> TritonInfoSec News

# Archive

Browse past daily curated stories

May 08 May 05 May 03 May 02 May 01 Apr 30 Apr 28 Apr 26 Apr 25 Apr 24 Apr 23 Apr 22 Apr 21 Apr 20 Apr 19 Apr 18 Apr 17 Apr 16 Apr 15 Apr 14 Apr 12 Apr 11 Apr 10 Apr 09 Apr 08 Apr 07 Apr 05 Apr 04 Apr 03 Apr 02

Wednesday, April 22, 2026

  1. 1
    0
    Ars Technica Security general
    Mozilla: Anthropic's Mythos found 271 zero-day vulnerabilities in Firefox 150

    Anthropic's Mythos AI model discovered 271 zero-day vulnerabilities in Firefox 150, with Mozilla's CTO claiming the AI is "every bit as capable" as the world's best security researchers. This represents a significant advancement in AI-powered vulnerability discovery that could accelerate both defensive research and potential exploitation capabilities.

  2. 2
    0
    Dark Reading general
    Exploits Turn Windows Defender into Attacker Tool

    Three proof-of-concept exploits targeting Windows Defender are being used in active attacks to turn Microsoft's built-in security platform into an attacker tool, with two of the vulnerabilities remaining unpatched. This demonstrates how core security tools can become vectors for compromise, undermining fundamental endpoint protection assumptions.

  3. 3
    0
    Krebs on Security threat-intel
    ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

    Tyler Robert Buchanan, a 24-year-old British national and senior Scattered Spider member nicknamed "Tylerb," pleaded guilty to wire fraud conspiracy and aggravated identity theft for summer 2022 SMS phishing attacks that compromised at least a dozen major tech companies and stole tens of millions in cryptocurrency. He faces up to 22 years in federal prison for his role as what researchers called "the glue that held this gang together."

  4. 4
    0
    The Hacker News general
    SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

    Check Point researchers discovered a SystemBC C2 server linked to The Gentlemen ransomware operation controlling a botnet of over 1,570 victims. SystemBC establishes SOCKS5 network tunnels to facilitate lateral movement and data exfiltration, highlighting the infrastructure supporting modern ransomware-as-a-service operations.

  5. 5
    0
    The Hacker News general
    22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters

    Forescout Research identified 22 vulnerabilities collectively named BRIDGE:BREAK affecting Lantronix and Silex serial-to-IP converters, with nearly 20,000 vulnerable devices exposed online. These flaws could allow attackers to hijack industrial control systems and tamper with operational technology data exchanges.

  6. 6
    0
    BleepingComputer general
    CISA flags new SD-WAN flaw as actively exploited in attacks

    CISA added a new Catalyst SD-WAN Manager vulnerability to its Known Exploited Vulnerabilities catalog as actively exploited, giving federal agencies until April 25, 2026 to secure their systems. This follows a pattern of SD-WAN infrastructure being targeted in ongoing attack campaigns.

  7. 7
    0
    BleepingComputer general
    Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

    Over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability, according to Shadowserver Foundation monitoring. The actively exploited flaw demonstrates the persistence of unpatched enterprise messaging infrastructure as attack vectors.

  8. 8
    0
    Dark Reading general
    Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

    Google patched a critical prompt injection vulnerability in its Antigravity AI-based IDE tool that enabled sandbox escape and arbitrary code execution through insufficient input sanitization in the find_by_name file-searching function. The flaw combined Antigravity's file-creation capabilities with poor input validation to bypass security restrictions.

  9. 9
    0
    BleepingComputer general
    Former ransomware negotiator pleads guilty to BlackCat attacks

    Angelo Martino, 41, a former DigitalMint ransomware negotiator from Florida, pleaded guilty to collaborating with BlackCat ransomware operators in 2023, helping extract $75.3 million in ransom payments from five victim companies. This marks the third cybersecurity professional to admit involvement in ransomware schemes, highlighting insider threat risks in incident response.

  10. 10
    0
    BleepingComputer general
    French govt agency confirms breach as hacker offers to sell data

    France Titres, the French government agency responsible for issuing and managing administrative documents, disclosed a data breach after threat actors claimed the attack and offered to sell citizen data. The breach affects the agency that handles official French identity and administrative documentation, potentially exposing sensitive citizen information.