EPISODE · Apr 6, 2026 · 3 MIN
Apr 06, 2026 · #18
from Security Brief Daily · host Security Brief Daily
Episode 18 — 06 Apr 2026 1. New FortiClient EMS flaw exploited in attacks, emergency patch released Source: Bleeping Computer Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks. Tracked as CVE-2026-35616, the flaw is an improper access control vulnerability that allows... 2. Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab Source: Krebs on Security An elusive hacker who went by the handle “ UNKN ” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least... 3. Hackers exploit React2Shell in automated credential theft campaign Source: Bleeping Computer Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. At least 766 hosts across various cloud providers and geographies have been compromised to collect database and AWS... 4. Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS Source: The Hacker News Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has been described as a pre-authentication API access bypass leading... 5. BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks Source: The Hacker News Germany's Federal Criminal Police Office (aka BKA or the Bundeskriminalamt) has unmasked the real identity of the main threat actors associated with the now-defunct REvil (aka Sodinokibi) ransomware-as-a-service (RaaS) operation. The threat actor, who went by the alias UNKN,... 6. Axios npm hack used fake Teams error fix to hijack maintainer account Source: Bleeping Computer The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineering campaign linked to North Korean hackers. This follows the threat actors compromising a maintainer account to... 7. Traffic violation scams switch to QR codes in new phishing texts Source: Bleeping Computer Scammers are sending fake "Notice of Default" traffic violation text messages impersonating state courts across the U.S., pressuring recipients to scan a QR code that leads to a phishing site demanding a $6.99 payment while stealing personal and financial information. This is... 8. $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation Source: The Hacker News Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long targeted and meticulously planned social engineering operation undertaken by the Democratic People's Republic of Korea (DPRK) that began in the fall of...
What this episode covers
Episode 18 — 06 Apr 2026 1. New FortiClient EMS flaw exploited in attacks, emergency patch released Source: Bleeping Computer Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks. Tracked as CVE-2026-35616, the flaw is an improper access control vulnerability that allows... 2. Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab Source: Krebs on Security An elusive hacker who went by the handle “ UNKN ” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least... 3. Hackers exploit React2Shell in automated credential theft campaign Source: Bleeping Computer Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. At least 766 hosts across various cloud providers and geographies have been compromised to collect database and AWS... 4. Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS Source: The Hacker News Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has been described as a pre-authentication API access bypass leading... 5. BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks Source: The Hacker News Germany's Federal Criminal Police Office (aka BKA or the Bundeskriminalamt) has unmasked the real identity of the main threat actors associated with the now-defunct REvil (aka Sodinokibi) ransomware-as-a-service (RaaS) operation. The threat actor, who went by the alias UNKN,... 6. Axios npm hack used fake Teams error fix to hijack maintainer account Source: Bleeping Computer The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineering campaign linked to North Korean hackers. This follows the threat actors compromising a maintainer account to... 7. Traffic violation scams switch to QR codes in new phishing texts Source: Bleeping Computer Scammers are sending fake "Notice of Default" traffic violation text messages impersonating state courts across the U.S., pressuring recipients to scan a QR code that leads to a phishing site demanding a $6.99 payment while stealing personal and financial information. This is... 8. $285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation Source: The Hacker News Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long targeted and meticulously planned social engineering operation undertaken by the Democratic People's Republic of Korea (DPRK) that began in the fall of...
NOW PLAYING
Apr 06, 2026 · #18
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.