{"data":[{"id":2020581,"title":"Device code phishing attacks surge 37x as new kits spread online","link":"https://www.bleepingcomputer.com/news/security/device-code-phishing-attacks-surge-37x-as-new-kits-spread-online/","summary":"Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37 times this year.","source":"BleepingComputer","category":"Phishing","vendor":null,"published_at":"2026-04-04T14:17:38.000Z","created_at":"2026-04-04 14:20:11","sector":null,"mitre_techniques":[{"id":"T1566","name":"Phishing","tactic":"Initial Access"}],"iocs":null,"vendors_all":null,"dedup_hash":"9dea763c4b9abbfc","entities_processed":1,"tlp":"WHITE"},{"id":2021480,"title":"FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)","link":"https://www.helpnetsecurity.com/2026/04/04/forticlient-ems-zero-day-cve-2026-35616/","summary":"Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wil...","source":"Help Net Security","category":"Zero-Day","vendor":"Fortinet","published_at":"2026-04-04T14:09:54.000Z","created_at":"2026-04-04 14:20:12","sector":"Media","mitre_techniques":null,"iocs":{"cves":["CVE-2026-35616"]},"vendors_all":["Fortinet"],"dedup_hash":"96bacc55f5a3be3c","entities_processed":1,"tlp":"WHITE"},{"id":1999415,"title":"European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack","link":"https://www.securityweek.com/european-commission-confirms-data-breach-linked-to-trivy-supply-chain-attack/","summary":"Hackers stole over 300GB of data from the Commission’s AWS environment, including personal information. The post European Commission Confirms Data Breach Lin...","source":"SecurityWeek","category":"Data Breach","vendor":"Amazon","published_at":"2026-04-04T10:31:00.000Z","created_at":"2026-04-04 10:35:45","sector":"Manufacturing","mitre_techniques":[{"id":"T1195","name":"Supply Chain Compromise","tactic":"Initial Access"}],"iocs":null,"vendors_all":["Amazon"],"dedup_hash":"223dccae8407c3cc","entities_processed":1,"tlp":"WHITE"},{"id":1983077,"title":"Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers","link":"https://gbhackers.com/hackers-launch-social-engineering-offensive-against-key-node-js/","summary":"Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targ...","source":"GBHackers","category":"Data Breach","vendor":"Apple","published_at":"2026-04-04T08:57:16.000Z","created_at":"2026-04-04 08:58:30","sector":"Manufacturing","mitre_techniques":[{"id":"T1204","name":"User Execution","tactic":"Execution"},{"id":"T1195","name":"Supply Chain Compromise","tactic":"Initial Access"}],"iocs":null,"vendors_all":["Apple"],"dedup_hash":"43b933ab3a6025b0","entities_processed":1,"tlp":"WHITE"},{"id":1981377,"title":"European Commission breach exposed data of 30 EU entities, CERT-EU says","link":"https://securityaffairs.com/190333/security/european-commission-breach-exposed-data-of-30-eu-entities-cert-eu-says.html","summary":"CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commi...","source":"Security Affairs","category":"Data Breach","vendor":null,"published_at":"2026-04-04T08:45:04.000Z","created_at":"2026-04-04 08:51:40","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"fd6a9ef01451815f","entities_processed":1,"tlp":"WHITE"},{"id":1964485,"title":"Top 10 Best Privileged Access Management (PAM) Solutions 2026","link":"https://gbhackers.com/privileged-access-management/","summary":"In the dynamic and increasingly complex cybersecurity landscape of 2026, privileged accounts remain the most coveted targets for cybercriminals and malicious...","source":"GBHackers","category":"General","vendor":null,"published_at":"2026-04-04T06:19:18.000Z","created_at":"2026-04-04 06:25:09","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"cb13108f9cb1dd26","entities_processed":1,"tlp":"WHITE"},{"id":1963268,"title":"Top 10 Best Identity And Access Management (IAM) Companies 2026","link":"https://gbhackers.com/best-iam-companies/","summary":"In the rapidly evolving digital landscape of 2026, Identity and Access Management (IAM) has transcended its traditional role to become the foundational