https://intel.truststrikelabs.com/daily1.0 https://intel.truststrikelabs.com/vulnerabilitydaily0.8 https://intel.truststrikelabs.com/breachdaily0.8 https://intel.truststrikelabs.com/threatdaily0.8 https://intel.truststrikelabs.com/defensedaily0.8 https://intel.truststrikelabs.com/article/20260514-001 TrustStrike Labsen 2026-05-14 NGINX Rift: 18-year-old heap overflow in the rewrite module lets anyone on the internet crash or take over an NGINX server (CVE-2026-42945) 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260514-002 TrustStrike Labsen 2026-05-14 Unpatched Windows BitLocker bypass and SYSTEM elevation PoCs dropped on GitHub by a disgruntled researcher - YellowKey and GreenPlasma hit Windows 11 and Server 2022/2025 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260514-003 TrustStrike Labsen 2026-05-14 Third Linux kernel root exploit in three weeks - 'Fragnesia' rides the same ESP-in-TCP code path as Dirty Frag and ships with a public proof-of-concept (CVE-2026-46300) 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260514-004 TrustStrike Labsen 2026-05-14 China-linked FamousSparrow spent three months breaking back into an Azerbaijani oil and gas company through the same Microsoft Exchange flaw - first known China APT hit on South Caucasus energy 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260514-005 TrustStrike Labsen 2026-05-14 GemStuffer campaign turned RubyGems into a clandestine data drop - 150+ malicious gems hid scraped UK council portal pages inside Ruby packages 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260514-006 TrustStrike Labsen 2026-05-14 One unpatched Quest KACE box at a Boston MSP exposed 60+ named client organizations - law enforcement, schools, healthcare, and government on one MariaDB dump (CVE-2025-32975) 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260514-007 TrustStrike Labsen 2026-05-14 Backend of 'The Gentlemen' ransomware operation leaked - 9 named operators, ransom chat transcripts, and chain-victimization tactics now public 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260514-008 TrustStrike Labsen 2026-05-14 BWH Hotels (Best Western's parent) had attackers in its reservation system for over six months - guests' contact details and stay records exposed across Best Western, WorldHotels, and SureStay brands 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260514-009 TrustStrike Labsen 2026-05-14 Skoda Auto's German online shop breached via e-commerce software flaw - customer names, addresses, phones, and password hashes exposed; server logs cannot confirm full exfiltration 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260514-010 TrustStrike Labsen 2026-05-14 Telehealth aggregator OpenLoop Health confirms 716,000 patient records stolen in a 24-hour intrusion in January - downstream consumer brands still unnamed 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260514-011 TrustStrike Labsen 2026-05-14 Have I Been Pwned confirms two more ShinyHunters Salesforce extortion victims this week - financial-software firm Abrigo (711K) and insurer Canada Life (237K) 2026-05-14 0.9 https://intel.truststrikelabs.com/article/20260513-001 TrustStrike Labsen 2026-05-13 Microsoft's May 2026 Patch Tuesday fixes 120 flaws and no zero-days for the first time since June 2024 - but a Word preview-pane bug and DNS Client RCE stand out as the priorities 2026-05-13 0.9 https://intel.truststrikelabs.com/article/20260513-002 TrustStrike Labsen 2026-05-13 Fortinet patches critical unauthenticated RCE flaws in FortiSandbox and FortiAuthenticator - identity and threat-detection products that protect everything else (CVE-2026-26083, CVE-2026-44277) 2026-05-13 0.9 https://intel.truststrikelabs.com/article/20260513-003 TrustStrike Labsen 2026-05-13 SAP patches two critical CVSS 9.6 flaws in Commerce Cloud and S/4HANA - the ERP and e-commerce platforms behind most large retailers and global enterprises (CVE-2026-34263, CVE-2026-34260) 2026-05-13 0.9 https://intel.truststrikelabs.com/article/20260513-004 TrustStrike Labsen 2026-05-13 TeamPCP supply-chain worm 'Mini Shai-Hulud' hits TanStack, Mistral AI, UiPath, OpenSearch, and Guardrails AI - 170 packages, 401 malicious versions, 518 million weekly downloads (CVE-2026-45321) 2026-05-13 0.9 https://intel.truststrikelabs.com/article/20260513-005 TrustStrike Labsen 2026-05-13 Foxconn confirms cyberattack on North American factories - Nitrogen ransomware crew claims 8 TB stolen including Apple, Intel, Google, Dell, and Nvidia project files 2026-05-13 0.9 https://intel.truststrikelabs.com/article/20260513-006 TrustStrike Labsen 2026-05-13 Instructure paid ShinyHunters' ransom to stop the 3.65TB Canvas data leak, and the US Congress launched an inquiry the same day 2026-05-13 0.9 https://intel.truststrikelabs.com/article/20260512-001 TrustStrike Labsen 2026-05-12 Checkmarx Jenkins AST plugin backdoored by TeamPCP - third Checkmarx supply chain hit since late March 2026-05-12 0.9 https://intel.truststrikelabs.com/article/20260512-002 TrustStrike Labsen 2026-05-12 Google says hackers used AI to build first known zero-day for 2FA bypass in unnamed web admin tool 2026-05-12 0.9 https://intel.truststrikelabs.com/article/20260512-003 TrustStrike Labsen 2026-05-12 Identity governance vendor SailPoint discloses GitHub repository breach - third-party app flaw to blame 2026-05-12 0.9 https://intel.truststrikelabs.com/article/20260512-004 TrustStrike Labsen 2026-05-12 UK water company hit by Cl0p had hackers hidden in its network for nearly 2 years - ICO fines South Staffordshire Water 964K 2026-05-12 0.9 https://intel.truststrikelabs.com/article/20260512-005 TrustStrike Labsen 2026-05-12 Instructure confirms ShinyHunters used Canvas XSS flaws to deface school login portals and pressure ransom 2026-05-12 0.9 https://intel.truststrikelabs.com/article/20260512-006 TrustStrike Labsen 2026-05-12 TrickMo Android banker hides command-and-control inside Telegram's TON blockchain network to dodge takedowns 2026-05-12 0.9 https://intel.truststrikelabs.com/article/20260512-007 TrustStrike Labsen 2026-05-12 GhostLock proof-of-concept abuses Windows file-sharing API to disrupt file access without encryption 2026-05-12 0.9 https://intel.truststrikelabs.com/article/20260512-008 TrustStrike Labsen 2026-05-12 Mr_Rot13 actor exploits