Tag: 2026-04-23

Attack reports, vulnerabilities, indicators and intrusion sets linked to 2026-04-23.

Vulnerabilities (187)

• CVE-2026-41679
• CVE-2026-35431
• CVE-2026-33819
• CVE-2026-41228
• CVE-2026-40472
• CVE-2026-40470
• CVE-2026-39440
• CVE-2025-50229
• CVE-2026-41268
• CVE-2026-31175
• CVE-2025-62373
• CVE-2026-29198
• CVE-2026-31181
• CVE-2026-31178
• CVE-2026-31177
• CVE-2026-39087
• CVE-2026-3844
• CVE-2026-6919
• CVE-2026-6920
• CVE-2026-40471
• CVE-2026-24303
• CVE-2026-41137
• CVE-2026-41274
• CVE-2026-6942
• CVE-2026-26210

Attack reports (14)

• Trigona Affiliates Deploy Custom Exfiltration Tool to Streamline Data Theft · Published 01/05/2026 19:53 · Modified 04/05/2026 14:32
• DinDoor Backdoor: Deno Runtime Abuse and 20 Active C2 Servers · Published 23/04/2026 14:16 · Modified 27/04/2026 14:52
• GopherWhisper: A burrow full of malware · Published 23/04/2026 16:37 · Modified 27/04/2026 14:45
• Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware … · Published 23/04/2026 19:25 · Modified 27/04/2026 14:43
• Crypto Drainers as a Converging Threat: Insights into Emerging Hybrid Attack Ecosystems · Published 23/04/2026 21:25 · Modified 27/04/2026 14:41
• Hold the Phone! International Revenue Share Fraud Driven by Fake CAPTCHAs · Published 23/04/2026 21:25 · Modified 27/04/2026 14:39
• Analyzing a Full ClickFix Attack Chain - Part 1 · Published 23/04/2026 14:31 · Modified 27/04/2026 14:37
• Foxit Impersonation: Fake PDF Installer Deploys VNC · Published 23/04/2026 11:02 · Modified 27/04/2026 14:37
• Indirect Prompt Injection in the Wild: 10 IPI Payloads Found · Published 23/04/2026 11:02 · Modified 27/04/2026 14:36
• Beyond PowerShell: Analyzing the Multi-Action ClickFix Variant · Published 23/04/2026 03:26 · Modified 27/04/2026 14:32
• Unmasking DPRK Cyber Threat Actors: Fake IT Worker Infrastructure · Published 23/04/2026 05:27 · Modified 27/04/2026 14:32
• Analyzing a Malicious Compiled HTML Help File Delivering Agent Tesla · Published 23/04/2026 03:27 · Modified 27/04/2026 14:32
• Phishing Attack via Adobe-Themed Lure Delivering ScreenConnect and Credential Harvesting Tools · Published 23/04/2026 08:27 · Modified 27/04/2026 14:31
• Malicious Campaign Deploying AdaptixC2 Beacon and VS Code via Trojanized SumatraPDF · Published 23/04/2026 08:30 · Modified 27/04/2026 14:31