Daily Hunt Feed - 2026-04-29

Threat Hunt Feed (2026-04-29)

BleepingComputer

• Video service Vimeo confirms Anodot breach exposed user data — Tue, 28 Apr 2026 15:04:22 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Databases (T1213.006), Email Addresses (T1589.002), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• Microsoft asks iPhone users to reauthenticate after Outlook outage — Tue, 28 Apr 2026 04:37:12 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Email Account (T1087.003), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)

Darkreading

• BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures — Tue, 28 Apr 2026 21:38:39 GMT
  • Matched TTPs: Malware (T1588.001)
• NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later — Tue, 28 Apr 2026 20:38:59 GMT
  • Matched TTPs: At (T1053.002)
• Vidar Rises to Top of Chaotic Infostealer Market — Tue, 28 Apr 2026 19:07:16 GMT
  • Matched TTPs: Malware (T1588.001)
• Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain — Tue, 28 Apr 2026 14:59:24 GMT
  • Matched TTPs: Malware (T1588.001)

The Hacker News

• Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push — Tue, 28 Apr 2026 23:49:00 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign — Tue, 28 Apr 2026 23:09:00 +0530
  • Matched TTPs: Sharepoint (T1213.002), JavaScript (T1059.007), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), SSH (T1021.004), Masquerading (T1036), Server (T1584.004), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), SEO Poisoning (T1608.006), At (T1053.002)
• After Mythos: New Playbooks For a Zero-Window Era — Tue, 28 Apr 2026 16:00:00 +0530
  • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), DNS (T1071.004), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), Server (T1584.004), CDNs (T1596.004), Phishing (T1566), Software (T1592.002), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002), Compression (T1027.015)
• Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover — Tue, 28 Apr 2026 12:07:00 +0530
  • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)