4-2025/ theAIcatchup en 2026-04-08T16:36:38.171047+00:00 Q4 2025's Vulnerability Onslaught: Why Your Old Office Install is Still a Hacker's Dream CVE exploits, CVE statistics, Linux kernel exploits, Linux kernel flaws, Q4 2025 vulnerabilities, Windows Office RCE, Windows exploits https://threatdigest.io/article/cve-2022-47428/ theAIcatchup en 2026-04-08T16:35:48.701120+00:00 CVE-2022-47428: The SQL Injection Lurking in Your WordPress Booking Calendar Booking Plugin, CVE-2022-47428, Plugin Security, SQL injection, WordPress Vulnerability, WpDevArt Booking https://threatdigest.io/article/cisos-in-a-pinch-a-security-analysis-of-openclaw/ theAIcatchup en 2026-04-08T16:32:26.636007+00:00 OpenClaw Grants Root to Rogue AIs AI agents, OpenClaw, prompt injection, sovereign AI https://threatdigest.io/article/cve-2020-28407/ theAIcatchup en 2026-04-08T16:31:14.535472+00:00 swtpm's Sneaky Symlink Trap: CVE-2020-28407 Still Bites in 2024 CVE-2020-28407, TPM emulator, swtpm vulnerability, symlink attack https://threatdigest.io/article/a-laughing-rat-crystalx-combines-spyware-stealer-and-prankware-features/ theAIcatchup en 2026-04-08T16:30:59.880795+00:00 CrystalX RAT: Spyware That Steals, Logs, and Trolls Victims CrystalX RAT, RAT malware, malware-as-a-service, prankware, prankware stealer https://threatdigest.io/article/soho-router-compromise-leads-to-dns-hijacking-and-adversary-in-the-middle-attacks/ theAIcatchup en 2026-04-08T16:30:54.892875+00:00 Russian Military's SOHO Router Hack Turns Home Networks into Spy Hubs AiTM attacks, DNS hijacking, Forest Blizzard, SOHO Routers, SOHO router compromise https://threatdigest.io/article/gtig-ai-threat-tracker-distillation-experimentation-and-continued-integration-of-ai-for-adversarial-use/ theAIcatchup en 2026-04-08T16:29:49.249246+00:00 Google GTIG's Latest: AI Distillation Attacks Spike as Hackers Clone Models and Build Smarter Malware AI distillation attacks, AI malware, GTIG threat tracker, model extraction https://threatdigest.io/article/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/ theAIcatchup en 2026-04-08T16:28:28.887805+00:00 Storm-1175's Blitz: 16 Vulns Weaponized in Ransomware Sprint Medusa ransomware, N-day exploits, Storm-1175, zero-day vulnerabilities https://threatdigest.io/article/cve-2022-46849/ theAIcatchup en 2026-04-08T16:28:27.830696+00:00 CVE-2022-46849: The SQL Injection Lurking in Your WordPress 'Coming Soon' Page CVE-2022-46849, Coming Soon Plugin, SQL injection, Weblizar, WordPress Vulnerability, WordPress plugin https://threatdigest.io/article/cve-2022-47420/ theAIcatchup en 2026-04-08T16:26:29.235599+00:00 SQL Injection Hits Online ADA Accessibility Suite, Endangering WordPress Databases ADA Compliance Security, CVE-2022-47420, Online ADA, SQL injection, WordPress Plugin Vulnerability, WordPress Vulnerability https://threatdigest.io/article/whatsapp-malware-campaign-delivers-vbscript-and-msi-backdoors/ theAIcatchup en 2026-04-08T16:26:27.454494+00:00 WhatsApp's Trust Betrayed: VBScripts and MSI Backdoors Sneak In Via Messages MSI payload, UAC bypass, VBScript backdoor, WhatsApp malware https://threatdigest.io/article/unc1069-targets-cryptocurrency-sector-with-new-tooling-and-ai-enabled-social-engineering/ theAIcatchup en 2026-04-08T16:22:07.637172+00:00 UNC1069's AI Deepfake Zoom Trap: Seven Malware Families Hit Crypto Hard AI deepfakes, cryptocurrency malware, north korea hackers, unc1069 https://threatdigest.io/article/look-what-you-made-us-patch-2025-zero-days-in-review/ theAIcatchup en 2026-04-08T16:20:54.447569+00:00 2025 Zero-Days Hit 90: Enterprises Bleeding, Browsers Breathing Easy 2025 zero-days, Google Threat Intelligence, enterprise exploitation, zero-day vulnerabilities https://threatdigest.io/article/north-korea-nexus-threat-actor-compromises-widely-used-axios-npm-package-in-supply-chain-attack/ theAIcatchup en 2026-04-08T16:20:10.794074+00:00 North Korea's UNC1069 Turns Axios into a Global Backdoor Dropper Axios npm attack, north korea hacking, supply chain compromise, unc1069 https://threatdigest.io/article/cve-2021-4430/ theAIcatchup en 2026-04-08T16:19:40.104453+00:00 CVE-2021-4430: ColdBox Elixir's Config File Just Spilled Its Secrets CVE-2021-4430, ColdBox Elixir, Ortus Solutions, information disclosure https://threatdigest.io/article/the-threat-to-critical-infrastructure-has-changed-has-your-readiness/ theAIcatchup en 2026-04-08T16:19:01.051921+00:00 Microsoft's 2026 Warning: Water Utilities Still One Hack Away From Chaos Microsoft threat intelligence, NIS2 Directive, critical infrastructure, cyber readiness https://threatdigest.io/article/cve-2017-20187/ theAIcatchup en 2026-04-08T16:17:45.291476+00:00 CVE-2017-20187: Email Injection Haunts