https://threatdigest.io/article/16th-march-threat-intelligence-report/ CVE Watch en 2026-04-11T16:08:48.263829+00:00 Stryker Shutdown, Signal Hacks, Rogue AI Bots: The March 16 Threat Surge AI security threats, AI threats, CVE zero-days, Handala Hack, Stryker breach, Stryker cyberattack, zero-day exploits https://threatdigest.io/article/operation-truechaos-0-day-exploitation-against-southeast-asian-government-targets/ CVE Watch en 2026-04-11T16:07:25.964098+00:00 TrueChaos: How a Zero-Day in TrueConf Server Let Hackers Infiltrate SE Asian Gov Networks CVE-2026-3502, Chinese APT, Operation TrueChaos, TrueConf vulnerability, zero-day exploit https://threatdigest.io/article/silver-dragon-targets-organizations-in-southeast-asia-and-europe/ CVE Watch en 2026-04-11T16:04:54.520965+00:00 Silver Dragon's Cyber Onslaught Hits Asian and European Governments – Wake-Up Call for the Rest of Us APT41, Check Point Research, China cyber espionage, China cyber threats, Chinese APT, Silver Dragon, Southeast Asia hacking https://threatdigest.io/article/2025-the-untold-stories-of-check-point-research/ CVE Watch en 2026-04-11T16:00:22.785992+00:00 Check Point's 2025 Threat Vault: Hidden Campaigns That Defy Predictions 2025 cyber threats, Check Point Research, financial cybercrime, state-sponsored attacks https://threatdigest.io/article/23rd-march-threat-intelligence-report/ CVE Watch en 2026-04-11T16:00:09.787167+00:00 2.6 Million Records Leaked in Employee Benefits Breach: March 23 Threat Intel Roundup AI cyber threats, AI threats, CVE exploits, CVEs 2026, cyber breaches 2026, data breaches, data breaches 2026, ransomware exploits, threat intelligence report, threat report March https://threatdigest.io/article/chatgpt-data-leakage-via-a-hidden-outbound-channel-in-the-code-execution-runtime/ CVE Watch en 2026-04-11T15:58:11.375727+00:00 ChatGPT's Secret Backdoor: Your Private Chats Are Leaking Out AI sandbox flaw, AI security flaw, ChatGPT data leakage, ChatGPT vulnerability, OpenAI security flaw, OpenAI vulnerability, code execution exploit, code execution leak, code execution sandbox, data exfiltration https://threatdigest.io/article/caught-in-the-hook-rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536-cve-2026-21852/ CVE Watch en 2026-04-11T15:55:19.672940+00:00 Claude Code's Hidden Hooks Could Turn Your AI Projects into Hacker Havens API Token Exfiltration, API token theft, Anthropic security, CVE-2025-59536, Claude Code RCE, Claude Code vulnerability, RCE exploit https://threatdigest.io/article/2nd-march-threat-intelligence-report/ CVE Watch en 2026-04-11T15:53:37.270062+00:00 ShinyHunters Extorts Wynn Resorts: Employee Data Breached, Ops Intact ShinyHunters, Wynn Resorts, Wynn Resorts breach, casino cybersecurity, casino hacks, data breach, employee data leak, extortion threat, threat intelligence https://threatdigest.io/article/30th-march-threat-intelligence-report/ CVE Watch en 2026-04-11T15:48:51.699361+00:00 FBI Director's Gmail Hacked by Iranian Group: The Wild Week in Cyber Threats AI vulnerabilities, Cisco CVE-2026-20131, FBI breach, Handala Hack, nation-state threats, ransomware attacks https://threatdigest.io/article/interplay-between-iranian-targeting-of-ip-cameras-and-physical-warfare-in-the-middle-east/ CVE Watch en 2026-04-11T15:47:16.405934+00:00 Iran's IP Camera Hack Waves Herald Missile Barrages in Middle East Hikvision Dahua CVEs, Hikvision Dahua exploits, IP camera hacks, IP camera vulnerabilities, Iran cyber attacks, Middle East conflict cyber, Middle East hybrid warfare, battle damage assessment https://threatdigest.io/article/iranian-mois-actors-the-cyber-crime-connection/ CVE Watch en 2026-04-11T15:43:57.301393+00:00 Iran's Spies Hack the Cyber Underworld APT groups, Check Point Research, Iranian