Cyber Security Badge

CyberNetSec.io

Daily Cybersecurity Threat Briefings

Home Publications

Security Advisories & Threat Intelligence

Cybersecurity news, alerts, vulnerabilities, and threat analysis. You may filter daily publications by month here.

Filter by Category

Showing 1 - 10 of 1265 articles
1 / 127
Per page:

CISA Mandates Urgent Patching for Eight Actively Exploited Flaws in Cisco, JetBrains, and More

CRITICAL

CISA Adds Eight Actively Exploited Vulnerabilities to KEV Catalog, Requiring Federal Action

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog by adding eight new security flaws affecting a range of enterprise products. The vulnerabilities, found in software from Cisco, PaperCut, JetBrains, Kentico, Quest, and Synacor, are confirmed to be under active exploitation. This action mandates that Federal Civilian Executive Branch (FCEB) agencies apply patches by a specified deadline to mitigate significant risk. The additions include critical issues such as improper authentication, path traversal, and exposure of sensitive information, highlighting a persistent threat to both public and private sector networks. CISA strongly advises all organizations to prioritize the remediation of these vulnerabilities to defend against ongoing cyberattacks.

Apr 20, 2026
5 min read
Vulnerability
Patch Management
Threat Intelligence
KEVCISAVulnerability ManagementPatchingActive Exploitation +1 more
CISA Mandates Urgent Patching for Eight Actively Exploited Flaws in Cisco, JetBrains, and More

Attackers Exploit Flaws Weeks Before CVEs Are Published, Report Finds

HIGH

Report Finds Vulnerability Exploitation Surges Weeks Before Public Disclosure

A new report from internet intelligence firm GreyNoise reveals a concerning trend: significant spikes in scanning and exploitation activity for software vulnerabilities often occur weeks, and sometimes over a month, before the flaws are publicly disclosed. The research, analyzing traffic from late 2025 to early 2026, found that approximately half of the observed activity surges were followed by a corresponding CVE disclosure within three weeks. High-profile examples include vulnerabilities in Cisco, VMware, and MikroTik products being exploited 39, 36, and 24 days respectively before public announcement. This 'pre-disclosure' exploitation gives attackers a significant head start and suggests that monitoring for anomalous network traffic can serve as a crucial early warning system for defenders, enabling proactive defense even before patches are available.

Apr 20, 2026
5 min read
Threat Intelligence
Vulnerability
Security Operations
GreyNoiseZero-DayVulnerability DisclosureThreat IntelligenceProactive Defense +1 more
Attackers Exploit Flaws Weeks Before CVEs Are Published, Report Finds

Sophisticated 'DarkSword' iPhone Zero-Day Exploit Found For Sale on Hacked Ukrainian Websites

CRITICAL

'DarkSword' iPhone Zero-Day Exploit Framework Discovered on Compromised Ukrainian Websites

A sophisticated, fileless iPhone zero-day exploit framework named 'DarkSword' has been discovered hosted on two compromised Ukrainian websites, including the official site of the Seventh Administrative Court of Appeals. A joint investigation by iVerify, Lookout, and Google's Threat Intelligence Group uncovered the framework, which is described as 'cleanly organized' and designed for easy repurposing and distribution. The exploit affects a wide range of iPhone models and its fileless nature makes it extremely difficult to detect. Most alarmingly, the framework appeared to be for sale to any interested buyer, posing a severe threat to high-risk individuals like journalists, activists, and government officials worldwide who rely on iPhones for secure communication.