Magnesium-PHP's Forgotten Codebase CVE-2017-20187, Magnesium-PHP, PHP vulnerability, email injection, unsupported software https://threatdigest.io/article/coruna-the-mysterious-journey-of-a-powerful-ios-exploit-kit/ theAIcatchup en 2026-04-08T16:16:32.416537+00:00 Coruna: The iOS Exploit Kit That Went From Spy Weapon to Scam Bait Coruna exploit kit, exploit proliferation, iOS zero-days, threat actors https://threatdigest.io/article/cookie-controlled-php-webshells-a-stealthy-tradecraft-in-linux-hosting-environments/ theAIcatchup en 2026-04-08T16:16:25.739512+00:00 Hackers Weaponize Cookies to Stealthily Run PHP Webshells on Linux Servers HTTP cookies C2, Linux server attacks, PHP webshells, webshell obfuscation https://threatdigest.io/article/web-shells-tunnels-and-ransomware-dissecting-a-warlock-attack/ theAIcatchup en 2026-04-08T16:16:09.521996+00:00 Warlock Ransomware's Nasty Upgrade: Shells, Tunnels, and Driver Shenanigans BYOVD attack, TightVNC persistence, Warlock ransomware, web shells https://threatdigest.io/article/cve-2018-25093/ theAIcatchup en 2026-04-08T16:15:41.074954+00:00 CVE-2018-25093: Discord Bot's Tag Handler Lets Hackers Slip Past Guards CVE-2018-25093, Discord bot vulnerability, Vaerys-Dawn DiscordSailv2, improper access controls https://threatdigest.io/article/through-the-lens-of-mdr-analysis-of-kongtukes-clickfix-abuse-of-compromised-wordpress-sites/ theAIcatchup en 2026-04-08T16:15:09.739177+00:00 KongTuke's ClickFix Won't Die: modeloRAT Ravages WordPress Sites ClickFix, KongTuke, WordPress malware, modeloRAT https://threatdigest.io/article/from-brickstorm-to-grimbolt-unc6201-exploiting-a-dell-recoverpoint-for-virtual-machines-zero-day/ theAIcatchup en 2026-04-08T16:14:09.152630+00:00 UNC6201's Dell RecoverPoint Zero-Day: BRICKSTORM Dies, GRIMBOLT Rises CVE-2026-22769, Dell RecoverPoint, GRIMBOLT, UNC6201 https://threatdigest.io/article/your-ai-gateway-was-a-backdoor-inside-the-litellm-supply-chain-compromise/ theAIcatchup en 2026-04-08T16:13:08.294313+00:00 LiteLLM's Backdoor Bombshell: How Hackers Hijacked AI's Fast Lane AI security, LiteLLM compromise, TeamPCP, supply chain attack https://threatdigest.io/article/vishing-for-access-tracking-the-expansion-of-shinyhunters-branded-saas-data-theft/ theAIcatchup en 2026-04-08T16:12:48.217146+00:00 ShinyHunters' Vishing Onslaught: How Hackers Are Pillaging SaaS Vaults with a Phone Call MFA phishing, SaaS data theft, ShinyHunters, vishing attacks https://threatdigest.io/article/applying-security-fundamentals-to-ai-practical-advice-for-cisos/ theAIcatchup en 2026-04-08T16:12:35.706512+00:00 AI's Rookie Mistakes: How CISOs Can Tame the Wild New Hire AI security, CISO advice, least privilege AI, prompt injection https://threatdigest.io/article/why-the-subwoofer-crawl-is-the-only-way-i-found-the-bass-sweet-spot-in-my-living-room/ theAIcatchup en 2026-04-08T16:10:57.511062+00:00 Bass Thumps, Then Vanishes: The Floor-Crawling Hack That Fixed My Living Room's Subwoofer Nightmare home theater bass, room acoustics, subwoofer crawl, subwoofer placement https://threatdigest.io/article/ransomware-under-pressure-tactics-techniques-and-procedures-in-a-shifting-threat-landscape/ theAIcatchup en 2026-04-08T16:10:43.948581+00:00 Ransomware's Profit Squeeze: 2025 Data Shows Crooks Scrambling for Survival RaaS trends, TTPs virtualization, data leak sites, ransomware 2025 https://threatdigest.io/article/new-android-theft-protection-feature-updates-smarter-stronger/ theAIcatchup en 2026-04-08T16:09:08.953059+00:00 Android Theft Protection Locks Down Harder in Brazil — But Thieves Won't Quit That Easily AI device lock, Android theft protection, Brazil phone theft, Google security updates https://threatdigest.io/article/closing-the-door-on-net-ntlmv1-releasing-rainbow-tables-to-accelerate-protocol-deprecation/ theAIcatchup en 2026-04-08T16:09:03.804604+00:00 Mandiant Unleashes Net-NTLMv1 Rainbow Tables to Kill a 25-Year-Old Zombie Protocol Active Directory security, Mandiant, Net-NTLMv1, rainbow tables https://threatdigest.io/article/threat-actor-abuse-of-ai-accelerates-from-tool-to-cyberattack-surface/ theAIcatchup en 2026-04-08T16:07:49.522042+00:00 AI's Dark Turn: How Hackers Made It Their Ultimate Cyber Weapon AI cyber threats, MFA bypass, cybercrime ecosystem, phishing AI https://threatdigest.io/article/m-trends-2026-data-insights-and-strategies-from-the-frontlines/ theAIcatchup en 2026-04-08T16:07:34.267282+00:00 M-Trends 2026: Attackers' 22-Second Hand-Offs Are Crushing Defenders' Response Times M-Trends 2026, Mandiant, cyber threats, ransomware evolution https://threatdigest.io/article/copyright-lures-mask-a-multistage-purelog-stealer-attack-on-key-industries/ theAIcatchup en 