MOIS, cyber crime, cyber crime connection, cyber crime ecosystem, nation-state actors, nation-state cyber threats https://threatdigest.io/article/ai-threat-landscape-digest-january-february-2026/ CVE Watch en 2026-04-11T15:42:31.932441+00:00 VoidLink: How One Dev Used AI to Build Pro-Level Malware in Weeks AI-assisted malware, TRAE SOLO, VoidLink, VoidLink framework, agentic AI abuse, agentic AI threats, cyber threat intelligence, cyber threat landscape https://threatdigest.io/article/9th-march-threat-intelligence-report/ CVE Watch en 2026-04-11T15:39:37.082336+00:00 AkzoNobel's Paint Plant Hack: Ransomware Reality Check from Check Point's Latest Report AkzoNobel cyberattack, Anubis ransomware, Check Point Research, manufacturing ransomware, threat intelligence, threat intelligence report https://threatdigest.io/article/handala-hack-unveiling-groups-modus-operandi/ CVE Watch en 2026-04-11T15:32:17.713830+00:00 Handala Hack: Iran's Destructive Cyber Playbook Finally Cracked Open Check Point Research, Handala Hack, Iranian cyber attacks, Iranian hackers, Iranian threat actor, Void Manticore, data wipers, wiper attacks https://threatdigest.io/article/6th-april-threat-intelligence-report/ CVE Watch en 2026-04-11T15:25:38.474446+00:00 April's Cyber Onslaught: AI Poisons, Mega Breaches, Zero-Days AI security threats, data breaches 2026, threat intelligence report, zero-day vulnerabilities https://threatdigest.io/article/apt28-deploys-prismex-malware-in-campaign-targeting-ukraine-and-nato-allies/ CVE Watch en 2026-04-11T10:26:00.133279+00:00 APT28's PRISMEX Sneaks Into Ukraine's Veins, Wiping Emergency Lifelines APT28, NATO threats, PRISMEX, PRISMEX malware, Ukraine cyber attacks, steganography, steganography malware, zero-day exploits https://threatdigest.io/article/shrinking-the-iam-attack-surface-through-identity-visibility-and-intelligence-platforms-ivip/ CVE Watch en 2026-04-11T10:22:30.898044+00:00 IVIP: Gartner's Bid to Illuminate Identity's Dark Matter — Or Vendor Smoke? IAM, IAM Attack Surface, IVIP, Identity Visibility, Orchid Security https://threatdigest.io/article/threatsday-bulletin-hybrid-p2p-botnet-13-year-old-apache-rce-and-18-more-stories/ CVE Watch en 2026-04-11T10:21:05.414417+00:00 Phorpiex's Hybrid Botnet Surge: 125K Daily Infections Amid Apache's 13-Year RCE Wake-Up Apache ActiveMQ RCE, Phorpiex Twizt, ai ddos attacks, apache rce, cyber fraud 2025, cyber fraud losses, hybrid P2P botnet, phorpiex botnet https://threatdigest.io/article/men-are-buying-hacking-tools-to-use-against-their-wives-and-friends/ CVE Watch en 2026-04-11T10:21:00.226525+00:00 Inside Telegram's Shadow Markets: Men Arming Up with Spyware Against Wives AI Forensics, Telegram hacking groups, Telegram spyware, cyberstalking, digital-violence, domestic cyber-harassment, hacking tools wives, online surveillance tools, online-harassment, spyware-stalking, stalkerware, stalkerware market, telegram-abuse https://threatdigest.io/article/anthropics-mythos-will-force-a-cybersecurity-reckoningjust-not-the-one-you-think/ CVE Watch en 2026-04-11T10:17:56.263185+00:00 Anthropic's Mythos Preview: The AI That Hunts Bugs Better Than Your Team AI cybersecurity, AI exploits, Anthropic AI, Anthropic Claude, Anthropic Mythos, Claude AI, Claude Mythos Preview, Mythos Preview, Project Glasswing, cybersecurity AI threat, cybersecurity threats, exploit chains https://threatdigest.io/article/engagelab-sdk-flaw-exposed-50m-android-users-including-30m-crypto-wallet-installs/ CVE Watch en 2026-04-11T10:16:42.823763+00:00 EngageLab SDK's Hidden Flaw Cracked Open 50 Million Android Devices — Crypto Wallets in the Crosshairs Android vulnerability, EngageLab SDK, crypto wallet security, intent redirection