Cyber Threat Brief

By Carolina Clear Tech, LLC

Your daily cybersecurity briefing. Vulnerabilities, ransomware, threat actors, and patches that matter, explained for IT professionals and business leaders protecting small and mid-sized organizations... more

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Cyber Threat Brief:

How many episodes does Cyber Threat Brief have?

The podcast currently has 74 episodes available.

Cyber Threat Brief episodes:

April 14, 20262026-04-14: CISA added 7 actively exploited vulnerabilities to the KEV catalog
Show Notes - 2026-04-14
Stories Covered
Today:
Adobe Acrobat/Reader Zero-Day (CVE-2026-34621) [Critical Alerts]
Cisco FMC Zero-Day Exploited by Interlock Ransomware (CVE-2026-20131) [Critical Alerts]
CISA KEV Additions (7 vulnerabilities, April 27 deadline) [Critical Alerts]
Silent Ransom Group Targeting Law Firms [Ransomware & Extortion]
Medusa Ransomware via Exchange Vulnerabilities [Ransomware & Extortion]
Rockstar Games Data Breach via Anodot/Snowflake [Business & Infrastructure Threats]
wolfSSL Certificate Verification Flaw (CVE-2026-5194) [Business & Infrastructure Threats]
OpenAI Certificate Rotation After Axios Supply Chain Attack [Business & Infrastructure Threats]
Storm Infostealer: Server-Side Decryption Model [Business & Infrastructure Threats]
Linux Foundation Social Engineering via Fake Slack Account [Business & Infrastructure Threats]
Anthropic's Claude Mythos: AI-Powered Vulnerability Discovery [General Security News]
JanelaRAT Malware Targets Latin American Banks [General Security News]
ShowDoc RCE Flaw (CVE-2025-0520) Actively Exploited [General Security News]
EncystPHP Webshell Scans Targeting FreePBX [General Security News]
March 2026 CVE Landscape: 31 High-Impact Vulnerabilities [Vulnerability Disclosures]
Fortinet FortiClient EMS SQL Injection (CVE-2026-21643) [Vulnerability Disclosures]
CVEs Referenced
CVE-2012-1854, CVE-2017-7921, CVE-2020-9715, CVE-2023-21529, CVE-2023-36424, CVE-2025-0520, CVE-2025-60710, CVE-2026-20131, CVE-2026-21643, CVE-2026-27483, CVE-2026-27944, CVE-2026-34621, CVE-2026-5194
Indicators of Compromise
Domains:
sites[.]google
IP Addresses:
2.26.97.61, 160.119.76.250, 45.95.147.178
Read the full brief
...more
24min
April 13, 20262026-04-13: Critical Marimo RCE exploited within 10 hours of disclosure
Show Notes - 2026-04-13
Stories Covered
Today:
Marimo pre-auth RCE (CVE-2026-39987) [Critical Alerts]
OpenAI macOS Certificate Revocation After Axios Supply Chain Attack [Business & Infrastructure Threats]
Mailbox Rules as Post-Exploitation Persistence in Microsoft 365 [Business & Infrastructure Threats]
PlugX RAT Distributed via Fake Claude Website [Business & Infrastructure Threats]
JanelaRAT Targets Latin American Financial Institutions [Ransomware & Extortion]
France Migrates from Windows to Linux for Digital Sovereignty [General Security News]
Gmail End-to-End Encryption for Mobile Enterprise Users [General Security News]
Linux 7.0 Released with Official Rust Support [General Security News]
Anthropic Mythos AI Model for Zero-Day Discovery [General Security News]
CVEs Referenced
CVE-2026-39987
Indicators of Compromise
IP Addresses:
0.0.0.0
Read the full brief
...more
12min
April 12, 20262026-04-12: Adobe patches actively exploited Acrobat Reader zero-day CVE-2026-34621 with evidence of
Show Notes - 2026-04-12
Stories Covered
Today:
Adobe Acrobat Reader Zero-Day CVE-2026-34621 [Critical Alerts]
Brockton Hospital Anubis Ransomware Attack [Ransomware & Extortion]
Supply Chain Attacks Target Trivy Scanner and Axios Library [Business & Infrastructure Threats]
