Daily Hunt Feed - 2026-04-07

Threat Hunt Feed (2026-04-07)

Hacker News: Best

• Show HN: I made a YouTube search form with advanced filters — Mon, 06 Apr 2026 00:18:26 +0000
  • Matched TTPs: At (T1053.002)

Krebs on Security

• Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab — Mon, 06 Apr 2026 02:07:17 +0000
  • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), Credentials (T1589.001), At (T1053.002)

BleepingComputer

• Microsoft links Medusa ransomware affiliate to zero-day attacks — Mon, 06 Apr 2026 12:56:01 -0400
  • Matched TTPs: IP Addresses (T1590.005), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Botnet (T1584.005), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001)
• CISA orders feds to patch exploited Fortinet EMS flaw by Friday — Mon, 06 Apr 2026 12:02:14 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Cloud Services (T1021.007), Tool (T1588.002), Phishing (T1566), Firmware (T1592.003), Software (T1592.002), Credentials (T1589.001)
• Why Simple Breach Monitoring is No Longer Enough — Mon, 06 Apr 2026 10:02:12 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Browser Extensions (T1176.001), Domains (T1584.001), Tool (T1588.002), Phishing (T1566), Multi-Factor Authentication (T1556.006), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)

Darkreading

• Fortinet Issues Emergency Patch for FortiClient Zero-Day — Mon, 06 Apr 2026 20:24:19 GMT
  • Matched TTPs: Vulnerabilities (T1588.006)
• Automated Credential Harvesting Campaign Exploits React2Shell Flaw — Mon, 06 Apr 2026 15:31:09 GMT
  • Matched TTPs: Tool (T1588.002), Exploits (T1588.005), Credentials (T1589.001)

The Hacker News

• ⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More — Mon, 06 Apr 2026 18:16:00 +0530
  • Matched TTPs: Rundll32 (T1218.011), Artificial Intelligence (T1588.007), IP Addresses (T1590.005), JavaScript (T1059.007), Malware (T1588.001), Vulnerabilities (T1588.006), DLL (T1574.001), Server (T1584.004), Email Addresses (T1589.002), Code Repositories (T1213.003), Proxy (T1090), PowerShell (T1059.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers — Mon, 06 Apr 2026 17:15:00 +0530
  • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Supply Chain Compromise (T1195), IDE Extensions (T1176.002), Code Repositories (T1213.003), Shell History (T1552.003), Tool (T1588.002), Phishing (T1566), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools — Mon, 06 Apr 2026 15:37:00 +0530
  • Matched TTPs: Sharepoint (T1213.002), DNS (T1071.004), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), DLL (T1574.001), Server (T1584.004), Proxy (T1090), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)

데일리시큐 - 최근인기기사

• 멘로시큐리티 ‘멘로 웹격리 솔루션 V1.0’ GS 인증 1등급 획득 — 2026-04-06 17:31:52
  • Matched TTPs: Software (T1592.002)