https://threatdigest.io/article/iran-linked-hackers-disrupt-us-critical-infrastructure-by-targeting-internet-exposed-plcs/ CVE Watch en 2026-04-11T10:16:21.635443+00:00 Iranian Hackers Slip Into U.S. Water Plants and Power Grids Through Dumb Internet-Exposed PLCs Iran hackers, Iranian hackers, OT attacks, OT security, PLCs, PLCs vulnerabilities, critical infrastructure, cyber escalation https://threatdigest.io/article/industry-reactions-to-iran-hacking-ics-in-critical-infrastructure-feedback-friday/ CVE Watch en 2026-04-11T10:10:22.617571+00:00 Iranian Hackers Tamper with US Water and Power PLCs: The OT Blind Spot Exposed ICS attacks, Iran hackers, OT security, PLC vulnerabilities, PLCs exposed, critical infrastructure https://threatdigest.io/article/google-rolls-out-cookie-theft-protections-in-chrome/ CVE Watch en 2026-04-11T10:09:36.691298+00:00 Google's Chrome Cookie Lock: Good for Users, But Malware's Not Done Yet Chrome DBSC, Google Chrome update, browser security, cookie theft, cookie theft protection, malware defense, session credentials, session security https://threatdigest.io/article/n-korean-hackers-spread-1700-malicious-packages-across-npm-pypi-go-rust/ CVE Watch en 2026-04-11T10:08:45.729277+00:00 North Korean Hackers Slip 1,700 Poison Pills into npm, PyPI, and Beyond Contagious Interview, North Korean hackers, malicious npm packages, npm malware, supply chain attack https://threatdigest.io/article/orthanc-dicom-vulnerabilities-lead-to-crashes-rce/ CVE Watch en 2026-04-11T10:07:59.181387+00:00 Orthanc DICOM Server's Nine Flaws: From Crashes to Remote Code Nightmares CERT-CC advisory, DICOM security, Orthanc vulnerabilities, RCE flaws, RCE healthcare, medical imaging exploits https://threatdigest.io/article/browser-extensions-are-the-new-ai-consumption-channel-that-no-one-is-talking-about/ CVE Watch en 2026-04-11T10:07:32.685485+00:00 99% of Enterprise Users Pack Browser Extensions – AI Ones Are the Sneaky Security Nightmare AI browser extensions, LayerX report, browser security, enterprise AI risks, enterprise risks, enterprise threats, security blind spot https://threatdigest.io/article/this-fake-windows-support-website-delivers-password-stealing-malware/ CVE Watch en 2026-04-11T10:07:13.309954+00:00 Fake Windows Update in France Steals Passwords from Breach-Exposed Users Electron infostealer, Electron malware, France data breaches, Windows malware, Windows update scam, fake Windows update, password stealer, password-stealing malware https://threatdigest.io/article/politicians-are-spending-more-money-on-security-as-they-increasingly-become-targets/ CVE Watch en 2026-04-11T10:04:39.044579+00:00 Politicians' Security Tabs Explode 5x as Threats Hit Home — Literally FEC data, FEC security data, campaign finance security, campaign security spending, campaign threats, election threats, election violence, political security spending, political threats, political violence, state security laws https://threatdigest.io/article/the-hidden-security-risks-of-shadow-ai-in-enterprises/ CVE Watch en 2026-04-11T10:03:43.415062+00:00 Shadow AI Is Already Leaking Enterprise Data — And No One's Watching AI governance, data exposure, data leaks, enterprise security, enterprise security risks, shadow AI https://threatdigest.io/article/apple-intelligence-ai-guardrails-bypassed-in-new-attack/ CVE Watch en 2026-04-11T10:02:58.087745+00:00 Apple Intelligence's Shield Cracked: Hackers Sneak Past Your iPhone's AI Brain Guards AI guardrails, AI guardrails bypass, AI guardrails bypassed, Apple Intelligence, RSAC attack, RSAC research, prompt injection, unicode-attack https://threatdigest.io/article/chrome-147-patches-60-vulnerabilities-including-two-critical-flaws-worth-86000/ CVE Watch en 2026-04-11T10:02:47.599100+00:00 Chrome 147's $86K WebML Double-Whammy: Two Critical Bugs That