MuddyWater-Linked APT Campaign Scanned 12,000+ Systems Before Striking Middle East Critical Infrastructure

Latest news

Malware

MuddyWater-Linked APT Campaign Scanned 12,000+ Systems Before Striking Middle East Critical Infrastructure

16 April 2026 dark6

Iran-linked threat group MuddyWater is behind a sophisticated espionage campaign that scanned over 12,000 systems in the Middle East before...

Read more 0

Cybercrime

Fake Ledger Live App on Apple’s Mac App Store Steals $9.5 Million in Crypto from 50+ Victims

16 April 2026 dark6

A counterfeit Ledger Live app remained live on Apple's Mac App Store for two weeks, tricking users into entering their...

Read more 0

Vulnerability

Critical Fortinet FortiClient EMS Vulnerability CVE-2026-21643 Actively Exploited — CISA Demands Patch Today

16 April 2026 dark6

CISA has added CVE-2026-21643, a critical pre-authentication SQL injection flaw in Fortinet FortiClient EMS (CVSS 9.1), to its Known Exploited...

Read more 0

Databreach

Booking.com Confirms Data Breach: Reservation Data and Personal Details of Customers Exposed

16 April 2026 dark6

Booking.com has confirmed hackers accessed customer reservation data including names, addresses, phone numbers, and booking details. Security experts warn the...

Read more 0

Databreach

ShinyHunters Breaches Rockstar Games via Third-Party Vendor, Threatens to Leak GTA VI Contracts

15 April 2026 dark6

ShinyHunters has breached Rockstar Games by exploiting authentication tokens from third-party analytics vendor Anodot to access Snowflake data warehouses. The...

Read more 0

Vulnerability

Adobe Acrobat Zero-Day CVE-2026-34621: Four Months of Targeted Espionage via Prototype Pollution Exploit

15 April 2026 dark6

Adobe patched a critical zero-day in Acrobat Reader (CVE-2026-34621) that was exploited for at least four months via a sophisticated...

Read more 0

Vulnerability

Microsoft April 2026 Patch Tuesday: 163 CVEs Including Two Zero-Days and a Public “BlueHammer” Exploit

15 April 2026 dark6

Microsoft's April 2026 Patch Tuesday addresses 163 CVEs, including an actively exploited SharePoint spoofing zero-day (CVE-2026-32201) and a publicly leaked...

Read more 0

Vulnerability

Google Patches Actively Exploited Chrome Zero-Day CVE-2026-5281 — CISA Deadline Hits Today

15 April 2026 dark6

Google has patched a high-severity use-after-free zero-day in Chrome's WebGPU implementation (CVE-2026-5281) that is actively exploited in the wild. CISA...

Read more 0

Databreach

European Commission Suffers 91.7 GB Cloud Data Breach via Trivy Supply-Chain Compromise

14 April 2026 dark6

CERT-EU has documented a cloud breach at the European Commission stemming from a supply-chain compromise in the Trivy container scanner....

Read more 0

Ransomware

ShinyHunters Claims Amtrak Breach: 9.4 Million Salesforce Records Allegedly Stolen

14 April 2026 dark6

The ShinyHunters extortion group claims to have stolen 9.4 million records from Amtrak's Salesforce environment, posting data samples as proof....

Read more 0

Vulnerability

Critical Marimo Python Notebook Zero-Day (CVE-2026-39987) Exploited Within 10 Hours of Disclosure

14 April 2026 dark6

A critical pre-authentication RCE vulnerability (CVE-2026-39987, CVSS 9.3) in the popular Marimo Python notebook platform was weaponised within 10 hours...

Read more 0

Ransomware

ChipSoft Ransomware Attack Cripples Netherlands Healthcare Systems, Exposing 13 Million Support Tickets

14 April 2026 dark6

A ransomware attack on ChipSoft, a major Dutch healthcare software provider, has exposed 13 million support tickets, 15,000 employee records,...

Read more 0