2026-04-08T16:07:34.027185+00:00 PureLog Stealer: Copyright Bait Hides Ruthless Memory Assaults PureLog Stealer, copyright phishing, fileless malware, multi-stage attack https://threatdigest.io/article/i-swapped-my-macbook-air-with-a-snapdragon-x-elite-extreme-laptop-heres-how-they-compared/ theAIcatchup en 2026-04-08T16:03:42.381807+00:00 Ditched My MacBook Air for Snapdragon X Elite Extreme: The Real-World Clash Asus Zenbook A16, MacBook Air, Snapdragon X Elite, Windows ARM https://threatdigest.io/article/guidance-from-the-frontlines-proactive-defense-against-shinyhunters-branded-data-theft-targeting-saas/ theAIcatchup en 2026-04-08T16:03:19.760857+00:00 ShinyHunters' Vishing Onslaught: Mandiant's Urgent Playbook to Shield Your SaaS Empire MFA hardening, SaaS data theft, SaaS security, ShinyHunters, vishing attacks https://threatdigest.io/article/ai-recruiting-biz-mercor-says-it-was-one-of-thousands-hit-in-litellm-supply-chain-attack/ theAIcatchup en 2026-04-08T16:03:04.929978+00:00 LiteLLM's Sneaky Supply-Chain Hack Just Bitten Its First Big AI Victim: Mercor LiteLLM attack, Mercor breach, Trivy vulnerability, supply chain compromise https://threatdigest.io/article/why-east-west-visibility-matters-for-grid-security/ theAIcatchup en 2026-04-08T16:03:02.555915+00:00 Grid Blackouts Start with Invisible East-West Traffic — Here's Why OT networks, critical infrastructure, east-west visibility, grid security, lateral movement attacks https://threatdigest.io/article/new-boryptgrab-stealer-targets-windows-users-via-deceptive-github-pages/ theAIcatchup en 2026-04-08T16:02:45.685624+00:00 BoryptGrab Stealer Turns GitHub into a Malware Minefield for Windows Users BoryptGrab, BoryptGrab Stealer, GitHub malware, SEO phishing, Windows stealer, reverse SSH backdoor https://threatdigest.io/article/beyond-the-battlefield-threats-to-the-defense-industrial-base/ theAIcatchup en 2026-04-08T16:01:30.583170+00:00 Google Warns: China Hackers Swarm Defense Edge Devices as Russia Eyes Ukraine Drones China cyber espionage, Google Threat Intelligence, Russia Ukraine hacking, defense industrial base https://threatdigest.io/article/vsphere-and-brickstorm-malware-a-defenders-guide/ theAIcatchup en 2026-04-08T16:00:43.987757+00:00 BRICKSTORM's Hidden Rampage Through vSphere: Your Hardening Playbook BRICKSTORM malware, VMware threats, vCenter hardening, vSphere security https://threatdigest.io/article/the-real-risk-of-vibecoding/ theAIcatchup en 2026-04-08T16:00:05.927809+00:00 Vibecoding: Dev Speed, Security Suicide AI coding risks, devsecops, software vulnerabilities, vibecoding https://threatdigest.io/article/trendaitm-research-at-rsac-2026-advancing-defense-across-aidriven-and-cyberphysical-threats/ theAIcatchup en 2026-04-08T15:56:38.451062+00:00 TrendAI's RSAC Dive: AI Agents Invade Cyber-Physical Realms EV security, RSAC 2026, agentic AI, cyber-physical threats https://threatdigest.io/article/multiple-threat-actors-exploit-react2shell-cve-2025-55182/ theAIcatchup en 2026-04-08T15:56:14.955826+00:00 React2Shell Hits: Spies, Miners, and Chaos Exploit React's Gaping Flaw CVE-2025-55182, China-nexus threats, RCE vulnerability, React Server Components, React2Shell https://threatdigest.io/article/from-misconfigured-spring-boot-actuator-to-sharepoint-exfiltration-how-stolen-credentials-bypass-mfa/ theAIcatchup en 2026-04-08T15:55:35.811739+00:00 5,000+ Exposed Spring Boot Actuators: MFA's Dumb Blind Spot MFA bypass, ROPC OAuth, SharePoint exfiltration, Spring Boot Actuator https://threatdigest.io/article/the-companys-biggest-security-hole-lived-in-the-breakroom/ theAIcatchup en 2026-04-08T15:55:30.995964+00:00 Coffee Machine Catastrophe: The Breakroom Breach That Owned a Company IoT vulnerability, breakroom breach, connected devices hack, network segmentation https://threatdigest.io/article/amazon-security-boss-ai-makes-pentesting-40-more-efficient/ theAIcatchup en 2026-04-08T15:54:35.529611+00:00 Amazon's Security Chief Claims AI Cuts Pentesting Time 40%—But Is It Sustainable? AI pentesting, Amazon security, CJ Moses, vulnerability scanning https://threatdigest.io/article/no-place-like-home-network-disrupting-the-worlds-largest-residential-proxy-network/ theAIcatchup en 2026-04-08T15:53:51.399085+00:00 Google's Strike on IPIDEA: Proxy Empire Crumbles Google Threat Intelligence, IPIDEA proxy network, botnets, residential proxies https://threatdigest.io/article/trendai-insight-new-us-national-cyber-strategy/ theAIcatchup en 2026-04-08T15:53:41.168318+00:00 Biden's Cyber Strategy: Bold Pillars, Same Old Holes U.S. National Cyber Strategy, White House cyber plan, cyber deterrence, cybersecurity policy https://threatdigest.io/article/your-ai-stack-just-handed-over-your-root-keys-inside-the-litellm-pypi-breach/ theAIcatchup en 2026-04-08T15:52:07.485655+00:00 Litellm PyPI Breach: 67,000 Downloads Delivered Root Access to Attackers cloud credential theft, litellm pypi breach, python malware, supply chain attack https://threatdigest.io/article/diverse-threat-actors-exploiting-critical-winrar-vulnerability-cve-2025-8088/ theAIcatchup en 2026-04-08T15:51:26.418434+00:00 WinRAR's Sneaky Path Traversal Bug Lets Hackers Hide in Plain Sight—Russia, China, and Crooks Pile On CVE-2025-8088, China APT exploits, Russia threat actors, WinRAR vulnerability, path traversal, state-sponsored attacks https://threatdigest.io/article/aurainspector-auditing-salesforce-aura-for-data-exposure/ theAIcatchup en 2026-04-08T15:50:41.786494+00:00 AuraInspector Exposes Salesforce's Sneaky Data Leaks Before They Bite AuraInspector, Salesforce Aura, access control misconfigurations, data exposure https://threatdigest.io/article/exposing-the-undercurrent-disrupting-the-gridtide-global-cyber-espionage-campaign/ theAIcatchup en 2026-04-08T15:50:33.057197+00:00 GRIDTIDE Busted: China's Cloud-Sneaking Spies Cut Off China cyber espionage, GRIDTIDE, Google Mandiant disruption, UNC2814 https://threatdigest.io/article/the-proliferation-of-darksword-ios-exploit-chain-adopted-by-multiple-threat-actors/ theAIcatchup en 2026-04-08T15:50:11.747545+00:00 DarkSword: How One iOS Exploit Chain Went From Niche Tool to Spy Arsenal DarkSword, iOS exploit chain, nation-state actors, zero-day vulnerabilities https://threatdigest.io/article/trendaitm-at-unprompted-2026-from-kyc-exploits-to-agentic-defense/ theAIcatchup en 2026-04-08T15:49:36.438849+00:00 TrendAI Unleashes FENRIR: Turning AI KYC Exploits into Scalable Defenses at [un]prompted 2026 AI KYC exploits, TrendAI FENRIR, [un]prompted 2026, agentic AI security https://threatdigest.io/article/claude-code-packaging-error-remains-a-lure-in-an-active-campaign-what-defenders-should-do/ theAIcatchup en 2026-04-08T15:48:06.121780+00:00 Claude Code's NPM Packaging Fiasco Still Hooks Hackers with Stealers Claude Code packaging error, Vidar stealer, npm malware, supply chain attack https://threatdigest.io/article/hybrid-work-expanded-risk-what-needs-to-change/ theAIcatchup en 2026-04-08T15:46:12.671235+00:00 Hybrid Work's Vanishing Perimeter: 300% Attack Surge and What to Do SASE, hybrid work security, identity protection, zero trust https://threatdigest.io/article/pawn-storm-campaign-deploys-prismex-targets-government-and-critical-infrastructure-entities/ theAIcatchup en 2026-04-08T15:45:35.789860+00:00 Pawn Storm's PRISMEX: Hiding in Emails to Gut Ukraine's Defenses PRISMEX, Pawn Storm, Ukraine cyber attacks, steganography https://threatdigest.io/article/hundreds-of-orgs-compromised-daily-in-microsoft-device-code-phishing-attacks/ theAIcatchup en 2026-04-08T15:45:26.661965+00:00 Microsoft Device Code Phishing Ravages Hundreds Daily EvilTokens, MFA bypass, Microsoft phishing, device code attacks https://threatdigest.io/article/the-best-windows-laptops-of-2026-expert-tested-and-reviewed/ theAIcatchup en 2026-04-08T15:45:06.833990+00:00 2026's Best Windows Laptops: Shiny Upgrades or Same Old Traps? AMD Strix Halo, Copilot+ PCs, Intel Lunar Lake, Windows laptop reviews, Windows laptops 2026, best Windows laptops 2026, cybersecurity laptops, laptop battery life https://threatdigest.io/article/project-glasswing-powered-by-claude-mythos-defending-software-before-hackers-do/ theAIcatchup en 2026-04-08T15:43:49.136427+00:00 Anthropic's Claude Mythos: The AI That's Supposed to Patch Code Before Hackers Feast — But Could Feed Them Instead Anthropic AI, Claude Mythos, Project Glasswing, cybersecurity AI https://threatdigest.io/article/proactive-preparation-and-hardening-against-destructive-attacks-2026-edition/ theAIcatchup en 2026-04-08T15:43:18.930810+00:00 Mandiant's 2026 Warning: Destructive Wipers Are Coming — Here's How to Block Them Mandiant, cyber wipers, destructive attacks, incident response https://threatdigest.io/article/trendaitm-supports-global-law-enforcement-efforts/ theAIcatchup en 2026-04-08T15:41:08.338573+00:00 TrendAI Hands INTERPOL Cybercrime Intel: Game On for AI Cops? AI threat intel, INTERPOL cybercrime, TrendAI, law enforcement AI https://threatdigest.io/article/n-korean-hackers-spread-1700-malicious-packages-across-npm-pypi-go-rust/ theAIcatchup en 2026-04-08T15:40:32.991723+00:00 North Korea's Shadow Coders Flood npm, PyPI, Go, and Rust with 1,700 Toxic Packages Contagious Interview, North Korean hackers, malicious npm packages, supply chain attack https://threatdigest.io/article/europol-microsoft-trendaitm-and-collaborators-halt-tycoon-2fa-operations/ theAIcatchup en 2026-04-08T15:40:18.103564+00:00 