Today, 92 things to read .

affectedOAuth at scale Widespread OAuth interconnectedness isn't just an AI app problemsocialX 0% · Reddit 0% · GitHub 100%

Learning from the Vercel breach: Shadow AI & OAuth sprawl

Most organizations are rightly nervous about employees adopting unapproved AI tools.

affectedGitHub fixes RCE flaw that gave access to millions of private repossocialX 77% · Reddit 0% · GitHub 23%

GitHub fixes RCE flaw that gave access to millions of private repos

In early March, GitHub patched a critical remote code execution vulnerability ( CVE-2026-3854 ) that could have allowed attackers to access millions of private repositories.

affectedzero-day attackssocialX 91% · Reddit 0% · GitHub 9%

CISA orders feds to patch Windows flaw exploited as zero-day

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their Windows systems against a vulnerability exploited in zero-day attacks.

affectedMicrosoft says backend change broke Teams Free chat and callssocialX 0% · Reddit 0% · GitHub 100%

Microsoft says backend change broke Teams Free chat and calls

Microsoft is working to resolve a known issue that prevents some Microsoft Teams Free users from chatting and calling others.

affectedBroken VECT 2.0 ransomware acts as a data wiper for large filessocialX 67% · Reddit 0% · GitHub 33%

Broken VECT 2.0 ransomware acts as a data wiper for large files

Researchers are warning that the VECT 2.0 ransomware has a problem in the way it handles encryption nonces that leads to permanently destroying larger files rather than encrypt them.

affectedHackers are exploiting a critical LiteLLM pre-auth SQLi flawsocialX 94% · Reddit 0% · GitHub 6%

Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw

Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208.

affectedVimeo user and customer datasocialX 0% · Reddit 0% · GitHub 100%

Video service Vimeo confirms Anodot breach exposed user data

Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot data anomaly detection company.

affectedThe Mythos MomentsocialX 17% · Reddit 0% · GitHub 83%

The Mythos Moment: Enterprises Must Fight Agents with Agents

Only with the right platform and an agentic, AI-driven defense, will enterprises be able to protect themselves in the agentic era.

affectedFinland earlier this month faces federal charges in the UsocialX 64% · Reddit 0% · GitHub 36%

US reportedly charges Scattered Spider hacker arrested in Finland

A 19-year-old dual United States and Estonian citizen arrested in Finland earlier this month faces federal charges in the U.S. alleging he was a prolific member of the notorious Scattered Spider hacking collective.

affectedWebinar TodaysocialX 1% · Reddit 0% · GitHub 99%

Webinar Today: A Step-by-Step Approach to AI Governance

Join the webinar to explore a practical, multi-layered roadmap to transition from fragmented AI usage to a governed, scalable ecosystem.

affectedindividuals will be notified immediatelysocialX 83% · Reddit 0% · GitHub 17%

Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data

Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository.

mediumemailexploited in the wild

Robinhood Vulnerability Exploited for Phishing Attacks

Legitimate-looking emails coming from Robinhood systems lured recipients to phishing websites.

affectedits account creation process to send out legitimate-looking phishing emailssocialX 31% · Reddit 0% · GitHub 69%

affectedVECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXisocialX 80% · Reddit 0% · GitHub 20%

VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedAlleged Chinese State Hacker Extradited to USsocialX 4% · Reddit 0% · GitHub 96%

Alleged Chinese State Hacker Extradited to US

A member of Silk Typhoon, Xu Zewei is accused of launching cyberattacks against universities in the US.

affectedExchange Online starting in July 2026socialX 0% · Reddit 0% · GitHub 100%

Microsoft to deprecate legacy TLS in Exchange Online starting July

Microsoft says it will start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026.

affectedInside an OPSEC PlaybooksocialX 58% · Reddit 0% · GitHub 42%

Inside an OPSEC Playbook: How Threat Actors Evade Detection

When cybercrime operations are disrupted, the cause is typically not due to sophisticated detection, but rather basic operational mistakes such as identity reuse, weak infrastructure separation, or overlooked metadata.

affectedDozens of Open VSX Extension Clones Linked to GlassWorm MalwaresocialX 0% · Reddit 0% · GitHub 100%

Dozens of Open VSX Extension Clones Linked to GlassWorm Malware

Over 70 cloned Open VSX extensions are likely sleeper extensions designed to distribute malware.

affectedsmaller than optimum security teamssocialX 75% · Reddit 0% · GitHub 25%

Sevii Launches Cyber Swarm Defense to Make Agentic AI Security Costs Predictable

Agentic AI can be expensive to use, causing further and unpredictable pressure on tight budgets.

