Apr 10, 2026 · #22 episode artwork

EPISODE · Apr 10, 2026 · 4 MIN

Apr 10, 2026 · #22

from Security Brief Daily · host Security Brief Daily

Episode 22 — 10 Apr 2026 1. Hackers exploiting Acrobat Reader zero-day flaw since December Source: Bleeping Computer Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December. The attacks have been discovered by security researcher Haifei Li (the founder of the sandbox-based exploit-detection platform EXPMON), who... 2. Healthcare IT solutions provider ChipSoft hit by ransomware attack Source: Bleeping Computer Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. ChipSoft is a large provider of Electronic Health Record (EHR) systems in the... 3. Smart Slider updates hijacked to push malicious WordPress, Joomla versions Source: Bleeping Computer Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version with multiple backdoors. The developer says that only the Pro version 3.5.1.35 of the plugin is affected and recommends switching immediately to the... 4. Hackers use pixel-large SVG trick to hide credit card stealer Source: Bleeping Computer A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code in a pixel-sized Scalable Vector Graphics (SVG) image. When clicking the checkout button, the victim is shown a convincing overlay that can validate... 5. Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region Source: The Hacker News An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA), according to findings from Access Now, Lookout, and... 6. Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices Source: The Hacker News Cybersecurity researchers have lifted the curtain on a stealthy botnet that's designed for distributed denial-of-service (DDoS) attacks. Called Masjesu, the botnet has been advertised via Telegram as a DDoS-for-hire service since it first surfaced in 2023. It's capable of... 7. APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies Source: The Hacker News The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented malware suite codenamed PRISMEX. "PRISMEX combines advanced steganography,... 8. New ‘LucidRook’ malware used in targeted attacks on NGOs, universities Source: Bleeping Computer A new Lua-based malware, called LucidRook, is being used in spear-phishing campaigns targeting non-governmental organizations and universities in Taiwan. Cisco Talos researchers attribute the malware to a threat group tracked internally as UAT-10362, who they describe as a...

Episode 22 — 10 Apr 2026 1. Hackers exploiting Acrobat Reader zero-day flaw since December Source: Bleeping Computer Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December. The attacks have been discovered by security researcher Haifei Li (the founder of the sandbox-based exploit-detection platform EXPMON), who... 2. Healthcare IT solutions provider ChipSoft hit by ransomware attack Source: Bleeping Computer Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. ChipSoft is a large provider of Electronic Health Record (EHR) systems in the... 3. Smart Slider updates hijacked to push malicious WordPress, Joomla versions Source: Bleeping Computer Hackers hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla, and pushed a malicious version with multiple backdoors. The developer says that only the Pro version 3.5.1.35 of the plugin is affected and recommends switching immediately to the... 4. Hackers use pixel-large SVG trick to hide credit card stealer Source: Bleeping Computer A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code in a pixel-sized Scalable Vector Graphics (SVG) image. When clicking the checkout button, the victim is shown a convincing overlay that can validate... 5. Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region Source: The Hacker News An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa (MENA), according to findings from Access Now, Lookout, and... 6. Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices Source: The Hacker News Cybersecurity researchers have lifted the curtain on a stealthy botnet that's designed for distributed denial-of-service (DDoS) attacks. Called Masjesu, the botnet has been advertised via Telegram as a DDoS-for-hire service since it first surfaced in 2023. It's capable of... 7. APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies Source: The Hacker News The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented malware suite codenamed PRISMEX. "PRISMEX combines advanced steganography,... 8. New ‘LucidRook’ malware used in targeted attacks on NGOs, universities Source: Bleeping Computer A new Lua-based malware, called LucidRook, is being used in spear-phishing campaigns targeting non-governmental organizations and universities in Taiwan. Cisco Talos researchers attribute the malware to a threat group tracked internally as UAT-10362, who they describe as a...

NOW PLAYING

Apr 10, 2026 · #22

0:00 4:15

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Security Brief Daily?

This episode is 4 minutes long.

When was this Security Brief Daily episode published?

This episode was published on April 10, 2026.

What is this episode about?

Episode 22 — 10 Apr 2026 1. Hackers exploiting Acrobat Reader zero-day flaw since December Source: Bleeping Computer Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at...

Can I download this Security Brief Daily episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!