Daily Security Feed - 2026-04-22

Security Feed Digest (2026-04-22)

Hacker News: Best

• Over-editing refers to a model modifying code beyond what is necessary — Wed, 22 Apr 2026 17:51:17 +0000
• We found a stable Firefox identifier linking all your private Tor identities — Wed, 22 Apr 2026 17:35:03 +0000
• Alberta startup sells no-tech tractors for half price — Wed, 22 Apr 2026 16:29:25 +0000
• Scoring Show HN submissions for AI design patterns — Wed, 22 Apr 2026 14:44:32 +0000
• Qwen3.6-27B: Flagship-Level Coding in a 27B Dense Model — Wed, 22 Apr 2026 13:19:58 +0000
• Our eighth generation TPUs: two chips for the agentic era — Wed, 22 Apr 2026 12:15:29 +0000
• 3.4M Solar Panels — Wed, 22 Apr 2026 12:04:30 +0000
• GitHub CLI now collects pseudoanonymous telemetry — Wed, 22 Apr 2026 11:58:58 +0000
• Windows 9x Subsystem for Linux — Wed, 22 Apr 2026 09:52:52 +0000
• Tell HN: I’m sick of AI everything — Wed, 22 Apr 2026 01:19:30 +0000
• Drunk post: Things I’ve learned as a senior engineer (2021) — Tue, 21 Apr 2026 23:53:45 +0000
• Claude Code to be removed from Pro Tier? — Tue, 21 Apr 2026 22:36:24 +0000
• SpaceX says it has agreement to acquire Cursor for $60B — Tue, 21 Apr 2026 22:13:18 +0000
• Claude Code to be removed from Anthropic’s Pro plan? — Tue, 21 Apr 2026 21:03:04 +0000
• ChatGPT Images 2.0 — Tue, 21 Apr 2026 18:50:00 +0000
• Cal.diy: open-source community edition of cal.com — Tue, 21 Apr 2026 17:58:21 +0000
• Meta to start capturing employee mouse movements, keystrokes for AI training — Tue, 21 Apr 2026 17:40:39 +0000
• Britannica11.org – a structured edition of the 1911 Encyclopædia Britannica — Tue, 21 Apr 2026 17:33:50 +0000
• The Vercel breach: OAuth attack exposes risk in platform environment variables — Tue, 21 Apr 2026 17:14:35 +0000
• Original GrapheneOS responses to WIRED fact checker — Tue, 21 Apr 2026 15:04:24 +0000
• Anthropic takes $5B from Amazon and pledges $100B in cloud spending in return — Tue, 21 Apr 2026 13:08:25 +0000
• Show HN: VidStudio, a browser based video editor that doesn’t upload your files — Tue, 21 Apr 2026 11:58:16 +0000
• Israeli soldiers using sexual assault to force Palestinians out of West Bank — Tue, 21 Apr 2026 05:15:23 +0000
• How to make a fast dynamic language interpreter — Tue, 21 Apr 2026 00:48:07 +0000
• Making RAM at Home [video] — Mon, 20 Apr 2026 23:35:06 +0000

BleepingComputer

• Apple fixes iOS bug that retained deleted notification data — Wed, 22 Apr 2026 16:58:58 -0400
• New Mirai campaign exploits RCE flaw in EoL D-Link routers — Wed, 22 Apr 2026 16:04:46 -0400
• Kyber ransomware gang toys with post-quantum encryption on Windows — Wed, 22 Apr 2026 14:52:29 -0400
• Spain dismantles major $4.7M manga piracy platform, arrests four — Wed, 22 Apr 2026 11:06:34 -0400
• Inside Caller-as-a-Service Fraud: The Scam Economy Has a Hiring Process — Wed, 22 Apr 2026 10:01:11 -0400
• New npm supply-chain attack self-spreads to steal auth tokens — Wed, 22 Apr 2026 08:57:42 -0400
• Microsoft Teams to get efficiency mode on PCs with limited resources — Wed, 22 Apr 2026 08:24:38 -0400
• Microsoft traces Universal Print issues to Graph API code change — Wed, 22 Apr 2026 06:15:09 -0400
• New GoGra malware for Linux uses Microsoft Graph API for comms — Wed, 22 Apr 2026 06:00:00 -0400
• Microsoft releases emergency patches for critical ASP.NET flaw — Wed, 22 Apr 2026 04:08:16 -0400
• Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks — Wed, 22 Apr 2026 02:53:02 -0400