Apr 20, 2026
6 min read
Vulnerability
Cyberattack
Threat Actor
iPhoneZero-DaySpywareDarkSwordFileless Malware +2 more
Sophisticated 'DarkSword' iPhone Zero-Day Exploit Found For Sale on Hacked Ukrainian Websites

LockBit and ShinyHunters Claim Major Breaches at Citizens Bank, Canada Life, and Law Firm

HIGH

LockBit and ShinyHunters Post Data from Citizens Bank, Canada Life, and a Major Law Firm

Prominent threat groups LockBit and ShinyHunters have claimed responsibility for several high-profile data breaches, according to dark web monitoring services. The LockBit ransomware gang has allegedly exfiltrated and posted data from Bardehle Pagenberg, a major European patent law firm, raising alarms about the potential exposure of intellectual property. Concurrently, the data broker group ShinyHunters claimed a breach at Canada Life, a large insurance provider, while another group named Everest claimed an attack on Citizens Bank, a major U.S. retail bank. While the claims are still being verified, the history of these groups suggests a high probability of legitimacy, placing customers and clients of the affected organizations at significant risk of fraud and identity theft.

Apr 20, 2026
5 min read
Data Breach
Ransomware
Threat Actor
LockBitShinyHuntersEverestData BreachRansomware +2 more
LockBit and ShinyHunters Claim Major Breaches at Citizens Bank, Canada Life, and Law Firm

Columbia Bank Discloses Three-Month Data Breach After Unauthorized System Access

HIGH

Columbia Bank Notifies Customers of Data Breach Spanning Nearly Three Months

Columbia Bank, a prominent financial institution in the Western U.S., has begun notifying customers of a prolonged data breach that occurred in late 2025. According to notification letters, an unauthorized third party had access to certain internal bank applications from October 2 to December 22, 2025. After discovering the intrusion, the bank hired an external forensics firm, but the investigation to determine the full scope of compromised data was not completed until March 6, 2026. This significant delay between the incident and notification has raised concerns. While the bank has not publicly detailed the specific data types exposed, the lengthy access period suggests a risk of exposure for sensitive personal and financial information. Attorneys are now investigating the incident for a potential class-action lawsuit.

Apr 20, 2026
5 min read
Data Breach
Incident Response
Threat Actor
Data BreachFinancial ServicesIncident ResponseDwell TimeClass Action
Columbia Bank Discloses Three-Month Data Breach After Unauthorized System Access

Tennessee Hospital Notifies 337,000 Patients of Data Breach, Nine Months After Rhysida Ransomware Attack

HIGH

Tennessee Hospital Notifies 337,000 Patients of Data Breach, Months After Rhysida Ransomware Attack

Cookeville Regional Medical Center (CRMC) in Tennessee has begun notifying 337,917 individuals that their sensitive personal and medical data was stolen in a ransomware attack that occurred in July 2025. The notification letters, sent out nine months after the breach, confirm an attack by the Rhysida ransomware group. In August 2025, Rhysida claimed responsibility on its dark web leak site, stating it had stolen 500GB of data, including over 370,000 files. The compromised information is highly sensitive, potentially including Social Security numbers, financial details, and medical records. Despite the group's attempt to sell the data and later leaking it for free, the hospital stated it has 'no evidence' of data misuse, a claim met with skepticism by security experts. CRMC is offering 12 months of identity protection services.

Apr 20, 2026
5 min read
Ransomware
Data Breach
Threat Actor
RansomwareRhysidaHealthcareData BreachHIPAA +1 more
Tennessee Hospital Notifies 337,000 Patients of Data Breach, Nine Months After Rhysida Ransomware Attack

Massive Basic-Fit Data Breach Exposes Personal and Financial Data of 1 Million Members

HIGH

European Fitness Chain Basic-Fit Suffers Major Data Breach Affecting One Million Members

Basic-Fit, Europe's largest fitness chain, has admitted to a massive data breach affecting approximately one million members across several European countries. The compromised data includes sensitive personal information such as full names, addresses, phone numbers, and bank account details. The attack targeted the system used for member visit registration. While the company claims its monitoring tools detected and stopped the intrusion 'within minutes,' the attackers had already exfiltrated a large volume of data. Basic-Fit has notified the Dutch Data Protection Authority and is in the process of informing affected members, who now face a significant risk of targeted phishing campaigns and financial fraud.

