📰 DAILY THREAT BRIEFING
Sunday, April 26, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of April 26, 2026.

  1. Microsoft rolls out revamped Windows Insider Program
    — Bleeping Computer

    Microsoft says it's rolling out a revamped Windows Insider Program experience as part of the broader plans to address performance and reliab…
  2. Threat actor uses Microsoft Teams to deploy new “Snow” malware
    — Bleeping Computer

    A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a browser extens…
  3. Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
    — The Hacker News

    Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Ira…
  4. CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
    — The Hacker News

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINF…
  5. ADT confirms data breach after ShinyHunters leak threat
    — Bleeping Computer

    Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is…
  6. The npm Threat Landscape: Attack Surface and Mitigations
    — Unit 42

    Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more. The…
  7. TGR-STA-1030: New Activity in Central and South America
    — Unit 42

    Unit 42 research reports that TGR-STA-1030 remains an active threat, particularly in Central and South America. The post TGR-STA-1030: New A…
  8. FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
    — The Hacker News

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency's Cisco Firepower devi…
  9. US Busts Myanmar Ring Targeting US Citizens in Financial Fraud
    — Dark Reading

    Some 29 people were charged, including a Cambodian senator, and authorities seized more than 500 Web domains tied to fake investment sites.
  10. Glasswing Secured the Code. The Rest of Your Stack Is Still on You
    — Dark Reading

    Forgotten integrations, shadow IT, SaaS, and now shadow AI and agents are everywhere, and attackers don't need sophisticated AI models to ta…
  11. AI Phishing Is No. 1 With a Bullet for Cyberattackers
    — Dark Reading

    In the past six months, companies have seen a significant influx of AI-powered phishing, as cyberattackers progress from small campaigns to …
  12. ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (5832 in last 30 days).
Critical: 0 · High: 4 · Medium: 7 · Low: 9. View full dashboard →

  1. CVE-2026-7002
    — CVSS 7.3 (HIGH)

    A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get_message_ajax.php of the component Private Message Handler. Executing a manipulation…
  2. CVE-2026-7001
    — CVSS 2.4 (LOW)

    A vulnerability was found in Datacom DM4100 1.3.6.1.4.1.3709. This affects an unknown part of the component Ethernet Configuration Page. Performing a manipulation of the argument Name results in cross site scripting. It …
  3. CVE-2026-7000
    — CVSS 2.4 (LOW)

    A vulnerability has been found in Datacom DM4100 1.3.6.1.4.1.3709. Affected by this issue is some unknown functionality of the component VLAN Page. Such manipulation of the argument VLAN Name leads to cross site scriptin…
  4. CVE-2026-6999
    — CVSS 2.4 (LOW)

    A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID causes cross site script…
  5. CVE-2026-6998
    — CVSS 2.4 (LOW)

    A vulnerability was detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. Affected is an unknown function of the component New RMON Statistics Page. The manipulation of the argument Owner results in cross site scripting. T…
  6. CVE-2026-6997
    — CVSS 2.4 (LOW)

    A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This impacts an unknown function of the component New RMON History Page. The manipulation of the argument Owner leads to cross site sc…
  7. CVE-2026-6996
    — CVSS 2.4 (LOW)

    A weakness has been identified in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This affects an unknown function of the component rmon event Tab. Executing a manipulation of the argument Description can lead to cross site scri…
  8. CVE-2026-6995
    — CVSS 2.4 (LOW)

    A security flaw has been discovered in BDCOM P3310D 0.4.2 10.1.0F Build 86345. The impacted element is an unknown function of the file /index.asp of the component New User Page. Performing a manipulation of the argument …
  9. CVE-2026-6994
    — CVSS 6.3 (MEDIUM)

    A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header_mutation/header_mutation.cc of the component Query Parameter Handler. This manip…
  10. CVE-2026-6993
    — CVSS 5.3 (MEDIUM)

    A security flaw has been discovered in go-kratos kratos up to 2.9.2. This impacts the function NewServer of the file transport/http/server.go of the component http.DefaultServeMux Fallback Handler. The manipulation resul…
  11. CVE-2026-6992
    — CVSS 7.2 (HIGH)

    A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. The manipulation of th…
  12. CVE-2026-6991
    — CVSS 6.3 (MEDIUM)

    A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the component CUID Data Type Handler. Executing a manipulation …
  13. CVE-2026-6990
    — CVSS 3.5 (LOW)

    A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descrição results in cross …
  14. CVE-2026-6989
    — CVSS 6.3 (MEDIUM)

    A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. Such manipulation leads to command injection. It is possible to…
  15. CVE-2026-6988
    — CVSS 8.8 (HIGH)

    A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the argument nextHop cau…
  16. CVE-2026-6987
    — CVSS 7.3 (HIGH)

    A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management Plane. Performing a manipulation results in command injectio…
  17. CVE-2026-6986
    — CVSS 3.7 (LOW)

    A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Handler. Such manipulati…
  18. CVE-2026-6985
    — CVSS 5.3 (MEDIUM)

    A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the component TCP Option Handler. This manipulation of the argument optl…
  19. CVE-2026-6984
    — CVSS 4.7 (MEDIUM)

    A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function create_template of the file astrbot/dashboard/routes/t2i.py of the component Dashboard API. The manipulation results in i…
  20. CVE-2026-6983
    — CVSS 4.7 (MEDIUM)

    A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the argument url leads to server-side …

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · April 26, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com