EPISODE · Apr 25, 2026 · 4 MIN
Apr 25, 2026 · #37
from Security Brief Daily · host Security Brief Daily
Episode 37 — 25 Apr 2026 1. ADT confirms data breach after ShinyHunters leak threat Source: Bleeping Computer Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. In a statement shared today, the company said it detected unauthorized access to customer and prospective customer data on April... 2. Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks Source: Bleeping Computer Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver. Zimbra is a popular email and collaboration software suite... 3. Firestarter malware survives Cisco firewall updates, security patches Source: Bleeping Computer Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or Firepower Threat Defense (FTD) software. The backdoor has been attributed... 4. CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active... 5. New BlackFile extortion group linked to surge of vishing attacks Source: Bleeping Computer A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality organizations since February 2026. The group, also tracked as CL-CRI-1116, UNC6671 , and Cordial Spider , is... 6. Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2 Source: The Hacker News Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code (VS Code) tunnels for remote access.... 7. CISA, National Cyber Security Centre (NCSC) UK, and Global Partners Issue Advisory on Chinese Government-Linked Covert Cyber Networks Source: CISA News Official websites use .gov A .gov website belongs to an official government organization in the United States. Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on... 8. UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware Source: The Hacker News A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts. "As with many other intrusions in recent years, UNC6692 relied heavily on...
What this episode covers
Episode 37 — 25 Apr 2026 1. ADT confirms data breach after ShinyHunters leak threat Source: Bleeping Computer Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. In a statement shared today, the company said it detected unauthorized access to customer and prospective customer data on April... 2. Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks Source: Bleeping Computer Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw, according to nonprofit security organization Shadowserver. Zimbra is a popular email and collaboration software suite... 3. Firestarter malware survives Cisco firewall updates, security patches Source: Bleeping Computer Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or Firepower Threat Defense (FTD) software. The backdoor has been attributed... 4. CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active... 5. New BlackFile extortion group linked to surge of vishing attacks Source: Bleeping Computer A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality organizations since February 2026. The group, also tracked as CL-CRI-1116, UNC6671 , and Cordial Spider , is... 6. Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2 Source: The Hacker News Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code (VS Code) tunnels for remote access.... 7. CISA, National Cyber Security Centre (NCSC) UK, and Global Partners Issue Advisory on Chinese Government-Linked Covert Cyber Networks Source: CISA News Official websites use .gov A .gov website belongs to an official government organization in the United States. Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on... 8. UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware Source: The Hacker News A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts. "As with many other intrusions in recent years, UNC6692 relied heavily on...
NOW PLAYING
Apr 25, 2026 · #37
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.