Cybersecurity 21 February 2026 - 18 April 2026

Microsoft Defender Zero-Day Attacks Hit Windows as Two Flaws Remain Unpatched
···

Microsoft Defender Zero-Day Attacks Hit Windows as Two Flaws Remain Unpatched

Hackers exploited three Microsoft Defender flaws—BlueHammer, RedSun, and UnDefend—in at least one real-world attack, Huntress reported. Microsoft patched BlueHammer (CVE-2026-33825) this week, but RedSun and UnDefend remain unpatched. Attackers staged the exploit tools after breaching a system via a FortiGate VPN. The identities of the attackers and the targeted organization have not been disclosed.
April 18, 2026
New Chrome Privacy Reports Raise Fingerprinting Fears as Edge, Firefox and Brave Offer Built-In Defenses
···

New Chrome Privacy Reports Raise Fingerprinting Fears as Edge, Firefox and Brave Offer Built-In Defenses

Google Chrome faced renewed privacy criticism Friday after reports highlighted its lack of built-in defenses against browser fingerprinting, a technique that can track users through device details. Chrome holds 66.7% of the global browser market, according to Statcounter. Rivals like Firefox and Brave offer default fingerprinting protections. Google maintains Chrome is “secure by default” but does not block fingerprinting by default.
April 17, 2026
Fake Windows 11 24H2 Update Warning: Avoid This Lookalike Download as Microsoft Rolls Out April Patch
···

Fake Windows 11 24H2 Update Warning: Avoid This Lookalike Download as Microsoft Rolls Out April Patch

Malwarebytes warned Windows users about a fake Windows 11 24H2 update distributed through a lookalike Microsoft support page, designed to steal passwords and payment data. The alert came as Microsoft released its real April security update, which fixes 167 bugs, including two zero-days. The fake installer used a typosquatted domain and evaded antivirus detection. Microsoft advised users to update only through official channels.
April 15, 2026
Microsoft Patches BlueHammer Windows Zero-Day Flaw in Defender After Public Leak
···

Microsoft Patches BlueHammer Windows Zero-Day Flaw in Defender After Public Leak

Microsoft patched CVE-2026-33825, a Microsoft Defender privilege-escalation flaw linked to the BlueHammer exploit, in its April Patch Tuesday update. The bug allowed attackers with local access to gain SYSTEM privileges. Proof-of-concept code appeared online April 3 after a disclosure dispute. Microsoft credited Zen Dodd and Yuanpei Xu for discovery and said automatic updates protect most users.
April 15, 2026
Adobe rushes emergency Acrobat Reader patch after months-long PDF zero-day attacks
···

Adobe rushes emergency Acrobat Reader patch after months-long PDF zero-day attacks

Adobe released emergency patches for Acrobat and Reader after attackers exploited CVE-2026-34621, a PDF flaw abused for at least four months. U.S. authorities added the bug to CISA’s Known Exploited Vulnerabilities catalog on April 13, requiring federal agencies to patch by April 27. The flaw enables remote code execution and sandbox escapes via malicious PDFs. Attacks used Russian-language lures tied to Russia’s oil and gas sector.
April 14, 2026
Comcast Opens Xfinity Data Breach Settlement Claims in $117.5 Million Deal: Who Qualifies Before Aug. 14
···

Comcast Opens Xfinity Data Breach Settlement Claims in $117.5 Million Deal: Who Qualifies Before Aug. 14

Comcast customers affected by the 2023 Xfinity data breach can file claims for part of a $117.5 million settlement, with an Aug. 14 deadline. About 31.6 million people are eligible for cash payments or three years of identity-defense services. The final approval hearing is set for July 7 in federal court in Philadelphia. Comcast denies wrongdoing.
April 14, 2026
GTA 6 Studio Rockstar Games Hack Escalates as ShinyHunters Says Stolen Data Will Be Published
··

GTA 6 Studio Rockstar Games Hack Escalates as ShinyHunters Says Stolen Data Will Be Published

Hackers behind a breach at Rockstar Games threatened to publish stolen data online, according to VGC and the BBC. Rockstar said only non-material company information was accessed and player data was unaffected. The breach comes as parent company Take-Two prepares for the November 19 release of Grand Theft Auto VI. ShinyHunters claimed responsibility, blaming a third-party service for the incident.
April 13, 2026
Microsoft Moves to Fix WireGuard, VeraCrypt Account Freeze That Halted Windows Updates
···

Microsoft Moves to Fix WireGuard, VeraCrypt Account Freeze That Halted Windows Updates

Microsoft blocked WireGuard and VeraCrypt developers from sending Windows updates after a verification sweep in its Windows Hardware Program, halting releases and code-signing. Company executives said the issue should be resolved soon. Similar suspensions hit Windscribe, MemTest86, and Rufus, with some developers reporting no warning or notification. Microsoft cited required re-verification and promised to review its communication.
April 9, 2026
Standard Chartered PLC Opens First Global Fusion Centre in Malaysia as Cyber, Fraud Threats Intensify
···

