← Latest brief

Security news.

·Afternoon Brief

Today's security brief highlights critical vulnerabilities under active exploitation, significant Patch Tuesday updates, and ongoing threats from malicious software and nation-state actors. Several reports also focus on the evolving security landscape around AI, including new flaws and defensive measures.

THNEXPLOIT
Apr 15READ

Actively Exploited Nginx-UI Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

A critical authentication bypass vulnerability in the nginx-ui management tool, CVE-2026-33032, is being actively exploited to gain control of Nginx services.

BLEEPING
Apr 15READ

Signed Software Abused to Deploy Antivirus-Killing Scripts

A digitally signed adware tool has been observed deploying payloads with SYSTEM privileges to disable antivirus protections on thousands of endpoints across various sectors, including education, government, and healthcare.

EXPLOIT
READ

CISA Flags Windows Task Host Vulnerability as Exploited in Attacks

CISA has added a Windows Task Host privilege escalation vulnerability to its KEV catalog, warning that it is actively exploited to gain SYSTEM privileges.

PATCH
READ

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

This month's Patch Tuesday addresses a record 169 vulnerabilities, including critical flaws in SAP Business Planning and Consolidation (CVE-2026-27681), a SharePoint zero-day, and other issues in Adobe, Microsoft, and Fortinet products.

THNPHISHING
Apr 15READ

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

Threat actors are weaponizing n8n, an AI workflow automation platform, to conduct sophisticated phishing campaigns, deliver malicious payloads, and fingerprint devices by sending automated emails.

SECURITYWEEKBREACH
Apr 15READ

100 Chrome Extensions Steal User Data, Create Backdoor

Over 100 malicious Chrome extensions, published through five accounts, have been identified stealing user data, deploying backdoors, and engaging in ad fraud, indicating a coordinated campaign.

SECURITYWEEK
Apr 15READ

Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure

Sweden has publicly attributed a cyberattack on a heating plant in western Sweden last year to a pro-Russian group, marking the country's first public acknowledgment of the incident.

DARK READINGBREACH
Apr 15READ

Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Microsoft and Salesforce have patched prompt injection vulnerabilities in Copilot and Agentforce, respectively, which could have allowed external attackers to leak sensitive data.

Generated twice daily from public security RSS feeds. Informational only.