CPUID Website Breach Distributes STX RAT via Trojanized CPU-Z Downloads [Business & Infrastructure Threats]
Operation Atlantic Identifies 20,000 Cryptocurrency Fraud Victims [General Security News]
Microsoft Security Update Guide CVEs [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-34621, CVE-2026-34757, CVE-2026-35206, CVE-2026-39853, CVE-2026-39855, CVE-2026-39856, CVE-2026-40226
Read the full brief
...more
11min
April 11, 20262026-04-11: Marimo Python notebook flaw CVE-2026-39987 exploited within 10 hours of disclosure
Show Notes - 2026-04-11
Stories Covered
Today:
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure [Critical Alerts]
CPUID Hacked to Deliver Malware via CPU-Z, HWMonitor Downloads [Critical Alerts]
Silent Ransom Group Leaked Orrick Law Firm After $1M Offer Rejected [Ransomware & Extortion]
Lotte Card Faces $3M Penalty, 4-Month Business Suspension Over Data Breach [Ransomware & Extortion]
Analysis of One Billion CISA KEV Remediation Records Exposes Limits of Human-Scale Security [General Security News]
Anthropic's Mythos AI Can Find Zero-Days 72% of the Time [General Security News]
FCC Foreign-Made Router Policy Faces Industry Pushback [General Security News]
Go Language Multiple CVEs [Vulnerability Disclosures]
Microsoft Edge Chromium CVEs [Vulnerability Disclosures]
CVE-2026-33119 Microsoft Edge for Android Spoofing Vulnerability [Vulnerability Disclosures]
CVE-2026-4878 Libcap Privilege Escalation [Vulnerability Disclosures]
OpenTelemetry-Go CVEs [Vulnerability Disclosures]
CVE-2026-28389 OpenSSL NULL Dereference [Vulnerability Disclosures]
CVE-2026-35611 Addressable Regular Expression DoS [Vulnerability Disclosures]
CVE-2026-24302 Azure Arc Elevation of Privilege [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-24302, CVE-2026-27140, CVE-2026-27143, CVE-2026-27144, CVE-2026-28389, CVE-2026-28810, CVE-2026-29181, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-33119, CVE-2026-33810, CVE-2026-35611, CVE-2026-39882, CVE-2026-39987, CVE-2026-4878, CVE-2026-5869, CVE-2026-5871, CVE-2026-5876, CVE-2026-5883, CVE-2026-5884, CVE-2026-5886, CVE-2026-5888, CVE-2026-5889, CVE-2026-5891, CVE-2026-5893, CVE-2026-5894, CVE-2026-5896, CVE-2026-5899
Read the full brief
...more
17min
April 10, 20262026-04-10: Adobe Reader zero-day active since December delivers targeted payloads through malicious PDFs
Show Notes - 2026-04-10
Stories Covered
Today:
Adobe Reader Zero-Day Exploited Since December 2025 [Critical Alerts]
Apache ActiveMQ 13-Year RCE Chain Bypasses Authentication (CVE-2026-34197) [Critical Alerts]
ChipSoft Healthcare IT Provider Offline After Ransomware Attack [Ransomware & Extortion]
FBI Reports $17.7 Billion in Cyber Fraud Losses for 2025 [Ransomware & Extortion]
Storm-2755 Payroll Diversion Campaign Targets Canadian Employees (CVE-2025-27152) [Business & Infrastructure Threats]
VENOM PhaaS Targets C-Suite Executives with QR Code Phishing [Business & Infrastructure Threats]
Microsoft Locks Out VeraCrypt and WireGuard Developers Without Warning [Business & Infrastructure Threats]
Phorpiex Botnet Resurges with Hybrid P2P Communication [Business & Infrastructure Threats]
LA City Attorney's Office Hacked, 7.7TB of Sensitive Data Leaked [Business & Infrastructure Threats]
FleetWave Car Fleet Management Platform Disrupted by Cyberattack [Business & Infrastructure Threats]
When MFA Fails: Credential Exposure Enables Session Hijacking [Windows / AD Security]
BlueHammer Windows Zero-Day Released After Microsoft Disclosure Dispute [Windows / AD Security]