cPanel CVE-2026-41940 to deploy cross-platform 'Filemanager' backdoor 2026-05-12 0.9 https://intel.truststrikelabs.com/article/20260511-001 TrustStrike Labsen 2026-05-11 Critical Ollama flaw lets unauthenticated attackers read server memory - 300,000 instances exposed (CVE-2026-7482) 2026-05-11 0.9 https://intel.truststrikelabs.com/article/20260511-002 TrustStrike Labsen 2026-05-11 Mac malware campaign uses Google ads and 'Apple Support' Claude.ai chats to install infostealer 2026-05-11 0.9 https://intel.truststrikelabs.com/article/20260511-003 TrustStrike Labsen 2026-05-11 Zara confirmed in ShinyHunters Anodot fallout - 197,000 customer support records leaked 2026-05-11 0.9 https://intel.truststrikelabs.com/article/20260511-004 TrustStrike Labsen 2026-05-11 AI merchant data platform Woflow leaked - 447,000 records exposed in ShinyHunters extortion 2026-05-11 0.9 https://intel.truststrikelabs.com/article/20260510-001 TrustStrike Labsen 2026-05-09 Hackers replaced installers on the official JDownloader website with a Windows remote access trojan - third 'trusted software website hijack' in a month 2026-05-09 0.9 https://intel.truststrikelabs.com/article/20260510-002 TrustStrike Labsen 2026-05-09 A fake OpenAI repository on Hugging Face reached the trending #1 spot before getting caught - 244,000 downloads delivered an infostealer that grabs browser passwords, crypto wallets, and Discord tokens 2026-05-09 0.9 https://intel.truststrikelabs.com/article/20260510-003 TrustStrike Labsen 2026-05-09 AI evaluation startup Braintrust got hacked - and is asking every customer to rotate their AI provider API keys because the breached AWS account stored them all in one place 2026-05-09 0.9 https://intel.truststrikelabs.com/article/20260510-004 TrustStrike Labsen 2026-05-09 cPanel patches three new flaws including two that let authenticated users run arbitrary Perl code on the server - on top of the active 'Sorry' ransomware wave still hitting unpatched systems 2026-05-09 0.9 https://intel.truststrikelabs.com/article/20260508-001 TrustStrike Labsen 2026-05-08 Brand-new Linux 'Dirty Frag' bug lets any local user become root on every major distribution - PoC exploit is public, no patches yet 2026-05-08 0.9 https://intel.truststrikelabs.com/article/20260508-004 TrustStrike Labsen 2026-05-08 ShinyHunters is now extorting individual schools using stolen Canvas data - thousands of K-12 districts and universities receiving direct ransom demands 2026-05-08 0.9 https://intel.truststrikelabs.com/article/20260509-001 TrustStrike Labsen 2026-05-08 RansomHouse claims the Trellix breach and posts screenshots showing it reached internal VMware, Rubrik, and Dell EMC dashboards - far more than the 'small portion of source code' Trellix originally disclosed 2026-05-08 0.9 https://intel.truststrikelabs.com/article/20260509-002 TrustStrike Labsen 2026-05-08 NVIDIA confirms a regional GeForce NOW partner in Armenia got breached - millions of user records exposed but NVIDIA's own systems are intact 2026-05-08 0.9 https://intel.truststrikelabs.com/article/20260509-003 TrustStrike Labsen 2026-05-08 New Linux backdoor 'PamDOORa' silently steals SSH credentials from every user logging into a compromised server - and erases its tracks from the logs 2026-05-08 0.9 https://intel.truststrikelabs.com/article/20260509-004 TrustStrike Labsen 2026-05-08 28 fake apps on Google Play tricked 7.3 million Indian users into paying for fake call logs - charging up to $80 a year for fabricated data 2026-05-08 0.9 https://intel.truststrikelabs.com/article/20260509-005 TrustStrike Labsen 2026-05-08 Two pro-Ukraine hacker groups appear to be teaming up to attack Russian companies - sharing servers and tools across phishing and espionage operations 2026-05-08 0.9 https://intel.truststrikelabs.com/article/20260510-005 TrustStrike Labsen 2026-05-08 New 'TCLBanker' Android malware spreads itself by hijacking WhatsApp and Outlook to message every contact in the victim's address book 2026-05-08 0.9 https://intel.truststrikelabs.com/article/20260508-002 TrustStrike Labsen 2026-05-07 Ivanti EPMM zero-day actively exploited - attackers are getting admin-level RCE on mobile device management servers (CVE-2026-6973) 2026-05-07 0.9 https://intel.truststrikelabs.com/article/20260508-003 TrustStrike Labsen 2026-05-07 New 'PCPJack' worm hunts down and removes competing malware before stealing cloud credentials - exploits five different vulnerabilities to spread 2026-05-07 0.9 https://intel.truststrikelabs.com/article/20260508-005 TrustStrike Labsen 2026-05-07 Fake Claude AI website is delivering a brand-new Windows malware called 'Beagle' to people searching for the chatbot 2026-05-07 0.9 https://intel.truststrikelabs.com/article/20260508-006 TrustStrike Labsen 2026-05-07 Polish intelligence says hackers attacked control systems at Polish water treatment plants 2026-05-07 0.9 https://intel.truststrikelabs.com/article/20260506-005 TrustStrike Labsen 2026-05-06 North Korean hackers built a fake Korean game platform to spread Android spyware targeting ethnic Koreans living in China 2026-05-06 0.9 https://intel.truststrikelabs.com/article/20260507-001 TrustStrike Labsen 2026-05-06 Palo Alto Networks firewalls have a critical hole that lets attackers run code as root - hackers are already using it, no patch until May 13 (CVE-2026-0300) 2026-05-06 0.9 https://intel.truststrikelabs.com/article/20260507-002 TrustStrike Labsen 2026-05-06 vm2, the Node.js sandbox library used by 1.3 million projects to run untrusted code, just got hit with a dozen new bugs that let attackers escape the sandbox 2026-05-06 0.9 https://intel.truststrikelabs.com/article/20260507-003 TrustStrike Labsen 2026-05-06 Iranian hackers used Microsoft Teams chat to social-engineer victims, then dressed up their espionage as a Chaos ransomware attack to throw off blame 2026-05-06 0.9 https://intel.truststrikelabs.com/article/20260507-004 TrustStrike Labsen 2026-05-06 Hackers bought Google ads pointing to a fake GoDaddy WordPress login page - any site manager who clicked saw their credentials stolen 2026-05-06 0.9 https://intel.truststrikelabs.com/article/20260507-005 TrustStrike Labsen 2026-05-06 Cisco network management products have a flaw that lets attackers crash them remotely - victims need to manually reboot the device