Europol and Microsoft Shred Tycoon 2FA's MFA Bypass Machine AitM phishing, Europol takedown, MFA bypass, Tycoon 2FA, adversary-in-the-middle, phishing-as-a-service https://threatdigest.io/article/teampcps-telnyx-attack-marks-a-shift-in-tactics-beyond-litellm/ theAIcatchup en 2026-04-08T15:37:09.924074+00:00 TeamPCP's Telnyx SDK Hijack: Stealthier Than LiteLLM, Deadlier Too Python SDK malware, TeamPCP, Telnyx attack, credential theft https://threatdigest.io/article/cybercriminals-move-deeper-into-networks-hiding-in-edge-infrastructure/ theAIcatchup en 2026-04-08T15:35:25.328487+00:00 Cybercriminals Are Slipping Past Endpoints—Into Your Edge Infrastructure GenAI attacks, Lumen Threatscape, botnets, cybercriminals, edge infrastructure, proxy networks https://threatdigest.io/article/social-engineering-attacks-on-open-source-developers-are-escalating/ theAIcatchup en 2026-04-08T15:34:26.242218+00:00 North Korean Hackers Turn Open Source Devs into Malware Mules North Korean hackers, npm malware, open source security, social engineering https://threatdigest.io/article/2025-the-untold-stories-of-check-point-research/ theAIcatchup en 2026-04-08T15:31:42.130458+00:00 Check Point's 2025 Threat Secrets: Hidden Clues to Tomorrow's Attacks 2025 cyber threats, Check Point Research, financial APTs, state-sponsored attacks https://threatdigest.io/article/major-outage-cripples-russian-banking-apps-and-metro-payments-nationwide/ theAIcatchup en 2026-04-08T15:30:38.479072+00:00 Russia's Digital Heart Stops: The Banking Outage That Froze Cards, ATMs, and Subways banking apps down, cyber disruption russia, ddos attack, metro payments disruption, russia cyberattack, russian banking outage, sanctions impact https://threatdigest.io/article/anthropics-new-ai-model-finds-and-exploits-zero-days-across-every-major-os-and-browser/ theAIcatchup en 2026-04-08T15:29:43.271616+00:00 Anthropic's Claude Mythos: AI That Hunts Zero-Days and Builds Exploits for Every OS AI exploits, Anthropic Claude Mythos, operating system security, zero-day vulnerabilities https://threatdigest.io/article/ai-agents-found-vulns-in-this-popular-linux-and-unix-print-server/ theAIcatchup en 2026-04-08T15:28:41.546171+00:00 AI Agents Crack CUPS: Remote Root via Print Server Holes AI agents security, CUPS vulnerabilities, RCE Linux, print server exploits https://threatdigest.io/article/chaos-malware-expands-from-routers-to-linux-cloud-servers/ theAIcatchup en 2026-04-08T15:28:37.839881+00:00 Chaos Malware's Bold Leap: From Routers to Cloud Servers Chaos malware, Darktrace honeypots, Linux cloud servers, botnet https://threatdigest.io/article/phishing-lnk-files-and-github-c2-power-new-dprk-cyber-attacks/ theAIcatchup en 2026-04-08T15:28:33.914313+00:00 North Korean Hackers Turn GitHub into C2 Battlefield with Sneaky LNK Phishing DPRK hackers, GitHub C2, North Korea cyber attacks, Phishing LNK files https://threatdigest.io/article/caught-in-the-hook-rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536-cve-2026-21852/ theAIcatchup en 2026-04-08T15:28:12.056287+00:00 Claude Code's Hook Trap: RCE and Token Theft via Sneaky Project Files API token exfiltration, Anthropic security, Claude Code vulnerability, RCE CVE-2025-59536 https://threatdigest.io/article/claude-discovers-apache-activemq-bug-hidden-for-13-years/ theAIcatchup en 2026-04-08T15:28:06.041257+00:00 Claude AI Cracks 13-Year ActiveMQ RCE Flaw Apache ActiveMQ, Apache ActiveMQ, CVE-2026-34197, CVE-2026-34197, Claude AI, RCE vulnerability https://threatdigest.io/article/trump-wants-to-take-a-battle-axe-to-cisa-again-and-slash-707m-from-budget/ theAIcatchup en 2026-04-08T15:26:40.457414+00:00 Trump's $707M CISA Slash: Déjà Vu for Cyber Defenses CISA budget cut, Trump cybersecurity, US cyber policy, cyber funding https://threatdigest.io/article/6g-network-design-puts-ai-at-the-center-of-spectrum-routing-and-fault-management/ theAIcatchup en 2026-04-08T15:26:06.542320+00:00 6G's AI Takeover: Spectrum Hog, Route Boss, Fault Fixer? 6G networks, AI in telecom, network fault management, network security, spectrum allocation, spectrum management https://threatdigest.io/article/flatpak-1164-fixes-sandbox-escape-and-three-other-security-flaws/ theAIcatchup en 2026-04-08T15:24:14.927039+00:00 Flatpak's Emergency Patch Seals a Terrifying Sandbox Escape – Linux Users, Update Now CVE-2026-34078, Flatpak 1.16.4, Linux security, sandbox escape https://threatdigest.io/article/they-thought-they-were-downloading-claude-code-source-they-got-a-nasty-dose-of-malware-instead/ theAIcatchup en 2026-04-08T15:23:48.759949+00:00 50,000 Devs Grabbed Vidar Stealer in 'Leaked' Claude Code Files Claude Code malware, GhostSocks, Vidar stealer, supply chain attack