SecurityWeek Briefing

- April 29, 2026

"Fresh LiteLLM vulnerability exploited shortly after disclosed."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 29 April 2026, 2200 UTC.

Content and Source provided by email subscription from https://feedly.com.

https://feedly.com/i/subscription/content/feed%2Fhttp%3A%2F%2Ffeeds.feedburner.com%2FSecurityweek

Please check subscription link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

SecurityWeek

97K followers46 articles per week
#security #tech
70

Today

Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure
CVE-2026-42208
•
by Ionut Arghire / 8h
The vulnerability allows attackers to read data from a LiteLLM proxy’s database and potentially modify it. The post appeared first on SecurityWeek .
Hundreds of Internet-Facing VNC Servers Expose ICS/OT
6 TTPs
•
by Eduard Kovacs / 9h
Forescout has identified tens of thousands of exposed RDP and VNC servers that can be mapped to specific industries. The post appeared first on SecurityWeek .
Checkmarx Confirms Data Stolen in Supply Chain Attack
6 TTPs
•
by Ionut Arghire / 10h
•
Checkmarx KICS Docker images compromised
The hackers exfiltrated the data from Checkmarx’s GitHub environment on March 30, a week after publishing malicious code. The post appeared first on SecurityWeek .
Iranian Cyber Group Handala Targets US Troops in Bahrain
6 TTPs
•
by Ionut Arghire / 11h
•
Handala claims access to US Navy identities
US service members received WhatsApp messages claiming they would be targeted with drones and missiles. The post appeared first on SecurityWeek .

Yesterday

38 Vulnerabilities Found in OpenEMR Medical Software
3 TTPs
•
by Eduard Kovacs / 12h
Some of the vulnerabilities discovered by Aisle can be exploited to access and alter sensitive patient information. The post appeared first on SecurityWeek .
Chrome 147, Firefox 150 Security Updates Rolling Out
2 TTPs
•
by Ionut Arghire / 12h
The browser refreshes resolve critical and high-severity vulnerabilities that could lead to arbitrary code execution. The post appeared first on SecurityWeek .
Critical GitHub Vulnerability Exposed Millions of Repositories
5 TTPs
•
by Eduard Kovacs / 15h
The remote code execution flaw CVE-2026-3854 was found to impact GitHub.com and GitHub Enterprise Server. The post appeared first on SecurityWeek .
Cyber Insurance Data Gives CISOs New Ammo for Budget Talks
by Kevin Townsend / 1d
Boards may ignore alerts, but they listen to losses: new data from Resilience links security gaps directly to financial impact. The post appeared first on SecurityWeek .
Vimeo Confirms User and Customer Data Breach
3 TTPs
•
by Eduard Kovacs / 1d
•
Vimeo data breach via Anodot
The ShinyHunters group is threatening to leak stolen files unless Vimeo agrees to pay a ransom. The post appeared first on SecurityWeek .
The Mythos Moment: Enterprises Must Fight Agents with Agents
by Etay Maor / 1d
Only with the right platform and an agentic, AI-driven defense, will enterprises be able to protect themselves in the agentic era. The post appeared first on SecurityWeek .
Webinar Today: A Step-by-Step Approach to AI Governance
by SecurityWeek News / 1d
Join the webinar to explore a practical, multi-layered roadmap to transition from fragmented AI usage to a governed, scalable ecosystem. The post appeared first on SecurityWeek .
Robinhood Vulnerability Exploited for Phishing Attacks
8 TTPs
•
by Eduard Kovacs / 1d
•
Robinhood customers targeted by phishing
Legitimate-looking emails coming from Robinhood systems lured recipients to phishing websites. The post appeared first on SecurityWeek .
Alleged Chinese State Hacker Extradited to US
Italy extradites Chinese hacker Xu Zewei
•
by Ionut Arghire / 1d
A member of Silk Typhoon, Xu Zewei is accused of launching cyberattacks against universities in the US. The post appeared first on SecurityWeek .
Dozens of Open VSX Extension Clones Linked to GlassWorm Malware
4 TTPs
•
by Ionut Arghire / 1d
•
GlassWorm campaign activates 73 extensions
Over 70 cloned Open VSX extensions are likely sleeper extensions designed to distribute malware. The post appeared first on SecurityWeek .
Sevii Launches Cyber Swarm Defense to Make Agentic AI Security Costs Predictable
by Kevin Townsend / 1d
Agentic AI can be expensive to use, causing further and unpredictable pressure on tight budgets. The post appeared first on SecurityWeek .
Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety
2 TTPs
•
by Eduard Kovacs / 1d
Vulnerabilities in Zero Motorcycles electric motorcycles and Yadea electric scooters can pose physical security and safety risks. The post appeared first on SecurityWeek .
No Patch for New PhantomRPC Privilege Escalation Technique in Windows
5 TTPs
•
by Ionut Arghire / 1d
A fake RPC server can be used to listen for RPC requests and impersonate the target service to elevate privileges to System. The post appeared first on SecurityWeek .
Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials
3 TTPs
•
by Associated Press / 1d
•
German politicians targeted by phishing
Federal prosecutors have been conducting a preliminary investigation since mid-February 2026 into alleged cyberattacks on Signal accounts. The post appeared first on SecurityWeek .

