GreySignal Intelligence Briefing: Daily (24h)
Generated: 2026-04-03 09:07 UTC Classification: TLP:RED (Internal Use Only) Interactive Timeline: View Timeline (HTML)
AI Executive Summary unavailable — generation error. Check server logs.
Overview
65 events collected from 15 sources.
| Severity: HIGH: 1 | MEDIUM: 4 | LOW: 60 |
Key Statistics
- Top Sources: The Maritime Executive (18), Bleeping Computer (11), Dark Reading (6), The Hacker News (6), Data Center Knowledge (4)
- Targeted Countries: U.S. (3), Cuba (2), Iran (2), China (2), Russia (2)
- Identified Actors/Entities: Iranian (3), Microsoft (2), Chinese (2), Hormuz (2), Russian (2)
- Targeted Sectors: Maritime (8), Defense (4), Energy (4), Government (4), Telecom (3)
Event Feed
[LOW] [CYBER] Black Hat USA
Source: Dark Reading | Date: 2026-08-01 | Severity: LOW
Actors: Black Hat USA
[LOW] [CYBER] Man admits to locking thousands of Windows devices in extortion plot
Source: Bleeping Computer | Date: 2026-04-03 | Severity: LOW
A former core infrastructure engineer has pleaded guilty to locking Windows admins out of 254 servers as part of a failed extortion plot targeting his employer, an industrial company headquartered in Somerset County, New Jersey. […]
| *Actors: Windows | Countries: Somerset County, New Jersey* |
[LOW] [GEN] Is Multi-Line Insurance a Better Fit for Data Centers?
Source: Data Center Knowledge | Date: 2026-04-03 | Severity: LOW
Multi-line insurance can simplify administration and reduce coverage gaps for many data centers, but it may introduce aggregate limits and reduce customization.
Actors: Multi-Line Insurance
[LOW] [CYBER] Microsoft now force upgrades unmanaged Windows 11 24H2 PCs
Source: Bleeping Computer | Date: 2026-04-03 | Severity: LOW
Starting this week, Microsoft has begun force-upgrading unmanaged devices running Windows 11 24H2 Home and Pro editions to Windows 11 25H2. […]
Actors: Microsoft
[LOW] [CYBER] The Limits of Trump’s Regime Capture Strategy from Venezuela to Cuba
Source: War on the Rocks | Date: 2026-04-03 | Severity: LOW
Since the beginning of the year, President Donald Trump has enthusiastically reinstated regime change as a key tool of U.S. statecraft, despite previously campaigning against the military excesses of former presidents. This drastic foreign policy reversal owes much to his administration’s dramatic capture of former Venezuelan President Nicolás Maduro in a successful raid and arrest on Jan. 3. Clearly encouraged by the apparent ease with which this act of leadership decapitation converted a one-t
| *Actors: Trump’s Regime Capture Strategy, Donald Trump, Venezuelan, Nicolás Maduro | Countries: Venezuela, Cuba, U.S. | Sectors: Defense* |
[LOW] [CYBER] How the War with Iran Ends
Source: War on the Rocks | Date: 2026-04-03 | Severity: LOW
Three weeks into the joint American-Israeli military operation against Iran, a pressing question occupies Washington: What will ultimately follow these strikes? The attacks themselves are already degrading Tehran’s military capacity, but the more crucial focus is the aftermath — specifically, whether the pressures now weighing on the theocracy point to a negotiated settlement, prolonged attrition, or the collapse of the Islamic Republic from within.This month, I turn 40. I was born in Iraq, in t
| *Actors: American, Israeli | Countries: Iran, Washington, Tehran, the Islamic Republic, Iraq | Sectors: Defense* |
[LOW] [CYBER] CERT-EU: European Commission hack exposes data of 30 EU entities
Source: Bleeping Computer | Date: 2026-04-03 | Severity: LOW
The European Union’s Cybersecurity Service (CERT-EU) has attributed the European Commission cloud hack to the TeamPCP threat group, saying the resulting breach exposed the data of at least 29 other Union entities. […]
Actors: CERT-EU, European Commission, The European Union’s, Cybersecurity Service, the European Commission
[LOW] [CYBER] Wah Kwong & Bureau Veritas 1st SMART “Augmented Ship” in Newbuild Series
Source: The Maritime Executive | Date: 2026-04-03 | Severity: LOW
Wah Kwong Maritime Transport (“Wah Kwong”) and Bureau Veritas Marine & Offshore (“BV”) celebrated the delivery of the LR2 tanker Frontier Venture yest…