affectedNSA GRASSMARLINsocialX 19% · Reddit 0% · GitHub 81%

NSA GRASSMARLIN

Apr 23, 2026 ICS Advisory | ICSA-26-113-06 Intrado 911 Emergency Gateway (EGW)

mediumexploitationexploited in the wild

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.

affectedCISA Adds Two Known Exploited Vulnerabilities to CatalogsocialX 19% · Reddit 0% · GitHub 81%

affectedWhy Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks AboutsocialX 0% · Reddit 0% · GitHub 100%

Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedElectric Motorcycles and Scooters Face Hacking Risks to Security and Rider SafetysocialX 7% · Reddit 0% · GitHub 93%

Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety

Vulnerabilities in Zero Motorcycles electric motorcycles and Yadea electric scooters can pose physical security and safety risks.

affectedservice to elevate privileges to SystemsocialX 50% · Reddit 0% · GitHub 50%

No Patch for New PhantomRPC Privilege Escalation Technique in Windows

A fake RPC server can be used to listen for RPC requests and impersonate the target service to elevate privileges to System.

affectedCritical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCEsocialX 3% · Reddit 0% · GitHub 97%

Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedFebruary 2022socialX 26% · Reddit 0% · GitHub 74%

Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials

Federal prosecutors have been conducting a preliminary investigation since mid-February 2026 into alleged cyberattacks on Signal accounts.

affectedAfter MythossocialX 60% · Reddit 0% · GitHub 40%

After Mythos: New Playbooks For a Zero-Window Era

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedMicrosoftsocialX 0% · Reddit 0% · GitHub 100%

Microsoft: New Remote Desktop warnings may display incorrectly

Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files.

affectedusers were also being signed out of their accounts and seeing "too many requests' errorssocialX 2% · Reddit 0% · GitHub 98%

Microsoft asks iPhone users to reauthenticate after Outlook outage

After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to regain access to their Outlook and Hotmail accounts via t

affectedaccelerating its engineering and go-to-market effortssocialX 1% · Reddit 0% · GitHub 99%

Spectrum Security Emerges From Stealth Mode With $19 Million

The threat detection startup will invest in accelerating its engineering and go-to-market efforts. Threat detection startup Spectrum Security has emerged from stealth mode with $19 million in seed funding.

affectedChinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research CyberattackssocialX 28% · Reddit 0% · GitHub 72%

Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedMicrosoft Patches Entra ID Role Flaw That Enabled Service Principal TakeoversocialX 7% · Reddit 0% · GitHub 93%

Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedby the incidentsocialX 50% · Reddit 0% · GitHub 50%

Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak

The ShinyHunters cybercrime group claimed to have stolen 9 million records containing personal information from Medtronic.

affectedMicrosoftsocialX 91% · Reddit 0% · GitHub 9%CVE-2026-32202

mediumexploitation

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedRobinhood account creation flaw abused to send phishing emailssocialX 33% · Reddit 0% · GitHub 67%

Robinhood account creation flaw abused to send phishing emails

Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspicious activity.

affectedGlassWorm malware attacks return via 73 OpenVSX "sleeper" extensionssocialX 7% · Reddit 0% · GitHub 93%

GlassWorm malware attacks return via 73 OpenVSX "sleeper" extensions

A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update.

affectedbe within rangesocialX 19% · Reddit 0% · GitHub 81%

Canada arrests three for operating “SMS blaster” device in Toronto

Canadian authorities have arrested three men for operating an "SMS blaster" device that pretends to be a cellular tower to send phishing texts to nearby phones.

affectedAlleged Silk Typhoon hacker extradited to US for cyberespionagesocial464 · flat

Alleged Silk Typhoon hacker extradited to US for cyberespionage

A Chinese national accused of carrying out cyberespionage operations for China's intelligence services has been extradited from Italy to the United States to face criminal charges.

affectedFTCsocial413 · up

FTC: Americans lost over $2.1 billion to social media scams in 2025

The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in 2025.

affectedPyPI package with 1.1M monthly downloads hacked to push infostealersocial446 · up

PyPI package with 1.1M monthly downloads hacked to push infostealer

An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. The dangerous release is 0.23.

affectedHome security giant ADT data breach affects 5.5 million peoplesocial464 · up

Home security giant ADT data breach affects 5.5 million people

The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant ADT earlier this month, according to data breach notification service Have

affectedCheckmarxsocial382 · up

mediumweb

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affected“certain corporate IT systemssocial439 · up

mediumweb

Medtronic confirms breach after hackers claim 9 million records theft

Medical device giant Medtronic disclosed last week that hackers breached its network and accessed data in “certain corporate IT systems.

