Breaking News – Cyber Threats (last 6h)
Generated: 2026-04-15 17:00 PDT
- Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying
Graham Cluley • 2026-04-15 16:24 • grahamcluley.com
A hacking group claims to have broken into the flood defence system protecting Venice’s Piazza San Marco – and is offering to sell access to whoever wants it. The asking price? A frankly insulting $600.Meanwhile, Anthropic accidentally leaked the source code for Claude Code via a basic packaging mistake. Oh, and by the way, they’ve also just revealed they’ve built an AI model called Mythos that can find and chain together software vulnerabilities faster than any human. Sleep well.
All this and more in episode 463 of the “Smashing Security” podcast with cybersecurity expert and keynote sp…
https://grahamcluley.com/smashing-security-podcast-463/ - Critical Nginx UI auth bypass flaw now actively exploited in the wild
BleepingComputer • 2026-04-15 15:35 • www.bleepingcomputer.com
A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication. […]
https://www.bleepingcomputer.com/news/security/critical-nginx-ui-auth-bypass-flaw-now-actively-exploited-in-the-wild/ - New AgingFly malware used in attacks on Ukraine govt, hospitals
BleepingComputer • 2026-04-15 14:57 • www.bleepingcomputer.com
A new malware family named ‘AgingFly’ has been identified in attacks against local governments and hospitals that steal authentication data from Chromium-based browsers and WhatsApp messenger. […]
https://www.bleepingcomputer.com/news/security/new-agingfly-malware-used-in-attacks-on-ukraine-govt-hospitals/ - WordPress plugin suite hacked to push malware to thousands of sites
BleepingComputer • 2026-04-15 13:33 • www.bleepingcomputer.com
More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows unauthorized access to websites running them. […]
https://www.bleepingcomputer.com/news/security/wordpress-plugin-suite-hacked-to-push-malware-to-thousands-of-sites/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