https://threatdigest.io/article/russias-fancy-bear-still-attacking-routers-to-boost-fake-sites-ncsc-warns/ theAIcatchup en 2026-04-08T15:22:02.058573+00:00 Fancy Bear's Router Hijack: 5,000 Devices Fueling Russia's Fake News Blitz APT28, Fancy Bear, NCSC warning, Russia cyber espionage, router attacks https://threatdigest.io/article/iranian-mois-actors-the-cyber-crime-connection/ theAIcatchup en 2026-04-08T15:21:25.284908+00:00 Iran's Spy Agency Dives into the Cyber Crime Underworld Check Point Research, Iranian MOIS, cyber crime ecosystem, state-sponsored hacking https://threatdigest.io/article/fast-moving-storm-1175-uses-new-exploits-to-breach-networks-and-drop-medusa/ theAIcatchup en 2026-04-08T15:21:10.402039+00:00 Storm-1175: Ransomware's Speed Demon Drops Medusa in Hours China ransomware, China threat actor, Medusa ransomware, Storm-1175, zero-day exploits https://threatdigest.io/article/signature-healthcare-hit-by-cyberattack-services-and-pharmacies-impacted/ theAIcatchup en 2026-04-08T15:20:14.167093+00:00 Signature Healthcare Cyberattack Diverts Ambulances, Shuts Pharmacies in Massachusetts Massachusetts cyber incident, Signature Healthcare cyberattack, healthcare ransomware, hospital disruption https://threatdigest.io/article/silver-dragon-targets-organizations-in-southeast-asia-and-europe/ theAIcatchup en 2026-04-08T15:19:35.885117+00:00 Silver Dragon: Chinese Hackers Zero In on Asian and European Governments APT41, Chinese hackers, Silver Dragon, Southeast Asia cyber attacks https://threatdigest.io/article/researchers-didnt-want-to-glamorize-cybercrims-so-they-roasted-them/ theAIcatchup en 2026-04-08T15:17:14.293203+00:00 Cybercrooks' Epic Fails: Researchers Trade Myth for Mockery cybercrime fails, cybercriminals, researcher roasts, threat intelligence https://threatdigest.io/article/iranian-cyber-activity-hits-us-energy-water-and-government-networks/ theAIcatchup en 2026-04-08T15:17:02.648882+00:00 Iranian Hackers Poke US Power Grids and Water Plants: The OT Wake-Up Call Iranian cyber attacks, OT security, PLC vulnerabilities, critical infrastructure https://threatdigest.io/article/openssl-362-lands-with-eight-cve-fixes/ theAIcatchup en 2026-04-08T15:16:50.912207+00:00 OpenSSL 3.6.2 Crushes Eight CVEs: Your Crypto Lifeline Just Got Stronger AES-CFB-128 bug, CVE fixes, OpenSSL, OpenSSL 3.6.2, RSA KEM vulnerability, crypto vulnerabilities, security patch https://threatdigest.io/article/experts-published-unpatched-windows-zero-day-bluehammer/ theAIcatchup en 2026-04-08T15:14:57.816118+00:00 BlueHammer Leak: The Windows Zero-Day That Slipped Microsoft's Grasp BlueHammer, BlueHammer zero-day, Microsoft security flaw, Microsoft vulnerability, Windows privilege escalation, Windows zero-day, privilege escalation, zero-day leak https://threatdigest.io/article/gpubreach-exploit-uses-gpu-memory-bit-flips-to-achieve-full-system-takeover/ theAIcatchup en 2026-04-08T15:14:43.433912+00:00 GPUBreach: Flipping GPU Bits to Seize Your Whole Machine GDDR6 exploit, GPUBreach, RowHammer GPU, privilege escalation https://threatdigest.io/article/iranian-hackers-launching-disruptive-attacks-at-us-energy-water-targets-feds-warn/ theAIcatchup en 2026-04-08T15:14:38.053678+00:00 Iranian Hackers Disrupt U.S. Power Grids and Water Plants — Feds' Urgent Warning Iranian hackers, SCADA vulnerabilities, US infrastructure attacks, energy sector cyber https://threatdigest.io/article/attackers-exploit-critical-flowise-flaw-cve-2025-59528-for-remote-code-execution/ theAIcatchup en 2026-04-08T15:14:06.190940+00:00 Flowise's Perfect-Score Flaw CVE-2025-59528: Attackers Already Inside AI security exploit, CVE-2025-59528, Flowise vulnerability, RCE exploit, remote code execution https://threatdigest.io/article/ai-threat-landscape-digest-january-february-2026/ theAIcatchup en 2026-04-08T15:13:49.294494+00:00 Solo Hacker + AI = Pro Malware in Days: The VoidLink Wake-Up Call AI-assisted malware, Check Point Research, VoidLink framework, cyber threat landscape https://threatdigest.io/article/dutch-healthcare-software-vendor-goes-dark-after-ransomware-attack/ theAIcatchup en 2026-04-08T15:12:12.911423+00:00 ChipSoft Ransomware Hits Dutch Hospitals Hard — Site Down, Care Disrupted ChipSoft ransomware, Dutch healthcare attack, EMR disruption, hospital IT outage https://threatdigest.io/article/secureframe-expands-comply-with-user-access-reviews-for-automated-governance/ theAIcatchup en 2026-04-08T15:11:46.925425+00:00 Secureframe's User Access Reviews: Ditching Spreadsheets for Automated Security Sanity Secureframe, User Access Reviews, access governance, compliance automation https://threatdigest.io/article/anthropic-all-your-zero-days-are-belong-to-mythos/ theAIcatchup