📰 DAILY THREAT BRIEFING
Monday, April 20, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of April 20, 2026.

  1. Vercel confirms breach as hackers claim to be selling stolen data
    — Bleeping Computer

    Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempt…
  2. Apple account change alerts abused to send phishing emails
    — Bleeping Computer

    Apple account change notifications are being abused to send fake iPhone purchase phishing scams within legitimate emails sent from Apple's s…
  3. NIST to stop rating non-priority flaws due to volume increase
    — Bleeping Computer

    The National Institute of Standards and Technology will stop assigning severity scores to lower-priority vulnerabilities due to the growing …
  4. [Webinar] Eliminate Ghost Identities Before They Expose Your Enterprise Data
    — The Hacker News

    In 2024, compromised service accounts and forgotten API keys were behind 68% of cloud breaches. Not phishing. Not weak passwords. Unmanage…
  5. $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
    — The Hacker News

    Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations aft…
  6. Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
    — The Hacker News

    Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on co…
  7. Threat Brief: Escalation of Cyber Risk Related to Iran (Updated April 17)
    — Unit 42

    Unit 42 details recent Iranian cyberattack activity, sharing direct observations of phishing, hacktivist activity and cybercrime. We include…
  8. How NIST's Cutback of CVE Handling Impacts Cyber Teams
    — Dark Reading

    Industry and ad hoc coalitions appear poised to help fill the gap created by NIST's decision to cut back on CVE data enrichment.
  9. Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing
    — Dark Reading

    In embracing device code phishing, attackers trick victims into handing over account access by using a service's legitimate new-device login…
  10. Every Old Vulnerability Is Now an AI Vulnerability
    — Dark Reading

    AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones.
  11. ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
  12. Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)
    — SANS ISC

    Introduction

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (6074 in last 30 days).
Critical: 0 · High: 7 · Medium: 12 · Low: 1. View full dashboard →

  1. CVE-2026-6587
    — CVSS 6.3 (MEDIUM)

    A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function _try_process_local_file/_try_process_url of the file src/ragas/metrics/collections/multi_modal_faithfulness/uti…
  2. CVE-2026-6586
    — CVSS 6.3 (MEDIUM)

    A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function get_budget/update_budget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation…
  3. CVE-2026-6585
    — CVSS 5.4 (MEDIUM)

    A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function update_organisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoi…
  4. CVE-2026-6584
    — CVSS 5.4 (MEDIUM)

    A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function update_user of the file superagi/controllers/user.py of the component User Update Endpoint. The manipulation …
  5. CVE-2026-6583
    — CVSS 5.4 (MEDIUM)

    A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function delete_api_key/edit_api_key of the file superagi/controllers/api_key.py of the component API Key Management Endpoint. …
  6. CVE-2026-6582
    — CVSS 7.3 (HIGH)

    A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function get_vector_db_details of the file superagi/controllers/vector_dbs.py of the component Vector Database Management E…
  7. CVE-2026-6581
    — CVSS 8.8 (HIGH)

    A vulnerability was detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function SetMobileAPInfoById of the file /goform/aspForm. Performing a manipulation of the argument param results in buffe…
  8. CVE-2026-6580
    — CVSS 7.3 (HIGH)

    A security vulnerability has been detected in liangliangyy DjangoBlog up to 2.1.0.0. Affected is an unknown function of the file owntracks/views.py of the component Amap API Call Handler. Such manipulation of the argumen…
  9. CVE-2026-6579
    — CVSS 6.5 (MEDIUM)

    A weakness has been identified in liangliangyy DjangoBlog up to 2.1.0.0. This impacts an unknown function of the file blog/views.py of the component Clean Endpoint. This manipulation causes missing authentication. The at…
  10. CVE-2026-6578
    — CVSS 5.6 (MEDIUM)

    A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the component Setting Handler. The manipulation of the argument SECRET_…
  11. CVE-2026-6577
    — CVSS 7.3 (HIGH)

    A vulnerability was identified in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file owntracks/views.py of the component logtracks Endpoint. The manipulation leads to missing a…
  12. CVE-2026-6576
    — CVSS 6.3 (MEDIUM)

    A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a m…
  13. CVE-2026-6574
    — CVSS 7.3 (HIGH)

    A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the component API Upload Endpoint. Such manipulation of the argument key …
  14. CVE-2026-6573
    — CVSS 6.3 (MEDIUM)

    A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfil…
  15. CVE-2026-6572
    — CVSS 5.6 (MEDIUM)

    A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUpload Endpoint. The m…
  16. CVE-2026-6571
    — CVSS 6.3 (MEDIUM)

    A weakness has been identified in kodcloud KodExplorer up to 4.52. Affected by this vulnerability is the function roleGroupAction of the file /app/controller/systemRole.class.php. Executing a manipulation of the argument…
  17. CVE-2026-6570
    — CVSS 2.7 (LOW)

    A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argument path results in a…
  18. CVE-2026-6569
    — CVSS 7.3 (HIGH)

    A vulnerability was identified in kodcloud KodExplorer up to 4.52. This impacts the function fileGet of the file /app/controller/share.class.php of the component fileGet Endpoint. Such manipulation of the argument fileUr…
  19. CVE-2026-6568
    — CVSS 7.3 (HIGH)

    A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Handler. This manipulat…
  20. CVE-2026-6564
    — CVSS 4.3 (MEDIUM)

    A vulnerability was found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling. The manipulation results in improper authorization. It is possible to launch th…

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · April 20, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com