# Archive
Browse past daily curated stories
Sunday, April 19, 2026
-
1BleepingComputer generalCritical flaw in Protobuf library enables JavaScript code execution
A critical RCE vulnerability in protobuf.js, Google's JavaScript implementation of Protocol Buffers, now has published proof-of-concept exploit code available. This library is widely used across JavaScript applications, making this a significant supply chain risk for organizations using affected versions.
-
2The Hacker News generalMirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting CVE-2024-3721 in TBK DVR devices and end-of-life TP-Link routers to deploy Mirai botnet variants called Nexcorium for DDoS attacks. Fortinet and Palo Alto Unit 42 researchers identified this campaign targeting the medium-severity command injection flaw with a CVSS score of 6.3.
-
3The Hacker News general$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims
Grinex cryptocurrency exchange, sanctioned by the U.S. and U.K., suspended operations after a $13.74 million hack that the company attributes to Western intelligence agencies. The Kyrgyzstan-based exchange claims the attack bore hallmarks of foreign intelligence involvement and required resources available only to "unfriendly states."
-
4SecurityWeek generalRecent Apache ActiveMQ Vulnerability Exploited in the Wild
CVE-2026-34197, a remote code execution vulnerability in Apache ActiveMQ discovered in early April, is now being actively exploited in the wild. This represents a rapid weaponization timeline for organizations running the affected message broker software.
-
5SecurityWeek generalZionSiphon Malware Targets ICS in Water Facilities
ZionSiphon malware has been identified targeting industrial control systems in Israeli water treatment and desalination plants. The malware is specifically configured to operate on systems associated with critical water infrastructure, representing a significant threat to operational technology environments.
-
6SecurityWeek general53 DDoS Domains Taken Down by Law Enforcement
Law enforcement from 21 countries coordinated to take down 53 DDoS-for-hire service domains in the latest "PowerOFF" operation. Four individuals were arrested in this international effort targeting distributed denial-of-service attack platforms that sell cheap access to cybercriminals.
-
7SecurityWeek generalCursor AI Vulnerability Exposed Developer Devices
A vulnerability in Cursor AI development environment could be chained with sandbox bypass and the platform's remote tunnel feature to gain shell access to developer machines. The flaw involves indirect prompt injection that could compromise developer devices through the AI-powered code editor.
-
8SecurityWeek generalTwo North Korean IT Worker Scheme Facilitators Jailed in the US
Kejia Wang and Zhenxing Wang were sentenced to prison for facilitating North Korean IT worker schemes by compromising identities of dozens of U.S. persons. The scheme helped North Korean operatives obtain jobs at over 100 U.S. companies, generating revenue for the sanctioned regime.
-
9BleepingComputer generalMicrosoft: Some Windows servers enter reboot loops after April patches
Microsoft warns that some Windows domain controllers are entering restart loops after installing April 2026 security updates. This creates operational disruption for organizations deploying the latest patches, requiring careful rollout planning for affected systems.
-
10BleepingComputer generalMan gets 30 months for selling thousands of hacked DraftKings accounts
Kamerin Stokes, 23, received a 30-month prison sentence for selling access to tens of thousands of hacked DraftKings accounts. The Memphis resident continued selling stolen credentials through online marketplaces even after pleading guilty to his role in the DraftKings breach.