Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-22 03:00 PDT
- Microsoft releases emergency patches for critical ASP.NET flaw
BleepingComputer • 2026-04-22 01:08 • www.bleepingcomputer.com
Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-security-updates-for-critical-aspnet-flaw/ - Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
The Hacker News • 2026-04-22 00:58 • thehackernews.com
Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related to India’s banking sector.
“The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations, and session management, indicating a continued espionage-focused capability set rather than
https://thehackernews.com/2026/04/mustang-pandas-new-lotuslite-variant.html - Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
The Hacker News • 2026-04-22 00:16 • thehackernews.com
A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution.
The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system.
“Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal,” according to
https://thehackernews.com/2026/04/cohere-ai-terrarium-sandbox-flaw.html - Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks
BleepingComputer • 2026-04-21 23:53 • www.bleepingcomputer.com
Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being abused in ongoing attacks. […]
https://www.bleepingcomputer.com/news/security/over-1-300-microsoft-sharepoint-servers-vulnerable-to-ongoing-attacks/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