Apr 27, 2026

Spectrum Security Emerges From Stealth Mode With $19 Million
Spectrum Security raises 19M seed
•
by Ionut Arghire / 1d
The threat detection startup will invest in accelerating its engineering and go-to-market efforts. The post appeared first on SecurityWeek .
Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak
3 TTPs
•
by Eduard Kovacs / 1d
•
Medtronic reports cybersecurity breach issues
The ShinyHunters cybercrime group claimed to have stolen 9 million records containing personal information from Medtronic. The post appeared first on SecurityWeek .
Incomplete Windows Patch Opens Door to Zero-Click Attacks
4 TTPs
•
by Ionut Arghire / 2d
The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries. The post appeared first on SecurityWeek .
OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years
by Ionut Arghire / 2d
A code reuse issue enabled comma characters in certificate principals to be interpreted as list separators. The post appeared first on SecurityWeek .
Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google
AI prompt injection threats rise
•
by Eduard Kovacs / 2d
The tech giant found that many indirect prompt injection attempts are harmless, but some malicious exploits have also been identified. The post appeared first on SecurityWeek .
Energy and Water Management Firm Itron Hacked
2 TTPs
•
by Eduard Kovacs / 2d
•
Itron reports cybersecurity incident
Itron, which serves utilities and cities around the world, discovered unauthorized access to its systems on April 13. The post appeared first on SecurityWeek .
UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware
24 TTPs
•
by Ionut Arghire / 2d
The threat actor infected victims with the Snow malware family – Snowbelt, Snowglaze, and Snowbasin – for persistent access. The post appeared first on SecurityWeek .
Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access
Privilege Escalation (Enterprise TA0004)
•
by Ionut Arghire / 2d
•
CVE-2026-41651
A race condition in PackageKit allows unprivileged users to escalate privileges when installing packages. The post appeared first on SecurityWeek .

Apr 26, 2026

US Launches Sweeping Crackdown on Southeast Asia Cyberscams and Sanctions Cambodian Senator
US cracks down on Southeast Asia cyberscams
•
by Associated Press / 2d
US conducts sweeping crackdown on Southeast Asian cyberscam operations as part of what officials say is a “new theater of war”. The post appeared first on SecurityWeek .
Firefox Vulnerability Allows Tor User Fingerprinting
by Eduard Kovacs / 2d
The vulnerability is tracked as CVE-2026-6770 and it has been patched with the release of Firefox 150 and Tor 15.0.10. The post appeared first on SecurityWeek .

Apr 25, 2026

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks
10 TTPs
•
by Ionut Arghire / 4d
•
GopherWhisper targets Mongolian government systems
Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors. The post appeared first on SecurityWeek .

Apr 24, 2026

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions
5 TTPs
•
by Ionut Arghire / 5d
It targeted high-precision calculation software to tamper with results and packed a self-propagation mechanism. The post appeared first on SecurityWeek .
In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device
by SecurityWeek News / 5d
Other noteworthy stories that might have slipped under the radar: Supreme Court hacker sentenced, Lovable exposed user data, Google expands enterprise security. The post appeared first on SecurityWeek .
Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents
by Torsten George / 5d
From autonomous code generation to decision-making systems that initiate actions without human intervention, the industry is entering a new phase. The post appeared first on SecurityWeek .
Locked Shields 2026: 41 Nations Strengthen Cyber Resilience in World’s Biggest Exercise
Locked Shields 2026 enhances global cyber
•
by Eduard Kovacs / 5d
Locked Shields has grown significantly over the past 16 years, with only four nations participating in the first edition. The post appeared first on SecurityWeek .
US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor
Persistence (Enterprise TA0003)
•
by Ionut Arghire / 5d
The malware provides remote access and control of infected devices and maintains post-patching persistence. The post appeared first on SecurityWeek .
Trump Administration Vows Crackdown on Chinese Companies ‘Exploiting’ AI Models Made in US
US warns of China AI thefts
•
by Associated Press / 5d
The Trump administration is vowing to crack down on foreign tech companies’ exploitation of U.S. artificial intelligence models. The post appeared first on SecurityWeek .

Comments