UAT-10362 Targets Taiwan NGOs with LucidRook Malware [General Security News]
EngageLab SDK Intent Redirection Exposed 30M Crypto Wallet Users [General Security News]
Obfuscated JavaScript Drops Formbook via Multi-Stage Loader [General Security News]
Shadow AI Creates Uncontrolled Data Exposure and Attack Surface [General Security News]
China National Supercomputing Center Hacked, Petabytes of Military Data Leaked [General Security News]
GPL Odorizers GPL750 Modbus Manipulation (CVE-2026-4436) [Vulnerability Disclosures]
Contemporary Controls BASC 20T Network Sniffing (CVE-2025-13926) [Vulnerability Disclosures]
Microsoft AppArmor and Sleuth Kit CVEs [Vulnerability Disclosures]
CVEs Referenced
CVE-2022-41678, CVE-2024-32114, CVE-2025-13926, CVE-2025-27152, CVE-2026-23403, CVE-2026-23411, CVE-2026-34197, CVE-2026-39881, CVE-2026-40024, CVE-2026-40026, CVE-2026-4436
Indicators of Compromise
Domains:
bluegraintours[.]com
IP Addresses:
169.40.2.68
Read the full brief
...more
19min
April 09, 20262026-04-09: CISA adds actively exploited Ivanti EPMM flaw to KEV catalog with today's deadline
Show Notes - 2026-04-09
Stories Covered
April 9, 2026
Today:
Ivanti EPMM Code Injection (CVE-2026-1340) [Critical Alerts]
Adobe Reader Zero-Day Exploited Since December [Critical Alerts]
TeamPCP Supply Chain: Cisco Breach via Trivy, KEV Deadline Arrives (CVE-2026-33634) [Critical Alerts]
Source: [Ransomware Claims (Last 48h)]
Dutch Healthcare Vendor ChipSoft Hit by Ransomware [Ransomware & Extortion]
Iran-Linked Pay2Key Targets US Healthcare with Destructive Intent [Ransomware & Extortion]
13-Year-Old Apache ActiveMQ RCE Discovered by AI (CVE-2026-34197) [Business & Infrastructure Threats]
Russian GRU APT28 Exploits Routers for DNS Hijacking (CVE-2023-50224) [Business & Infrastructure Threats]
APT28 Deploys PRISMEX Malware Targeting Ukraine and NATO Allies [Windows / AD Security]
Cisco Talos: Using Year in Review for Incident Response Tabletops [General Security News]
AWS Bedrock AgentCore "God Mode" IAM Privilege Escalation [General Security News]
CUPS and Avahi Denial of Service Vulnerabilities [Vulnerability Disclosures]
OpenSSL and ONNX Vulnerabilities [Vulnerability Disclosures]
Libinput Plugin Vulnerability [Vulnerability Disclosures]
CVEs Referenced
CVE-2016-3088, CVE-2023-46604, CVE-2023-50224, CVE-2024-32114, CVE-2026-1340, CVE-2026-21509, CVE-2026-21513, CVE-2026-28387, CVE-2026-28388, CVE-2026-31789, CVE-2026-31790, CVE-2026-33634, CVE-2026-34197, CVE-2026-34445, CVE-2026-34446, CVE-2026-34933, CVE-2026-35093, CVE-2026-39314
Read the full brief
...more
20min
April 08, 20262026-04-08: Russian military intelligence exploited 18,000 routers worldwide to steal Microsoft credentials
Show Notes - 2026-04-08
Stories Covered
Today:
Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems [Critical Alerts]
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure (CVE-2021-22681) [Critical Alerts]
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign (CVE-2023-50224) [Critical Alerts]
BlueHammer: Zero-Day Windows Exploit Released by Researcher After Microsoft MSRC Dispute [Critical Alerts]
Max Severity Flowise RCE Vulnerability Actively Exploited (CVE-2025-59528, CVE-2025-8943, CVE-2025-26319) [Critical Alerts]
Storm-1175 Deploys Medusa Ransomware at High Velocity [Ransomware & Extortion]
NightSpire Ransomware IOCs and Affiliate Model Analysis [Ransomware & Extortion]
Hundreds of Organizations Compromised Daily in Microsoft Device Code Phishing Attacks [Business & Infrastructure Threats]