affected⚡ Weekly Recapsocial335 · up

⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedattacks against Ukraine and EU countriessocial242 · flat

Incomplete Windows Patch Opens Door to Zero-Click Attacks

The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries.

affectedprison for laundering funds stolen in a massive $230 million cryptocurrency heistsocial195 · flat

mediumexploitation

Money launderer linked to $230M crypto heist gets 70 months in prison

22-year-old Evan Tangeman of Newport Beach, California, was sentenced to 70 months in prison for laundering funds stolen in a massive $230 million cryptocurrency heist.

affectedorganization’social208 · up

Deepfake Voice Attacks are Outpacing Defenses: What Security Leaders Should Know

By Brian Long, CEO and Co-founder, Adaptive Security In March 2025, a finance director at a multinational firm in Singapore joined what appeared to be a routine Zoom call with her senior leadership t

affectedcertificate principals to be interpreted as list separatorssocial367 · up

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years

A code reuse issue enabled comma characters in certificate principals to be interpreted as list separators.

affectedMalicious AI Prompt Injection Attacks Increasing, but Sophistication Still Lowsocial432 · flat

Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google

The tech giant found that many indirect prompt injection attempts are harmless, but some malicious exploits have also been identified.

affectedusers reporting login problems and connection issuessocial365 · up

Microsoft says Outlook.com outage is causing sign‑in failures

Microsoft is investigating an ongoing Outlook.com outage that is causing intermittent signing issues and preventing customers from accessing their mailboxes.

affectedMythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Sidesocial304 · flat

Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedPhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networkssocial468 · up

mediumexploitation

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedResearchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malwaresocial362 · flat

mediumconsumer-security

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affected100 countriessocial390 · up

Energy and Water Management Firm Itron Hacked

Itron, which serves utilities and cities around the world, discovered unauthorized access to its systems on April 13.

affected– for persistent accesssocial391 · up

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access.

affectedinclude Ubuntu Desktop 18social431 · up

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access

A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages.

affectedUS Launches Sweeping Crackdown on Southeast Asia Cyberscams and Sanctions Cambodian Senatorsocial247 · up

US Launches Sweeping Crackdown on Southeast Asia Cyberscams and Sanctions Cambodian Senator

US conducts sweeping crackdown on Southeast Asian cyberscam operations as part of what officials say is a “new theater of war”. U.S.

affectedPrivate Browsing modesocial388 · flat

Firefox Vulnerability Allows Tor User Fingerprinting

The vulnerability is tracked as CVE-2026-6770 and it has been patched with the release of Firefox 150 and Tor 15.0.10.

affectedFake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraudsocial351 · flat

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

Apr 264d ago

affectedAmerican utility firm Itron discloses breach of internal IT networksocial410 · up

American utility firm Itron discloses breach of internal IT network

Utility technology company Itron, Inc. has disclosed that an unauthorized third party accessed some of its internal systems during a cyberattack.

affectedMicrosoft rolls out revamped Windows Insider Programsocial320 · up

Microsoft rolls out revamped Windows Insider Program

Microsoft says it's rolling out a revamped Windows Insider Program experience as part of the broader plans to address reliability concerns in Windows 11.

affectedThreat actor uses Microsoft Teams to deploy new “Snow” malwaresocial303 · flat

Threat actor uses Microsoft Teams to deploy new “Snow” malware

A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named “Snow,” which includes a browser extension, a tunneler, and a backdoor.

affectedResearchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Softwaresocial421 · up

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

mediumcloudexploited in the wild

CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline

Zscaler ThreatLabz 2026 VPN Risk Report with Cybersecurity Insiders. AI collapsed human response window and turned remote access into fastest path to breach.

affectedCISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadlinesocial327 · flat

affectedADTsocial333 · up

ADT confirms data breach after ShinyHunters leak threat

Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid.

affectedFirestarter malware survives Cisco firewall updates, security patchessocial617 · flat

Firestarter malware survives Cisco firewall updates, security patches

Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or Firepower

affectedWindows Updatesocial704 · up

Windows Update gets new controls to reduce forced restarts

Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts.

affectedNew BlackFile extortion group linked to surge of vishing attackssocial437 · flat

New BlackFile extortion group linked to surge of vishing attacks

A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality organizations since February 2026.

affectedMicrosoft to roll out Entra passkeys on Windows in late Aprilsocial353 · down

Microsoft to roll out Entra passkeys on Windows in late April

Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April.

affectedNew ‘Pack2TheRoot’ flaw gives hackers root Linux accesssocial714 · up

New ‘Pack2TheRoot’ flaw gives hackers root Linux access

A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions.

affectedDORA and operational resiliencesocial332 · flat

DORA and operational resilience: Credential management as a financial risk control

