📰 DAILY THREAT BRIEFING
Thursday, April 30, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of April 30, 2026.

  1. Danger of Libredtail [Guest Diary], (Wed, Apr 29th)
    — SANS ISC

    [This is a Guest Diary by James Roberts, an ISC intern as part of the SANS.edu BACS program]
  2. Claude Mythos Fears Startle Japan's Financial Services Sector
    — Dark Reading

    Global financial institutions are panicked over Anthropic's new superhacker AI model. Cyber experts aren't quite as worried.
  3. Official SAP npm packages compromised to steal credentials
    — Bleeping Computer

    Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal credentials and authent…
  4. Popular WordPress redirect plugin hid dormant backdoor for years
    — Bleeping Computer

    The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that allows injecti…
  5. Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
    — Bleeping Computer

    Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on …
  6. Reverse Engineering With AI Unearths High-Severity GitHub Bug
    — Dark Reading

    Wiz used an AI reverse-engineering tool to pinpoint a vulnerability that previously would have been too costly and time-consuming to underta…
  7. AI Finds 38 Security Flaws in Electronic Health Record Platform
    — Dark Reading

    Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code execution, and d…
  8. SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack
    — The Hacker News

    Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential…
  9. New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs
    — The Hacker News

    Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthr…
  10. Today's Odd Web Requests, (Wed, Apr 29th)
    — SANS ISC

    Today, two different "new" requests hit our honeypots. Both appear to be recon requests and not associated with specific vulnerabilities. Bu…
  11. Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
    — The Hacker News

    In February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI setups to automate a…
  12. ISC Stormcast For Wednesday, April 29th, 2026 https://isc.sans.edu/podcastdetail/9910, (Wed, Apr 29th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (5986 in last 30 days).
Critical: 0 · High: 11 · Medium: 9 · Low: 0. View full dashboard →

  1. CVE-2026-7446
    — CVSS 7.3 (HIGH)

    A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_results/export_results/compare_results/scan_directory/create_rule of the file src/index.ts of the compo…
  2. CVE-2026-7445
    — CVSS 6.3 (MEDIUM)

    A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler.…
  3. CVE-2026-7443
    — CVSS 7.3 (HIGH)

    A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0.4. Affected by this vulnerability is the function fuzz_domain of the file src/index.ts of the component MCP Interface. Executing a manipulation of the…
  4. CVE-2026-7420
    — CVSS 8.8 (HIGH)

    A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overfl…
  5. CVE-2026-7419
    — CVSS 8.8 (HIGH)

    A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEdit_ap. The manipulation of the argument Profile leads to buffer over…
  6. CVE-2026-7418
    — CVSS 8.8 (HIGH)

    A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buff…
  7. CVE-2026-7417
    — CVSS 7.3 (HIGH)

    A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhs_publish_content of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument media_pat…
  8. CVE-2026-7416
    — CVSS 7.3 (HIGH)

    A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function build_project/run_tests of the file src/index.ts of the component MCP Interface. The manipulation of the argument Request re…
  9. CVE-2026-7410
    — CVSS 6.3 (MEDIUM)

    A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=add_to_cart. The manipulation of the argument pid leads to sql inj…
  10. CVE-2026-7409
    — CVSS 4.7 (MEDIUM)

    A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation can lead to sql injection. The attack can b…
  11. CVE-2026-7408
    — CVSS 4.7 (MEDIUM)

    A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Performing a manipulation results in sql injecti…
  12. CVE-2026-7407
    — CVSS 4.7 (MEDIUM)

    A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file /pizzafy/admin/ajax.php?action=save_settings of the comp…
  13. CVE-2026-7404
    — CVSS 7.3 (HIGH)

    A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function delete_shared_prompt of the file src/mcpo_simple_server/services/prompt_manager/base_manager.py. This manipulation …
  14. CVE-2026-7403
    — CVSS 5.3 (MEDIUM)

    A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function list_rules/fetch_rule of the file src/gel_mcp/server.py. The manipulation of the argument rule_name results in path traversal. The a…
  15. CVE-2026-1858
    — CVSS 4.8 (MEDIUM)

    wget2 accepts a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpose, they may be able t…
  16. CVE-2026-7426
    — CVSS 8.1 (HIGH)

    Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Ro…
  17. CVE-2026-7425
    — CVSS 6.5 (MEDIUM)

    Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafte…
  18. CVE-2026-7401
    — CVSS 4.3 (MEDIUM)

    A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. …
  19. CVE-2026-7400
    — CVSS 7.3 (HIGH)

    A security vulnerability has been detected in geekgod382 filesystem-mcp-server 1.0.0. This issue affects the function is_path_allowed of the file server.py of the component read_file_tool/write_file_tool. Such manipulati…
  20. CVE-2026-34965
    — CVSS 8.8 (HIGH)

    Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/save_collection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary…

Source: NVD CVE API 2.0

Generated by CryptXNet.ai Threat Intelligence Platform · April 30, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com