FBI: Americans Lost $21 Billion to Cybercrime in 2025 [Business & Infrastructure Threats]
LucidRook Malware Targets Taiwanese Organizations via Spear-Phishing [Business & Infrastructure Threats]
Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign [Business & Infrastructure Threats]
Microsoft Rolls Out Fix for Broken Windows Start Menu Search [Windows / AD Security]
Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox [General Security News]
Financial Cyberthreats in 2025: Infostealers and Dark Web Economy [General Security News]
Webshell Scanning Activity from Microsoft Azure IP Addresses [General Security News]
Hackers Exploit Critical Flaw in Ninja Forms WordPress Plugin (CVE-2026-0740) [Vulnerability Disclosures]
Docker CVE-2026-34040 Bypasses Authorization and Gains Host Access [Vulnerability Disclosures]
Mitsubishi Electric GENESIS64 and ICONICS Suite Products (CVE-2025-14815, CVE-2025-14816) [Vulnerability Disclosures]
Snowflake Customers Hit in Data Theft Attacks After SaaS Integrator Breach [Vulnerability Disclosures]
CVEs Referenced
CVE-2021-22681, CVE-2023-50224, CVE-2024-41110, CVE-2025-14815, CVE-2025-14816, CVE-2025-26319, CVE-2025-59528, CVE-2025-8943, CVE-2026-0740, CVE-2026-34040
Indicators of Compromise
IP Addresses:
77.110.96.200, 20.48.232.178, 20.215.65.23, 51.12.84.116, 51.103.130.249
Read the full brief
...more
25min
April 07, 20262026-04-07: China-backed Storm-1175 is weaponizing zero-days to deploy Medusa ransomware against healthcare and
Show Notes - 2026-04-07
Stories Covered
April 7, 2026
Today:
China-Linked Storm-1175 Exploits Zero-Days to Deploy Medusa Ransomware [Critical Alerts]
Fortinet FortiClient EMS Zero-Day Under Active Exploitation (CVE-2026-35616) [Critical Alerts]
Chrome Zero-Day (CVE-2026-5281) Actively Exploited [Critical Alerts]
TrueConf Zero-Day (CVE-2026-3502) Exploited in Government Attacks [Critical Alerts]
German Authorities Identify REvil and GandCrab Leaders [Ransomware & Extortion]
Jones Day Law Firm Confirms Breach After Silent Ransom Group Attack [Ransomware & Extortion]
Iran-Linked Pay2Key Ransomware Returns with Upgraded Tactics [Ransomware & Extortion]
Axios npm Package Compromised by North Korean Hackers (UNC1069) [Business & Infrastructure Threats]
AI-Enabled Device Code Phishing Campaign [Business & Infrastructure Threats]
Iran-Linked Password Spraying Campaign Targets Microsoft 365 [Business & Infrastructure Threats]
Qilin and Warlock Ransomware Use BYOVD to Disable 300+ EDR Tools [Business & Infrastructure Threats]
Flowise AI Platform Under Active Exploitation (CVE-2025-59528) [Vulnerability Disclosures]
Windows Privilege Escalation Zero-Day (BlueHammer) Leaked [Vulnerability Disclosures]
GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips [Vulnerability Disclosures]
Gritman Medical Center Reopens After Cybersecurity Incident [General Security News]
Maine House Advances Bill to Strengthen Hospital Cybersecurity [General Security News]
Microsoft Fixes Classic Outlook Bug Causing Email Delivery Issues [General Security News]
CVEs Referenced
CVE-2023-27350, CVE-2023-27351, CVE-2023-46805, CVE-2024-1708, CVE-2024-1709, CVE-2024-21887, CVE-2024-27198, CVE-2024-27199, CVE-2024-57726, CVE-2024-57727, CVE-2024-57728, CVE-2025-10035, CVE-2025-26319, CVE-2025-31324, CVE-2025-59528, CVE-2025-8943, CVE-2026-1731, CVE-2026-21643, CVE-2026-23760, CVE-2026-3502, CVE-2026-35616, CVE-2026-5281
Read the full brief
...more
22min
April 06, 20262026-04-06: Fortinet pushed an emergency weekend patch for CVE-2026-35616
Show Notes - 2026-04-06
