← Latest brief

Security news.

·Morning Brief

Today's cybersecurity landscape is dominated by critical vulnerabilities under active exploitation, with multiple zero-days impacting Microsoft Defender and Apache ActiveMQ. Law enforcement also made significant strides against DDoS-for-hire services, while NIST announced changes to its CVE enrichment process to focus on high-impact flaws.

THNEXPLOIT
Apr 17READ

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three recently disclosed flaws (BlueHammer, RedSun, UnDefend) in Microsoft Defender to gain elevated privileges on compromised systems.

THNKEV
Apr 17READ

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

CISA has added a high-severity remote code execution vulnerability (CVE-2026-34197) in Apache ActiveMQ Classic to its Known Exploited Vulnerabilities Catalog due to active exploitation.

BLEEPINGPATCH
Apr 17READ

Microsoft: Some Windows servers enter reboot loops after April patches

Microsoft warns that some Windows domain controllers are experiencing restart loops after installing the April 2026 security updates.

THNVULN
Apr 17READ

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

NIST is changing its National Vulnerability Database (NVD) process, limiting CVE enrichment to those meeting specific criteria due to a massive increase in submissions.

THNDDoS
Apr 17READ

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

An international law enforcement operation, "Operation PowerOFF," has taken down 53 domains and arrested four individuals linked to commercial DDoS-for-hire services used by over 75,000 cybercriminals.

SECURITYWEEKMALWARE
Apr 17READ

ZionSiphon Malware Targets ICS in Water Facilities

A new malware, ZionSiphon, is specifically configured to target and sabotage Industrial Control Systems (ICS) associated with Israeli water treatment and desalination plants.

SECURITYWEEK
Apr 17READ

Two North Korean IT Worker Scheme Facilitators Jailed in the US

Kejia Wang and Zhenxing Wang have been jailed for compromising US identities to help North Korean IT workers secure jobs at over 100 companies.

BLEEPINGBREACH
Apr 17READ

Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops

Flare's research reveals how cybercriminals use underground guides to evaluate carding shops based on data quality, reputation, and survivability, highlighting the sophisticated nature of cybercrime markets.

Generated twice daily from public security RSS feeds. Informational only.