Daily Hunt Feed - 2026-04-10

Threat Hunt Feed (2026-04-10)

Hacker News: Best

• Meta removes ads for social media addiction litigation — Thu, 09 Apr 2026 13:23:50 +0000
  • Matched TTPs: Social Media (T1593.001)
• Open source security at Astral — Thu, 09 Apr 2026 04:11:55 +0000
  • Matched TTPs: Vulnerabilities (T1588.006), Masquerading (T1036), Phishing (T1566), Software (T1592.002), Credentials (T1589.001), Python (T1059.006), Template Injection (T1221), At (T1053.002), Compression (T1027.015)
• LittleSnitch for Linux — Thu, 09 Apr 2026 00:26:08 +0000
  • Matched TTPs: DNS (T1071.004), Tool (T1588.002), Software (T1592.002), At (T1053.002)
• Show HN: Is Hormuz open yet? — Wed, 08 Apr 2026 21:33:06 +0000
  • Matched TTPs: Cron (T1053.003)
• USB for Software Developers: An introduction to writing userspace USB drivers — Wed, 08 Apr 2026 19:23:34 +0000
  • Matched TTPs: Software (T1592.002)

BleepingComputer

• New ‘LucidRook’ malware used in targeted attacks on NGOs, universities — Thu, 09 Apr 2026 18:04:31 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), DLL (T1574.001), Tool (T1588.002), Phishing (T1566), Lua (T1059.011), Software (T1592.002), Credentials (T1589.001)
• New VENOM phishing attacks steal senior executives’ Microsoft logins — Thu, 09 Apr 2026 17:37:04 -0400
  • Matched TTPs: Adversary-in-the-Middle (T1557), Sharepoint (T1213.002), Malware (T1588.001), Hardware (T1592.001), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Multi-Factor Authentication (T1556.006), Software (T1592.002), Credentials (T1589.001), Conditional Access Policies (T1556.009), At (T1053.002)
• Healthcare IT solutions provider ChipSoft hit by ransomware attack — Thu, 09 Apr 2026 15:46:44 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
• Google Chrome adds infostealer protection against session cookie theft — Thu, 09 Apr 2026 14:33:29 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Private Keys (T1552.004), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
• When attackers already have the keys, MFA is just another door to open — Thu, 09 Apr 2026 10:02:12 -0400
  • Matched TTPs: Adversary-in-the-Middle (T1557), Malware (T1588.001), Hardware (T1592.001), Databases (T1213.006), Vulnerabilities (T1588.006), Private Keys (T1552.004), Email Addresses (T1589.002), Proxy (T1090), Cloud Account (T1136.003), Tool (T1588.002), Phishing (T1566), Credential Stuffing (T1110.004), Multi-Factor Authentication (T1556.006), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
• Hackers exploiting Acrobat Reader zero-day flaw since December — Thu, 09 Apr 2026 05:22:35 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), At (T1053.002)
• Microsoft suspends dev accounts for high-profile open source projects — Thu, 09 Apr 2026 02:46:26 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)

Darkreading

• Russia’s Forest Blizzard Nabs Rafts of Logins via SOHO Routers — Thu, 09 Apr 2026 01:00:00 GMT
  • Matched TTPs: DNS (T1071.004), Malware (T1588.001)

The Hacker News

• EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets — Thu, 09 Apr 2026 22:56:00 +0530
  • Matched TTPs: Malware (T1588.001), Cron (T1053.003), Vulnerabilities (T1588.006), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns — Thu, 09 Apr 2026 21:53:00 +0530
  • Matched TTPs: Malware (T1588.001), Cron (T1053.003), Vulnerabilities (T1588.006), DLL (T1574.001), Server (T1584.004), PowerShell (T1059.001), Tool (T1588.002), Phishing (T1566), Lua (T1059.011), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories — Thu, 09 Apr 2026 18:27:00 +0530
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Cron (T1053.003), Vulnerabilities (T1588.006), Botnet (T1584.005), AppleScript (T1059.002), Email Accounts (T1585.002), Domains (T1584.001), Server (T1584.004), Search Engines (T1593.002), Proxy (T1090), PowerShell (T1059.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), Python (T1059.006), Malicious Link (T1204.001), At (T1053.002)
• Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025 — Thu, 09 Apr 2026 16:45:00 +0530
  • Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Cron (T1053.003), Vulnerabilities (T1588.006), Server (T1584.004), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)