04/24

Yale New Haven Health data breach affects 5.5 million patients

https://www.bleepingcomputer.com/news/security/yale-new-haven-health-data-breach-affects-55-million-patients/
Yale New Haven Health data breach affects 5.5 million patients

Linux 'io_uring' security blindspot allows stealthy rootkit attacks

https://www.bleepingcomputer.com/news/security/linux-io-uring-security-blindspot-allows-stealthy-rootkit-attacks/
Linux 'io_uring' security blindspot allows stealthy rootkit attacks

Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware

https://thehackernews.com/2025/04/lazarus-hits-6-south-korean-firms-via.html
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware

Lazarus APT updates its toolset in watering hole attacks | Securelist

https://securelist.com/operation-synchole-watering-hole-attacks-by-lazarus/116326/
Lazarus APT updates its toolset in watering hole attacks | Securelist

Lazarus hackers breach six companies in watering hole attacks

https://www.bleepingcomputer.com/news/security/lazarus-hackers-breach-six-companies-in-watering-hole-attacks/
Lazarus hackers breach six companies in watering hole attacks

Mischief Gadgets - Hak5

http://hak5.org/omg
Mischief Gadgets - Hak5

The curious case of the evt parameter - The Spanner

https://thespanner.co.uk/the-curious-case-of-the-evt-parameter
The curious case of the evt parameter - The Spanner

Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely

https://thehackernews.com/2025/04/critical-commvault-command-center-flaw.html
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely

Microsoft fixes machine learning bug flagging Adobe emails as spam

https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-machine-learning-bug-flagging-adobe-emails-as-spam/
Microsoft fixes machine learning bug flagging Adobe emails as spam

Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools

https://thehackernews.com/2025/04/linux-iouring-poc-rootkit-bypasses.html
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools

159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure

https://thehackernews.com/2025/04/159-cves-exploited-in-q1-2025-283.html
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure

How a 20 year old bug in GTA San Andreas surfaced in Windows 11 24H2 | Silent’s Blog

https://cookieplmonster.github.io/2025/04/23/gta-san-andreas-win11-24h2-bug/
How a 20 year old bug in GTA San Andreas surfaced in Windows 11 24H2 | Silent’s Blog

5.5 Million Patients Affected by Data Breach at Yale New Haven Health  - SecurityWeek

https://www.securityweek.com/5-5-million-patients-affected-by-data-breach-at-yale-new-haven-health/
5.5 Million Patients Affected by Data Breach at Yale New Haven Health  - SecurityWeek

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

https://thehackernews.com/2025/04/darcula-adds-genai-to-phishing-toolkit.html
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads

https://thehackernews.com/2025/04/whatsapp-adds-advanced-chat-privacy-to.html
WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads

Cisco Confirms Some Products Impacted by Critical Erlang/OTP Flaw - SecurityWeek

https://www.securityweek.com/cisco-confirms-some-products-impacted-by-critical-erlang-otp-flaw/
Cisco Confirms Some Products Impacted by Critical Erlang/OTP Flaw - SecurityWeek

Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)

https://labs.watchtowr.com/fire-in-the-hole-were-breaching-the-vault-commvault-remote-code-execution-cve-2025-34028/
Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)

Hunting Botnets With CursorAI, GreyNoise, Censys, and Censeye

https://censys.com/blog/hunting-botnets-with-cursorai-greynoise-censys-and-censeye
Hunting Botnets With CursorAI, GreyNoise, Censys, and Censeye

Interlock ransomware claims DaVita attack, leaks stolen data

https://www.bleepingcomputer.com/news/security/interlock-ransomware-claims-davita-attack-leaks-stolen-data/
Interlock ransomware claims DaVita attack, leaks stolen data