to recover (CVE-2026-20188) 2026-05-06 0.9 https://intel.truststrikelabs.com/article/20260506-001 TrustStrike Labsen 2026-05-05 Chinese hackers slipped a backdoor into the official DAEMON Tools installer for a month - thousands of computers in 100+ countries running tainted software signed with the real developer certificate 2026-05-05 0.9 https://intel.truststrikelabs.com/article/20260506-003 TrustStrike Labsen 2026-05-05 Apache web server has a critical flaw in HTTP/2 that crashes servers and could let attackers run code (CVE-2026-23918) 2026-05-05 0.9 https://intel.truststrikelabs.com/article/20260506-004 TrustStrike Labsen 2026-05-05 New Linux malware called 'Quasar Linux' targets developer laptops to steal credentials for npm, GitHub, AWS, and Docker - barely detected by antivirus 2026-05-05 0.9 https://intel.truststrikelabs.com/article/20260505-001 TrustStrike Labsen 2026-05-04 Critical MOVEit Automation flaw lets attackers take over file-transfer servers without logging in - Cl0p hit MOVEit's sister product in 2023 and stole data from 62 million people (CVE-2026-4670) 2026-05-04 0.9 https://intel.truststrikelabs.com/article/20260505-002 TrustStrike Labsen 2026-05-04 Phishing campaign hit 80+ companies by getting employees to install legitimate remote-access software disguised as a Social Security letter 2026-05-04 0.9 https://intel.truststrikelabs.com/article/20260505-003 TrustStrike Labsen 2026-05-04 China-linked group is sending 1,600 fake tax-audit emails to Indian and Russian companies, then dropping a brand-new backdoor called ABCDoor 2026-05-04 0.9 https://intel.truststrikelabs.com/article/20260505-004 TrustStrike Labsen 2026-05-04 Attackers are using stolen Amazon keys to send convincing phishing emails directly from Amazon's email service - bypassing every spam filter 2026-05-04 0.9 https://intel.truststrikelabs.com/article/20260505-005 TrustStrike Labsen 2026-05-04 cPanel ransomware attackers are now hunting government agencies and the IT companies that manage them 2026-05-04 0.9 https://intel.truststrikelabs.com/article/20260506-002 TrustStrike Labsen 2026-05-04 Microsoft says fake HR compliance emails fooled 35,000 people across 26 countries - phishing kit captured login tokens even with MFA enabled 2026-05-04 0.9 https://intel.truststrikelabs.com/article/20260504-001 TrustStrike Labsen 2026-05-03 Hackers tell schools to pay by Tuesday or 275 million students' messages and IDs go public - Canvas operator Instructure confirms breach 2026-05-03 0.9 https://intel.truststrikelabs.com/article/20260504-002 TrustStrike Labsen 2026-05-03 China-linked spies breached the IBM subsidiary that runs IT for Italian government agencies and critical industries 2026-05-03 0.9 https://intel.truststrikelabs.com/article/20260504-003 TrustStrike Labsen 2026-05-03 Commercial real estate broker Marcus & Millichap data leaked publicly - 1.8 million records including job titles for follow-on phishing 2026-05-03 0.9 https://intel.truststrikelabs.com/article/20260504-005 TrustStrike Labsen 2026-05-03 Scammers used Telegram's built-in mini-apps to impersonate Apple, NVIDIA, and Disney for crypto fraud and Android malware - all running on the same backend 2026-05-03 0.9 https://intel.truststrikelabs.com/article/20260502-001 TrustStrike Labsen 2026-05-02 Cybersecurity firm Trellix says attackers reached part of its source code repository 2026-05-02 0.9 https://intel.truststrikelabs.com/article/20260503-001 TrustStrike Labsen 2026-05-02 Hackers are mass-encrypting websites by exploiting last week's cPanel flaw - 44,000 servers compromised so far in 'Sorry' ransomware attacks 2026-05-02 0.9 https://intel.truststrikelabs.com/article/20260503-002 TrustStrike Labsen 2026-05-02 New 'ConsentFix v3' attack lets criminals take over Microsoft 365 accounts even when MFA and passkeys are turned on 2026-05-02 0.9 https://intel.truststrikelabs.com/article/20260503-005 TrustStrike Labsen 2026-05-02 Mark Cuban-backed business filing service ZenBusiness leaked - 5 million customer records now public after ShinyHunters extortion failed 2026-05-02 0.9 https://intel.truststrikelabs.com/article/20260501-005 TrustStrike Labsen 2026-05-01 Attackers poisoned 60+ Ruby gems and Go modules, then waited for CI pipelines to install them and steal credentials 2026-05-01 0.9 https://intel.truststrikelabs.com/article/20260502-002 TrustStrike Labsen 2026-05-01 Instructure, the company that runs Canvas for schools and universities, says hackers breached its systems 2026-05-01 0.9 https://intel.truststrikelabs.com/article/20260502-003 TrustStrike Labsen 2026-05-01 France arrested a 15-year-old as the suspected hacker behind the French government ID agency breach - 11.7 million records confirmed stolen 2026-05-01 0.9 https://intel.truststrikelabs.com/article/20260502-005 TrustStrike Labsen 2026-05-01 Vietnamese fraudsters used Google's no-code app platform to send Facebook phishing emails that passed every spam check, then sold the stolen accounts back to victims 2026-05-01 0.9 https://intel.truststrikelabs.com/article/20260502-006 TrustStrike Labsen 2026-05-01 Cyber spies are quietly stealing engineering blueprints and GPS data from Russian aviation companies 2026-05-01 0.9 https://intel.truststrikelabs.com/article/20260502-007 TrustStrike Labsen 2026-05-01 China-linked spy group has been quietly breaking into government Exchange servers across Asia and one NATO country since 2024 2026-05-01 0.9 https://intel.truststrikelabs.com/article/20260503-003 TrustStrike Labsen 2026-05-01 Two new cybercrime crews are calling employees, getting their MFA codes by phone, then stealing data from SaaS apps within hours 2026-05-01 0.9 https://intel.truststrikelabs.com/article/20260504-004 TrustStrike Labsen 2026-05-01 Google is paying $1.5 million for a Pixel hack and cutting Chrome rewards because AI is finding bugs faster than humans can submit reports 2026-05-01 0.9 https://intel.truststrikelabs.com/article/20260501-003 TrustStrike Labsen 2026-04-30 Anthropic launches 'Claude Security' for enterprises - the first major defensive product designed to keep up with AI-powered exploits that compress the time-to-attack to minutes 2026-04-30 0.9 https://intel.truststrikelabs.com/article/20260501-004 TrustStrike Labsen 2026-04-30 Brazilian anti-DDoS firm Huge Networks was