← Latest brief

Security news.

·Morning Brief

Today's cybersecurity news highlights active exploitation of critical vulnerabilities, with a Marimo RCE flaw being exploited within hours of disclosure and a new Ivanti EPMM vulnerability added to CISA's KEV catalog. Additionally, law enforcement's use of ad data for device tracking raises privacy concerns, while Iranian-linked actors continue to target US industrial control systems.

THN
Apr 11READ

Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

Citizen Lab reports that Hungarian intelligence, El Salvador police, and several U.S. law enforcement agencies used Webloc, an advertising-based global geolocation surveillance system from Israeli company Cobwebs Technologies (now Penlink), to track 500 million devices.

SECURITYWEEKRCE
Apr 10READ

Critical Marimo RCE Flaw Exploited Hours After Public Disclosure

A critical pre-authenticated remote code execution vulnerability (CVE-2026-39987) in Marimo, an open-source Python notebook, was actively exploited within 10 hours of its public disclosure.

CISAKEV
Apr 8READ

CISA Adds Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability to KEV Catalog

CISA has added CVE-2026-1340, a code injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM), to its Known Exploited Vulnerabilities Catalog due to active exploitation.

BLEEPING
Apr 10READ

Nearly 4,000 US Industrial Devices Exposed to Iranian Cyberattacks

Thousands of Internet-exposed Rockwell Automation Programmable Logic Controllers (PLCs) in the U.S. are vulnerable to cyberattacks by Iranian-linked hackers, who are actively targeting critical infrastructure.

BLEEPINGBREACH
Apr 10READ

CPUID Hacked to Deliver Malware via CPU-Z, HWMonitor Downloads

Threat actors compromised CPUID's API, altering download links on the official website to distribute malicious executables for popular tools like CPU-Z and HWMonitor in a supply chain attack.

THNMALWARE
Apr 10READ

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Threat actors hijacked the update system for the Smart Slider 3 Pro plugin (version 3.5.1.35) for WordPress and Joomla, pushing a backdoored version via compromised Nextend servers.

SECURITYWEEKPATCH
Apr 10READ

Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws

Google Chrome version 147 addresses 60 security vulnerabilities, including two critical flaws in the WebML component reported by anonymous researchers, with bounties totaling $86,000.

BLEEPINGBREACH
Apr 9READ

Google Chrome Adds Infostealer Protection Against Session Cookie Theft

Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to prevent info-stealing malware from harvesting and reusing session cookies.

Generated twice daily from public security RSS feeds. Informational only.