Vulnerabilities

Tracking critical CVEs, zero-days, and actively exploited flaws across enterprise software, operating systems, and infrastructure — with actionable guidance on what to patch first.

Phishing

May 3, 2026

•

5 min read

📰 The CyberSignal Daily — May 3, 2026

GitHub cross-tenant RCE via git push, SAP npm backdoored in Mini Shai-Hulud, 276 pig-butchering arrests, 30K Facebook accounts phished via Google, and LiteLLM exploited in 36 hours.

The CyberSignal Newsletter

Ransomware

May 2, 2026

•

5 min read

📰 The CyberSignal Daily — May 2, 2026

Two IR pros jailed for BlackCat. Scattered Spider arrested in Finland. Cordial/Snarky Spider target SaaS. CISA's 48-hour cPanel mandate. Europol's velocity gap warning.

The CyberSignal Newsletter

Daily Briefing

📰 The CyberSignal Daily — April 30, 2026

Apr 30, 2026

•

6 min read

📰 The CyberSignal Daily — April 30, 2026

BlueNoroff hid a 66-day fileless implant behind AI Zoom deepfakes. WordPress plugins backdoored for 8 months via blockchain C2. APT28 patch was incomplete — zero-click flaw now actively exploited.

The CyberSignal Newsletter

Policy & Government

📰 The CyberSignal Daily — April 29, 2026

Apr 29, 2026

•

5 min read

📰 The CyberSignal Daily — April 29, 2026

8.3M anonymous crime tips exposed — 38 years of data. Silk Typhoon hacker extradited from Italy. Microsoft patches critical Entra ID takeover flaw. Mustang Panda targets India banks and Korea diplomacy.

The CyberSignal Newsletter

Ransomware

📰 The CyberSignal Daily — April 28, 2026

Apr 28, 2026

•

5 min read

📰 The CyberSignal Daily — April 28, 2026

ShinyHunters claims 9M Medtronic records. A PyPI package with 1.1M monthly downloads pushes infostealer via CI/CD. North Korea targets macOS. 10,500 Zimbra servers exposed. AI engine exploited in 12 hours.

The CyberSignal Newsletter

Ransomware

📰 The CyberSignal Daily — April 26, 2026

Apr 26, 2026

•

4 min read

📰 The CyberSignal Daily — April 26, 2026

ShinyHunters breaches ADT via a phone call — 10M records at stake. Germany's Bundestag president's Signal account hijacked. 12-year Linux root bug disclosed. Notion leaks your team's emails.

The CyberSignal Newsletter

Phishing

📰 The CyberSignal Daily — April 25, 2026

Apr 25, 2026

•

5 min read

📰 The CyberSignal Daily — April 25, 2026

2005 malware predates Stuxnet by five years. PIBuster permanently bricks EV chargers in 30 seconds. Firestarter backdoor survives Cisco patches. Chinese engineer phished NASA for five years.

The CyberSignal Newsletter

Daily Briefing

📰 The CyberSignal Daily — April 23, 2026

Apr 23, 2026

•

5 min read

📰 The CyberSignal Daily — April 23, 2026

17 agencies warn China's 200K-device botnets now power full kill chains. Apple patches the iOS flaw FBI used to read deleted Signal messages. CISA mandates BlueHammer patch by May 7.

The CyberSignal Newsletter

Ransomware

📰 The CyberSignal Daily — April 21, 2026

Apr 21, 2026

•

4 min read

📰 The CyberSignal Daily — April 21, 2026

A ransomware negotiator secretly worked for BlackCat. Ransomware hides inside QEMU virtual machines your EDR can't see. 22 OT vulnerabilities expose hospitals and power grids. 26 crypto stealers in Apple's App Store.

The CyberSignal Newsletter

Policy & Government

📰 The CyberSignal Daily — April 19, 2026

Apr 19, 2026

•

4 min read

📰 The CyberSignal Daily — April 19, 2026

Three Microsoft Defender zero-days leaked — two still unpatched. AI voice agents automate phone scams at scale. Tycoon 2FA's replacement is harder to detect. Grinex collapses after $13.7M hack.

The CyberSignal Newsletter

Policy & Government

📰 The CyberSignal Daily — April 18, 2026

Apr 18, 2026

•

4 min read

📰 The CyberSignal Daily — April 18, 2026

Malware built to poison Israel's water supply, 75,000 DDoS users unmasked, Apache ActiveMQ RCE added to KEV, FISA 702 gets a 10-day extension, and a musician loses $424K to a fake App Store wallet.

The CyberSignal Newsletter

Healthcare

📰 The CyberSignal Daily — April 17, 2026

Apr 17, 2026

•

4 min read

📰 The CyberSignal Daily — April 17, 2026

UK government warns AI is shrinking your defensive advantage, a Tennessee hospital went 25 days undetected, Splunk patches an RCE in your SOC platform, and NIST overhauls the NVD.

The CyberSignal Newsletter

Ransomware

📰 The CyberSignal Daily — April 16, 2026

Apr 16, 2026

•

3 min read

📰 The CyberSignal Daily — April 16, 2026

YouTube accounts hijacked via fake copyright strikes, CISA adds a SharePoint zero-day and a 2009 Excel bug, n8n weaponized for malware delivery, and ransomware blacks out European automotive data.

The CyberSignal Newsletter

Ransomware

📰 The CyberSignal Daily — April 15, 2026

Apr 15, 2026

•

3 min read

📰 The CyberSignal Daily — April 15, 2026

PowerSchool hacker admits guilt, Sweden names Russia for a power plant attack, FBI kills W3LL, and one CVE patches by tomorrow.

The CyberSignal Newsletter

Ransomware

📰 The CyberSignal Daily — April 14, 2026

Apr 14, 2026

•

6 min read

📰 The CyberSignal Daily — April 14, 2026

Ransomware groups are now disabling your endpoint security before striking. Plus Booking.com data exposed, Anodot breach spreads, and 4 missed stories.

The CyberSignal Newsletter

Surveillance

📰 The CyberSignal Daily — April 13, 2026

Apr 13, 2026

•

5 min read

📰 The CyberSignal Daily — April 13, 2026

Adobe's zero-day ran for months. Rockstar's ransom deadline hits tomorrow. And 500M devices are being tracked through their own ads.

The CyberSignal Newsletter