| *Actors: Wah Kwong & Bureau, SMART “Augmented Ship, Wah Kwong Maritime Transport, Wah Kwong, Bureau Veritas Marine & Offshore | Sectors: Maritime* |
[LOW] [CYBER] Saudi Global Ports Begins Operations at Jubail Container Terminal (JCT)
Source: The Maritime Executive | Date: 2026-04-03 | Severity: LOW
Saudi Global Ports Group (SGP) has begun operations at the Jubail Container Terminal (JCT) at Jubail Commercial Port under a long-term privatization a…
| *Actors: Saudi, Jubail Container Terminal, JCT, Global Ports Group, the Jubail Container Terminal | Sectors: Maritime* |
[LOW] [CYBER] World Fuel Services & West Coast Clean Fuels Establish Methanol Bunkering
Source: The Maritime Executive | Date: 2026-04-03 | Severity: LOW
World Fuel Services, in collaboration with West Coast Clean Fuels, has established a proven methanol bunkering capability available to vessel owners a…
| *Actors: World Fuel Services & West Coast Clean Fuels Establish Methanol Bunkering, World Fuel Services | Sectors: Maritime* |
[LOW] [CYBER] China’s Deep Sea Mining Research May Be Cover for Surveillance
Source: The Maritime Executive | Date: 2026-04-03 | Severity: LOW
[By Elizabeth Claire Alberts and Kara Fox]A Mongabay and CNN investigation found the eight Chinese state-owned ships that conduct deep-sea mining res…
| *Actors: Deep Sea Mining Research, May Be Cover, Elizabeth Claire Alberts, Kara, Mongabay | Countries: China* |
[LOW] [CYBER] UN Security Council Expected to Vote Down Use-of-Force Request for Hormuz
Source: The Maritime Executive | Date: 2026-04-03 | Severity: LOW
Three of the permanent members of the UN Security Council have signaled that they do not support a motion to authorize use of force to reopen the Str…
Actors: UN Security Council Expected, Hormuz, the UN Security Council, Str
[LOW] [CYBER] Russia Plans to Send Second Tanker Through U.S. Energy Blockade on Cuba
Source: The Maritime Executive | Date: 2026-04-03 | Severity: LOW
As a Russian tanker unloads in Matanzas, Cuba, breaking the de facto energy blockade imposed by the Trump administration, Moscow is said to be planni…
| *Actors: Send Second Tanker Through U.S. Energy Blockade, Russian, Trump | Countries: Russia, Cuba, Matanzas, Moscow | Sectors: Energy* |
[LOW] [CYBER] Fincantieri, Fraser, Donjon Shipyards Support Shipbuilding in Great Lakes
Source: The Maritime Executive | Date: 2026-04-03 | Severity: LOW
Fincantieri Marine Group and two Great Lakes shipbuilders, Fraser Shipyards (Superior, Wis.) and Donjon Marine (Erie, Pa.), have established a collabo…
| *Actors: Fincantieri, Fraser, Fincantieri Marine Group, Fraser Shipyards, Donjon Marine | Countries: Superior, Wis., Erie, Pa.* |
[LOW] [CYBER] How Iran Can Stop Shipping With Mines, From the Arabian Gulf to the Red Sea
Source: The Maritime Executive | Date: 2026-04-03 | Severity: LOW
[By Andy Perry]Just reports of mines are often sufficient to disrupt maritime traffic. Even if ship owners, crews and insurers weren’t aware of the m…
| *Actors: Andy | Sectors: Maritime* |
[LOW] [CYBER] Samsung Heavy Industries Participates in Its First U.S. Navy MASGA Project
Source: The Maritime Executive | Date: 2026-04-03 | Severity: LOW
South Korean shipbuilder Samsung Heavy Industries announced that it will be participating in its first U.S. shipbuilding project, working with General…
| *Actors: Samsung Heavy Industries Participates, South Korean, Samsung Heavy Industries | Countries: U.S.* |
[LOW] [CYBER] Archaeologists Uncover Danish Navy Flagship From the Battle of Copenhagen
Source: The Maritime Executive | Date: 2026-04-02 | Severity: LOW
Marine archaeologists have discovered the wreck of a famous Danish warship on the bottom of Copenhagen’s harbor, a reminder of the War of the Second…
Actors: Uncover Danish Navy Flagship, Danish, Copenhagen
[LOW] [CYBER] Boxship Departing Taiwan Clips Docked Ship Sending Containers into Harbor
Source: The Maritime Executive | Date: 2026-04-02 | Severity: LOW
Operations were briefly interrupted on Wednesday, April 1, at the Port of Kaohsiung, Taiwan, after a departing containership clipped a docked vessel….