pilla...","source":"GBHackers","category":"General","vendor":null,"published_at":"2026-04-04T05:57:20.000Z","created_at":"2026-04-04 06:10:09","sector":"Technology","mitre_techniques":[{"id":"T1598","name":"Phishing for Information","tactic":"Reconnaissance"}],"iocs":null,"vendors_all":null,"dedup_hash":"932275b283a55e5d","entities_processed":1,"tlp":"WHITE"},{"id":1959185,"title":"LinkedIn Hidden Code Secretly Scans Users’ Computers for Installed Software","link":"https://gbhackers.com/linkedin-hidden-code-secretly-scans-users-computers/","summary":"A new investigation by Fairlinked e.V.","source":"GBHackers","category":"General","vendor":"Microsoft","published_at":"2026-04-04T05:28:14.000Z","created_at":"2026-04-04 05:31:28","sector":"Transportation","mitre_techniques":null,"iocs":null,"vendors_all":["Microsoft"],"dedup_hash":"3f27b6e6a40b6e96","entities_processed":1,"tlp":"WHITE"},{"id":1956631,"title":"Anthropic Ends Claude Subscription Access for Third-Party Tools Like OpenClaw","link":"https://gbhackers.com/anthropic-ends-claude-subscription-access-for-openclaw/","summary":"Anthropic has officially shut down third-party AI agent access to its Claude subscription services, pulling the plug on unauthorized external integrations. T...","source":"GBHackers","category":"General","vendor":null,"published_at":"2026-04-04T04:57:40.000Z","created_at":"2026-04-04 05:01:28","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"3d32fbc4d876c089","entities_processed":1,"tlp":"WHITE"},{"id":1899865,"title":"Elastic Security Integrations Roundup: Q1 2026","link":"https://www.elastic.co/security-labs/elastic-security-integrations-roundup-q1-2026","summary":"Elastic Security Labs announces nine new integrations for Elastic Security spanning cloud security, endpoint visibility, email threat detection, identity and...","source":"Elastic Security Labs","category":"General","vendor":null,"published_at":"2026-04-04T00:00:00.000Z","created_at":"2026-04-03 21:17:48","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"7ed67636d258ce67","entities_processed":1,"tlp":"WHITE"},{"id":1906906,"title":"When an Attacker Meets a Group of Agents: Navigating Amazon Bedrock's Multi-Agent Applications","link":"https://unit42.paloaltonetworks.com/amazon-bedrock-multiagent-applications/","summary":"Unit 42 research on multi-agent AI systems on Amazon Bedrock reveals new attack surfaces and prompt injection risks. Learn how to secure your AI applications.","source":"Unit 42","category":"General","vendor":"Amazon","published_at":"2026-04-03T22:00:38.000Z","created_at":"2026-04-03 22:07:30","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":["Amazon"],"dedup_hash":"38d44d02f2122004","entities_processed":1,"tlp":"WHITE"},{"id":1909107,"title":"Breaking the trade-off: Full email security without deployment friction","link":"https://www.scworld.com/resource/breaking-the-trade-off-full-email-security-without-deployment-friction","summary":"How API-based security is redefining email protection in the face of escalating human risk.","source":"SC Media","category":"General","vendor":null,"published_at":"2026-04-03T21:36:49.000Z","created_at":"2026-04-03 22:21:06","sector":"Financial","mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"a3f49b1cfe80ff27","entities_processed":1,"tlp":"WHITE"},{"id":1898509,"title":"Friday Squid Blogging: Jurassic Fish Chokes on Squid","link":"https://www.schneier.com/blog/archives/2026/04/friday-squid-blogging-jurassic-fish-chokes-on-squid.html","summary":"Here’s a fossil of a 150-million year old fish that choked to death on a belemnite rostrum: the hard, internal shell of an extinct, squid-like animal. Origin...","source":"Schneier on Security","category":"General","vendor":null,"published_at":"2026-04-03T21:07:06.000Z","created_at":"2026-04-03 21:08:06","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"3cd107fd80cd87f3","entities_processed":1,"tlp":"WHITE"},{"id":1900218,"title":"DexterBot, Darksword, Eviltokens, Tubular Bells, Claude, Drift, Gmail, Josh Marpet... - SWN #569","link":"https://www.scworld.com/podcast-segment/14992-dexterbot-darksword-eviltokens-tubular-bells-claude-drift-gmail-josh-marpet-swn-569","summary":"","source":"SC Media","category":"General","vendor":null,"published_at":"2026-04-03T21:00:00.000Z","created_at":"2026-04-03 21:17:49","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"b1626a44a619ced1","entities_processed":1,"tlp":"WHITE"},{"id":1894301,"title":"LinkedIn secretely scans for 6,000+ Chrome extensions, collects data","link":"https://www.bleepingcomputer.com/news/security/linkedin-secretely-scans-for-6-000-plus-chrome-extensions-collects-data/","summary":"A new report dubbed \"BrowserGate\" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed ...","source":"BleepingComputer","category":"General","vendor":"Microsoft","published_at":"2026-04-03T20:40:22.000Z","created_at":"2026-04-03 20:47:47","sector":"Transportation","mitre_techniques":null,"iocs":null,"vendors_all":["Microsoft","Google","Oracle"],"dedup_hash":"567fff325cfc768b","entities_processed":1,"tlp":"WHITE"},{"id":2020582,"title":"LinkedIn secretly scans for 6,000+ Chrome extensions, collects data","link":"https://www.bleepingcomputer.com/news/security/linkedin-secretly-scans-for-6-000-plus-chrome-extensions-collects-data/","summary":"A new report dubbed \"BrowserGate\" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed ...","source":"BleepingComputer","category":"General","vendor":"Microsoft","published_at":"2026-04-03T20:40:22.000Z","created_at":"2026-04-04 14:20:11","sector":"Transportation","mitre_techniques":null,"iocs":null,"vendors_all":["Microsoft","Google","Oracle"],"dedup_hash":"ca2a51c432b4c6e5","entities_processed":1,"tlp":"WHITE"},{"id":1900219,"title":"Stryker back online after cyberattack","link":"https://www.scworld.com/brief/stryker-back-online-after-cyberattack","summary":"BleepingComputer reports that major U.S.","source":"SC Media","category":"Campaigns","vendor":null,"published_at":"2026-04-03T20:25:27.000Z","created_at":"2026-04-03 21:17:49","sector":"Healthcare","mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"bf70533d855548ed","entities_processed":1,"tlp":"WHITE"},{"id":1900220,"title":"Over 257K compromised in Texas hospital hack","link":"https://www.scworld.com/brief/over-257k-compromised-in-texas-hospital-hack","summary":"Texas-based Nacogdoches Memorial Hospital had personal and medical information from 257,073 patients stolen following a cyberattack in January, Cybernews rep...","source":"SC Media","category":"General","vendor":null,"published_at":"2026-04-03T20:23:22.000Z","created_at":"2026-04-03 21:17:49","sector":"Healthcare","mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"fc0dc92a76c3e92b","entities_processed":1,"tlp":"WHITE"},{"id":1900221,"title":"Brokk purportedly hacked by Play ransomware, data leaked","link":"https://www.scworld.com/brief/brokk-purportedly-hacked-by-play-ransomware-data-leaked","summary":"Brokk, a leading Swedish global remote-controlled demolition machinery manufacturer, had a 4 GB dataset allegedly stolen from its systems exposed by the Russ...","source":"SC Media","category":"Data Breach","vendor":null,"published_at":"2026-04-03T20:22:27.000Z","created_at":"2026-04-03 21:17:49","sector":"Transportation","mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"7e6bc611d18ef578","entities_processed":1,"tlp":"WHITE"},{"id":1900222,"title":"Malicious LNK files, GitHub leveraged in South Korea-targeted malware campaign","link":"https://www.scworld.com/brief/malicious-lnk-files-github-leveraged-in-south-korea-targeted-malware-campaign","summary":"Infosecurity Magazine reports that Windows users across South Korea have been subjected to attacks involving illicit LNK files that trigger multi-stage compr...","source":"SC Media","category":"Campaigns","vendor":"Microsoft","published_at":"2026-04-03T20:20:52.000Z","created_at":"2026-04-03 21:17:49","sector":"Transportation","mitre_techniques":null,"iocs":null,"vendors_all":["Microsoft","GitHub"],"dedup_hash":"b439f8bc884aea29","entities_processed":1,"tlp":"WHITE"}],"pagination":{"page":1,"limit":20,"total":2405,"pages":121}}