Latest news

Critical SAP SQL Injection CVE-2026-27681 (CVSS 9.9) Exposes Financial Data in Business Planning and Warehouse Systems
Vulnerability

Critical SAP SQL Injection CVE-2026-27681 (CVSS 9.9) Exposes Financial Data in Business Planning and Warehouse Systems

19 April 2026 dark6

SAP's April 2026 Patch Day addresses CVE-2026-27681, a near-perfect CVSS 9.9 SQL injection flaw in SAP Business Planning and Consolidation...
Read more 0
ShinyHunters Breaches Rockstar Games via Supply Chain Attack: 80 Million Records Ransomed, Data Leaked After Deadline
Ransomware

ShinyHunters Breaches Rockstar Games via Supply Chain Attack: 80 Million Records Ransomed, Data Leaked After Deadline

19 April 2026 dark6

ShinyHunters compromised Rockstar Games through a supply chain attack on third-party analytics provider Anodot, stealing 80 million records from Snowflake...
Read more 0
CyberAv3ngers: Iran-Linked IRGC Hackers Target Rockwell PLCs Across U.S. Critical Infrastructure
Malware

CyberAv3ngers: Iran-Linked IRGC Hackers Target Rockwell PLCs Across U.S. Critical Infrastructure

19 April 2026 dark6

A joint CISA advisory warns that Iran-linked CyberAv3ngers (IRGC-CEC) are actively exploiting internet-exposed Rockwell Automation PLCs across U.S. water, energy,...
Read more 0
Three Windows Defender Zero-Days Exploited in the Wild: BlueHammer Patched, RedSun and UnDefend Still Unpatched
Vulnerability

Three Windows Defender Zero-Days Exploited in the Wild: BlueHammer Patched, RedSun and UnDefend Still Unpatched

19 April 2026 dark6

A security researcher dropped three Windows Defender zero-day exploits in 13 days — BlueHammer (CVE-2026-33825), RedSun, and UnDefend. All three...
Read more 0
Booking.com Data Breach Exposes Customer Reservation Details, Raising Phishing Risk for Travellers
Databreach

Booking.com Data Breach Exposes Customer Reservation Details, Raising Phishing Risk for Travellers

18 April 2026 dark6

Booking.com has notified customers of a data breach that exposed names, addresses, email addresses, phone numbers, and full reservation details....
Read more 0
APT28 Deploys New PRISMEX Malware Suite Against Ukraine and NATO in Sophisticated Espionage Campaign
Malware

APT28 Deploys New PRISMEX Malware Suite Against Ukraine and NATO in Sophisticated Espionage Campaign

18 April 2026 dark6

Russia's APT28 (Fancy Bear) has launched a new campaign deploying the previously undocumented PRISMEX malware framework, which uses steganography, COM...
Read more 0
CISA Adds Apache ActiveMQ CVE-2026-34197 to KEV Catalog as Active Exploitation Surges
Vulnerability

CISA Adds Apache ActiveMQ CVE-2026-34197 to KEV Catalog as Active Exploitation Surges

18 April 2026 dark6

CISA has added CVE-2026-34197, a high-severity (CVSS 8.8) deserialization flaw in Apache ActiveMQ Classic, to its Known Exploited Vulnerabilities catalog...
Read more 0
Microsoft April 2026 Patch Tuesday: Actively Exploited SharePoint Zero-Day Among 167 Fixes
Vulnerability

Microsoft April 2026 Patch Tuesday: Actively Exploited SharePoint Zero-Day Among 167 Fixes

18 April 2026 dark6

Microsoft's April 2026 Patch Tuesday patches 167 vulnerabilities including an actively exploited SharePoint Server zero-day (CVE-2026-32201) and a publicly disclosed...
Read more 0
Chime Faces Class Action Lawsuit Over April 2026 Data Breach: Complaint Claims It ‘Could Have Been Prevented’
Databreach

Chime Faces Class Action Lawsuit Over April 2026 Data Breach: Complaint Claims It ‘Could Have Been Prevented’

17 April 2026 dark6

A class action lawsuit filed against neobank Chime Financial alleges the company 'lost control' of customer payment and personal data...
Read more 0
CERT-UA Exposes APT Malware Campaign Targeting Eastern European Governments and Municipal Hospitals
Malware

CERT-UA Exposes APT Malware Campaign Targeting Eastern European Governments and Municipal Hospitals

17 April 2026 dark6

Ukraine's CERT-UA has disclosed a sophisticated infostealer campaign targeting government bodies and municipal healthcare institutions across Eastern Europe. The malware...
Read more 0
CVE-2026-39987: Marimo RCE Zero-Day Exploited Within 10 Hours of Disclosure — 662 Attacks Recorded
Vulnerability

CVE-2026-39987: Marimo RCE Zero-Day Exploited Within 10 Hours of Disclosure — 662 Attacks Recorded

17 April 2026 dark6

A critical unauthenticated RCE vulnerability in the Marimo Python notebook framework (CVE-2026-39987) was actively exploited just 10 hours after public...
Read more 0
BLACKWATER Ransomware Debuts with Devastating Strike on Major Turkish Hospital Network, Claims 3.3 TB Stolen
Ransomware

BLACKWATER Ransomware Debuts with Devastating Strike on Major Turkish Hospital Network, Claims 3.3 TB Stolen

17 April 2026 dark6

A newly emerged ransomware group called BLACKWATER has claimed its first major victim: Medical Park Hospitals Group in Turkey, with...
Read more 0