← Latest brief

Security news.

·Afternoon Brief

Today's security landscape is marked by critical zero-day exploits and state-sponsored cyber activity. A Windows privilege escalation zero-day has been publicly leaked, while Microsoft links a Medusa ransomware affiliate to zero-day attacks, and Iran-linked groups target Israeli organizations.

BLEEPINGZERO-DAY
Apr 6READ

Windows "BlueHammer" Zero-Day Exploit Leaked

A researcher has publicly released exploit code for an unpatched Windows privilege escalation flaw, allowing attackers to gain SYSTEM or elevated administrator permissions.

BLEEPINGZERO-DAY
Apr 6READ

Microsoft Links Medusa Ransomware Affiliate to Zero-Day Attacks

Microsoft reports that Storm-1175, a China-based cybercriminal group deploying Medusa ransomware, is actively using n-day and zero-day exploits in high-velocity attacks.

THN
Apr 6READ

Iran-Linked Group Targets 300+ Israeli Microsoft 365 Orgs

An Iran-nexus threat actor is suspected of conducting a password-spraying campaign against over 300 Microsoft 365 environments in Israel and the U.A.E.

SECURITYWEEKZERO-DAY
Apr 6READ

Fortinet Rushes Emergency Fix for Exploited Zero-Day

Fortinet has released emergency fixes for an improper access control bug in FortiClient EMS (CVE-2026-35616) that allows unauthenticated attackers to execute arbitrary code remotely, which CISA has added to its KEV catalog.

THN
Apr 6READ

DPRK-Linked Hackers Use GitHub as C2 in South Korea Attacks

Threat actors likely associated with North Korea are using GitHub as command-and-control infrastructure in multi-stage attacks targeting organizations in South Korea, starting with obfuscated LNK files.

BLEEPINGBREACH
Apr 6READ

Drift Protocol's $280M Crypto Theft Linked to 6-Month In-Person Operation

The recent $280+ million hack of Drift Protocol was reportedly the result of a meticulously planned, long-term operation that included establishing an "operational presence inside the Drift ecosystem."

SECURITYWEEKMALWARE
Apr 6READ

Guardarian Users Targeted With Malicious Strapi NPM Packages

Hackers published 36 NPM packages posing as Strapi plugins to execute shells, escape containers, and harvest credentials from Guardarian users.

SECURITYWEEK
Apr 6READ

Google DeepMind Maps Web Attacks Against AI Agents

Google DeepMind researchers have identified "AI Agent Traps," a vulnerability allowing attackers to manipulate, deceive, and exploit visiting AI agents via malicious web content.

Generated twice daily from public security RSS feeds. Informational only.