← Latest brief

Security news.

·Afternoon Brief

Today's security brief highlights critical vulnerabilities and active exploitation across various platforms, alongside significant financial losses due to sophisticated cyberattacks. Organizations are urged to address newly disclosed flaws and be aware of evolving threat tactics.

BLEEPINGBREACH
Apr 2READ

Drift Protocol loses $280 million in sophisticated hack

The Drift Protocol suffered a loss of at least $280 million after a threat actor gained control of its Security Council administrative powers through a planned, sophisticated operation.

SECURITYWEEKBREACH
Apr 2READ

Critical vulnerability found in Claude Code after source leak

A critical vulnerability was discovered in Anthropic's Claude Code, days after its source code was inadvertently leaked.

THNPATCH
Apr 2READ

Cisco patches critical 9.8 CVSS flaws in IMC and SSM

Cisco released updates to address a critical security flaw (CVE-2026-20093) in its Integrated Management Controller (IMC) and other high-severity vulnerabilities that could allow remote system compromise.

BLEEPINGRCE
Apr 2READ

Progress ShareFile flaws allow pre-auth RCE attacks

Two vulnerabilities in Progress ShareFile can be chained to enable unauthenticated file exfiltration and potentially remote code execution from affected environments.

CISAKEV
Apr 2READ

CISA adds TrueConf Client vulnerability to KEV catalog

CISA has added CVE-2026-3502, a TrueConf Client Download of Code Without Integrity Check Vulnerability, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation.

SECURITYWEEKBREACH
Apr 2READ

Nacogdoches Memorial Hospital data breach affects 250,000

A data breach at Nacogdoches Memorial Hospital in January 2026 resulted in a threat actor hacking their internal network and stealing personal and health information of 250,000 individuals.

SECURITYWEEKEXPLOIT
Apr 2READ

Apple rolls out DarkSword exploit protection to more devices

Apple has expanded its deployment of protections against the DarkSword exploit kit, which has been utilized by both state-sponsored hackers and commercial spyware vendors.

BLEEPING
Apr 2READ

Residential proxies evade IP reputation checks in 78% of sessions

Researchers warn that residential proxies are significantly problematic for IP reputation systems, having evaded checks in 78% of 4 billion sessions due to the difficulty in distinguishing malicious from legitimate traffic.

Generated twice daily from public security RSS feeds. Informational only.