← Latest brief

Security news.

·Afternoon Brief

Today's threat landscape is dominated by active exploitation campaigns targeting critical infrastructure and security tools, alongside major ransomware operations and supply-chain risks. Multiple zero-days and unpatched flaws in Windows Defender, SD-WAN managers, and serial-to-IP converters are under active attack, while law enforcement continues dismantling cybercrime networks.

DARK READINGEXPLOIT
Apr 21READ

Windows Defender Exploited in Active Attacks; Two Flaws Unpatched

Three proof-of-concept exploits are being weaponized against Microsoft's built-in security platform, with two remaining unpatched and actively exploited.

BLEEPINGEXPLOIT
Apr 21READ

CISA Flags Catalyst SD-WAN Manager Flaw as Actively Exploited

U.S. government agencies have been given four days to patch another critical SD-WAN vulnerability under active attack.

READ

6,400 Apache ActiveMQ Servers Vulnerable to Ongoing Attacks

Shadowserver discovered over 6,400 exposed ActiveMQ instances targeted by a high-severity code injection vulnerability under active exploitation.

THNVULN
Apr 21READ

22 BRIDGE:BREAK Flaws Expose 20,000 Serial-to-IP Converters

Forescout researchers identified critical vulnerabilities in Lantronix and Silex serial-to-Ethernet converters affecting nearly 20,000 exposed devices that could enable device hijacking and data tampering.

THNRANSOMWARE
Apr 21READ

Gentlemen Ransomware Operation Deploys SystemBC; 1,570+ Victims Discovered

A SystemBC proxy malware botnet linked to The Gentlemen RaaS gang revealed over 1,570 corporate victims through C2 server analysis.

DARK READINGRANSOMWARE
Apr 21READ

Critical Bomgar RMM Flaw (CVE-2026-1731) Exploited for Ransomware Spread

A critical remote code execution vulnerability in Bomgar remote monitoring tools is being actively exploited to distribute ransomware and compromise supply chains.

BLEEPING
Apr 21READ

New Lotus Data Wiper Targets Venezuelan Energy and Utility Firms

A previously undocumented data-wiping malware called Lotus was used in targeted attacks against critical infrastructure organizations in Venezuela.

KREBSPOLICY
Apr 21READ

Scattered Spider Member Pleads Guilty; Third BlackCat Insider Arrested

Tyler Buchanan, 24, a senior member of Scattered Spider, pleaded guilty to wire fraud and identity theft from 2022 attacks on major tech firms; separately, ransomware negotiator Angelo Martino admitted aiding BlackCat attacks in 2023.

Generated twice daily from public security RSS feeds. Informational only.