Exploits Turn Windows Defender into Attacker Tool – Dark Reading
Three proof-of-concept exploits are being used in active attacks against Microsoft’s built-in security platform; two are unpatched. – Read More
April 2026
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation – The Hacker News
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the…
22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters – The Hacker News
Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged…
Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk – Dark Reading
The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to spread ransomware and compromise supply chains. – Read More
Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool – Dark Reading
The prompt injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and arbitrary code execution. – Read More
‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty – Krebs on Security
A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role…
DeepJudge partners with Epiq to help law firms apply AI at scale – Legal IT Insider
DeepJudge has partnered with Epiq Advisory for Law Firms in a move aimed at helping law firms scale AI beyond experimentation and into firm‑wide, governed deployment. Announced today (21 April),…
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023 – The Hacker News
A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino, 41, of Land O’Lakes, Florida, teamed…
SRA announces further SQE fees increase – Legal Cheek
£2,006 for SQE1, £3,086 for SQE2 The Solicitors Regulation Authority (SRA) has announced a fourth fee increase for the Solicitors Qualifying Examination (SQE), to cover inflation and translating the exams…
5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time – The Hacker News
Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption,…
Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations – CSO Online
A high-severity authentication flaw in Microsoft’s Azure SRE Agent exposed sensitive agent data to unauthorized network access, according to a confirmed vulnerability disclosure. The issue was identified by Enclave AI…
Prompt injection turned Google’s Antigravity file search into RCE – CSO Online
Security researchers have revealed a prompt injection flaw in Google’s Antigravity IDE that could be weaponized to bypass its sandbox protections and achieve remote code execution (RCE). The issue came…
LexisNexis and Luminance form alliance to embed citation-backed legal AI into contract workflows – Legal IT Insider
Legal IT Insider speakers with Luminance’s CEO Eleanor Lightbody about the new partnership, which she says will help drive the trend towards in‑house teams deciding what to do internally and…
Cyber chief: UK faces “perfect storm” for cyber security – NCSC Blog
As the technology landscape develops, the definition of cyber security is expanding with it. – Read More
Chinese APT Targets Indian Banks, Korean Policy Circles – Dark Reading
China is spying on India’s financial sector, for some reason, and it’s not putting much effort into it, judging by some stale TTPs. – Read More