Patch Tuesday – April 2026

Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday. Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely Read More …

Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum

Crooks are exploiting four Microsoft vulnerabilities – one patched 14 years ago and another tied to ransomware activity – according to America’s lead cyber-defense agency, which on Monday gave federal agencies two weeks to patch them. The four vulnerabilities added Read More …

vSphere and BRICKSTORM Malware: A Defender’s Guide

Building on recent BRICKSTORM research from Google Threat Intelligence Group (GTIG), this post explores the evolving threats facing virtualized environments. These operations directly target the VMware vSphere ecosystem, specifically the vCenter Server Appliance (VCSA) and ESXi hypervisors. To help organizations Read More …

Gigabyte warns users Control Center flaw could let hackers hijack your files

GIGABYTE Control Center, a Windows utility which comes preloaded with certain computers, carried a critical-severity vulnerability that allowed malicious actors to access files, run code, and trigger denial-of-service conditions on affected devices. The bug has now been addressed and users Read More …

UK manufacturers under cyber fire with 80% reporting attacks

Nearly 80 percent of British manufacturers say they’ve been hit by a cyber incident in the past year, as new research suggests disruption on the factory floor is no longer an exception but business as usual. According to security outfit Read More …

Google Authenticator: The Hidden Mechanisms of Passwordless Authentication

Passwordless authentication is often presented as the end of account takeover. But to understand the real threat landscape, we need to examine how passwordless is actually deployed in the real world. Attackers do not break protocols in theory. They target Read More …

CVE-2026-3055: Citrix NetScaler ADC and NetScaler Gateway Out-of-Bounds Read

On March 23, 2026, Citrix published a security advisory for a critical vulnerability affecting their NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) products. This vulnerability, CVE-2026-3055, which is classified as an out-of-bounds read and holds a Read More …

CVE-2026-31381, CVE-2026-31382: Gainsight Assist Information Disclosure and Cross-Site Scripting (FIXED)

Rapid7 Labs recently identified a chain of security vulnerabilities in the Gainsight Assist plugin and its interactions with the associated domain app.gainsight.com. These vulnerabilities include an Information Disclosure flaw (CVE-2026-31381) and a Reflected Cross-Site Scripting (XSS) vulnerability (CVE-2026-31382). By chaining Read More …

Russian Intelligence Services Target Commercial Messaging Application Accounts

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are jointly issuing this public service announcement (PSA) to warn the public about ongoing phishing campaigns by cyber actors associated with the Russian Intelligence Services (RIS) Read More …

Hasta la vista, Hastalamuerte: An Overview of The Gentlemen’s TTPs

In face of so many new ransomware brands, and still remaining RaaS operations such as Medusa, Qilin, and DragonForce, prioritizing is not an easy task to accomplish. However, despite the amount of groups conducting attacks for extortion, the TTPs do Read More …