Stories Covered
2026-04-06
Today:
Fortinet FortiClient EMS Zero-Day Under Active Exploitation (CVE-2026-35616) [Critical Alerts]
Mass Credential Theft via React2Shell Next.js Exploit (CVE-2025-55182) [Critical Alerts]
Cisco Exploit Developer Burned by Forum Marketplace Dynamics (CVE-2026-20045) [Critical Alerts]
Germany Unmasks REvil Leaders Behind 130 Ransomware Attacks [Ransomware & Extortion]
Do Ransomware Gangs Keep Their Promises to Delete Data? [Ransomware & Extortion]
Cambodia Passes Life Imprisonment Law for Scam Compound Operators [Ransomware & Extortion]
$285M Drift Hack Attributed to Six-Month DPRK Social Engineering Operation [Ransomware & Extortion]
Trellix Launches "Dark Web Roast" to Demystify Cybercriminals [Business & Infrastructure Threats]
Open Redirect Used in 21% of Q1 2026 Phishing Campaigns [Business & Infrastructure Threats]
Traffic Violation Scams Switch to QR Codes [Business & Infrastructure Threats]
AI Agent Liability Remains Unclear as Vendors Push Automation [General Security News]
CBP Facility Codes Leaked via Public Quizlet Flashcards [General Security News]
Anthropic Claude Code Source Leak Creates IPO Headache [General Security News]
Fortinet FortiClient EMS (CVE-2026-35616, CVE-2026-21643) [Vulnerability Disclosures]
Next.js React2Shell (CVE-2025-55182) [Vulnerability Disclosures]
Cisco RCE (CVE-2026-20045) [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-55182, CVE-2026-20045, CVE-2026-21643, CVE-2026-35616
Read the full brief
...more
15min
April 05, 20262026-04-05: Fortinet's FortiClient EMS faces its second critical zero-day in weeks (CVE-2026-35616
Show Notes - 2026-04-05
Stories Covered
Today:
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS [Critical Alerts]
Axios npm Hack Used Fake Teams Error Fix to Hijack Maintainer Account [Ransomware & Extortion]
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants [Ransomware & Extortion]
European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack [Ransomware & Extortion]
Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk [Ransomware & Extortion]
Device Code Phishing Attacks Surge 37x as New Kits Spread Online [Business & Infrastructure Threats]
LinkedIn Secretly Scans for 6,000+ Chrome Extensions, Collects Data [Business & Infrastructure Threats]
Claude Code Leak Used to Push Infostealer Malware on GitHub [Business & Infrastructure Threats]
'Serious Cyberattack' Impacts Phones, Public Safety Systems in Several Massachusetts Towns [Business & Infrastructure Threats]
UK: School IT System Targeted in Cyber Attack Ahead of Exam Season [Business & Infrastructure Threats]
Hong Kong Hospital Authority Apologises for Data Breach Involving 56,000 Patients [Business & Infrastructure Threats]
The Breach Lasted 25 Minutes. How Long Will the Litigation Last? [Business & Infrastructure Threats]
Ex-Microsoft Engineer Believes Azure Problems Stem from Talent Exodus [General Security News]
Microsoft Security Update Guide (Linux/Open Source CVEs) [Vulnerability Disclosures]
Microsoft Security Update Guide (Kernel CVEs) [Vulnerability Disclosures]
CVE-2026-35414 [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-21643, CVE-2026-23442, CVE-2026-23444, CVE-2026-23468, CVE-2026-23472, CVE-2026-23473, CVE-2026-27447, CVE-2026-27456, CVE-2026-31394, CVE-2026-34978, CVE-2026-34979, CVE-2026-34980, CVE-2026-34990, CVE-2026-35414, CVE-2026-35616
Read the full brief
...more
18min

FAQs about Cyber Threat Brief:

How many episodes does Cyber Threat Brief have?

The podcast currently has 74 episodes available.