Daily Security Feed - 2026-04-07

Security Feed Digest (2026-04-07)

Hacker News: Best

• System Card: Claude Mythos Preview [pdf] — Tue, 07 Apr 2026 18:18:36 +0000
• Project Glasswing: Securing critical software for the AI era — Tue, 07 Apr 2026 18:09:34 +0000
• GLM-5.1: Towards Long-Horizon Tasks — Tue, 07 Apr 2026 16:32:15 +0000
• Dropping Cloudflare for Bunny.net — Tue, 07 Apr 2026 13:23:05 +0000
• Show HN: Brutalist Concrete Laptop Stand (2024) — Tue, 07 Apr 2026 11:07:44 +0000
• We found an undocumented bug in the Apollo 11 guidance computer code — Tue, 07 Apr 2026 10:25:12 +0000
• Are We Idiocracy Yet? — Tue, 07 Apr 2026 09:57:39 +0000
• Every GPU That Mattered — Tue, 07 Apr 2026 08:38:17 +0000
• Anthropic expands partnership with Google and Broadcom for next-gen compute — Mon, 06 Apr 2026 21:52:08 +0000
• Show HN: Ghost Pepper – Local hold-to-talk speech-to-text for macOS — Mon, 06 Apr 2026 19:50:16 +0000
• Adobe modifies hosts file to detect whether Creative Cloud is installed — Mon, 06 Apr 2026 17:38:30 +0000
• Launch HN: Freestyle – Sandboxes for Coding Agents — Mon, 06 Apr 2026 16:32:11 +0000
• Show HN: GovAuctions lets you browse government auctions at once — Mon, 06 Apr 2026 16:21:46 +0000
• German police name alleged leaders of GandCrab and REvil ransomware groups — Mon, 06 Apr 2026 13:52:37 +0000
• Book review: There Is No Antimemetics Division — Mon, 06 Apr 2026 13:44:01 +0000
• An open-source 240-antenna array to bounce signals off the Moon — Mon, 06 Apr 2026 03:22:42 +0000

Krebs on Security

• Russia Hacked Routers to Steal Microsoft Office Tokens — Tue, 07 Apr 2026 17:02:44 +0000

CISA Alerts

• Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure — Mon, 06 Apr 2026 07:03:58 EDT

BleepingComputer

• Hackers exploit critical flaw in Ninja Forms WordPress plugin — Tue, 07 Apr 2026 18:03:01 -0400
• FBI: Americans lost a record $21 billion to cybercrime last year — Tue, 07 Apr 2026 16:41:52 -0400
• Snowflake customers hit in data theft attacks after SaaS integrator breach — Tue, 07 Apr 2026 15:39:18 -0400
• US warns of Iranian hackers targeting critical infrastructure — Tue, 07 Apr 2026 14:02:26 -0400
• Max severity Flowise RCE vulnerability now exploited in attacks — Tue, 07 Apr 2026 13:02:05 -0400
• Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins — Tue, 07 Apr 2026 11:51:22 -0400
• Why Your Automated Pentesting Tool Just Hit a Wall — Tue, 07 Apr 2026 10:01:11 -0400
• German authorities identify REvil and GandCrab ransomware bosses — Mon, 06 Apr 2026 19:54:04 -0400

Darkreading

• Storm-1175 Deploys Medusa Ransomware at ‘High Velocity’ — Tue, 07 Apr 2026 20:15:07 GMT
• Grafana Patches AI Bug That Could Have Leaked User Data — Tue, 07 Apr 2026 19:52:26 GMT
• RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever — Tue, 07 Apr 2026 14:57:16 GMT
• Human vs AI: Debates Shape RSAC 2026 Cybersecurity Trends — Tue, 07 Apr 2026 14:36:44 GMT
• Lies, Damned Lies, and Cybersecurity Metrics — Tue, 07 Apr 2026 14:26:02 GMT
• Focusing on the People in Cybersecurity at RSAC 2026 Conference — Tue, 07 Apr 2026 13:00:00 GMT
• Axios Attack Shows Complex Social Engineering Is Industrialized — Mon, 06 Apr 2026 20:55:44 GMT