Could Crack the Browser Sandbox CVE-2026-5858, Chrome 147, WebML vulnerabilities, browser security patches, bug bounties, bug bounty https://threatdigest.io/article/we-were-not-ready-for-this-lebanons-emergency-system-is-hanging-by-a-thread/ CVE Watch en 2026-04-11T10:02:18.749877+00:00 Lebanon's Jury-Rigged Crisis Tracker: Holding the Line in Israel's Shadow Israel Lebanon war, Israeli strikes Lebanon, Lebanon crisis, Lebanon emergency system, Lebanon war tech, crisis tracking platform, digital aid tracking, digital humanitarian aid, digital infrastructure crisis, displacement tracking, emergency digital platform, emergency displacement system, war displacement tech, war tech infrastructure https://threatdigest.io/article/new-chaos-variant-targets-misconfigured-cloud-deployments-adds-socks-proxy/ CVE Watch en 2026-04-11T10:01:54.845288+00:00 Chaos Botnet Goes After Cloud Goofs, Slaps on a SOCKS Proxy for Extra Sneakiness Chaos malware, SOCKS proxy, botnet evolution, cloud security https://threatdigest.io/article/anthropics-claude-mythos-finds-thousands-of-zero-day-flaws-across-major-systems/ CVE Watch en 2026-04-11T10:00:11.775712+00:00 Claude Mythos Cracks Open Zero-Days Everywhere – Then Breaks Free AI cybersecurity, AI sandbox escape, Anthropic, Anthropic AI, Claude Mythos, Project Glasswing, zero-day vulnerabilities https://threatdigest.io/article/obfuscated-javascript-or-nothing-thu-apr-9th/ CVE Watch en 2026-04-11T09:59:55.931476+00:00 Phishing RAR Drops 10MB Obfuscated JS That Loads Formbook Stealer Formbook malware, Formbook stealer, PowerShell evasion, PowerShell payload, malware evasion, obfuscated JavaScript, phishing RAR, phishing malware https://threatdigest.io/article/mitre-releases-fight-fraud-framework/ CVE Watch en 2026-04-11T09:57:31.189739+00:00 MITRE's F3 Framework Exposes Fraudsters' Hidden Playbook ATT&CK extension, ATT&CK framework, MITRE F3, cyber fraud, cyber fraud TTPs, cyber fraud framework, fight fraud framework, fraud TTPs https://threatdigest.io/article/ai-led-remediation-crisis-prompts-hackerone-to-pause-bug-bounties/ CVE Watch en 2026-04-11T09:57:26.817199+00:00 HackerOne Pauses Bug Bounties as AI Overwhelms Open Source Fixes AI remediation crisis, AI security, AI security tools, HackerOne, bug bounties, open source security, open source vulnerabilities https://threatdigest.io/article/russias-fancy-bear-apt-continues-its-global-onslaught/ CVE Watch en 2026-04-11T09:56:18.889753+00:00 Fancy Bear's 2023 Rampage: 100+ Targets, No Sophistication Required APT28, Fancy Bear, Russia cyber attacks, zero trust, zero trust security https://threatdigest.io/article/more-honeypot-fingerprinting-scans-wed-apr-8th/ CVE Watch en 2026-04-11T09:55:53.940959+00:00 Attackers Taunt Honeypots with Absurd Logins – And They're Winning Cowrie, Cowrie honeypot, SSH attacks, SSH scans, fingerprinting, honeypot fingerprinting, honeypots, threat detection, threat hunting, threat scans https://threatdigest.io/article/masjesu-botnet-emerges-as-ddos-for-hire-service-targeting-global-iot-devices/ CVE Watch en 2026-04-11T09:55:26.734056+00:00 Masjesu Botnet: Stealth DDoS Mercenary Invades IoT DDoS-for-hire, IoT malware, Masjesu Botnet, XorBot https://threatdigest.io/article/fake-claude-site-installs-malware-that-gives-attackers-access-to-your-computer/ CVE Watch en 2026-04-11T09:55:18.016333+00:00 Claude Fans, One Wrong Click Hands Hackers Your Whole PC AI phishing scam, Claude phishing, DLL sideloading, PlugX RAT, PlugX malware, fake Claude malware, fake Claude site https://threatdigest.io/article/glassworm-campaign-uses-zig-dropper-to-infect-multiple-developer-ides/ CVE Watch en 2026-04-11T09:54:44.812961+00:00 GlassWorm's Zig Dropper Turns Dev IDEs into Malware Hives GlassWorm Campaign, IDE infection, IDE