Standard Chartered PLC Opens First Global Fusion Centre in Malaysia as Cyber, Fraud Threats Intensify

Standard Chartered opened its first Global Fusion Centre in Kuala Lumpur on Monday, merging cyber, fraud, and physical-security monitoring at its local hub. The facility uses real-time data and AI-driven systems and supports over 50 markets with more than 4,400 staff. The launch follows stronger 2025 results and a recent executive hire. Malaysia’s GBS sector has grown 66.8% since 2022, according to officials.
April 6, 2026
Co-op CEO Shirine Khoury-Haq to Step Down as Cyberattack Fallout and Costs Bite
···

Co-op CEO Shirine Khoury-Haq to Step Down as Cyberattack Fallout and Costs Bite

Co-op CEO Shirine Khoury-Haq will step down March 29 after a year marked by a cyberattack and a swing to a £35 million operating loss. Board member Kate Allum will serve as interim chief as the group seeks a permanent successor. Co-op blamed the cyberattack for £285 million in lost revenue and plans to cut £200 million in annual costs in 2026. The leadership change follows reports of a “toxic” culture, which Khoury-Haq denies influenced her decision.
March 26, 2026
Apple iPhone Spyware Alert: New DarkSword Hack Could Still Reach Millions of Unpatched Devices
···

Apple iPhone Spyware Alert: New DarkSword Hack Could Still Reach Millions of Unpatched Devices

Google, iVerify, and Lookout disclosed a new iPhone exploit chain, DarkSword, that can fully compromise certain iOS 18 devices via infected websites. The toolkit has been active since at least November in campaigns linked to Saudi Arabia, Turkey, Malaysia, and Ukraine. Apple said the flaws have been fixed in recent updates. Researchers estimate up to 270 million devices may remain exposed if not updated.
March 19, 2026
Palo Alto Networks widens industrial 5G security push with Siemens as AI factory build-out grows
···

Palo Alto Networks widens industrial 5G security push with Siemens as AI factory build-out grows

Palo Alto Networks and Siemens launched a cybersecurity package for private 5G factory networks on Wednesday. Palo Alto shares rose $4.68 in U.S. trading Thursday. The package combines Siemens’ 5G gear and monitoring software with Palo Alto’s firewall, meeting IEC 62443 standards without affecting production latency. Palo Alto recently closed its $25 billion CyberArk deal and cut its fiscal 2026 profit forecast due to acquisition costs.
March 5, 2026
CrowdStrike stock rises as cybersecurity firm flags stronger 2027 revenue outlook
···

CrowdStrike stock rises as cybersecurity firm flags stronger 2027 revenue outlook

CrowdStrike shares rose about 4% Thursday after forecasting fiscal 2027 revenue of $5.87 billion to $5.93 billion and reporting a 23% fourth-quarter revenue jump to $1.31 billion. Annual recurring revenue climbed 24% to $5.25 billion. The company reiterated plans to acquire SGNL for $740 million and Seraphic Security for $420 million. Costs tied to the July 2024 Windows outage reached $117.7 million in fiscal 2026.
March 5, 2026
Coinbase, Microsoft disrupt “Tycoon 2FA” phishing network as crypto rules hit another snag
···

Coinbase, Microsoft disrupt “Tycoon 2FA” phishing network as crypto rules hit another snag

Coinbase said it helped disrupt Tycoon 2FA, a phishing service used to bypass multi-factor authentication, tracing crypto payments to a suspected administrator in Pakistan. Microsoft seized 330 domains linked to the operation under a New York court order. Cloudflare banned thousands of related domains. Coinbase shares fell 0.8% Thursday after a 15% jump Wednesday as bitcoin neared $74,000.
March 5, 2026
ServiceNow closes Veza deal: the $1.25B identity-security bet tied to AI agents
···

ServiceNow closes Veza deal: the $1.25B identity-security bet tied to AI agents

ServiceNow closed its acquisition of identity security firm Veza on March 2, integrating Veza’s access controls into its Security and Risk products. Veza, based in Los Gatos, California, has 230 employees and nearly 150 enterprise customers. ServiceNow registered 854,359 shares for Veza employees as part of the deal, previously valued at about $1.25 billion in cash. Financial terms were not updated at closing.
March 4, 2026
1 2 3 4

Stock Market Today

  • Ex-Telstra Chief to Chair ASX-Listed AI Infrastructure Firm Sharon AI
    May 22, 2026, 10:20 PM EDT. Ex-Telstra Chief appointed chairman of Sharon AI, a company preparing to list on the Australian Securities Exchange (ASX). Sharon AI focuses on AI infrastructure, aiming to capitalize on growing demand for artificial intelligence technologies. The leadership change is seen as a strategic move to leverage the former telecom executive's experience in steering technology firms through market expansions and regulatory environments. Sharon AI's upcoming ASX debut is expected to draw attention from investors interested in the AI sector, marking a significant development in Australia's tech market landscape.