running a Mirai botnet that knocked Brazilian ISPs offline for years - either to drum up business or because someone breached their CEO's SSH keys 2026-04-30 0.9 https://intel.truststrikelabs.com/article/20260501-006 TrustStrike Labsen 2026-04-30 Google patched a critical 'Gemini CLI' bug that let attackers run code on developer machines through CI pipelines (CVSS 10.0) 2026-04-30 0.9 https://intel.truststrikelabs.com/article/20260502-004 TrustStrike Labsen 2026-04-30 The same supply-chain worm that hit SAP packages on Wednesday spread to PyTorch Lightning and Intercom's npm SDK on Thursday 2026-04-30 0.9 https://intel.truststrikelabs.com/article/20260503-004 TrustStrike Labsen 2026-04-30 Hackers are stealing entire truckloads of cargo by phishing freight brokers - $725 million in losses last year alone, FBI warns 2026-04-30 0.9 https://intel.truststrikelabs.com/article/20260430-001 TrustStrike Labsen 2026-04-29 Hackers compromised four official SAP developer packages and used them to steal credentials from any developer who installed an update 2026-04-29 0.9 https://intel.truststrikelabs.com/article/20260430-002 TrustStrike Labsen 2026-04-29 GitHub patched a flaw in March that let any developer take over millions of repos with a single 'git push' - 88% of self-hosted GitHub Enterprise Servers still haven't installed the fix (CVE-2026-3854) 2026-04-29 0.9 https://intel.truststrikelabs.com/article/20260430-004 TrustStrike Labsen 2026-04-29 A WordPress redirect plugin used on 70,000 sites was secretly running a hidden update channel that fetched code from an attacker-controlled server for five years 2026-04-29 0.9 https://intel.truststrikelabs.com/article/20260430-005 TrustStrike Labsen 2026-04-29 North Korean hackers used Claude AI to add malicious npm dependencies to legitimate-looking projects and stole crypto wallet credentials from developers who installed them 2026-04-29 0.9 https://intel.truststrikelabs.com/article/20260430-006 TrustStrike Labsen 2026-04-29 AI security tool finds 38 previously unknown bugs in OpenEMR, the open-source health records system used by 100,000 healthcare providers - two of them rated maximum severity 2026-04-29 0.9 https://intel.truststrikelabs.com/article/20260501-001 TrustStrike Labsen 2026-04-29 9-year-old Linux kernel bug 'Copy Fail' lets any user with shell access become root in seconds - works on every major distribution since 2017 (CVE-2026-31431) 2026-04-29 0.9 https://intel.truststrikelabs.com/article/20260501-002 TrustStrike Labsen 2026-04-29 SonicWall patches three SonicOS firewall flaws after CrowdStrike disclosed them - the worst lets attackers reach the management interface without logging in (CVE-2026-0204) 2026-04-29 0.9 https://intel.truststrikelabs.com/article/20260429-001 TrustStrike Labsen 2026-04-28 Hackers raced to exploit a critical LiteLLM flaw 36 hours after disclosure - any attacker who could reach the proxy could read all stored AI API keys (CVE-2026-42208) 2026-04-28 0.9 https://intel.truststrikelabs.com/article/20260429-002 TrustStrike Labsen 2026-04-28 Critical GitHub flaw lets a single 'git push' run code remotely on the server - patched, but most self-hosted GitHub Enterprise instances haven't updated yet (CVE-2026-3854) 2026-04-28 0.9 https://intel.truststrikelabs.com/article/20260429-003 TrustStrike Labsen 2026-04-28 Microsoft confirms a Windows Shell flaw that lets attackers spoof anything in File Explorer is being exploited - patch now (CVE-2026-32202) 2026-04-28 0.9 https://intel.truststrikelabs.com/article/20260429-004 TrustStrike Labsen 2026-04-28 Microsoft patches Entra ID role flaw that let a low-privileged service account impersonate any service principal in your tenant 2026-04-28 0.9 https://intel.truststrikelabs.com/article/20260429-005 TrustStrike Labsen 2026-04-28 Hugging Face's LeRobot robotics framework has an unpatched flaw that lets remote attackers run code with no authentication (CVE-2026-25874) 2026-04-28 0.9 https://intel.truststrikelabs.com/article/20260429-006 TrustStrike Labsen 2026-04-28 Broken VECT 2.0 ransomware is silently destroying any file larger than 131 KB on Windows, Linux, and ESXi - paying the ransom recovers nothing 2026-04-28 0.9 https://intel.truststrikelabs.com/article/20260429-007 TrustStrike Labsen 2026-04-28 Vimeo confirms user data was exposed via breach at analytics provider Anodot 2026-04-28 0.9 https://intel.truststrikelabs.com/article/20260430-003 TrustStrike Labsen 2026-04-28 All cPanel and WHM versions had a critical authentication bypass that attackers may have been exploiting since February - emergency patches now released (CVE-2026-41940) 2026-04-28 0.9 https://intel.truststrikelabs.com/article/20260430-007 TrustStrike Labsen 2026-04-28 North Korean hackers are recording fake Zoom meetings with real crypto executives, then using the footage and AI-generated lookalikes to scam the next target 2026-04-28 0.9 https://intel.truststrikelabs.com/article/20260428-001 TrustStrike Labsen 2026-04-27 Pitney Bowes customer and employee data leaked publicly - 8.2 million email addresses plus internal records with employee job titles 2026-04-27 0.9 https://intel.truststrikelabs.com/article/20260428-005 TrustStrike Labsen 2026-04-27 Pro-Ukrainian hackers chain three TrueConf bugs to deploy web shells and create rogue admin accounts in Russian networks (CVE chain patched August 2025) 2026-04-27 0.9 https://intel.truststrikelabs.com/article/20260428-006 TrustStrike Labsen 2026-04-27 Telecom fraud campaign uses fake CAPTCHAs to trick people into sending SMS to premium-rate numbers in 17 countries - 50+ international charges per victim 2026-04-27 0.9 https://intel.truststrikelabs.com/article/20260428-007 TrustStrike Labsen 2026-04-27 Italy extradites Chinese national accused of running spear-phishing operation against US Covid researchers - first such extradition from Europe to US 2026-04-27 0.9 https://intel.truststrikelabs.com/article/20260428-008 TrustStrike Labsen 2026-04-27 ADT customer breach details now public on Have I Been Pwned - 5.5 million records confirmed, more than the 10 million ShinyHunters originally claimed but with worse data 2026-04-27 0.9 https://intel.truststrikelabs.com/article/20260427-001 TrustStrike Labsen 2026-04-26 Udemy customer and instructor data leaked publicly after ShinyHunters' extortion