Author: Eirik Salmi, System Analyst at Passwork When a threat actor walks into your network using a legitimate username and password, which control stops them?

affectedUkrainian government entities starting in Januarysocial728 · up

Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver.

mediumexploitationexploited in the wild

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.

affectedCISA Adds Four Known Exploited Vulnerabilities to Catalogsocial487 · up

affectedMicrosoft now lets admins uninstall Copilot on enterprise devicessocial220 · flat

Microsoft now lets admins uninstall Copilot on enterprise devices

Microsoft says IT administrators can now uninstall the AI-powered Copilot digital assistant from enterprise devices using a new policy setting, which has become broadly available after the April 2026 Patch Tuesday.

affectedHackers exploit file upload bug in Breeze Cache WordPress pluginsocial690 · up

Hackers exploit file upload bug in Breeze Cache WordPress plugin

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication.

affectedBitwarden CLI npm package compromised to steal developer credentialssocial306 · flat

Bitwarden CLI npm package compromised to steal developer credentials

Updated with further information from Bitwarden. The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of s

affectedTrigona ransomware attacks use custom exfiltration tool to steal datasocial373 · up

Trigona ransomware attacks use custom exfiltration tool to steal data

Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently.

affectedNew Checkmarx supply-chain breach affects KICS analysis toolsocial346 · up

New Checkmarx supply-chain breach affects KICS analysis tool

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments.

affectedCosmetics giant Rituals discloses data breach affecting customerssocial313 · up

Cosmetics giant Rituals discloses data breach affecting customers

Dutch cosmetics giant Rituals disclosed a data breach after attackers stole the personal information of an undisclosed number of customers from its "My Rituals" membership database.

affecteddaily lossessocial558 · up

Regular Password Resets Aren’t as Safe as You Think

Research from Forrester estimates that every password reset costs around $70. As one of the most common helpdesk requests, many organizations have introduced self-service password reset (SSPR) tools to reduce the load.

affectedusers that restarting the Teams client might help them work around itsocial333 · down

mediumweb

Microsoft: Some Teams users can’t join meetings after Edge update

Microsoft confirmed that a recent Microsoft Edge browser update introduced a bug that prevents Windows users from joining Teams meetings.

affectedUK warns of Chinese hackers using proxy networks to evade detectionsocial354 · flat

UK warns of Chinese hackers using proxy networks to evade detection

The United Kingdom's National Cyber Security Centre (NCSC-UK) and international partners warned that China-nexus hackers are increasingly using large-scale proxy networks of hijacked consumer devices to evade det

affectedNew GopherWhisper APT group abuses Outlook, Slack, Discord for commssocial270 · up

New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate services like Microsoft 365 Outlook, Slack, and Discord in attacks against government ent

affectedDefending Against China-Nexus Covert Networks of Compromised Devicessocial253 · flat

Defending Against China-Nexus Covert Networks of Compromised Devices

Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

affectedCarlson Software VASCO-B GNSS Receiversocial215 · up

Carlson Software VASCO-B GNSS Receiver

Apr 23, 2026 ICS Advisory | ICSA-26-113-06 Intrado 911 Emergency Gateway (EGW)

affectedHangzhou Xiongmai Technology Co., Ltd XM530 IP Camerasocial286 · flat

Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera

Apr 23, 2026 ICS Advisory | ICSA-26-113-06 Intrado 911 Emergency Gateway (EGW)

mediumexploitationexploited in the wild

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.

affectedCISA Adds One Known Exploited Vulnerability to Catalogsocial483 · up

affectedthis report is relevant for both Cisco Firepower and Secure Firewall devicessocial257 · up

FIRESTARTER Backdoor

The Cybersecurity and Infrastructure Security Agency (CISA) analyzed a sample of FIRESTARTER malware obtained from a forensic investigation.

affectedYadea T5 Electric Bicyclesocial236 · flat

Yadea T5 Electric Bicycle

Apr 23, 2026 ICS Advisory | ICSA-26-113-06 Intrado 911 Emergency Gateway (EGW)

affectedMilesight Camerassocial195 · flat

Milesight Cameras

Apr 23, 2026 ICS Advisory | ICSA-26-113-06 Intrado 911 Emergency Gateway (EGW)

affectedIntrado 911 Emergency Gateway (EGW)social333 · down

mediumother

Intrado 911 Emergency Gateway (EGW)

Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera

affectedSpiceJet Online Booking Systemsocial299 · flat

SpiceJet Online Booking System

Apr 23, 2026 ICS Advisory | ICSA-26-113-06 Intrado 911 Emergency Gateway (EGW)