← Latest brief

Security news.

·Morning Brief

Today's security brief highlights critical vulnerabilities and active exploitation, including a zero-day in Adobe Reader and exposed Google API keys. We also see major data breaches affecting hundreds of thousands and warnings about state-sponsored hacking campaigns targeting critical infrastructure and businesses.

THNZERO-DAY
Apr 9READ

Adobe Reader Zero-Day Exploited Since December 2025

Threat actors have been actively exploiting a zero-day vulnerability in Adobe Reader via malicious PDF documents since at least December 2025.

SECURITYWEEK
Apr 9READ

Google API Keys in Android Apps Expose Gemini Endpoints

Dozens of Google API keys embedded in Android apps can be extracted from decompiled code, granting unauthorized access to all Gemini endpoints.

BLEEPINGBREACH
Apr 9READ

Eurail Data Breach Impacts 300,000 Individuals

Eurail B.V. announced that a December 2025 data breach resulted in the theft of personal information belonging to over 300,000 individuals.

SECURITYWEEKBREACH
Apr 9READ

Google Warns of Campaign Targeting BPOs to Steal Corporate Data

Google is warning about a new campaign, tracked as UNC6783 and potentially linked to "Mr. Raccoon," that targets Business Process Outsourcing (BPO) firms to steal corporate data.

SECURITYWEEKPATCH
Apr 9READ

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Palo Alto Networks and SonicWall have released patches for high-severity vulnerabilities that could allow attackers to modify protected resources and escalate privileges to administrator level.

BLEEPINGBREACH
Apr 9READ

Hackers Steal $3.6 Million from Bitcoin Depot

Bitcoin Depot, a major Bitcoin ATM network operator, reported that attackers stole $3.665 million worth of Bitcoin from its crypto wallets after breaching its systems last month.

BLEEPING
Apr 9READ

Microsoft Suspends Dev Accounts for Open Source Projects

Microsoft has suspended developer accounts for several high-profile open-source projects without proper notification, preventing them from publishing new software builds and security patches for Windows users.

THNBREACH
Apr 9READ

Bitter-Linked Hack-for-Hire Campaign Targets MENA Journalists

A hack-for-hire campaign, potentially linked to the Indian government-backed threat actor Bitter, has targeted journalists, activists, and government officials across the Middle East and North Africa (MENA) region.

Generated twice daily from public security RSS feeds. Informational only.