April, 2026 - Cybernoz

CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access

CVE-2026-33032: severe nginx-ui bug grants unauthenticated server access Pierluigi Paganini April 15, 2026 An actively exploited critical nginx-ui flaw (CVE-2026-33032) lets attackers bypass authentication and…

April 16, 2026 Cybernoz 2 min read

CyberSecurityDive

Medium-severity flaw in Microsoft SharePoint exploited

The flaw should be taken seriously, despite its relatively low score, according to researchers. Source link

April 16, 2026 Cybernoz 1 min read

Cyberscoop

NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities

The federal agency tasked with analyzing security vulnerabilities is overwhelmed as it and other authorities struggle to keep pace with a flood of defects that…

April 16, 2026 Cybernoz 3 min read

CISOOnline

Critical nginx UI tool vulnerability opens web servers to full compromise

“This exposes 12 MCP tools, including config writes with automatic nginx reload, to any host on the network. One unauthenticated API call is all it…

April 16, 2026 Cybernoz 1 min read

ArsTechnica

“TotalRecall Reloaded” tool finds a side entrance to Windows 11’s Recall database

The problem, as detailed by Hagenah on the TotalRecall GitHub page, isn’t with the security around the Recall database, which he calls “rock solid.” The…

April 15, 2026 Cybernoz 2 min read

ThreatIntelligence-IncidentResponse

Qualys VMDR and TotalCloud Now on Oracle Cloud Marketplace

Key Takeaways Qualys VMDR and TotalCloud are now available on the Oracle Cloud Marketplace, simplifying procurement and deployment for Oracle Cloud Infrastructure (OCI) customers. Organizations can…

April 15, 2026 Cybernoz 4 min read

Bleeping Computer

Signed software abused to deploy antivirus-killing scripts

A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on thousands of endpoints, some in the educational, utilities,…

April 15, 2026 Cybernoz 4 min read

CyberSecurityNews

Microsoft Releases Cumulative Update KB5083769 for Windows 11, Version 25H2 and 24H2

Microsoft has officially released the April 2026 Patch Tuesday cumulative update, KB5083769, for Windows 11 versions 25H2 and 24H2. Released on April 14, 2026, this…

April 15, 2026 Cybernoz 2 min read

ITSecurityGuru

How the enterprise supply chain has created a global attack surface

For years, organisations have treated cyber security as something that happens within their own walls. Protect the network, secure the endpoints, monitor the environment. Job…

April 15, 2026 Cybernoz 3 min read

GBHackers

MuddyWater-Style Hackers Probe 12,000+ Systems Ahead of Middle East

A threat group resembling MuddyWater has conducted a large-scale reconnaissance and intrusion operation targeting critical sectors in the Middle East, including aviation, energy, and government entities. The attackers…

April 15, 2026 Cybernoz 3 min read

HackRead

Fake Ledger Live App on Apple Store Linked to $9.5M Crypto Theft

A fake application posing as “Ledger Live” on the Apple App Store has been linked to more than $9.5 million in cryptocurrency theft, affecting over…

April 15, 2026 Cybernoz 4 min read

MalwareBytes

AI clickbait can turn your notifications into a scam feed

Pushpaganda is the name researchers have given to an AI-assisted ad fraud, social engineering, and scareware operation targeting mobile users. For most people, Pushpaganda starts as something…

April 15, 2026 Cybernoz 3 min read