← Latest brief

Security news.

·Morning Brief

Today's security brief highlights critical vulnerabilities and persistent threats. CISA has added four new actively exploited flaws to its KEV catalog, while a new "Snow" malware is being deployed via Microsoft Teams. Additionally, a custom "Firestarter" backdoor is proving resilient on Cisco firewall devices.

THNKEV
Apr 25READ

CISA Adds 4 Exploited Flaws to KEV Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, impacting SimpleHelp (CVE-2024-57726, CVE-2024-57728), Samsung MagicINFO 9 Server (CVE-2024-7399), and D-Link DIR-823X series routers (CVE-2025-29635), all with evidence of active exploitation.

BLEEPINGMALWARE
Apr 25READ

Threat Actor Uses Microsoft Teams to Deploy New “Snow” Malware

A threat group, UNC6692, is using social engineering via Microsoft Teams to deploy a new custom malware suite named 'Snow,' which includes a browser extension, a tunneler, and a backdoor.

BLEEPINGMALWARE
Apr 24READ

Firestarter Malware Survives Cisco Firewall Updates

U.S. and U.K. cybersecurity agencies warn about 'Firestarter,' a custom malware persisting on Cisco Firepower and Secure Firewall devices running ASA or FTD software, even after updates and patches.

BLEEPINGBREACH
Apr 24READ

ADT Confirms Data Breach After ShinyHunters Leak Threat

Home security giant ADT has confirmed a data breach following an extortion threat from the ShinyHunters group, who claim to have stolen data and demand a ransom.

THNMALWARE
Apr 25READ

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Cybersecurity researchers have discovered a previously undocumented Lua-based cyber sabotage framework, 'fast16,' dating back to 2005, which targeted high-precision calculation software to tamper with results, predating the Stuxnet worm.

SECURITYWEEKNATION-STATE
Apr 25READ

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

The China-linked APT group GopherWhisper is abusing legitimate services and deploying multiple Go-based backdoors and custom loaders in attacks targeting government entities.

BLEEPINGVULN
Apr 24READ

New ‘Pack2TheRoot’ Flaw Gives Hackers Root Linux Access

A new vulnerability, 'Pack2TheRoot,' in the PackageKit daemon could allow local Linux users to install or remove system packages and gain root permissions.

THNEXPLOIT
Apr 24READ

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

A high-severity Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-33626) in LMDeploy, an open-source LLM toolkit, was actively exploited less than 13 hours after public disclosure.

Generated twice daily from public security RSS feeds. Informational only.