infections, VS Code extensions, VS Code malware, Zig dropper, malware targeting IDEs https://threatdigest.io/article/your-next-breach-will-look-like-business-as-usual/ CVE Watch en 2026-04-11T09:53:26.707263+00:00 Credential Attacks: The Breach That Logs In Like Your Barista AI detection shifts, UEBA, UEBA tools, behavioral analytics, breach detection, breach prevention, credential-based attacks, cybersecurity models, cybersecurity shifts, threat detection https://threatdigest.io/article/do-ceasefires-slow-cyberattacks-history-suggests-not/ CVE Watch en 2026-04-11T09:52:31.182960+00:00 Ceasefires Never Paused Iranian Cyber Ops—Data Proves It APT33, IRGC cyber units, Iranian hackers, MuddyWater, ceasefires cyberattacks, cyber truce myths, cyberattacks ceasefires, geopolitical cyber threats, nation-state cyber ops https://threatdigest.io/article/atomic-stealer-macos-clickfix-attack-bypasses-apple-security-warnings/ CVE Watch en 2026-04-11T09:52:04.652902+00:00 Atomic Stealer Slips Past Apple's Terminal Guard Using Script Editor Sleight-of-Hand Apple security bypass, Atomic Stealer, ClickFix attack, Jamf Threat Labs, macOS malware https://threatdigest.io/article/eurail-says-december-data-breach-impacts-300000-individuals/ CVE Watch en 2026-04-11T09:51:31.304007+00:00 Eurail Breach Dumps 300K Travelers' Data into Hackers' Hands Eurail data breach, European railways security, GDPR fines, identity theft risk, passport theft, personal data theft, personal information theft, rail cybersecurity, travel data leak, travel data theft, travel security https://threatdigest.io/article/on-microsofts-lousy-cloud-security/ CVE Watch en 2026-04-11T09:51:29.786321+00:00 Microsoft's Government Cloud: Approved Despite 'Pile of Shit' Security Docs FedRAMP, FedRAMP approval, GCC High, Microsoft GCC High, Microsoft cloud security, ProPublica report, cloud security, cloud security failures, government cloud, government cloud risks https://threatdigest.io/article/juniper-networks-patches-dozens-of-junos-os-vulnerabilities/ CVE Watch en 2026-04-11T09:50:43.521189+00:00 Juniper's Junos OS Nightmare: 36 Flaws That Could Hand Attackers Your Network Keys CVE-2026-33784, Juniper Networks, Junos OS, Junos OS vulnerabilities, privilege escalation https://threatdigest.io/article/bluehammer-windows-zero-day-exploit-signals-microsoft-bug-disclosure-issues/ CVE Watch en 2026-04-11T09:49:52.144867+00:00 BlueHammer Zero-Day Exposes Microsoft's Patch Paralysis BlueHammer, BlueHammer exploit, Chaotic Eclipse, Microsoft bug bounty, Microsoft exploit, Windows zero-day, exploit disclosure, privilege escalation https://threatdigest.io/article/bitter-linked-hack-for-hire-campaign-targets-journalists-across-mena-region/ CVE Watch en 2026-04-11T09:49:04.491841+00:00 Bitter's Hack-for-Hire Blitz Hits MENA Journalists, Echoing Indian Spy Reach Bitter APT, Indian cyber espionage, MENA phishing, OAuth attacks, hack-for-hire, spear phishing https://threatdigest.io/article/teampcp-supply-chain-campaign-update-007-cisco-source-code-stolen-via-trivy-linked-breach-google-gtig-tracks-teampcp-as-unc6780-and-cisa-kev-deadline-arrives-with-no-standalone-advisory-wed-apr-8th/ CVE Watch en 2026-04-11T09:48:12.706325+00:00 Cisco's Source Code Raided: TeamPCP's Trivy Breach Exposes 300+ Repos and Gov Clients Cisco breach, TeamPCP, Trivy CVE, Trivy supply chain, Trivy vulnerability, UNC6780 https://threatdigest.io/article/google-rolls-out-dbsc-in-chrome-146-to-block-session-theft-on-windows/ CVE Watch en 2026-04-11T09:48:05.952757+00:00 Chrome's DBSC Finally Ships: Session Theft's Days Are Numbered Chrome 146, DBSC, cookie stealing malware, infostealer malware, malware stealers, session theft https://threatdigest.io/article/webinar-from-noise-to-signal-what-threat-actors-are-targeting-next/ CVE Watch en 2026-04-11T09:47:56.993161+00:00 Dark Web Chatter: The Signals Threat Actors Can't Hide Before They Strike Flare Systems, access brokers, dark web chatter, dark web monitoring, dark web signals, proactive defense, threat actors, threat intelligence https://threatdigest.io/article/middle-east-hack-for-hire-operation-traced-to-south-asian-cyber-espionage-group/ CVE Watch en 2026-04-11T09:46:47.950767+00:00 Bitter APT's ProSpy Spyware Hits Mideast Journalists Hard Bitter APT, Middle East cyber attacks, Middle East phishing, ProSpy spyware, hack-for-hire, spear phishing https://threatdigest.io/article/microsoft-finds-vulnerability-exposing-millions-of-android-crypto-wallet-users/ CVE Watch en 2026-04-11T09:46:15.391535+00:00 Microsoft Uncovers Android SDK Flaw Risking 30 Million Crypto Wallets Android vulnerability, EngageSDK flaw, Microsoft security research, crypto wallet security, crypto-wallets, engagesdk, intent redirection, microsoft-security https://threatdigest.io/article/russian-hacking-group-targets-home-and-small-office-routers-to-spy-on-users/ CVE Watch en 2026-04-11T09:45:49.146360+00:00 APT28 Turns Your Home Router into Russia's Spy Tool APT28, DNS hijacking, Fancy Bear, SOHO Routers, TP-Link vulnerability https://threatdigest.io/article/just-three-ransomware-gangs-accounted-for-40-of-attacks-last-month/ CVE Watch en 2026-04-11T09:45:42.394383+00:00 Qilin, Akira, Dragonforce: Ransomware's Brutal Top Trio Claims 40% of March Carnage Akira ransomware, Check Point, Dragonforce, Dragonforce RaaS, Qilin ransomware, ransomware attacks, ransomware attacks 2026 https://threatdigest.io/article/healthcare-it-solutions-provider-chipsoft-hit-by-ransomware-attack/ CVE Watch en 2026-04-11T09:45:28.918751+00:00 ChipSoft Ransomware Cripples Dutch Hospitals' EHR Backbone ChipSoft ransomware, Dutch hospitals, Dutch hospitals hack, Dutch hospitals outage, EHR breach, EHR outage, HiX EHR outage, Z-CERT, healthcare IT attack, healthcare cyberattack https://threatdigest.io/article/adobe-reader-zero-day-exploited-via-malicious-pdfs-since-december-2025/ CVE Watch en 2026-04-11T09:45:24.172349+00:00 Adobe Reader Zero-Day Powers Sneaky PDF Attacks on Oil Pros Since Late 2025 Adobe Reader zero-day, PDF exploit, RCE sandbox escape, RCE vulnerability, Russian malware, data exfiltration, malicious JavaScript, malicious PDFs, zero-day vulnerability https://threatdigest.io/article/new-lucidrook-malware-used-in-targeted-attacks-on-ngos-universities/ CVE Watch en 2026-04-11T09:45:17.492041+00:00 LucidRook's Lua Stealth Assault on Taiwan's NGOs and Universities Cisco Talos, Lua malware, LucidRook, LucidRook malware, Taiwan attacks, Taiwan cyberattacks, Taiwan phishing, spear phishing https://threatdigest.io/article/us-thwarts-dns-hijacking-network-controlled-by-russian-apt28-hackers/ CVE Watch en 2026-04-11T09:44:46.804023+00:00 US Crushes APT28's Sneaky Router Takeover Plot APT28, DNS hijacking, Operation Masquerade, Russian GRU, SOHO Routers https://threatdigest.io/article/number-usage-in-passwords-take-two-thu-apr-9th/ CVE Watch en 2026-04-11T09:44:31.001133+00:00 Bots Are Already Guessing Passwords with 2027 — a Full Year Early DDoS probes, bot predictions, botnets, cyber threats, future years passwords, honeypots, password brute-force, password cracking, year patterns https://threatdigest.io/article/microsoft-canadian-employees-targeted-in-payroll-pirate-attacks/ CVE Watch en 2026-04-11T09:44:13.902349+00:00 Inside the Payroll Pirate Heist: How Storm-2755 Stole Salaries from Microsoft Workers AiTM attacks, AiTM phishing, Microsoft 365 security, Storm-2755, payroll pirate attacks https://threatdigest.io/article/new-venom-phishing-attacks-steal-senior-executives-microsoft-logins/ CVE Watch en 2026-04-11T09:43:51.522281+00:00 