Weekly Threat Roundup: 2026-04-06 to 2026-04-12
Apr 12, 2026
roundup TrendingCybersecurity roundup for 2026-04-06 to 2026-04-12. 10 CVE advisories, 2 breach reports, 4 threat news stories.
Read Article
Microsoft
13 articles mentioning Microsoft
13
Total Articles
3
Critical
5
High
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
Apr 7, 2026
Threat ActorAn international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers
Read Article
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
Apr 6, 2026
MalwareMicrosoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity
Read Article
Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels
Mar 30, 2026
VulnerabilityMicrosoft has pulled a buggy Windows 11 non-security preview update to investigate a known issue that triggers 0x80073712 errors during installation. [...]
Read Article
Windows 11 KB5079391 update rolls out Smart App Control improvements
Mar 27, 2026
MalwareMicrosoft has released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, which includes 29 changes, such as Smart App Control and Display improvements. [...]
Read Article
Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse
Mar 25, 2026
VulnerabilityThreat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building platform Bubble to generate and host malicious web apps. [...]
Read Article
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
Mar 23, 2026
VulnerabilityMicrosoft is working to address an ongoing service issue that has intermittently prevented some users from accessing their cloud-based Exchange Online mailboxes via Outlook mobile and Mac desktop clie
Read Article
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
Mar 19, 2026
VulnerabilityA critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned. [...]
Read Article
GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos
Mar 16, 2026
VulnerabilityLast week's cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices. [...]
Read Article
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Mar 13, 2026
VulnerabilityMicrosoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in which users lose access to their C:\ drive and are
Read Article
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days
Mar 10, 2026
Vulnerability TrendingMicrosoft has released the Windows 10 KB5078885 extended security update to fix the March 2026 Patch Tuesday vulnerabilities, including 2 zero-days and an issue that prevent some devices from shutting
Read Article
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
Mar 5, 2026
MalwareA China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge de
Read Article
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
Mar 2, 2026
VulnerabilityA Florida woman was sentenced to 22 months in prison for running a massive years-long scheme to traffic thousands of stolen Microsoft Certificate of Authenticity (COA) labels. [...]
Read Article