EPISODE · Apr 20, 2026 · 3 MIN
Apr 20, 2026 · #32
from Security Brief Daily · host Security Brief Daily
Episode 32 — 20 Apr 2026 1. Vercel confirms breach as hackers claim to be selling stolen data Source: Bleeping Computer Update 4/19/26: Added additional information from Vercel that was disclosed after publishing. Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data. Vercel is a cloud... 2. Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials Source: The Hacker News Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to "certain" internal Vercel systems. The incident stemmed from the compromise of Context.ai, a third-party artificial intelligence (AI) tool, that was used... 3. Payouts King ransomware uses QEMU VMs to bypass endpoint security Source: Bleeping Computer The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on compromised systems and bypass endpoint security. QEMU is an open-source CPU emulator and system virtualization tool that allows users to run operating systems... 4. Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched Source: The Hacker News Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires... 5. Grinex exchange blames "Western intelligence" for $13.7M crypto hack Source: Bleeping Computer Kyrgyzstan-based cryptocurrency exchange Grinex has suspended its operations after suffering a $13.7 million hack attributed to Western intelligence agencies. The funds were stolen from cryptocurrency wallets belonging to Russian users, as the platform enables crypto-ruble... 6. Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet Source: The Hacker News Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices... 7. Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems Source: The Hacker News Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by Darktrace, highlighting its ability to set up persistence,... 8. $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims Source: The Hacker News Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The exchange said it fell victim to what it described as a...
What this episode covers
Episode 32 — 20 Apr 2026 1. Vercel confirms breach as hackers claim to be selling stolen data Source: Bleeping Computer Update 4/19/26: Added additional information from Vercel that was disclosed after publishing. Cloud development platform Vercel has disclosed a security incident after threat actors claimed to have breached its systems and are attempting to sell stolen data. Vercel is a cloud... 2. Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials Source: The Hacker News Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to "certain" internal Vercel systems. The incident stemmed from the compromise of Context.ai, a third-party artificial intelligence (AI) tool, that was used... 3. Payouts King ransomware uses QEMU VMs to bypass endpoint security Source: Bleeping Computer The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on compromised systems and bypass endpoint security. QEMU is an open-source CPU emulator and system virtualization tool that allows users to run operating systems... 4. Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched Source: The Hacker News Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires... 5. Grinex exchange blames "Western intelligence" for $13.7M crypto hack Source: Bleeping Computer Kyrgyzstan-based cryptocurrency exchange Grinex has suspended its operations after suffering a $13.7 million hack attributed to Western intelligence agencies. The funds were stolen from cryptocurrency wallets belonging to Russian users, as the platform enables crypto-ruble... 6. Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet Source: The Hacker News Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices... 7. Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems Source: The Hacker News Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by Darktrace, highlighting its ability to set up persistence,... 8. $13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims Source: The Hacker News Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The exchange said it fell victim to what it described as a...
NOW PLAYING
Apr 20, 2026 · #32
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.