Episode 34 — 22 Apr 2026
1. Microsoft releases emergency patches for critical ASP.NET flaw
Source: Bleeping Computer
Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. The security flaw (tracked as CVE-2026-40372 ) was found in the ASP.NET Core Data Protection cryptographic APIs, and it could allow unauthenticated...
2. Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks
Source: Bleeping Computer
Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being abused in ongoing attacks. The security flaw, tracked as CVE-2026-32201 , affects SharePoint Enterprise Server 2016,...
3. CISA flags new SD-WAN flaw as actively exploited in attacks
Source: Bleeping Computer
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given government agencies four days to secure their systems against another Catalyst SD-WAN Manager vulnerability it flagged as actively exploited in attacks. Catalyst SD-WAN Manager (formerly known as...
4. Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
Source: Bleeping Computer
Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability. Apache ActiveMQ is the most popular open-source multi-protocol message broker...
5. Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
Source: The Hacker News
A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system. "Sandbox escape vulnerability in Terrarium...
6. ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
Source: Krebs on Security
A 24-year-old British national and senior member of the cybercrime group “ Scattered Spider ” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022...
7. SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
Source: The Hacker News
A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as CVE-2026-5760, carries a CVSS score of 9.8 out of 10.0. It has been described as a case...
8. Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles
Source: The Hacker News
Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that's distributed via a theme related to India's banking sector. "The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell...
