← Latest brief

Security news.

·Afternoon Brief

Today's security brief highlights critical vulnerabilities and persistent threats. CISA has added four new actively exploited flaws to its KEV catalog, while a new "Snow" malware is being deployed via Microsoft Teams. Additionally, a custom "Firestarter" backdoor is proving resilient on Cisco firewall devices.

THNKEV
Apr 25READ

CISA Adds 4 Exploited Flaws to KEV Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, impacting SimpleHelp (CVE-2024-57726, CVE-2024-57728), Samsung MagicINFO 9 Server (CVE-2024-7399), and D-Link DIR-823X series routers (CVE-2025-29635), citing active exploitation.

BLEEPINGMALWARE
Apr 25READ

Threat Actor Uses Microsoft Teams to Deploy New “Snow” Malware

A threat group tracked as UNC6692 is employing social engineering tactics via Microsoft Teams to deploy a new custom malware suite named 'Snow,' which includes a browser extension, a tunneler, and a backdoor.

BLEEPINGMALWARE
Apr 24READ

Firestarter Malware Survives Cisco Firewall Updates

Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter that persists on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or Firepower Threat Defense (FTD) software, even after updates.

BLEEPINGBREACH
Apr 24READ

ADT Confirms Data Breach After ShinyHunters Leak Threat

Home security giant ADT has confirmed a data breach following a ransom threat from the ShinyHunters extortion group, who claimed to have stolen data.

THNMALWARE
Apr 25READ

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Cybersecurity researchers have discovered a previously undocumented Lua-based cyber sabotage framework, dubbed 'fast16,' dating back to 2005, which targeted high-precision calculation software years before the Stuxnet worm.

SECURITYWEEKNATION-STATE
Apr 25READ

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

A China-linked APT group, GopherWhisper, is abusing legitimate services and deploying multiple Go-based backdoors and custom loaders in attacks targeting government entities.

BLEEPINGVULN
Apr 24READ

New ‘Pack2TheRoot’ Flaw Gives Hackers Root Linux Access

A new vulnerability, 'Pack2TheRoot,' in the PackageKit daemon could allow local Linux users to install or remove system packages and gain root permissions.

THNEXPLOIT
Apr 24READ

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

A high-severity Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-33626) in LMDeploy, an open-source LLM toolkit, was actively exploited in the wild less than 13 hours after its public disclosure.

Generated twice daily from public security RSS feeds. Informational only.