| *Actors: Boxship Departing | Countries: Taiwan | Sectors: Maritime* |
[LOW] [GEN] From Highways to Country Roads: How Backbone Networks Support AI Infrastructure
Source: Data Center Knowledge | Date: 2026-04-02 | Severity: LOW
AI’s evolution demands resilient backbone networks for training and inference, writes Mattias Fridström.
Actors: Mattias Fridström
[LOW] [CYBER] Four People Rescued by Vehicle Carrier Transiting the Bay of Biscay
Source: The Maritime Executive | Date: 2026-04-02 | Severity: LOW
Four people aboard a large sailboat were successfully rescued after their vessel began taking on water during a storm in the Bay of Biscay. UECC (Uni…
| *Actors: Vehicle Carrier Transiting | Countries: Biscay | Sectors: Telecom, Maritime* |
[LOW] [CYBER] Taiwan Accuses Salvage Barge of Damaging Subsea Cable
Source: The Maritime Executive | Date: 2026-04-02 | Severity: LOW
Taiwanese officials suspect that a Chinese salvage barge damaged a subsea cable off the coast of the Matsu Islands while recovering a grounded fishin…
| *Actors: Taiwanese, Chinese | Countries: Taiwan* |
[LOW] [CYBER] First LNG Carrier Among Three Omani Ships Breaking Out Through Hormuz
Source: The Maritime Executive | Date: 2026-04-02 | Severity: LOW
Three vessels, including the first LNG carrier in a month, were spotted making their way along the northern coast of Oman on Thursday, April 2, in an…
| *Actors: LNG, Hormuz | Countries: Oman | Sectors: Telecom* |
[LOW] [CYBER] Geopolitics, AI, and Cybersecurity: Insights From RSAC 2026
Source: Dark Reading | Date: 2026-04-02 | Severity: LOW
AI-driven threats, global leadership shifts, and the future of cybersecurity in a rapidly evolving landscape were among the discussions at RSAC 2026 Conference.
Countries: Geopolitics
[LOW] [CYBER] Claude Code leak used to push infostealer malware on GitHub
Source: Bleeping Computer | Date: 2026-04-02 | Severity: LOW
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. […]
Countries: Vidar
[LOW] [CYBER] Not Toying Around: Hasbro Attack May Take ‘Weeks’ to Remediate
Source: Dark Reading | Date: 2026-04-02 | Severity: LOW
The company’s 8-K filing notes “unauthorized access” and that it’s activated business continuity plans and taken some systems offline.
Countries: Remediate
[LOW] [CYBER] Ukraine Lines Up Plans to Sell a Sanctioned Politician’s Yacht
Source: The Maritime Executive | Date: 2026-04-02 | Severity: LOW
The government of Ukraine is lining up plans to sell a yacht that formerly belonged to Viktor Medvedchuk, the pro-Russian politician who was captured…
| *Actors: Ukraine Lines, Sanctioned, Viktor Medvedchuk, pro-Russian | Countries: Yacht, Ukraine | Sectors: Government* |
[HIGH] [GEN] Securing the Supply Chain: How SentinelOne®’s AI EDR Stops the Axios Attack Autonomously
Source: SentinelOne | Date: 2026-04-02 | Severity: HIGH
Read our blog post to learn how SentinelOne’s AI EDR autonomously stopped a global LiteLLM supply chain attack before execution.
