Smuggler’s Gambit | Huntress
tl;dr Huntress uncovered the infrastructure of a mass phishing campaign including potentially novel tradecraft that combines HTML smuggling, injected iframes, and session theft via transparent…
Author: Cybernoz
Critical Marimo pre-auth RCE flaw now under active exploitation
Hackers started exploiting a critical vulnerability in the Marimo open-source reactive Python notebook platform just 10 hours after its public disclosure. The flaw allows remote…
Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records
A single hacker recently managed to compromise nine different Mexican government agencies by exploiting two popular AI platforms. This finding comes from the research firm Gambit…
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Ravie LakshmananApr 12, 2026Vulnerability / Endpoint Security Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active…
Hackers claim control over Venice San Marco anti-flood pumps
Hackers claim control over Venice San Marco anti-flood pumps Pierluigi Paganini April 12, 2026 Hackers breached Venice ’s San Marco flood system, claiming control of…
The Rise of Social Engineering Across Healthcare
Nobody’s perfect. Even the sharpest among us makes the occasional mistake. And cybercriminals just love that. As proof, ask yourself, does Nigeria have a monarchy?…
France to Replace Windows with Linux on Government Desktops
France has taken a decisive step toward digital sovereignty, announcing plans to migrate government workstations from Microsoft Windows to Linux. The move was formally declared…
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Ravie LakshmananApr 12, 2026Malware / Threat Intelligence Unknown threat actors compromised CPUID (“cpuid[.]com”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro,…
Adobe Patches Reader Zero-Day Exploited for Months
Adobe on Saturday released emergency patches for a critical Acrobat and Reader zero-day that has been exploited in the wild for several months. The vulnerability…
Security Affairs newsletter Round 572 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs newsletter Round 572 by Pierluigi Paganini – INTERNATIONAL EDITION Pierluigi Paganini April 12, 2026 A new round of the weekly Security Affairs newsletter…
Attack Behaviors | Huntress
In a Vertex blog post published on April 16, 2024, Jennifer Kolde shared some profound insight regarding “threat clusters,” illustrated in Figure 1. Fig. 1:…
Webinar: From noise to signal
Cyberattacks rarely come out of nowhere—threat actors often leave behind signals long before an intrusion begins. On Thursday, April 30, 2026 at 2:00 PM ET,…