Cybersecurity Newsfeed - 14/04/26
Daily cybersecurity news covering vulnerabilities, adversaries, trends, breaches, and other notable security developments.
Cybersecurity Newsfeed
📅 14/04/26
🛡️ Vulnerabilities
Post-Mythos Architectural Exploits: The Cloud Security Alliance (CSA) is urging CISOs to prepare for a surge in exploits targeting modern processor flaws. These vulnerabilities allow attackers to bypass memory protections via speculative execution pathways. More info
Adobe Emergency Zero-Day Patches: Adobe released updates for a critical zero-day allowing arbitrary code execution. The flaw is actively exploited in the wild, primarily targeting corporate entities for industrial espionage. More info
Critical wolfSSL Certificate Forgery: A flaw in the wolfSSL library allows attackers to forge SSL certificates, impacting millions of IoT and embedded devices. Patching requires firmware updates from individual manufacturers. More info
CISA Adds 7 Flaws to KEV Catalog: CISA has added seven newly exploited vulnerabilities affecting Microsoft and Apple products. Federal agencies must patch these remote code execution and privilege escalation bugs immediately. More info
🎯 Adversaries
APT41 Zero-Detection Backdoor: Researchers identified a stealthy backdoor used by APT41 to harvest cloud credentials. The malware resides in memory and leverages legitimate management tools to evade EDR detection. More info
Bitter APT Deploys ProSpy: Targeting government and military personnel, the Bitter group is using “ProSpy” mobile spyware disguised as Google and Zoom apps to exfiltrate location, calls, and camera data. More info
JanelaRAT Targets LATAM Finance: A Pascal-based Trojan is hitting financial institutions in Brazil and Mexico. It uses DLL side-loading and localized phishing lures to steal banking credentials and bypass local security. More info Technical Analysis North Korea’s APT37 Facebook Social Engineering: APT37 is using fake personas on Facebook to target defectors and activists with custom backdoors hidden in documents and mobile apps. More info
Handala Breach in UAE: The Iran-linked group claims to have exfiltrated terabytes of data from three major UAE organizations, releasing samples of internal emails and financial records as proof. More info
- Fake Claude AI Distributes PlugX RAT: Attackers are using fraudulent websites mimicking the Claude AI platform to trick users into downloading the PlugX Remote Access Trojan. More info
📈 Trends
Ransomware “Inter-Gang” Warfare: Syndicates are increasingly targeting rival infrastructure to hijack extortions and steal exfiltrated data, suggesting a saturated and highly competitive cybercrime market. More info
Mirax Trojan Turning IoT into Proxies: The Mirax malware is transforming smart home devices into proxy nodes for a massive botnet infrastructure used to mask the origin of DDoS and credential stuffing attacks. More info
“Silent Storm” Session Hijacking: A new infostealer has surfaced that targets active web sessions and decrypts server-side cookies, allowing attackers to bypass MFA in real-time. More info
ZeroID Launches Identity Platform for AI: A new open-source platform aims to secure autonomous AI agents by providing decentralized identity standards and verifiable audit trails for automated workflows. More info
💥 Breaches & Leaks
Basic-Fit Data Breach: European fitness giant Basic-Fit confirmed a breach impacting one million members. Leaked data includes names, addresses, and IBAN numbers via a compromised third-party provider. More info
OpenAI macOS Supply Chain Breach: Attackers compromised OpenAI’s macOS application certificates using Axios-themed lures, distributing malicious signed updates to harvest developer credentials. More info
Rockstar Games Analytics Leak: The “Scattered Spider” group leaked internal analytics data from Rockstar Games, exposing player engagement metrics and development timelines following a social engineering attack. More info
📚 Others
Fluxstress DDoS Kingpin Arrested: The suspected operator of the “Fluxstress” DDoS-for-hire service, a German national, was apprehended in Thailand following an international investigation. More info
Signal Metadata Recovery on iOS: Forensic analysis has shown that Signal message fragments and metadata can persist on iPhones even after the application has been uninstalled. More info