Actors: SentinelOne, EDR
[MEDIUM] [CYBER] Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
Source: The Hacker News | Date: 2026-04-02 | Severity: MEDIUM
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale. Cisco Talos has attributed the operation to a threat cluster it tracks as
Actors: Breach 766 Next.js Hosts, Steal Credentials, SSH, Amazon Web Services, Stripe API, Cisco Talos
[LOW] [CYBER] Security Bosses Are All-In on AI. Here’s Why
Source: Dark Reading | Date: 2026-04-02 | Severity: LOW
CISOs are bullish on AI and have big plans to roll out future tools. We talk to Reddit CISO Frederick Lee and leading analyst Dave Gruber about how AI is working out in the real world, as well as its future promise.
Actors: Frederick Lee, Dave Gruber
[LOW] [CYBER] Safeen Prestige Reportedly Sank in the Strait of Hormuz
Source: The Maritime Executive | Date: 2026-04-02 | Severity: LOW
The UAE-managed containership Safeen Prestige is reported to have finally succumbed to the fire that engulfed the vessel after it was attacked by the…
| *Actors: Safeen Prestige | Countries: UAE | Sectors: Maritime* |
[LOW] [CYBER] Drift loses $280 million North Korean hackers seize Security Council powers
Source: Bleeping Computer | Date: 2026-04-02 | Severity: LOW
The Drift Protocol lost at least $280 million after a threat actor took control of its Security Council administrative powers in a planned, sophisticated operation. […]
Actors: Drift, North Korean, Security Council
[LOW] [CYBER] JA Moody Partners with Phoenix Lighting to Expand into Electrical Products
Source: The Maritime Executive | Date: 2026-04-02 | Severity: LOW
[By JA Moody]JA Moody, a premier supplier of flow control products to the U.S. Navy and marine industry, is proud to announce a strategic partnership…
Actors: JA Moody Partners, Phoenix Lighting, Electrical Products, Moody, the U.S. Navy
[LOW] [CYBER] Chainalysis Links NYC 2026: AI Amplification, TradFi Convergence, and the Power of Networked Intelligence
Source: Chainalysis | Date: 2026-04-02 | Severity: LOW
Chainalysis Links 2026 brought together the brightest minds across cryptocurrency exchanges, global law enforcement, and traditional finance (TradFi) for an… The post Chainalysis Links NYC 2026: AI Amplification, TradFi Convergence, and the Power of Networked Intelligence appeared first on Chainalysis .
| *Actors: the Power of Networked Intelligence, Chainalysis Links NYC | Countries: Convergence* |
[LOW] [CYBER] Libya Says Tow Failed and Warns Wreck of Arctic Metagaz Is Out of Control
Source: The Maritime Executive | Date: 2026-04-02 | Severity: LOW
Libya’s Ports and Maritime Transport Authority posted an urgent notice on Thursday, April 2, warning that the wreck of the Russian-flagged LNG carrier…
| *Actors: Tow Failed, Warns Wreck, Ports, Maritime Transport Authority, Russian | Countries: Libya | Sectors: Telecom, Maritime* |
[LOW] [CYBER] The Global Ripple Effect of the War in Iran
Source: War on the Rocks | Date: 2026-04-02 | Severity: LOW
Welcome to The Adversarial. Every other week, we’ll provide you with expert analysis on America’s greatest challengers: China, Russia, Iran, North Korea, and jihadists. Read more below.***IranAs the war with Iran extends into a second month, the White House is publicly bullish on both its military achievements and diplomatic prospects. The former are considerable, though not definitive. While the Iranian regime’s instruments of hard power have been degraded, it remains capable of striking Israel
| *Actors: the White House, Iranian | Countries: Iran, America, China, Russia, North Korea | Sectors: Defense* |
[LOW] [FINANCE] US Bans All Foreign-Made Consumer Routers
Source: Schneier on Security | Date: 2026-04-02 | Severity: LOW
This is for new routers ; you don’t have to throw away your existing ones: The Executive Branch determination noted that foreign-produced routers (1) introduce “a supply chain vulnerability that could disrupt the U.S. economy, critical infrastructure, and national defense” and (2) pose “a severe cybersecurity risk that could be leveraged to immediately and severely disrupt U.S. critical infrastructure and directly harm U.S. persons.” More information : Any new router made outside the US will now
| *Countries: U.S. | Sectors: Critical Infrastructure, Defense* |
[LOW] [CYBER] Drift crypto platform confirms $280 million stolen in hack as researchers point finger at North Korea
Source: The Record by Recorded Future | Date: 2026-04-02 | Severity: LOW
The platform released a post-mortem on Wednesday night explaining that malicious actors gained access to Drift systems through a “novel attack” that involved the “rapid takeover” of the company’s security council administrative powers.
