← Latest brief

Security news.

·Morning Brief

Today's cybersecurity landscape highlights critical vulnerabilities and ongoing threat actor activity. Researchers demonstrated new GPU Rowhammer attacks for privilege escalation, while CISA added another actively exploited vulnerability to its catalog. Law enforcement also made strides in identifying ransomware leaders, underscoring the persistent fight against cybercrime.

THNMALWARE
Apr 7READ

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

An active campaign is targeting internet-exposed ComfyUI instances to enlist them into a cryptocurrency mining and proxy botnet, using a Python scanner to install malicious nodes.

SECURITYWEEKBREACH
Apr 7READ

GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack

Researchers have demonstrated that GPU Rowhammer attacks can be used to escalate privileges, with GPUBreach enabling full CPU privilege escalation via GDDR6 bit-flips.

SECURITYWEEKRANSOMWARE
Apr 7READ

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

The Medusa ransomware group, linked to China-based threat actor Storm-1175, is rapidly exploiting zero-day and N-day vulnerabilities to exfiltrate and encrypt data within days of initial access.

SECURITYWEEKRANSOMWARE
Apr 7READ

German Police Unmask REvil Ransomware Leader

German authorities have identified Daniil Maksimovich Shchukin, known as "UNKN," as the leader of the GandCrab and REvil ransomware operations, accused of extorting over $2 million.

CISAKEV
Apr 6READ

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added CVE-2026-35616, a Fortinet FortiClient EMS Improper Access Control Vulnerability, to its KEV Catalog due to active exploitation.

BLEEPINGZERO-DAY
Apr 6READ

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw, allowing attackers to gain SYSTEM or elevated administrator permissions.

Generated twice daily from public security RSS feeds. Informational only.