en 2026-04-08T15:10:55.008928+00:00 Anthropic's Mythos: The AI Zero-Day Generator Too Dangerous to Unleash AI zero-days, Anthropic Mythos, infosec threats, vulnerability generation https://threatdigest.io/article/us-agencies-alert-iran-linked-actors-target-critical-infrastructure-plcs/ theAIcatchup en 2026-04-08T15:10:25.928039+00:00 Iranian Hackers Breach Exposed PLCs in U.S. Power Grids and Water Plants CISA FBI advisory, CISA advisory, Iran cyber attacks, Iran hackers, PLCs vulnerabilities, PLCs vulnerability, critical infrastructure https://threatdigest.io/article/us-cisa-adds-a-flaw-in-fortinet-forticlient-ems-to-its-known-exploited-vulnerabilities-catalog/ theAIcatchup en 2026-04-08T15:08:24.409821+00:00 CISA Slaps Critical Fortinet Flaw into KEV: Patch Now or Pay Later CISA KEV, CVE-2025-35616, Fortinet FortiClient EMS, RCE vulnerability, known exploited vulnerabilities https://threatdigest.io/article/what-managing-partners-should-ask-ai-vendors-before-signing-any-contract/ theAIcatchup en 2026-04-08T15:06:27.137315+00:00 The Blind Spots in AI Vendor Deals Managing Partners Can't Ignore AI vendors, cybersecurity contracts, cybersecurity risks, over-privileged access, professional services, professional services security, vendor contracts, vendor risk management https://threatdigest.io/article/grafanaghost-bypasses-grafanas-ai-defenses-without-leaving-a-trace/ theAIcatchup en 2026-04-08T15:03:10.970259+00:00 GrafanaGhost: Attackers Weaponize Grafana's AI for Stealthy Data Heists AI vulnerability, GrafanaGhost, data exfiltration, prompt injection https://threatdigest.io/article/house-dems-decry-confirmed-ice-usage-of-paragon-spyware/ theAIcatchup en 2026-04-08T15:01:54.118175+00:00 ICE's Paragon Spyware Gambit Ignites Democratic Fury Over Domestic Surveillance Creep House Democrats letter, ICE spyware, Paragon surveillance, domestic spyware https://threatdigest.io/article/wyden-warns-social-security-chief-trumps-voter-database-is-blatant-voter-suppression/ theAIcatchup en 2026-04-08T15:00:20.164751+00:00 Wyden's Fiery Letter Exposes Trump's SSA Voter Purge Playbook SSA database, Trump executive order, election security, voter suppression https://threatdigest.io/article/30th-march-threat-intelligence-report/ theAIcatchup en 2026-04-08T15:00:14.575918+00:00 Iranian Hackers Raid FBI Director's Gmail: Personal Pics and Payback FBI breach, Gmail security, Handala Hack, Iran cyber attacks https://threatdigest.io/article/fortinet-customers-confront-actively-exploited-zero-day-with-a-full-patch-still-pending/ theAIcatchup en 2026-04-08T14:57:46.896811+00:00 Fortinet's EMS Zero-Day: Hackers Strike While Patch Lags CVE-2024-21762, FortiClient EMS, Fortinet zero-day, endpoint vulnerability https://threatdigest.io/article/6th-april-threat-intelligence-report/ theAIcatchup en 2026-04-08T14:55:25.836906+00:00 Trivy Supply Chain Attack Cracks Open EU Commission's Europa.eu—Supply Chain's New Frontline Check Point Research, Europa.eu hack, European Commission breach, Trivy supply chain attack https://threatdigest.io/article/handala-hack-unveiling-groups-modus-operandi/ theAIcatchup en 2026-04-08T14:53:58.094970+00:00 Handala Hack: Iran's Destructive Leak Machine Exposed Handala Hack, Iranian APT, Void Manticore, wiper malware https://threatdigest.io/article/feds-quash-widespread-russia-backed-espionage-network-spanning-18000-devices/ theAIcatchup en 2026-04-08T14:53:04.709917+00:00 Russia's Router Spies Hit 18,000 Devices — Feds Finally Unplug the Mess APT28, Forest Blizzard, GRU espionage, router hijacking https://threatdigest.io/article/chatgpt-data-leakage-via-a-hidden-outbound-channel-in-the-code-execution-runtime/ theAIcatchup en 2026-04-08T14:51:34.998964+00:00 ChatGPT's Code Runtime Hides a Data Siphon — Your Secrets at Risk AI sandbox breach, ChatGPT data leakage, OpenAI security flaw, code execution vulnerability https://threatdigest.io/article/operation-truechaos-0-day-exploitation-against-southeast-asian-government-targets/ theAIcatchup en 2026-04-08T14:50:59.066233+00:00 TrueConf's Zero-Day Lets Hackers Infiltrate Southeast Asian Governments CVE-2026-3502, Operation TrueChaos, Southeast Asia cyber attacks, TrueConf zero-day https://threatdigest.io/article/interplay-between-iranian-targeting-of-ip-cameras-and-physical-warfare-in-the-middle-east/ theAIcatchup en 2026-04-08T14:50:57.255899+00:00 Iran's IP Camera Hack: Spying from Tel Aviv Traffic Cams During Missile Barrage IP camera hacks, Iran cyber attacks, Israel Iran war, cyber physical warfare https://threatdigest.io/article/rce-bug-lurked-in-apache-activemq-classic-for-13-years/ theAIcatchup en 2026-04-08T14:49:49.810334+00:00 Apache ActiveMQ's 13-Year RCE Nightmare: Auth Bypass