Daily Hunt Feed - 2026-04-21

Threat Hunt Feed (2026-04-21)

Hacker News: Best

• At long last, InfoWars is ours — Mon, 20 Apr 2026 17:23:58 +0000
  • Matched TTPs: At (T1053.002)
• Turtle WoW classic server announces shutdown after Blizzard wins injunction — Sun, 19 Apr 2026 15:48:40 +0000
  • Matched TTPs: Hardware (T1592.001), Server (T1584.004), Software (T1592.002), Social Media (T1593.001), At (T1053.002)

BleepingComputer

• The Gentlemen ransomware now uses SystemBC for bot-powered attacks — Mon, 20 Apr 2026 16:02:37 -0400
  • Matched TTPs: IP Addresses (T1590.005), Malware (T1588.001), Hardware (T1592.001), Databases (T1213.006), Botnet (T1584.005), Server (T1584.004), Proxy (T1090), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), Impersonation (T1656), At (T1053.002)
• Microsoft: Teams increasingly abused in helpdesk impersonation attacks — Mon, 20 Apr 2026 11:11:24 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), DLL (T1574.001), Server (T1584.004), Windows Remote Management (T1021.006), PowerShell (T1059.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Impersonation (T1656), At (T1053.002)
• The backup myth that is putting businesses at risk — Mon, 20 Apr 2026 10:01:11 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Impersonation (T1656), At (T1053.002)
• Microsoft releases emergency updates to fix Windows Server issues — Mon, 20 Apr 2026 04:30:56 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Impersonation (T1656), At (T1053.002)

Darkreading

• Vercel Employee’s AI Tool Access Led to Data Breach — Mon, 20 Apr 2026 21:01:31 GMT
  • Matched TTPs: Tool (T1588.002), At (T1053.002)
• Serial-to-IP Devices Hide Thousands of Old and New Bugs — Mon, 20 Apr 2026 21:00:00 GMT
  • Matched TTPs: Vulnerabilities (T1588.006)

The Hacker News

• ⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More — Mon, 20 Apr 2026 19:11:00 +0530
  • Matched TTPs: Scheduled Task (T1053.005), Sharepoint (T1213.002), Artificial Intelligence (T1588.007), IP Addresses (T1590.005), JavaScript (T1059.007), Bypass User Account Control (T1548.002), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), SSH (T1021.004), Component Object Model (T1559.001), DLL (T1574.001), Botnet (T1584.005), Virtual Private Server (T1583.003), Email Accounts (T1585.002), Supply Chain Compromise (T1195), Remote Access Tools (T1219), Domains (T1584.001), Masquerading (T1036), Web Shell (T1505.003), Server (T1584.004), Financial Theft (T1657), PowerShell (T1059.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), NTDS (T1003.003), At (T1053.002), Compression (T1027.015)
• Why Most AI Deployments Stall After the Demo — Mon, 20 Apr 2026 17:00:00 +0530
  • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain — Mon, 20 Apr 2026 16:12:00 +0530
  • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), Malware (T1588.001), Databases (T1213.006), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), Python (T1059.006), At (T1053.002)
• Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems — Mon, 20 Apr 2026 13:04:00 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), DLL (T1574.001), Masquerading (T1036), Server (T1584.004), Phishing (T1566), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials — Mon, 20 Apr 2026 09:05:00 +0530
  • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)