The Hacker News

• Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign — Tue, 07 Apr 2026 22:18:00 +0530
• [Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk — Tue, 07 Apr 2026 21:59:00 +0530
• Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access — Tue, 07 Apr 2026 20:45:00 +0530
• Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign — Tue, 07 Apr 2026 18:16:00 +0530
• The Hidden Cost of Recurring Credential Incidents — Tue, 07 Apr 2026 17:00:00 +0530
• New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips — Tue, 07 Apr 2026 14:08:00 +0530
• China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware — Tue, 07 Apr 2026 12:05:00 +0530
• Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed — Tue, 07 Apr 2026 11:26:00 +0530

데일리시큐 - 최근인기기사

• [북한 연계 해커, GitHub를 C2로 악용… 국내 겨냥 다단계 침투 정황 포착 — 2026-04-07 11:37:55
• 커널 흔든 랜섬웨어 공격… 킬린·워락, EDR 차단 정황 포착 — 2026-04-07 11:53:17
• AI 시대 사이버 위협 대응할 보안 인재 키운다…KISA, 실전형 정보보호 교육 확대 — 2026-04-07 09:30:59
• 공식 앱스토어 유포 ‘과대 광고 앱’ 주의…“정부지원·대출 정보로 위장” — 2026-04-07 09:24:48
• 오라클, ‘오라클 AI 데이터베이스@AWS’ 국내 출시…서울 리전서 엑사데이터·자율운영 AI DB 제공 — 2026-04-07 09:34:31
• LG유플러스, IBK시스템과 금융 특화 AI 서비스 개발 나서 — 2026-04-07 09:36:44
• 소프트캠프-티앤디소프트, 제로 트러스트 기반 통합보안 협력 본격화 — 2026-04-07 09:53:01
• 파수 AI, 글로벌 인포섹 어워드 2관왕…생성형 AI·데이터 보안 경쟁력 인정 — 2026-04-07 10:07:38
• 지니언스, 글로벌 고객 200곳 돌파…NAC 넘어 제로트러스트로 해외 확장 가속 — 2026-04-07 09:38:51
• KADEX 2026, ‘방산 스타트업 혁신관’ 신설… 유망 기업 육성 나선다 — 2026-04-07 12:16:43

보안뉴스 > SECURITY

• 오픈클로 보안 자문의 경고, “AI는 이제 인간 정체성을 해킹한다” — Tue, 7 Apr 2026 17:41:00 +0900
• 명지대 방산안보연구소·새솔테크, 국방 우주·모빌리티 AI 보안 협력 — Tue, 7 Apr 2026 15:57:00 +0900
• [배종찬의 보안 빅데이터] 미국과 미군 위협하는 이란 사이버 해킹 부대 — Tue, 7 Apr 2026 15:42:00 +0900
• 파수 AI, ‘글로벌 인포섹 어워드’ 2관왕… “글로벌 AX 보안 선도” — Tue, 7 Apr 2026 14:10:00 +0900
• 유용한 정보인줄 알았는데 광고 지옥… 생활 정보 위장 앱 주의 — Tue, 7 Apr 2026 13:53:00 +0900
• 보안 인재 양성 최전선, 차세대 보안 리더(BoB) 15기 닻 오른다 — Tue, 7 Apr 2026 12:01:00 +0900
• 북한 UNC4736, 신분 위조·대면 접촉으로 드리프트서 2억8500만달러 탈취 — Tue, 7 Apr 2026 11:17:00 +0900
• 모빌린트-롯데이노베이트, NPU 스마트 인프라 최적화 협력 — Tue, 7 Apr 2026 11:14:00 +0900
• 가비아, ‘중소기업 클라우드 보급 확산 사업’ 10년 연속 공급기업 선정 — Tue, 7 Apr 2026 10:57:00 +0900
• 한국정보처리학회, 차세대 AI 패러다임 ‘에이전트 AI’ 멀티 에이전트 시스템 실전 강좌 성료 — Tue, 7 Apr 2026 10:56:00 +0900