CISA KEV Alerts, Windows Defender Exploits, and Axios Supply Chain Attack Dominate Threat Landscape
Summary
This week in cybersecurity, CISA added eight actively exploited vulnerabilities to its KEV catalog, demanding urgent patching for products from Cisco, JetBrains, and PaperCut. Security researchers confirmed that three exploits targeting Windows Defender, including two unpatched flaws, are being used in live attacks to gain SYSTEM-level privileges. A major supply chain attack compromised the popular Axios NPM library, injecting a remote access trojan into dependent applications. Other significant events include the discovery of the 'DarkSword' iPhone zero-day, new data breach claims from LockBit and ShinyHunters, and Microsoft's massive April Patch Tuesday addressing over 160 vulnerabilities.
Today New Articles
CISA Mandates Urgent Patching for Eight Actively Exploited Flaws in Cisco, JetBrains, and More
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog by adding eight new security flaws affecting a range of enterprise products. The vulnerabilities, found in software from Cisco, Pape...
Attackers Exploit Flaws Weeks Before CVEs Are Published, Report Finds
A new report from internet intelligence firm GreyNoise reveals a concerning trend: significant spikes in scanning and exploitation activity for software vulnerabilities often occur weeks, and sometimes over a month, before the flaws are publicly disclosed. The...
Sophisticated 'DarkSword' iPhone Zero-Day Exploit Found For Sale on Hacked Ukrainian Websites
A sophisticated, fileless iPhone zero-day exploit framework named 'DarkSword' has been discovered hosted on two compromised Ukrainian websites, including the official site of the Seventh Administrative Court of Appeals. A joint investigation by iVerify, Lookou...
LockBit and ShinyHunters Claim Major Breaches at Citizens Bank, Canada Life, and Law Firm
Prominent threat groups LockBit and ShinyHunters have claimed responsibility for several high-profile data breaches, according to dark web monitoring services. The LockBit ransomware gang has allegedly exfiltrated and posted data from Bardehle Pagenberg, a maj...
Columbia Bank Discloses Three-Month Data Breach After Unauthorized System Access
Columbia Bank, a prominent financial institution in the Western U.S., has begun notifying customers of a prolonged data breach that occurred in late 2025. According to notification letters, an unauthorized third party had access to certain internal bank applic...
Cookeville Regional Medical Center (CRMC) in Tennessee has begun notifying 337,917 individuals that their sensitive personal and medical data was stolen in a ransomware attack that occurred in July 2025. The notification letters, sent out nine months after the...
Article Updates
Update:Palo Alto Networks' Unit 42 independently validated that frontier AI models can autonomously discover zero-day vulnerabilities and complex exploit chains. Their research highlights a critical risk to open-source software (OSS) due to AI's ability to analyze so...
Massive Basic-Fit Data Breach Exposes Personal and Financial Data of 1 Million Members
Update:New information regarding the Basic-Fit data breach confirms that while personal and financial details of nearly one million members were exfiltrated, passwords and identification documents were not compromised as they were stored in a separate system. The int...
Microsoft's Colossal April 2026 Patch Tuesday: 167 Flaws Patched, Two Zero-Days Under Fire
Update:The April 2026 Patch Tuesday update now includes fixes for additional critical vulnerabilities. These include CVE-2026-33826, a Remote Code Execution (RCE) flaw in Windows Active Directory, and CVE-2026-32157, an RCE vulnerability affecting the Remote Desktop...