via Ancient Flaw Chain Apache ActiveMQ, CVE-2026-34197, Jolokia API, RCE vulnerability https://threatdigest.io/article/23rd-march-threat-intelligence-report/ theAIcatchup en 2026-04-08T14:48:24.742394+00:00 Inside Check Point's March 23 Threat Report: Navia's 2.6 Million Record Nightmare Check Point Research, Navia breach, Threat Intelligence Report, data exfiltration https://threatdigest.io/article/iranian-threat-actors-disrupt-us-critical-infrastructure-via-exposed-plcs/ theAIcatchup en 2026-04-08T14:44:27.518590+00:00 Iranian Hackers Hijack 500+ Exposed US PLCs, Triggering Blackouts and $10M Losses Iranian threat actors, OT security, critical infrastructure attacks, exposed PLCs https://threatdigest.io/article/more-honeypot-fingerprinting-scans-wed-apr-8th/ theAIcatchup en 2026-04-08T14:31:10.693633+00:00 Hackers Type 'Honeypot' as Username—and It Works, Exposing the Trap Cowrie honeypot, SSH scanning, attacker evasion, cybersecurity decoys, honeypot fingerprinting, threat scans https://threatdigest.io/article/is-a-30000-gpu-good-at-password-cracking/ theAIcatchup en 2026-04-08T14:07:42.143054+00:00 Why $30K AI GPUs Crash on Password Cracking Benchmarks AI hardware security, GPU benchmarks, NVIDIA H100, Specops research, password cracking, weak passwords https://threatdigest.io/article/russian-hacking-group-targets-home-and-small-office-routers-to-spy-on-users/ theAIcatchup en 2026-04-08T13:05:50.394861+00:00 Russian Hackers Flip Your Router's DNS to Watch Everything DNS hijacking, FBI cyber warning, FBI warning, Russian hackers, SOHO router vulnerabilities, router DNS hijack, router hacking, router vulnerabilities https://threatdigest.io/article/massachusetts-hospital-diverts-ambulances-as-cyberattack-causes-disruption/ theAIcatchup en 2026-04-08T12:32:27.456799+00:00 Ambulances Rerouted in Brockton: Signature Healthcare's Cyber Nightmare Unfolds Brockton Hospital, Signature Healthcare, Signature Healthcare cyberattack, ambulance diversion, healthcare cyberattack, healthcare cybersecurity, hospital disruption, hospital ransomware, ransomware https://threatdigest.io/article/shrinking-the-iam-attack-surface-through-identity-visibility-and-intelligence-platforms-ivip/ theAIcatchup en 2026-04-08T12:02:55.044791+00:00 IVIPs Expose the 46% of Identities Hiding in Enterprise Shadows IAM attack surface, IAM visibility, IAM-security, IVIP, Orchid Security, identity dark matter https://threatdigest.io/article/evasive-masjesu-ddos-botnet-targets-iot-devices/ theAIcatchup en 2026-04-08T11:29:18.381647+00:00 Masjesu Botnet: Your Forgotten IoT Gadget's Secret Life as a DDoS Weapon DDoS attacks, IoT malware, IoT security, IoT vulnerabilities, Masjesu botnet, Telegram botnets, Trellix analysis https://threatdigest.io/article/us-disrupts-russian-espionage-operation-involving-hacked-routers-and-dns-hijacking/ theAIcatchup en 2026-04-08T11:06:25.966424+00:00 FBI Crushes GRU's Router Snooping Scheme: DNS Tricks and Hacked Home Gear Exposed APT28, DNS hijacking, Fancy Bear, Forest Blizzard, GRU espionage, SOHO Routers, SOHO router hack, SOHO router hacks https://threatdigest.io/article/us-thwarts-dns-hijacking-network-controlled-by-russian-apt28-hackers/ theAIcatchup en 2026-04-08T10:10:12.354344+00:00 US FBI's Daring Router Raid Crushes Russia's DNS Spy Network APT28, DNS hijacking, FBI Operation Masquerade, Operation Masquerade, Russian GRU, Russian hackers https://threatdigest.io/article/iranbacked-threat-actors-hit-us-cni-providers-via-internetfacing-ot-assets/ theAIcatchup en 2026-04-08T08:07:21.198236+00:00 Iran's Hackers Gut US Water Plants—Via Exposed PLCs CISA advisory, CNI attacks, Iran hackers, Iranian hackers, OT security, OT vulnerabilities, Rockwell PLCs, US CNI attacks https://threatdigest.io/article/men-are-buying-hacking-tools-to-use-against-their-wives-and-friends/ theAIcatchup en 2026-04-08T07:27:53.264066+00:00 Telegram's Dark Bazaar: Men Snap Up Spy Tools to Stalk Wives and Exes Telegram abuse, hacking services, hacking tools, nonconsensual imagery, online harassment, spyware market, stalkerware abuse, stalkerware sales, telegram spyware https://threatdigest.io/article/iran-linked-hackers-disrupt-us-critical-infrastructure-by-targeting-internet-exposed-plcs/ theAIcatchup en 2026-04-08T06:51:33.099921+00:00 Iran's Hackers Crack Open America's Industrial Controls Iran hackers, Iranian hackers, OT attacks, OT security, PLCs, critical infrastructure https://threatdigest.io/article/iran-linked-hackers-disrupt-us-critical-infrastructure-via-plc-attacks/ theAIcatchup en 2026-04-08T05:06:28.433369+00:00 Iran Hackers Cripple US Water and Energy PLCs in Coordinated Strikes CyberAv3ngers, Iran hackers, PLC attacks, critical infrastructure