Today, 27 things to read .

affectedGitHub fixes RCE flaw that gave access to millions of private repossocialX 77% · Reddit 0% · GitHub 23%

GitHub fixes RCE flaw that gave access to millions of private repos

In early March, GitHub patched a critical remote code execution vulnerability ( CVE-2026-3854 ) that could have allowed attackers to access millions of private repositories.

Apr 291d ago

affectedzero-day attackssocialX 91% · Reddit 0% · GitHub 9%

CISA orders feds to patch Windows flaw exploited as zero-day

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their Windows systems against a vulnerability exploited in zero-day attacks.

affectedHackers are exploiting a critical LiteLLM pre-auth SQLi flawsocialX 95% · Reddit 0% · GitHub 5%

Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208.

affectedThe Mythos MomentsocialX 17% · Reddit 0% · GitHub 83%

The Mythos Moment: Enterprises Must Fight Agents with Agents

Only with the right platform and an agentic, AI-driven defense, will enterprises be able to protect themselves in the agentic era.

affectedWebinar TodaysocialX 1% · Reddit 0% · GitHub 99%

Webinar Today: A Step-by-Step Approach to AI Governance

Join the webinar to explore a practical, multi-layered roadmap to transition from fragmented AI usage to a governed, scalable ecosystem.

affectedAlleged Chinese State Hacker Extradited to USsocialX 4% · Reddit 0% · GitHub 96%

Alleged Chinese State Hacker Extradited to US

A member of Silk Typhoon, Xu Zewei is accused of launching cyberattacks against universities in the US.

affectedservice to elevate privileges to SystemsocialX 50% · Reddit 0% · GitHub 50%

No Patch for New PhantomRPC Privilege Escalation Technique in Windows

A fake RPC server can be used to listen for RPC requests and impersonate the target service to elevate privileges to System.

affectedMicrosoftsocialX 0% · Reddit 0% · GitHub 100%

Microsoft: New Remote Desktop warnings may display incorrectly

Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files.

affectedRobinhood account creation flaw abused to send phishing emailssocialX 33% · Reddit 0% · GitHub 67%

Robinhood account creation flaw abused to send phishing emails

Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspicious activity.

affectedAlleged Silk Typhoon hacker extradited to US for cyberespionagesocial0 · flat

Alleged Silk Typhoon hacker extradited to US for cyberespionage

A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to the United States to face criminal charges.

affectedFTCsocial0 · flat

FTC: Americans lost over $2.1 billion to social media scams in 2025

The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in 2025.

affectedPyPI package with 1.1M monthly downloads hacked to push infostealersocial0 · flat

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. The dangerous release is 0.23.

affectedattacks against Ukraine and EU countriessocial0 · flat

Incomplete Windows Patch Opens Door to Zero-Click Attacks

The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries.

affectedcertificate principals to be interpreted as list separatorssocial0 · flat

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years

A code reuse issue enabled comma characters in certificate principals to be interpreted as list separators.

affected– for persistent accesssocial0 · flat

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access.

affectedinclude Ubuntu Desktop 18social0 · flat

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access

A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages.

Apr 255d ago

affectedMicrosoft rolls out revamped Windows Insider Programsocial0 · flat

Microsoft rolls out revamped Windows Insider Program

Microsoft says it's rolling out a revamped Windows Insider Program experience as part of the broader plans to address reliability concerns in Windows 11.

affectedFirestarter malware survives Cisco firewall updates, security patchessocial0 · flat

Firestarter malware survives Cisco firewall updates, security patches

Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or Firepower

affectedWindows Updatesocial0 · flat

Windows Update gets new controls to reduce forced restarts

Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts.

affectedNew ‘Pack2TheRoot’ flaw gives hackers root Linux accesssocial0 · flat

New ‘Pack2TheRoot’ flaw gives hackers root Linux access

A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions.

affectedUkrainian government entities starting in Januarysocial0 · flat

Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver.

Apr 237d ago

affectedHackers exploit file upload bug in Breeze Cache WordPress pluginsocial0 · flat

Hackers exploit file upload bug in Breeze Cache WordPress plugin

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication.

Apr 237d ago

affectedzero-day attackssocial0 · flat

CISA orders feds to patch BlueHammer flaw exploited as zero-day

CISA has given U.S. government agencies two weeks to secure their Windows systems against a Microsoft Defender privilege escalation vulnerability that has been exploited in zero-day attacks.

Apr 228d ago

affectedstored on the devicesocial0 · flat

Apple fixes bug that let the FBI recover deleted Signal messages

Article updated with statement from Signal thanking Apple for addressing the vulnerability .

Apr 228d ago

affecteddevices by forging authentication cookiessocial0 · flat

Microsoft releases emergency patches for critical ASP.NET flaw

Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. The security flaw (tracked as CVE-2026-40372 ) was found in the ASP.

Apr 228d ago