← Latest brief

Security news.

·Morning Brief

Critical vulnerabilities and active exploits dominate today's threat landscape, with AI-accelerated vulnerability discovery creating an urgent "velocity gap" for defenders. Major breaches affecting millions of users, actively exploited zero-days in Adobe and Windows, and new CISA KEV additions underscore the need for immediate patching and incident response readiness.

THNRCE
Apr 14READ

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited

A critical remote code execution vulnerability (CVSS 9.4) in ShowDoc document management software is under active exploitation on unpatched servers, particularly affecting users in China.

THNKEV
Apr 14READ

CISA Adds 6 Known Exploited Vulnerabilities to KEV Catalog

CISA added six actively exploited flaws including CVE-2026-21643 (SQL injection in Fortinet FortiClient EMS, CVSS 9.1) and vulnerabilities in Microsoft and Adobe software.

SECURITYWEEKBREACH
Apr 14READ

Basic-Fit Data Breach Exposes 1 Million Members

Europe's largest gym chain Basic-Fit confirmed hackers stole names, dates of birth, and bank account details from approximately 1 million customers.

SECURITYWEEKEXPLOIT
Apr 14READ

Windows and Adobe Acrobat Vulnerabilities Under Active Exploitation

Organizations are being warned of actively exploited flaws in Windows and Adobe Acrobat that allow privilege escalation and arbitrary code execution.

THNBREACH
Apr 14READ

108 Malicious Chrome Extensions Steal Google and Telegram Data

A coordinated campaign deployed 108 malicious Chrome extensions communicating with the same C2 infrastructure, affecting 20,000 users and stealing credentials while injecting ads.

THNMALWARE
Apr 14READ

Mirax Android RAT Reaches 220,000 Users via Meta Ads

A new Android remote access trojan called Mirax is actively targeting Spanish-speaking countries, with campaigns reaching over 220,000 accounts on Facebook, Instagram, and Threads, converting devices into SOCKS5 proxies.

SECURITYWEEKEXPLOIT
Apr 14READ

'Mythos-Ready' Security: CSA Warns of AI-Accelerated Vulnerability Exploitation

The Cloud Security Alliance warns that AI models like Anthropic's Mythos are collapsing the gap between vulnerability discovery and exploitation, creating a "velocity gap" that demands urgent CISO preparation.

SECURITYWEEKVULN
Apr 14READ

SAP Releases 19 Security Notes for Critical ABAP Vulnerability

SAP patched critical flaws affecting over a dozen enterprise products, addressing vulnerabilities in its ABAP platform.

Generated twice daily from public security RSS feeds. Informational only.