Posts 2026 04 24 Daily Hunt Feed - 2026-04-24
Post
Cancel

Daily Hunt Feed - 2026-04-24

Fullstackreverser Apr 24 2026-04-24T09:09:34+09:00
3 min

Threat Hunt Feed (2026-04-24)

Hacker News: Best

CISA Alerts

  • Defending Against China-Nexus Covert Networks of Compromised Devices — Tue, 21 Apr 2026 11:12:37 EDT
    • Matched TTPs: Acquire Infrastructure (T1583), IP Addresses (T1590.005), Network Devices (T1584.008), Malware (T1588.001), Vulnerabilities (T1588.006), Botnet (T1584.005), Network Topology (T1590.004), Virtual Private Server (T1583.003), Server (T1584.004), Proxy (T1090), Compromise Infrastructure (T1584), Multi-hop Proxy (T1090.003), Software (T1592.002), Exploits (T1588.005), At (T1053.002)

BleepingComputer

  • Hackers exploit file upload bug in Breeze Cache WordPress plugin — Thu, 23 Apr 2026 17:33:45 -0400
    • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), Impersonation (T1656), At (T1053.002)
  • Bitwarden CLI npm package compromised to steal developer credentials — Thu, 23 Apr 2026 15:21:01 -0400
    • Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Hardware (T1592.001), SSH (T1021.004), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), Impersonation (T1656), At (T1053.002)
  • Trigona ransomware attacks use custom exfiltration tool to steal data — Thu, 23 Apr 2026 14:59:39 -0400
    • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), Impersonation (T1656), At (T1053.002)
  • New Checkmarx supply-chain breach affects KICS analysis tool — Thu, 23 Apr 2026 12:05:12 -0400
    • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), SSH (T1021.004), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), Impersonation (T1656), At (T1053.002)
  • Regular Password Resets Aren’t as Safe as You Think — Thu, 23 Apr 2026 10:10:20 -0400
    • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Server (T1584.004), Tool (T1588.002), Valid Accounts (T1078), Multi-Factor Authentication (T1556.006), Encrypted Channel (T1573), Software (T1592.002), Credentials (T1589.001), Impersonation (T1656), NTDS (T1003.003)
  • UK warns of Chinese hackers using proxy networks to evade detection — Thu, 23 Apr 2026 08:28:39 -0400
    • Matched TTPs: IP Addresses (T1590.005), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Botnet (T1584.005), Server (T1584.004), Proxy (T1090), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), Impersonation (T1656), At (T1053.002)

The Hacker News

  • UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware — Thu, 23 Apr 2026 23:46:00 +0530
    • Matched TTPs: Sharepoint (T1213.002), JavaScript (T1059.007), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), Upload Tool (T1608.002), Server (T1584.004), Cloud Services (T1021.007), PowerShell (T1059.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), Email Bombing (T1667), Impersonation (T1656), Python (T1059.006), At (T1053.002)
  • ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories — Thu, 23 Apr 2026 18:47:00 +0530
    • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), IP Addresses (T1590.005), Malware (T1588.001), Hardware (T1592.001), Social Media Accounts (T1585.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), SSH (T1021.004), DLL (T1574.001), Botnet (T1584.005), AppDomainManager (T1574.014), Supply Chain Compromise (T1195), Masquerading (T1036), Control Panel (T1218.002), Server (T1584.004), Search Engines (T1593.002), Proxy (T1090), Tool (T1588.002), Phishing (T1566), Firmware (T1592.003), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), Python (T1059.006), Data Destruction (T1485), At (T1053.002)
  • [Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed — Thu, 23 Apr 2026 17:33:00 +0530
    • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
  • Project Glasswing Proved AI Can Find the Bugs. Who’s Going to Fix Them? — Thu, 23 Apr 2026 17:00:00 +0530
    • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
  • Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages — Thu, 23 Apr 2026 13:36:00 +0530
    • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)

보안뉴스 > SECURITY

security, hunt
threat-hunting ttp mitre-attack
This post is licensed under CC BY 4.0 by the author.
Contents

Daily Security Feed - 2026-04-23

Daily Security Feed - 2026-04-24

Comments powered by Disqus.