Darkreading

• ‘The Gentlemen’ Rapidly Rises to Ransomware Prominence — Wed, 22 Apr 2026 20:51:55 GMT
• DPRK Fake Job Scams Self-Propagate in ‘Contagious Interview’ — Wed, 22 Apr 2026 14:48:05 GMT
• Exploits Turn Windows Defender Into Attacker Tool — Tue, 21 Apr 2026 19:12:40 GMT
• Google Fixes Critical RCE Flaw in AI-Based ‘Antigravity’ Tool — Tue, 21 Apr 2026 15:00:50 GMT

The Hacker News

• Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain — Wed, 22 Apr 2026 23:25:00 +0530
• Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens — Wed, 22 Apr 2026 23:03:00 +0530
• Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API — Wed, 22 Apr 2026 20:58:00 +0530
• Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack — Wed, 22 Apr 2026 16:25:00 +0530
• Toxic Combinations: When Cross-App Permissions Stack into Risk — Wed, 22 Apr 2026 16:11:36 +0530
• Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug — Wed, 22 Apr 2026 14:59:00 +0530
• Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles — Wed, 22 Apr 2026 13:28:00 +0530
• Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape — Wed, 22 Apr 2026 12:46:00 +0530

데일리시큐 - 최근인기기사

• 중국 연계 해킹 조직 무스탕 판다, 한국 정책 커뮤니티 겨냥 공격 포착 — 2026-04-22 09:11:08
• 생성형 AI 열풍 노린 ‘클로드’ 사칭 피싱공격 기승…검색 상단까지 장악 — 2026-04-22 09:34:26
• ‘클로드 미토스’, 파이어폭스 취약점 271건 찾아…공포심 보다 방어자에게 새로운 기회로 바라봐야 — 2026-04-22 19:22:46
• 오내피플, 흑자전환…‘AI 개인정보보호 SaaS’ 본격 확장 — 2026-04-22 08:17:51
• 전원 끄고 보안 켜라…KISA, 일상 속 ‘에너지·보안’ 동시 실천 제시 — 2026-04-22 08:11:44
• 합시다, 외국인 대상 실무형 IT 교육 확대…글로벌 인재 양성 가속 — 2026-04-22 11:17:18
• AI스페라, 웨비나 ‘강병탁의 진짜 보안 이야기 ep.3’ 개최 — 2026-04-22 15:38:07
• 넥스원소프트, 서민금융진흥원에 공공 마이데이터 연계 통합인증 공급 — 2026-04-22 13:55:14
• 스마트키퍼, NTT동일본과 독점 계약…일본 물리보안 시장 공략 본격화 — 2026-04-22 14:03:06
• 알체라, 금융권 실무자 대상 ‘AI 보안 혁신 세미나’ 개최 — 2026-04-22 15:19:02

보안뉴스 > SECURITY

• “속도보다 방향, 통제보다 신뢰”…OWASP 세미나서 엿본 보안 조직 성장기 — Wed, 22 Apr 2026 20:21:00 +0900
• KISIA, 서울창조경제혁신센터와 보안 스타트업 육성 나서 — Wed, 22 Apr 2026 17:57:00 +0900
• 이란 정보국의 ‘다중 인격’ 해킹 전술? 독립 해커인 척하며 세계 안보 농락해 — Wed, 22 Apr 2026 16:26:00 +0900
• 넥스원소프트, 표준 전자서명 기술로 공공 마이데이터 연계 고도화 — Wed, 22 Apr 2026 15:00:00 +0900
• [미토스 충격] ‘철저 보안’ 미공개 미토스, 디스코드 채널 사용자에게 뚫렸다? — Wed, 22 Apr 2026 13:51:00 +0900
• “검색 최상단 떴다고 믿지 마세요”… 안랩, 클로드 사칭 피싱 사이트 경고 — Wed, 22 Apr 2026 13:32:00 +0900
• 벨로크-퓨리오사AI, 국산 NPU로 ‘지능형 CCTV’ 시장 정조준… MOU 체결 — Wed, 22 Apr 2026 13:27:00 +0900
• 또 뚫린 프랑스 공공 인프라… 이번엔 ANTS 포털 해킹 — Wed, 22 Apr 2026 10:54:00 +0900
• “보안 사고, 기술 아닌 실행 부재에서 시작”… 아톤, ‘시큐리티 서밋 2026’ 개최 — Wed, 22 Apr 2026 10:48:00 +0900
• 분산형 소셜 미디어 블루스카이, 친이란 해커 그룹 공격에 서비스 장애 — Wed, 22 Apr 2026 10:41:00 +0900