Updated: Apr 20, 2026
5 min read
Data Breach
Phishing
Regulatory
PIIGDPRfinancial fraudphishingNetherlands
Massive Basic-Fit Data Breach Exposes Personal and Financial Data of 1 Million Members

Microsoft's Colossal April 2026 Patch Tuesday: 167 Flaws Patched, Two Zero-Days Under Fire

CRITICAL

Microsoft's April 2026 Patch Tuesday Addresses 167 Vulnerabilities, Including Actively Exploited SharePoint Flaw and Publicly Disclosed Defender Bug

Microsoft has released one of its largest security updates ever for April 2026, patching 167 vulnerabilities across its product ecosystem. The update is critically important, as it addresses two zero-day vulnerabilities: an actively exploited spoofing flaw in SharePoint Server (CVE-2026-32201) which has been added to CISA's KEV catalog, and a publicly disclosed privilege escalation flaw in Microsoft Defender (CVE-2026-33825). The update also fixes eight critical vulnerabilities, including a near-perfect CVSS 9.8 RCE flaw in the Windows IKE Service (CVE-2026-33824), underscoring the urgent need for organizations to apply these patches immediately.

Updated: Apr 20, 2026
5 min read
Patch Management
Vulnerability
Cyberattack
Patch TuesdayZero-DayMicrosoftSharePointMicrosoft Defender +4 more
Microsoft's Colossal April 2026 Patch Tuesday: 167 Flaws Patched, Two Zero-Days Under Fire

Anthropic's "Claude Mythos" AI Discovers Thousands of Zero-Days, Public Release Withheld Over Security Risks

CRITICAL

Anthropic's 'Claude Mythos' AI Uncovers Thousands of Critical Vulnerabilities, Prompting Unprecedented Defensive Coalition with Big Tech

Artificial intelligence firm Anthropic has announced that its unreleased frontier model, 'Claude Mythos Preview,' has autonomously discovered thousands of high-severity zero-day vulnerabilities in major operating systems and software. Due to the immense security risks, the model is being withheld from public release. Instead, Anthropic has launched 'Project Glasswing,' a coalition with tech giants including Amazon Web Services, Apple, Google, and Microsoft, to use the AI for defensive purposes to secure critical software. The model has already identified decades-old flaws, including a critical remote code execution vulnerability (CVE-2026-4747) in FreeBSD's NFS server, fundamentally altering the landscape of vulnerability discovery.

Updated: Apr 19, 2026
6 min read
Threat Intelligence
Vulnerability
Other
AIArtificial IntelligenceZero-DayVulnerability DiscoveryProject Glasswing +2 more
Anthropic's "Claude Mythos" AI Discovers Thousands of Zero-Days, Public Release Withheld Over Security Risks

Shinyhunters Ransomware Targets Zara and Aman Resorts with Data Theft Claims

HIGH

Shinyhunters Ransomware Group Claims Attacks on Zara and Aman Resorts, Threatens Data Leak

The Shinyhunters ransomware group has resurfaced, claiming responsibility for cyberattacks against luxury hotel chain Aman Resorts and global fashion retailer Zara. On April 19, 2026, the group alleged it had stolen over 500,000 Salesforce records containing PII from Aman Resorts and compromised Zara's Google BigQuery data, attributing the latter to a vulnerability in the Anodot.com platform. Shinyhunters has issued a 'Pay or Leak' ultimatum to both companies, setting an April 21 deadline to establish contact before the allegedly stolen data is published. These claims, if verified, represent significant data breaches at two major international brands.

Apr 19, 2026
5 min read
Ransomware
Data Breach
Threat Actor
ShinyhuntersRansomwareData BreachSalesforceBigQuery +1 more
Shinyhunters Ransomware Targets Zara and Aman Resorts with Data Theft Claims
Showing 1 - 10 of 1265 articles
1 / 127