Adobe and Chrome Zero-Days Under Active Attack as Ransomware Strikes Critical Infrastructure and Political Parties

Publication Date: April 12, 2026

Summary

This 24-hour period has been marked by the active exploitation of two critical zero-day vulnerabilities in Adobe Acrobat/Reader (CVE-2026-34621) and Google Chrome (CVE-2026-2441), prompting emergency patches. Ransomware remains a dominant threat, with the fast-moving Storm-1175 group deploying Medusa ransomware within 24 hours of vulnerability disclosures, the Qilin group claiming a major data breach against German political party Die Linke, and an attack disrupting a U.S. water treatment plant. Additionally, CISA has issued urgent warnings about Iranian-linked actors targeting U.S. critical infrastructure PLCs, and AI firm Anthropic has deemed its new vulnerability-finding model too dangerous for public release.

Today New Articles

Marcus & Millichap Hit by Phishing Attack, Limited Data Accessed

Marcus & Millichap, a leading commercial real estate brokerage, announced on April 12, 2026, that it recently experienced a cybersecurity incident. The company confirmed that an unauthorized party gained access to one of its systems after a successful phishing...

Irish Healthcare Recruiter Healthdaq Probes Cyber Incident with Police

Healthdaq, a healthcare recruitment company operating in both the Republic of Ireland and Northern Ireland, has confirmed it was targeted by a 'cyber security incident' on April 11, 2026. The firm, which works closely with health and social care trusts, has re...

Actively Exploited Chrome Zero-Day CVE-2026-2441 Prompts Emergency Google Patch

Google has released an emergency security update for its Chrome browser to address a critical vulnerability, CVE-2026-2441, which is being actively exploited in the wild. The company is currently withholding technical details about the flaw to prevent wider ab...

Article Updates

North Dakota Water Treatment Plant Hit by Ransomware, Reverts to Manual Operations

Update:The Federal Bureau of Investigation (FBI) has initiated an investigation into the ransomware attack on the Minot Water Treatment Plant. This development underscores the national security implications of cyberattacks on critical infrastructure and the seriousne...

Hong Kong Hospital Authority Apologizes for Data Leak Affecting 56,000 Patients

Update:The Hong Kong Hospital Authority (HA) has clarified that the data breach affecting 56,000 patients originated from a third-party platform, not a direct compromise of its internal networks. This shifts the suspected attack vector from an insider threat by a con...

Medusa Ransomware Group Strikes Within 24 Hours of Breach, Microsoft Warns

Update:New intelligence from Microsoft indicates the Storm-1175 group has further accelerated its attack timeline, now capable of deploying Medusa ransomware in under 24 hours from initial access. This 'speed run' approach, down from the previously reported 24-48 hou...

Qilin Ransomware Attacks German Party Die Linke, Threatens Data Leak

Update:The German political party Die Linke has confirmed that the Qilin ransomware attack resulted in the theft of approximately 1.5 terabytes of data. This stolen data includes internal communications, administrative files, and other personal information, although...

Active Zero-Day in Adobe Reader Steals Files by Abusing Privileged APIs

Update:On April 12, 2026, Adobe released emergency security updates for the actively exploited zero-day vulnerability in Acrobat and Reader, now officially identified as CVE-2026-34621. The flaw, initially described as a logic bug, has been clarified as a prototype p...