IFIN - The Independent Federated Intelligence Network4h ago

We've been tracking this Adobe 0-day in Acrobat Reader. Still no patch from Adobe (and no word on affected versions). Per the discoverer, this attack has been ongoing for months.

https://discourse.ifin.network/t/adobe-0-day-seen-in-the-wild/250

#Adobe #0day #ThreatIntel #IFIN

Adobe 0-day seen in the wild

This is an interesting find. PDF exploits are rare and this one looks to be very targeted. Also "yummy_adobe_exploit_uwu.pdf" is a malware naming convention that reminds me why I love this community. I’m struggling to come up with some good detections for this one though. I was hoping for the process tree behavior but this seems very common with acrobat.exe: ``` Acrobat.exe (PID:6416) “manual.pdf” ├── AdobeCollabSync.exe -c (PID:3520) ├── AdobeCollabSync.exe -c (PID:5424) [stealth_timeo...

IFIN
Hackread.com1d ago

An #AdobeReader zero-day vulnerability is being actively exploited via malicious PDFs, allowing hackers to steal data without user interaction, with no patch available.

Read: https://hackread.com/adobe-reader-zero-day-exploit-data-malicious-pdfs/

#CyberSecurity #Adobe #Vulnerability #0day #PDF

Adobe Reader Zero-Day Exploited to Steal Data via Malicious PDFs

An Adobe Reader zero-day vulnerability is being actively exploited via malicious PDFs, allowing hackers to steal data without user interaction, with no patch available.

Hackread - Cybersecurity News, Data Breaches, AI and More
maniabel1d ago

ZeroDay im AdobeReader: keine Nutzerinteraktion erforderlich.

Mehr: https://digiprax.maniabel.work/archiv/1263

#adobe #adobereader #zeroday #0day #malware #systemfingerprinting #javascript #infosec #up2date

Christoph Schmees2d ago

Windows „Defender“ als Sicherheitsrisiko

Zur Abwechslung mal etwas neues: Der "Defender", den Microsoft (MS) mit Windows als Antivirus mitliefert, enthält selber eine angreifbare Schwachstelle. Ach, das ist gar nicht neu? Schade. - Sicherheitsforscher/innen haben im MS Defender eine Schwachstelle entdeckt, die sich zusammen mit anderen Schwachstellen in Windows für Angriffe ausnutzen lässt. Die Zero-Day Sicherheitslücke wurde Bluehammer getauft. Sogar ein PoC Exploit ist schon öffentlich verfügbar. Der gesamte Angriff besteht aus mehreren Schritten, in denen jeweils konzeptionelle Fehler in Windows ausgenutzt werden. Die Kette beginnt damit, dem Defender

https://www.pc-fluesterer.info/wordpress/2026/04/08/windows-defender-als-sicherheitsrisiko/

#Empfehlung #Warnung #0day #antivirus #exploits #Microsoft #sicherheit #unplugMicrosoft #UnplugTrump #windows

Windows „Defender“ als Sicherheitsrisiko | pc-flüsterer bremen

Bill3d ago

Good writeup on @wdormann's recent efforts.

https://securityaffairs.com/190400/breaking-news/experts-published-unpatched-windows-zero-day-bluehammer.html

#0day #microsoft

Experts published unpatched Windows zero-day BlueHammer - Security Affairs

A researcher leaked the unpatched Windows zero-day “BlueHammer,” letting attackers gain SYSTEM rights; no patch exists yet. A disgruntled researcher released the BlueHammer Windows zero-day, a privilege escalation flaw that allows attackers to gain SYSTEM or admin rights, Bleeping Computer reports. The researcher privately reported the vulnerability to Microsoft but criticized the way the Microsoft’s Security […]

Security Affairs
#cryptohagen5d ago

AI ikke længere et fjernt eller hypotetisk emne i cyber-sikkerhed

De mest avancerede systemer, (banebrydende AI-modeller) viser i specifikke faser af cyber-operationer, f.eks. identificere #0day i udbredt software eller kryptografiske udfordringer

..ændrer omkostningerne, hastigheden og omfanget af operationer for både angribere og forsvarere

Nye fund fra AI Security Institute (AISI) fremhæver en accelereret stigning i cyber-kapaciteterne hos frontier-modeller
https://www.ncsc.gov.uk/blogs/why-cyber-defenders-need-to-be-ready-for-frontier-ai

Why cyber defenders need to be ready for frontier AI

Understanding the threats and staying ahead of the adversary

National Cyber Security Centre - NCSC.GOV.UK
robrichApr 1
https://red.anthropic.com/2026/zero-days/ - #LLMs are good at finding #0Day #security #vulnerabilities. So now what?
0-Days \ red.anthropic.com

OTX BotApr 1

Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets

Pulse ID: 69cca0e2125ca2e207f80ccf
Pulse Link: https://otx.alienvault.com/pulse/69cca0e2125ca2e207f80ccf
Pulse Author: Tr1sa111
Created: 2026-04-01 04:36:50

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#0Day #Asia #CyberSecurity #Government #InfoSec #OTX #OpenThreatExchange #RAT #bot #Tr1sa111

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
Marcel SIneM(S)USApr 1
l+f: #Claude serviert Zero-Day-Exploits frei Haus | Security https://www.heise.de/news/l-f-Claude-serviert-Zero-Day-Exploits-frei-Haus-11242325.html #ArtificialIntelligence #AI #AnthropicClaude #ZeroDayExploit #0day #exploit
l+f: Claude serviert Zero-Day-Exploits frei Haus

Dass sich Guardrails umgehen lassen, war eigentlich klar. Dass das so einfach gehen könnte, überrascht dann doch.

heise online
OTX BotMar 31

Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets

A zero-day vulnerability in the TrueConf client application, CVE-2026-3502, was exploited in a targeted campaign against government entities in Southeast Asia. The flaw allows attackers controlling an on-premises TrueConf server to distribute and execute arbitrary files across connected endpoints. The campaign, dubbed 'TrueChaos', abused the trusted update channel to deliver malware to multiple government agencies. The attack likely involved a Chinese-nexus threat actor and utilized the Havoc post-exploitation framework. The vulnerability stems from inadequate validation in the update process, enabling malicious updates to be distributed through a centrally managed server. TrueConf has since released a fix in version 8.5.3 of their Windows client.

Pulse ID: 69cbf7d955b9ee7f5f7ddfef
Pulse Link: https://otx.alienvault.com/pulse/69cbf7d955b9ee7f5f7ddfef
Pulse Author: AlienVault
Created: 2026-03-31 16:35:37

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#0Day #Asia #Chinese #CyberSecurity #Endpoint #Government #InfoSec #Malware #OTX #OpenThreatExchange #RAT #Rust #Troll #Vulnerability #Windows #ZeroDay #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange