Episode 21 — 09 Apr 2026
1. Hackers use pixel-large SVG trick to hide credit card stealer
Source: Bleeping Computer
A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code in a pixel-sized Scalable Vector Graphics (SVG) image. When clicking the checkout button, the victim is shown a convincing overlay that can validate...
2. CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
Source: Bleeping Computer
CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January. Tracked as CVE-2026-1340 , this critical-severity code injection flaw...
3. 13-year-old bug in ActiveMQ lets hackers remotely execute commands
Source: Bleeping Computer
Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone undetected for 13 years and could be exploited to execute arbitrary commands. The flaw was uncovered using the Claude AI assistant, which identified an exploit...
4. Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins
Source: Bleeping Computer
An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials. The Russian threat group APT28,...
5. Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
Source: The Hacker News
Cybersecurity researchers have lifted the curtain on a stealthy botnet that's designed for distributed denial-of-service (DDoS) attacks. Called Masjesu, the botnet has been advertised via Telegram as a DDoS-for-hire service since it first surfaced in 2023. It's capable of...
6. APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
Source: The Hacker News
7. Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
Source: The Hacker News
Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers (PLCs), cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to...
8. Russia Hacked Routers to Steal Microsoft Office Tokens
Source: Krebs on Security
Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon...