deadline expires - 1.4 million records including PayPal payout details 2026-04-26 0.9 https://intel.truststrikelabs.com/article/20260427-008 TrustStrike Labsen 2026-04-26 Litecoin's privacy layer was attacked using a vulnerability that had been patched in private 37 days earlier - cross-chain swaps lost ~$600,000 2026-04-26 0.9 https://intel.truststrikelabs.com/article/20260426-001 TrustStrike Labsen 2026-04-25 Russia behind Signal phishing campaign that compromised Bundestag President Julia Klöckner - 300+ German officials affected 2026-04-25 0.9 https://intel.truststrikelabs.com/article/20260426-006 TrustStrike Labsen 2026-04-25 Researchers find 20-year-old malware that secretly faked engineering math results 2026-04-25 0.9 https://intel.truststrikelabs.com/article/20260427-005 TrustStrike Labsen 2026-04-25 Attackers planted 73 fake VS Code extensions on Open VSX as 'sleepers' that pretended to be popular tools, then quietly turned malicious 2026-04-25 0.9 https://intel.truststrikelabs.com/article/20260427-007 TrustStrike Labsen 2026-04-25 Two Windows Defender zero-days that disable the antivirus are still unpatched two weeks after researcher leaked them - attackers now chaining them with custom malware 2026-04-25 0.9 https://intel.truststrikelabs.com/article/20260428-004 TrustStrike Labsen 2026-04-25 Checkmarx confirms its source code, employee database, and cloud credentials were posted on the dark web after the March supply-chain attack 2026-04-25 0.9 https://intel.truststrikelabs.com/article/20260425-002 TrustStrike Labsen 2026-04-24 ADT confirms breach after ShinyHunters claims 10 million records stolen via vishing-compromised Okta SSO and Salesforce exfil 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260425-003 TrustStrike Labsen 2026-04-24 CISA adds four more flaws to KEV - SimpleHelp authorization bypass (CVSS 9.9), Samsung MagicINFO, and the D-Link DIR-823X bug already powering fresh Mirai botnets 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260425-004 TrustStrike Labsen 2026-04-24 Over 10,500 Zimbra servers still vulnerable to actively-exploited XSS as CISA gives federal agencies just three days to patch (CVE-2025-48700) 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260425-005 TrustStrike Labsen 2026-04-24 LMDeploy LLM-serving SSRF (CVE-2026-33626) exploited within 13 hours of disclosure - attackers used the vision-language image loader as a generic port-scanner against AWS metadata, Redis, and MySQL 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260425-006 TrustStrike Labsen 2026-04-24 New extortion group 'BlackFile' running seven-figure ransom campaigns against retail and hospitality via vishing-driven SSO compromise and Salesforce/SharePoint scraping 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260425-007 TrustStrike Labsen 2026-04-24 Lazarus 'Mach-O Man' macOS malware kit hitting fintech and crypto execs through fake Telegram meeting invites and ClickFix terminal commands 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260425-008 TrustStrike Labsen 2026-04-24 Kaspersky finds 26 'FakeWallet' apps on Apple's App Store impersonating MetaMask, Coinbase, Trust Wallet, and Ledger to steal crypto seed phrases 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260425-009 TrustStrike Labsen 2026-04-24 Tropic Trooper ditches Cobalt Strike for AdaptixC2 - new campaign against Taiwan, South Korea, and Japan uses trojanized SumatraPDF, GitHub C2, and VS Code tunnels for remote access 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260425-010 TrustStrike Labsen 2026-04-24 NASA OIG details how Chinese national Song Wu spear-phished aerospace software from NASA, Air Force, Navy, FAA, universities, and private firms over four years by impersonating colleagues 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260426-008 TrustStrike Labsen 2026-04-24 Iran operating like a criminal actor, ex-NSA director says - opportunistic credentials and amplification, not novel exploits 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260427-002 TrustStrike Labsen 2026-04-24 New 'PhantomRPC' bug lets any low-privileged Windows process become SYSTEM - all Windows versions affected, no patch from Microsoft 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260427-003 TrustStrike Labsen 2026-04-24 Federal patch deadline for 13-year-old Apache ActiveMQ flaw is Wednesday - 7,500+ servers still exposed online (CVE-2026-34197) 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260428-002 TrustStrike Labsen 2026-04-24 US utility tech giant Itron breached - hackers reached internal IT systems but no impact on the 112 million customer endpoints it manages 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260428-003 TrustStrike Labsen 2026-04-24 Medtronic confirms breach after ShinyHunters claims theft of 9 million records and terabytes of internal data 2026-04-24 0.9 https://intel.truststrikelabs.com/article/20260424-001 TrustStrike Labsen 2026-04-23 CISA and UK NCSC warn 'FIRESTARTER' backdoor survives Cisco ASA/Firepower patches - US agency compromised, hardware replacement recommended 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260424-002 TrustStrike Labsen 2026-04-23 Carnival confirms 7.5 million Holland America Mariner Society loyalty records leaked after ShinyHunters refused extortion deadline 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260424-003 TrustStrike Labsen 2026-04-23 CISA adds actively-exploited Microsoft Defender 'BlueHammer' flaw to KEV as two sibling zero-days (RedSun, UnDefend) remain unpatched (CVE-2026-33825) 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260424-004 TrustStrike Labsen 2026-04-23 Attackers actively exploiting critical unauthenticated file upload flaw in Breeze Cache WordPress plugin on 400,000 sites (CVE-2026-3844) 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260424-005 TrustStrike Labsen 2026-04-23 'Shai-Hulud: The Third Coming' worm pivots from Checkmarx KICS compromise into Bitwarden CLI, stealing SSH keys, cloud secrets, and MCP configs for AI coding tools 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260424-006 TrustStrike Labsen 2026-04-23 Lovable 'vibe coding' platform exposed source code, Supabase credentials, and AI chat history for 76 days via missing ownership check in API 