📰 Dev.to · BeyondMachines

Signature Healthcare's Brockton Hospital was forced to divert ambulances and cancel chemotherapy treatments after a cybersecurity incident on April 6, 2026, tri

OpenClaw patched eight vulnerabilities, including a critical privilege escalation flaw (CVE-2026-33579) that allows attackers to gain full administrative contro

Flowise is facing active exploitation of CVE-2025-59528, a critical vulnerability that allows attackers to execute arbitrary JavaScript and take full control of

Google's April 2026 Android Security Bulletin patches a zero-interaction denial-of-service vulnerability in the Framework and a high-severity hardware flaw in t

Omax Autos Ltd, an Indian auto parts manufacturer, restored its IT systems by April 3, 2026, following a ransomware attack that targeted its infrastructure but

Anthropic's Claude Code AI agent contains a security bypass that allows attackers to evade deny rules by padding shell commands with over 50 subcommands. This f

Dgraph disclosed a critical authentication bypass vulnerability (CVE-2026-34976) in its administrative API that allows unauthenticated attackers to overwrite da

During the week of March 30–April 6, 2026, cybersecurity activity included 11 vulnerability advisories (featuring actively exploited zero-days in Citrix, Fortin

A coordinated supply chain attack involving 36 malicious npm packages targeted the cryptocurrency platform Guardarian to steal database credentials and wallet k

DocketWise, a cloud-based immigration case management provider, disclosed a data breach affecting 116,666 individuals after unauthorized actors used stolen cred

The Hong Kong Hospital Authority reported a data breach affecting at least 56,000 patients after unauthorized data retrieval occurred during contractor maintena

Fortinet has released emergency hotfix for an actively exploited critical zero-day vulnerability (CVE-2026-35616) in FortiClient EMS that allows unauthenticated

The Education Authority of Northern Ireland's C2K school system suffered a cyber attack that forced the entire network offline and triggered a mandatory passwor

The Uffizi Galleries in Italy suffered a cyberattack on February 1, 2025, involving an alleged infiltration of IT systems and a ransom demand sent to the direct

Cornick, Garber & Sandler, LLP disclosed a data breach affecting 5,864 individuals after unauthorized actors accessed its network for over a month in early 2025

Progress Software patched two critical vulnerabilities (CVE-2026-2699 and CVE-2026-2701) in ShareFile Storage Zones Controller that allow unauthenticated attack

Adobe's helpdesk system was allegedly breached by a threat actor who exploited a third-party BPO provider to exfiltrate 13 million support tickets and 15,000 em

On April 2, 2026, a phishing campaign targeting Balkans-region businesses was identified, using a local language fake invoice email with a spoofed attachment im

Research published on browsergate.eu reports that LinkedIn silently scans visitors' Chromium-based browsers for over 6,000 installed extensions, revealing indic

XZ Utils version 5.8.3 addresses a critical buffer overflow (CVE-2026-34743) and a 32-bit memory access flaw affecting versions 5.0.0 and later. Although develo

Hims & Hers confirmed a data breach where attackers used social engineering to access a customer support platform, exposing names, contact details, and treatmen

ComTec Systems, Inc. suffered a data breach and alleged ransomware attack by the PEAR group, resulting in the theft of sensitive personal information from its n

China-nexus attackers exploited a zero-day vulnerability (CVE-2026-3502) in TrueConf's update mechanism to deploy the Havoc C2 framework across Southeast Asian

Cisco patched a critical authentication bypass (CVE-2026-20093) in its Integrated Management Controller that allows unauthenticated attackers to gain Admin acce