#exploitation

8 articles

APT28 (Fancy Bear) was the most frequently cited threat actor across nine articles published between April 12 and April 28, 2026, which covered exploitation activity targeting defense, enterprise software, government, and technology sectors globally. The coverage highlighted four specific vulnerabilities: CVE-2026-42208 (CVSS 9.8), CVE-2026-21643 (CVSS 9.1), CVE-2026-34197 (CVSS 8.8), CVE-2023-22515, and CVE-2023-34048. The severity mix comprised two critical, six high, and one informational report.

LiteLLM CVE-2026-42208 Pre-Auth SQLi Exploited in Attacks

CRITICAL

VulnerabilitiesApr 28, 2026

LiteLLM CVE-2026-42208 Pre-Auth SQLi Exploited in Attacks

Attackers exploit CVE-2026-42208, a critical pre-authentication SQL injection in LiteLLM LLM gateway, to steal API keys and model data. CVSS 9.8. No patch yet.

CVE-2026-42208

3 min read

AI-Powered Vulnerability Discovery Accelerates Exploit Timelines, Strains

HIGH

AI SecurityApr 19, 2026

AI-Powered Vulnerability Discovery Accelerates Exploit Timelines, Strains

Qualys warns that AI agents like Claude Mythos can cut vulnerability discovery time from months to hours, compressing the patch window and overwhelming security teams with a surge of new CVEs.

3 min read

Apache ActiveMQ Vulnerability Exploited, Added to CISA KEV Catalog

HIGH

VulnerabilitiesApr 17, 2026

Apache ActiveMQ Vulnerability Exploited, Added to CISA KEV Catalog

A high-severity flaw in Apache ActiveMQ Classic, CVE-2026-34197 (CVSS 8.8), is under active exploitation, prompting CISA to add it to its Known Exploited Vulnerabilities catalog and mandate patching for federal agencies.

CVE-2026-34197

3 min read

CISA Flags Six Actively Exploited Flaws in Fortinet, Microsoft, Adobe

HIGH

VulnerabilitiesApr 14, 2026

CISA Flags Six Actively Exploited Flaws in Fortinet, Microsoft, Adobe

CISA added six vulnerabilities in Fortinet, Microsoft, and Adobe software to its Known Exploited Vulnerabilities catalog, warning of active in-the-wild attacks requiring urgent patching.

CVE-2026-21643

3 min read

Adobe Patches Acrobat Zero-Day Exploited via Malicious PDFs for Months

CRITICAL

VulnerabilitiesApr 13, 2026

Adobe Patches Acrobat Zero-Day Exploited via Malicious PDFs for Months

Adobe patches CVE-2024-34102, a critical zero-day vulnerability in Acrobat and Reader exploited via malicious PDFs for at least four months prior to discovery.

CVE-2024-34102

4 min read

Fancy Bear APT Exploits Unpatched Flaws in Global Espionage Campaign

HIGH

Threat IntelApr 13, 2026

Fancy Bear APT Exploits Unpatched Flaws in Global Espionage Campaign

Russia's APT28 (Fancy Bear) is conducting a global cyber espionage campaign, exploiting unpatched vulnerabilities in routers and network devices to infiltrate government and defense targets.

3 min readAPT28 (Fancy Bear)

SANS Stormcast: Exploits Target Ivanti, Fortinet, and VMware Flaws

HIGH

Threat IntelApr 13, 2026

SANS Stormcast: Exploits Target Ivanti, Fortinet, and VMware Flaws

The SANS Internet Storm Center reports active exploitation of vulnerabilities in Ivanti, Fortinet, and VMware products, alongside a new phishing campaign using malicious OneNote attachments.

CVE-2024-21893CVE-2024-22024CVE-2023-34048+3

4 min read

Metasploit Framework Expands with Cisco, osTicket Exploits and LDAP Enhancements

INFORMATIONAL

Tools & TechniquesApr 12, 2026

Metasploit Framework Expands with Cisco, osTicket Exploits and LDAP Enhancements

The latest Metasploit Framework release introduces exploit modules for Cisco Catalyst SD-WAN and osTicket, alongside significant improvements to LDAP/ADCS data collection and Windows persistence techniques.

3 min read

Stay Updated

Get the latest cybersecurity news delivered to your inbox.