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260424-007 TrustStrike Labsen 2026-04-23 Vercel expands Context.ai breach scope - additional accounts compromised, and some predate the April incident entirely 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260424-009 TrustStrike Labsen 2026-04-23 Dutch cosmetics giant Rituals discloses 'My Rituals' membership database breach 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260426-002 TrustStrike Labsen 2026-04-23 Citizens Bank and Frost Bank breached via third-party vendor - Everest ransomware claims 3.4M and 250K records, deadline expires today 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260426-009 TrustStrike Labsen 2026-04-23 Trigona ransomware operators ship a custom command-line data-theft tool to speed exfil and reduce dwell time 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260426-010 TrustStrike Labsen 2026-04-23 New Linux variant of GoGra backdoor uses Microsoft Graph API for stealth C2 - blends in with legitimate Office 365 traffic 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260427-006 TrustStrike Labsen 2026-04-23 China-linked spies named 'GopherWhisper' targeted Mongolian government using Slack, Discord, and Outlook drafts as their command channel 2026-04-23 0.9 https://intel.truststrikelabs.com/article/20260423-001 TrustStrike Labsen 2026-04-22 Microsoft ships emergency out-of-band patch for critical ASP.NET Core authentication cookie forgery flaw (CVE-2026-40372) 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260423-002 TrustStrike Labsen 2026-04-22 Apple pushes emergency iOS patch for notification-storage flaw that let the FBI recover deleted Signal messages (CVE-2026-28950) 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260423-004 TrustStrike Labsen 2026-04-22 Over 1,300 SharePoint servers still exposed to ongoing spoofing attacks a week after Microsoft's patch (CVE-2026-32201) 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260423-006 TrustStrike Labsen 2026-04-22 Cohere's Terrarium AI code sandbox has a root-level escape with no patch coming (CVE-2026-5752, CVSS 9.3) 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260423-007 TrustStrike Labsen 2026-04-22 Vercel breach root cause revealed: Lumma Stealer on a Context.ai employee's laptop, delivered via Roblox auto-farm scripts 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260423-008 TrustStrike Labsen 2026-04-22 Self-propagating npm worm hits Namastex Labs packages, steals secrets across npm, PyPI, and crypto wallets 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260423-009 TrustStrike Labsen 2026-04-22 Lotus Wiper destroys Venezuelan energy and utility systems in apparent state-sponsored attack 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260423-010 TrustStrike Labsen 2026-04-22 Chinese APT Mustang Panda's new LOTUSLITE variant hits Indian banks and South Korean policy circles via CHM lures 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260423-011 TrustStrike Labsen 2026-04-22 Mirai botnet exploits a year-old D-Link PoC to build fresh botnets on discontinued routers (CVE-2025-29635) 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260423-012 TrustStrike Labsen 2026-04-22 Kyber ransomware experiments with post-quantum encryption across Windows and VMware ESXi 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260424-008 TrustStrike Labsen 2026-04-22 Mandiant outs UNC6692 running IT-helpdesk impersonation over Microsoft Teams to deploy custom SNOW malware suite 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260424-010 TrustStrike Labsen 2026-04-22 Cohere's Terrarium AI sandbox breaks out to root on the host with no vendor patch in sight (CVE-2026-5752) 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260425-001 TrustStrike Labsen 2026-04-22 12-year-old 'Pack2TheRoot' bug in PackageKit gives any local user root on default Ubuntu, Debian, Fedora, and RHEL/Cockpit installs (CVE-2026-41651) 2026-04-22 0.9 https://intel.truststrikelabs.com/article/20260421-001 TrustStrike Labsen 2026-04-21 Cisco Catalyst SD-WAN Manager flaw added to CISA KEV with 4-day federal patch deadline - actively exploited (CVE-2026-20133) 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260421-002 TrustStrike Labsen 2026-04-21 6,400 exposed Apache ActiveMQ servers still vulnerable to actively exploited CVE-2026-34197 - ShadowServer data shows Asia most impacted 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260421-003 TrustStrike Labsen 2026-04-21 Microsoft warns of external Teams chats abused for helpdesk impersonation - 9-stage attack chain uses Quick Assist and Rclone for data theft 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260422-001 TrustStrike Labsen 2026-04-21 French govt identity documents agency ANTS confirms breach - hacker claims 19 million citizen records for sale 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260422-002 TrustStrike Labsen 2026-04-21 The Gentlemen ransomware operation hiding 1,570+ unreported victims per Check Point C2 analysis - 5x larger than leak site suggests 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260422-003 TrustStrike Labsen 2026-04-21 Google patches Antigravity IDE prompt injection RCE - and Claude GitHub Actions can be tricked by spoofed Git metadata 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260423-003 TrustStrike Labsen 2026-04-21 Cisco Catalyst SD-WAN Manager users have until today to patch three actively-exploited flaws as CISA adds eight to the KEV catalog 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260423-005 TrustStrike Labsen 2026-04-21 BRIDGE:BREAK - 22 new flaws expose ~20,000 internet-facing Lantronix and Silex serial-to-IP converters to full takeover 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260426-003 TrustStrike Labsen 2026-04-21 Critical unauthenticated path traversal in CrowdStrike LogScale lets remote attackers read any file on the server (CVE-2026-40050, CVSS 9.8) 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260426-004 TrustStrike Labsen 2026-04-21 Atlassian Bamboo Data Center hit with critical OS command injection (CVE-2026-21571, CVSS 9.4) - patch your CI/CD before someone uses it as a supply-chain pivot 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260426-005 TrustStrike Labsen 2026-04-21 