Security News & Research
Latest cybersecurity news, threat intelligence and vulnerability disclosures.
Vulnerability
tarang.parmar0
Apr 13, 2026
6 min read
Adobe’s emergency patch for CVE-2026-34621 arrived 135 days after threat actors began exploiting this critical zero-day in Adobe Reader. The attack uses a prototype pollution flaw to execute privileged JavaScript from a malicious PDF — no click required beyond opening the document. CISA has added it to KEV with an April 27 federal deadline. Here is the full technical breakdown.
#Critical#Cybersecurity#RCE#ThreatIntel#Vulnerability
Read Full Article
Vulnerability
tarang.parmar0
Apr 12, 2026
5 min read
A critical pre-authentication RCE vulnerability in Marimo, the open-source Python notebook platform, was weaponized by threat actors in under 10 hours of disclosure — with no public PoC available. Here is the full technical breakdown of the attack chain, attacker TTPs, and what defenders must do right now.
#Critical#CVE-2026-39987#Cybersecurity#Marimo#Python
Read Full Article
Supply Chain
tarang.parmar0
Apr 10, 2026
2 min read
Unknown threat actors hijacked the update system for Smart Slider 3 Pro plugin, distributing a backdoored version to thousands of WordPress sites.
#Backdoor#Critical#Nextend#SupplyChain#WordPress
Read Full Article
Vulnerability
tarang.parmar0
Apr 10, 2026
2 min read
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been actively exploited within just 10 hours of public disclosure.
#Critical#CVE-2026-39987#Marimo#Python#RCE
Read Full Article
APT
tarang.parmar0
Apr 10, 2026
2 min read
A new campaign by Russia-linked threat actor APT28, also known as Forest Blizzard, has been discovered targeting small office/home office routers globally to conduct DNS hijacking attacks on critical infrastructure.
#APT#APT28#Critical#DNS#ForestBlizzard
Read Full Article