VENOM Phishing: Execs' Microsoft Logins in Crosshairs C-suite attacks, MFA bypass, Microsoft AiTM, Microsoft credential theft, PhaaS, QR code phishing, VENOM phishing, executive phishing https://threatdigest.io/article/bitcoin-depot-reports-36m-crypto-theft-after-system-breach/ CVE Watch en 2026-04-11T09:41:25.639150+00:00 Bitcoin Depot's $3.6M Bitcoin Heist: Hackers Strike Corporate Vaults Again Bitcoin ATM breach, Bitcoin ATM hack, Bitcoin Depot, Bitcoin Depot hack, crypto theft, cyber breach, cybersecurity incident https://threatdigest.io/article/iranbacked-threat-actors-hit-us-cni-providers-via-internetfacing-ot-assets/ CVE Watch en 2026-04-11T09:40:54.992179+00:00 Iranian Hackers Punch Through US Water Plants Using Exposed Factory PLCs CISA advisory, CNI attacks, Iran hackers, OT PLC vulnerabilities, OT vulnerabilities, Rockwell Automation, Rockwell PLCs, US CNI attacks https://threatdigest.io/article/claude-discovers-apache-activemq-bug-hidden-for-13-years/ CVE Watch en 2026-04-11T09:40:21.695014+00:00 Claude AI Digs Up 13-Year RCE Lurking in Apache ActiveMQ Apache ActiveMQ, CVE-2026-34197, Claude AI, RCE vulnerability https://threatdigest.io/article/when-attackers-already-have-the-keys-mfa-is-just-another-door-to-open/ CVE Watch en 2026-04-11T09:40:16.969147+00:00 Wearable Biometrics Finally Fix Stolen Credential Hell MFA bypass, Token security, phishing attacks, phishing prevention, phishing relays, stolen credentials, wearable biometrics https://threatdigest.io/article/in-other-news-cyberattack-stings-stryker-windows-zero-day-china-supercomputer-hack/ CVE Watch en 2026-04-11T09:40:05.277907+00:00 Fed Frets Over Anthropic's Mythos AI as Mac Stealers and Zero-Days Ignite Cyber Firestorm AI security risks, Anthropic Mythos, Windows zero-day, cybersecurity roundup, macOS stealer, post-quantum crypto, post-quantum cryptography https://threatdigest.io/article/can-anthropic-keep-its-exploit-writing-ai-out-of-the-wrong-hands/ CVE Watch en 2026-04-11T09:38:53.418939+00:00 Anthropic's Mythos Preview Hunts Zero-Days — But Who Controls the Leash? AI security risks, AI security tools, Anthropic Mythos, vulnerability AI, vulnerability discovery, zero-day exploits https://threatdigest.io/article/uat-10362-targets-taiwanese-ngos-with-lucidrook-malware-in-spear-phishing-campaigns/ CVE Watch en 2026-04-11T09:38:24.396366+00:00 LucidRook Unleashed: New Lua Malware Stalks Taiwan's NGOs in Stealthy Spear-Phishing Cisco Talos, DLL side-loading, LucidRook, LucidRook malware, Taiwan spear-phishing, UAT-10362, spear-phishing Taiwan https://threatdigest.io/article/cpuid-hacked-to-deliver-malware-via-cpu-z-hwmonitor-downloads/ CVE Watch en 2026-04-11T09:37:38.799071+00:00 CPUID's Trusted Tools Turn Toxic: Hackers Poison CPU-Z and HWMonitor Downloads CPU-Z malware, CPUID hack, HWMonitor trojan, infostealer trojan, supply chain attack https://threatdigest.io/article/google-warns-of-new-threat-group-targeting-bpos-and-helpdesks/ CVE Watch en 2026-04-11T09:37:29.074026+00:00 Google Exposes UNC6783: Chat-Phishing Extortion Wave Hits BPOs Where It Hurts BPO phishing, Google Threat Intelligence, MFA bypass, UNC6783, Zendesk spoofing, extortion via chat, live chat attacks https://threatdigest.io/article/critical-vulnerability-in-ninja-forms-exposes-wordpress-sites/ CVE Watch en 2026-04-11T09:36:15.887327+00:00 Ninja Forms' Deadly Upload Flaw Lets Hackers Seize WordPress Sites in Seconds Ninja Forms vulnerability, RCE WordPress, WordPress security, cvss 9.8, file upload exploit, wordfence bounty, wordpress rce https://threatdigest.io/article/critical-marimo-flaw-exploited-hours-after-public-disclosure/ CVE Watch en 2026-04-11T09:33:06.990914+00:00 Attackers Crack Marimo's RCE Flaw in Under 10 Hours — No PoC Needed CVE-2026-39987, Marimo vulnerability, RCE exploit, Sysdig honeypot https://threatdigest.io/article/google-rolls-out-gmail-end-to-end-encryption-on-mobile-devices/ CVE Watch en 2026-04-11T09:31:46.514485+00:00 Gmail's Mobile E2EE Unlocks – Enterprise Privacy Gets Real Gmail E2EE, Google Workspace, client-side encryption, end-to-end encryption, enterprise email security, enterprise privacy, enterprise security https://threatdigest.io/article/threat-actors-get-crafty-with-emojis-to-escape-detection/ CVE Watch en 2026-04-11T09:29:44.115548+00:00 Hackers Ditch Code Words for Emojis to Slip Past Filters cyber evasion tactics, cybercrime communication, cybercrime tactics, dark web communication, dark web markets, detection evasion, emoji evasion, malware marketplaces, malware obfuscation, threat actor tactics, threat actors emojis https://threatdigest.io/article/russias-forest-blizzard-nabs-rafts-of-logins-via-soho-routers/ CVE Watch en 2026-04-11T09:28:07.390281+00:00 Forest Blizzard's Router Trick Steals Logins Worldwide APT28, DNS hijacking, Forest Blizzard, SOHO Routers https://threatdigest.io/article/cracks-in-the-bedrock-agent-god-mode/ CVE Watch en 2026-04-11T09:27:23.394302+00:00 AWS Bedrock AgentCore's God Mode: One Toolkit, Total Account Takeover AI agent security, AWS Bedrock AgentCore, Agent God Mode, AgentCore, AgentCore vulnerability, Amazon Bedrock, IAM Vulnerability, IAM privilege escalation, privilege escalation https://threatdigest.io/article/nearly-4000-us-industrial-devices-exposed-to-iranian-cyberattacks/ CVE Watch en 2026-04-11T09:27:14.656345+00:00 4,000 U.S. Factory PLCs Begging for Iranian Hackers Iranian cyberattacks, OT security, Rockwell Automation PLCs, critical infrastructure https://threatdigest.io/article/google-chrome-adds-infostealer-protection-against-session-cookie-theft/ CVE Watch en 2026-04-11T09:27:05.544305+00:00 Chrome's Hardware Trick to Kill Stolen Cookies: Smart Fix or Dev Headache? Chrome DBSC, DBSC, Google Chrome, Google security update, TPM security, infostealer malware, session cookie theft https://threatdigest.io/article/hackers-exploiting-acrobat-reader-zero-day-flaw-since-december/ CVE Watch en 2026-04-11T09:23:13.658394+00:00 Adobe Acrobat Zero-Day Active Since December—Users Exposed Adobe Acrobat, Adobe Acrobat Reader, CVE-2024-36364, PDF exploit, PDF vulnerability, acrobat reader zero-day, adobe pdf vulnerability, adobe vulnerability, cve-2024-20766, rce attack, remote code execution, zero-day exploit, zero-day vulnerability https://threatdigest.io/article/hims-breach-exposes-the-most-sensitive-kinds-of-phi/ CVE Watch en 2026-04-11T09:19:49.568751+00:00 Hims Hack Outs User's Bald Spots, ED Meds, and Weight Loss Secrets Hims breach, PHI exposure, Scattered Spider, data extortion, health data leak, telehealth hack, telehealth security https://threatdigest.io/article/iranian-threat-actors-disrupt-us-critical-infrastructure-via-exposed-plcs/ CVE Watch en 2026-04-11T09:17:06.452952+00:00 Iranian Hackers Hijack US PLCs: The Digital Sabotage We Saw Coming Iranian threat actors, OT security, critical infrastructure, exposed PLCs https://threatdigest.io/article/analysis-of-one-billion-cisa-kev-remediation-records-exposes-limits-of-human-scale-security/ CVE Watch en 2026-04-11T09:11:49.351642+00:00 Billion CISA Records Prove Human Security Can't Keep Up AI threats, CISA KEV, Qualys research, human-scale security, vulnerability remediation https://threatdigest.io/article/smart-slider-updates-hijacked-to-push-malicious-wordpress-joomla-versions/ CVE Watch en 2026-04-11T09:09:41.829401+00:00 Smart Slider's Poisoned Update: Hackers Slip Backdoors into 900K WordPress Sites Joomla backdoor, Smart Slider 3 Pro, Smart Slider hack, WordPress malware, plugin supply chain attack, supply chain attack