Apr 08, 2026 · #20 episode artwork

EPISODE · Apr 8, 2026 · 4 MIN

Apr 08, 2026 · #20

from Security Brief Daily · host Security Brief Daily

Episode 20 — 08 Apr 2026 1. Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins Source: Bleeping Computer An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials. The Russian threat group APT28,... 2. Max severity Flowise RCE vulnerability now exploited in attacks Source: Bleeping Computer Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code. The flaw allows injecting JavaScript code without any security checks and was... 3. US warns of Iranian hackers targeting critical infrastructure Source: Bleeping Computer Iranian-linked hackers are targeting Internet-exposed Rockwell/Allen-Bradley programmable logic controllers (PLCs) on the networks of U.S. critical infrastructure organizations. The warning came earlier today in the form of a joint advisory authored by the FBI, CISA, NSA, the... 4. Hackers exploit critical flaw in Ninja Forms WordPress plugin Source: Bleeping Computer A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution. Identified as CVE-2026-0740, the issue is currently exploited in attacks. According to... 5. Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs Source: The Hacker News Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers (PLCs), cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to... 6. Russia Hacked Routers to Steal Microsoft Office Tokens Source: Krebs on Security Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon... 7. Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access Source: The Hacker News A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The vulnerability, tracked as CVE-2026-34040 (CVSS score: 8.8), stems from an incomplete fix for... 8. N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust Source: The Hacker News The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and PHP ecosystems. "The threat actor's packages were designed to impersonate legitimate developer tooling [...], while...

Episode 20 — 08 Apr 2026 1. Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins Source: Bleeping Computer An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials. The Russian threat group APT28,... 2. Max severity Flowise RCE vulnerability now exploited in attacks Source: Bleeping Computer Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code. The flaw allows injecting JavaScript code without any security checks and was... 3. US warns of Iranian hackers targeting critical infrastructure Source: Bleeping Computer Iranian-linked hackers are targeting Internet-exposed Rockwell/Allen-Bradley programmable logic controllers (PLCs) on the networks of U.S. critical infrastructure organizations. The warning came earlier today in the form of a joint advisory authored by the FBI, CISA, NSA, the... 4. Hackers exploit critical flaw in Ninja Forms WordPress plugin Source: Bleeping Computer A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution. Identified as CVE-2026-0740, the issue is currently exploited in attacks. According to... 5. Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs Source: The Hacker News Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers (PLCs), cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to... 6. Russia Hacked Routers to Steal Microsoft Office Tokens Source: Krebs on Security Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon... 7. Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access Source: The Hacker News A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The vulnerability, tracked as CVE-2026-34040 (CVSS score: 8.8), stems from an incomplete fix for... 8. N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust Source: The Hacker News The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and PHP ecosystems. "The threat actor's packages were designed to impersonate legitimate developer tooling [...], while...

NOW PLAYING

Apr 08, 2026 · #20

0:00 4:25

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Security Brief Daily?

This episode is 4 minutes long.

When was this Security Brief Daily episode published?

This episode was published on April 8, 2026.

What is this episode about?

Episode 20 — 08 Apr 2026 1. Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins Source: Bleeping Computer An international operation from law enforcement authorities in partnership with private companies has disrupted...

Can I download this Security Brief Daily episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!