Anthropic MCP STDIO design flaw exposes 200,000+ AI servers to RCE - 14 CVEs assigned, Anthropic calls it 'expected behavior' (backfill from April 15) 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260427-004 TrustStrike Labsen 2026-04-21 A small Discord group quietly accessed Anthropic's most powerful AI hacking tool 'Mythos' for two weeks via a contractor account (backfill from April 21) 2026-04-21 0.9 https://intel.truststrikelabs.com/article/20260420-003 TrustStrike Labsen 2026-04-20 Microsoft ships emergency out-of-band updates to fix Windows Server reboot loops and install failures caused by April Patch Tuesday 2026-04-20 0.9 https://intel.truststrikelabs.com/article/20260426-007 TrustStrike Labsen 2026-04-20 Mexican cybersecurity firm BePrime breached because admin accounts had no MFA - 12.6 GB leaked including pentest reports, then BePrime threatened journalists who reported it 2026-04-20 0.9 https://intel.truststrikelabs.com/article/20260420-001 TrustStrike Labsen 2026-04-19 Vercel confirms breach - attackers got in through Context.ai AI tool's Google Workspace OAuth, stole customer environment variables 2026-04-19 0.9 https://intel.truststrikelabs.com/article/20260420-002 TrustStrike Labsen 2026-04-18 Critical protobuf.js RCE hits JavaScript ecosystem - 50M weekly npm downloads, PoC published (GHSA-xq3m-2v4x-88gg) 2026-04-18 0.9 https://intel.truststrikelabs.com/article/20260417-002 TrustStrike Labsen 2026-04-17 Microsoft April patches cause reboot loops on Windows Server 2025 and 2022 domain controllers - LSASS crash breaks authentication 2026-04-17 0.9 https://intel.truststrikelabs.com/article/20260418-001 TrustStrike Labsen 2026-04-17 13-year-old Apache ActiveMQ code injection flaw actively exploited - CISA gives federal agencies until April 30 to patch (CVE-2026-34197) 2026-04-17 0.9 https://intel.truststrikelabs.com/article/20260418-002 TrustStrike Labsen 2026-04-17 NIST stops enriching most new CVEs - only KEV-listed and federal-used software will get full NVD data going forward 2026-04-17 0.9 https://intel.truststrikelabs.com/article/20260420-004 TrustStrike Labsen 2026-04-17 Fortinet FortiSandbox unauthenticated RCE (CVE-2026-39808) has public PoC - day-after recovery from April 17 2026-04-17 0.9 https://intel.truststrikelabs.com/article/20260416-001 TrustStrike Labsen 2026-04-16 Nginx UI authentication bypass actively exploited - one unauthenticated request gives attackers full server takeover via MCP endpoint (CVE-2026-33032) 2026-04-16 0.9 https://intel.truststrikelabs.com/article/20260417-001 TrustStrike Labsen 2026-04-16 Second Microsoft Defender zero-day PoC released - 'RedSun' grants SYSTEM privileges on fully-patched Windows including this week's April patches 2026-04-16 0.9 https://intel.truststrikelabs.com/article/20260416-002 TrustStrike Labsen 2026-04-15 Attacker bought 30+ WordPress plugins on Flippa, planted backdoor in August 2025, activated it 8 months later across hundreds of thousands of sites 2026-04-15 0.9 https://intel.truststrikelabs.com/article/20260419-001 TrustStrike Labsen 2026-04-15 Cisco Webex SSO flaw lets unauthenticated attackers impersonate any user (CVE-2026-20184) - four critical bugs patched this week 2026-04-15 0.9 https://intel.truststrikelabs.com/article/20260414-001 TrustStrike Labsen 2026-04-13 Booking.com confirms data breach exposing guest reservation details - phishing wave already targeting travelers 2026-04-13 0.9 https://intel.truststrikelabs.com/article/20260414-002 TrustStrike Labsen 2026-04-13 FBI and Indonesian police dismantle W3LL phishing platform that powered business email compromise attacks worldwide 2026-04-13 0.9 https://intel.truststrikelabs.com/article/20260413-001 TrustStrike Labsen 2026-04-12 Adobe releases emergency patch for actively exploited Acrobat Reader zero-day we reported Thursday (CVE-2026-34621) 2026-04-12 0.9 https://intel.truststrikelabs.com/article/20260411-001 TrustStrike Labsen 2026-04-10 Smart Slider 3 Pro update system hijacked - backdoored version pushed to 800,000+ WordPress sites via official channel 2026-04-10 0.9 https://intel.truststrikelabs.com/article/20260412-001 TrustStrike Labsen 2026-04-10 CPUID website hijacked to serve RAT malware through official CPU-Z and HWMonitor downloads 2026-04-10 0.9 https://intel.truststrikelabs.com/article/20260410-001 TrustStrike Labsen 2026-04-09 Unpatched Adobe Reader zero-day exploited since December - malicious PDFs steal data with zero clicks 2026-04-09 0.9 https://intel.truststrikelabs.com/article/20260409-002 TrustStrike Labsen 2026-04-08 Ninja Forms WordPress plugin allows unauthenticated file upload leading to remote code execution 2026-04-08 0.9 https://intel.truststrikelabs.com/article/20260408-003 TrustStrike Labsen 2026-04-07 Docker Engine authorization bypass lets attackers escape containers and access host credentials (CVE-2026-34040) 2026-04-07 0.9 https://intel.truststrikelabs.com/article/20260409-001 TrustStrike Labsen 2026-04-07 ShinyHunters breach SaaS integrator Anodot, steal auth tokens to raid Snowflake customers - 12+ companies hit 2026-04-07 0.9 https://intel.truststrikelabs.com/article/20260409-003 TrustStrike Labsen 2026-04-07 FBI and CISA warn Iranian hackers are targeting internet-exposed Rockwell PLCs at US water and energy facilities 2026-04-07 0.9 https://intel.truststrikelabs.com/article/20260408-001 TrustStrike Labsen 2026-04-06 Unpatched Windows zero-day "BlueHammer" leaked after researcher's dispute with Microsoft - exploit code public, no fix available 2026-04-06 0.9 https://intel.truststrikelabs.com/article/20260408-002 TrustStrike Labsen 2026-04-06 Microsoft exposes Storm-1175 - China-based ransomware group deploying Medusa with zero-day exploits in under 24 hours 2026-04-06 0.9 https://intel.truststrikelabs.com/article/20260406-001 TrustStrike Labsen 2026-04-05 Second FortiClient EMS zero-day in two weeks - emergency patch for pre-auth API bypass, actively exploited (CVE-2026-35616) 2026-04-05 0.9 https://intel.truststrikelabs.com/article/20260407-001 TrustStrike Labsen 2026-04-05 766+ Next.js hosts breached in automated React2Shell credential theft campaign (CVE-2025-55182) 2026-04-05 0.9 https://intel.truststrikelabs.com/article/20260405-002 TrustStrike Labsen 2026-04-04 Axios npm attack attributed to North Korean hackers UNC1069 - part of broader campaign targeting open-source maintainers 2026-04-04 0.9 https://intel.truststrikelabs.com/article/20260404-001 TrustStrike Labsen 2026-04-03 CERT-EU confirms TeamPCP breached European Commission via Trivy - 30 EU entities exposed, 340GB leaked 2026-04-03 0.9 https://intel.truststrikelabs.com/article/20260404-002 TrustStrike Labsen 2026-04-03 Hims & Hers discloses breach after ShinyHunters steal millions of Zendesk support tickets via Okta SSO 2026-04-03 0.9 https://intel.truststrikelabs.com/article/20260404-003 TrustStrike Labsen 2026-04-02 Progress ShareFile pre-auth RCE chain disclosed - 30,000 instances exposed, ransomware gangs watching (CVE-2026-2699, CVE-2026-2701) 2026-04-02 0.9 https://intel.truststrikelabs.com/article/20260405-001 TrustStrike Labsen 2026-04-02 Cisco IMC authentication bypass lets unauthenticated attackers take full admin control of servers (CVE-2026-20093) 2026-04-02 0.9 https://intel.truststrikelabs.com/article/20260402-001 TrustStrike Labsen 2026-04-01 Google patches fourth Chrome zero-day of 2026 - WebGPU flaw exploited in the wild (CVE-2026-5281) 2026-04-01 0.9 https://intel.truststrikelabs.com/article/20260402-003 TrustStrike Labsen 2026-04-01 Google Drive now auto-detects ransomware and pauses sync - 14x better detection than beta 2026-04-01 0.9 https://intel.truststrikelabs.com/article/20260403-001 TrustStrike Labsen 2026-04-01 NoVoice Android rootkit hid inside 50+ Google Play apps - 2.3 million downloads, survives factory reset 2026-04-01 0.9 https://intel.truststrikelabs.com/article/20260403-002 TrustStrike Labsen 2026-04-01 EvilTokens phishing kit commoditizes Microsoft device code attacks for business email compromise 2026-04-01 0.9 https://intel.truststrikelabs.com/article/20260403-003 TrustStrike Labsen 2026-04-01 Apple breaks policy to push DarkSword patches to millions more iOS 18 iPhones 2026-04-01 0.9 https://intel.truststrikelabs.com/article/20260404-004 TrustStrike Labsen 2026-04-01 CrystalRAT malware-as-a-service sells remote access, crypto theft, and keylogging on Telegram 2026-04-01 0.9 https://intel.truststrikelabs.com/article/20260331-001 TrustStrike Labsen 2026-03-31 Axios npm package compromised - cross-platform RAT deployed via hijacked maintainer account 2026-03-31 0.9 https://intel.truststrikelabs.com/article/20260401-001 TrustStrike Labsen 2026-03-31 Cisco breached through Trivy supply chain attack - source code and AWS keys stolen 2026-03-31 0.9 https://intel.truststrikelabs.com/article/20260401-002 TrustStrike Labsen 2026-03-31 CareCloud confirms hackers accessed patient health records in 8-hour breach 2026-03-31 0.9 https://intel.truststrikelabs.com/article/20260402-002 TrustStrike Labsen 2026-03-31 Chinese hackers exploited TrueConf video conferencing zero-day to backdoor Southeast Asian governments (CVE-2026-3502) 2026-03-31 0.9 https://intel.truststrikelabs.com/article/20260331-002 TrustStrike Labsen 2026-03-30 Fortinet FortiClient EMS SQL injection actively exploited - no authentication required (CVE-2026-21643) 2026-03-30 0.9 https://intel.truststrikelabs.com/article/20260331-003 TrustStrike Labsen 2026-03-30 Citrix NetScaler exploitation confirmed - CISA adds to KEV with April 2 deadline (CVE-2026-3055) 2026-03-30 0.9 https://intel.truststrikelabs.com/article/20260331-005 TrustStrike Labsen 2026-03-30 New Russian CTRL toolkit spreads via fake private key folders - hijacks RDP and steals credentials 2026-03-30 0.9 https://intel.truststrikelabs.com/article/20260401-003 TrustStrike Labsen 2026-03-30 New RoadK1ll implant turns compromised hosts into silent network relays via WebSocket tunneling 2026-03-30 0.9 https://intel.truststrikelabs.com/article/20260401-004 TrustStrike Labsen 2026-03-30 macOS Tahoe 26.4 blocks ClickFix paste attacks in Terminal - update your Mac fleet now 2026-03-30 0.9 https://intel.truststrikelabs.com/article/20260331-004 TrustStrike Labsen 2026-03-29 Smart Slider 3 WordPress plugin exposes 800,000+ sites to file theft (CVE-2026-3098) 2026-03-29 0.9 https://intel.truststrikelabs.com/article/20260329-001 TrustStrike Labsen 2026-03-28 F5 BIG-IP APM flaw reclassified from DoS to pre-auth RCE - now actively exploited (CVE-2025-53521) 2026-03-28 0.9 https://intel.truststrikelabs.com/article/20260329-003 TrustStrike Labsen 2026-03-28 Citrix NetScaler under active recon - attackers fingerprinting SAML configs before exploitation (CVE-2026-3055) 2026-03-28 0.9 https://intel.truststrikelabs.com/article/20260329-007 TrustStrike Labsen 2026-03-28 New Infinity Stealer malware targets macOS through fake Cloudflare CAPTCHA pages 2026-03-28 0.9 https://intel.truststrikelabs.com/article/20260331-006 TrustStrike Labsen 2026-03-28 Russian APT TA446 weaponizes leaked DarkSword exploit kit to target iPhones via spear-phishing 2026-03-28 0.9 https://intel.truststrikelabs.com/article/20260329-002 TrustStrike Labsen 2026-03-27 Langflow AI platform RCE exploited within 20 hours of disclosure - no auth required (CVE-2026-33017) 2026-03-27 0.9 https://intel.truststrikelabs.com/article/20260329-004 TrustStrike Labsen 2026-03-27 TeamPCP compromises Telnyx Python SDK on PyPI - malware hidden inside sound files 2026-03-27 0.9 https://intel.truststrikelabs.com/article/20260329-005 TrustStrike Labsen 2026-03-27 TeamPCP's 9-day supply chain rampage - Trivy to LiteLLM to Checkmarx to Telnyx 2026-03-27 0.9 https://intel.truststrikelabs.com/article/20260329-006 TrustStrike Labsen 2026-03-27 European Commission breached through AWS cloud account - 350GB of data reportedly stolen 2026-03-27 0.9 https://intel.truststrikelabs.com/article/20260330-002 TrustStrike Labsen 2026-03-27 Fake VS Code security alerts flooding GitHub Discussions to spread malware 2026-03-27 0.9 https://intel.truststrikelabs.com/article/20260330-003 TrustStrike Labsen 2026-03-27 TikTok for Business accounts targeted with AITM phishing that bypasses MFA 2026-03-27 0.9 https://intel.truststrikelabs.com/article/20260329-008 TrustStrike Labsen 2026-03-23 DarkSword iOS exploit kit leaked on GitHub - hundreds of millions of unpatched iPhones at risk (CVE-2026-20700) 2026-03-23 0.9 https://intel.truststrikelabs.com/article/20260330-001 TrustStrike Labsen 2026-03-23 Oracle emergency patch for pre-auth RCE in Identity Manager and Web Services Manager (CVE-2026-21992) 2026-03-23 0.9