| *Actors: Drift | Countries: North Korea* |
[LOW] [GEN] UK Grid Reform Could Split Data Center Market – Report
Source: Data Center Knowledge | Date: 2026-04-02 | Severity: LOW
Proposed changes to electricity connection rules could accelerate hyperscale projects while making it harder for smaller developers to secure power.
Sectors: Energy
[LOW] [CYBER] French Senate passes bill that would ban children under 15 from social media
Source: The Record by Recorded Future | Date: 2026-04-02 | Severity: LOW
If the French effort becomes law, it would make France the first European country to follow Australia’s lead by banning social media for young teenagers.
| *Actors: French, Senate, European | Countries: France, Australia* |
[MEDIUM] [GEN] Threat actor abuse of AI accelerates from tool to cyberattack surface
Source: Microsoft Security | Date: 2026-04-02 | Severity: MEDIUM
Generative AI is upgrading cyberattacks, from 450% higher phishing click‑through rates to industrialized MFA bypass. The post Threat actor abuse of AI accelerates from tool to cyberattack surface appeared first on Microsoft Security Blog .
Actors: Generative AI, click‑through, MFA, Microsoft Security Blog
[LOW] [CYBER] RSAC 2026: AI Dominates, But Community Remains Key to Security
Source: Dark Reading | Date: 2026-04-02 | Severity: LOW
As AI took center stage at this year’s conference, experts debated automation, oversight and the evolving role of human intelligence in cybersecurity — despite the US government’s notable absence.
| *Actors: Community Remains Key to Security | Sectors: Government* |
[LOW] [GEN] Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments
Source: Microsoft Security | Date: 2026-04-02 | Severity: LOW
Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution behind specially crafted HTTP cookies. The post Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments appeared first on Microsoft Security Blog .
| *Actors: PHP, Cookie, Microsoft Security Blog | Countries: Linux* |
[LOW] [CYBER] The War You’re Not Allowed to See: How the UAE Rewrites the Story of Iranian Strikes
Source: Bellingcat | Date: 2026-04-02 | Severity: LOW
Bellingcat has identified several high-profile incidents where authorities in the United Arab Emirates have downplayed damage, mischaracterised interceptions and in some instances not acknowledged successful Iranian drone strikes on the country. A review of official statements shows that the public account does not always align with what can be observed through open sources. This comes […] The post The War You’re Not Allowed to See: How the UAE Rewrites the Story of Iranian Strikes appeared firs
| *Actors: Bellingcat, Iranian | Countries: the United Arab Emirates* |
[LOW] [CYBER] Residential proxies evaded IP reputation checks in 78% of 4B sessions
Source: Bleeping Computer | Date: 2026-04-02 | Severity: LOW
Researchers warn that residential proxies used to route malicious traffic are a big problem for IP reputation systems, as there is no clear distinction between attackers and legitimate users. […]
[LOW] [CYBER] Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
Source: The Hacker News | Date: 2026-04-02 | Severity: LOW
Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges. The vulnerability, tracked as CVE-2026-20093, carries a CVSS score of 9.8 out of a maximum of 10.0. “This
| *Actors: Cisco Patches, SSM Flaws Allowing Remote System Compromise, the Integrated Management Controller, IMC | Countries: Cisco* |
[LOW] [GEN] Knocking on Quantum’s Door: QuiX Claims Photonic Error Reduction Breakthrough
Source: Data Center Knowledge | Date: 2026-04-02 | Severity: LOW
The Netherlands-based company says it has achieved below-threshold error mitigation in a photonic quantum system – a milestone tied directly to fault-tolerant quantum computing and one that could significantly reduce the infrastructure footprint required to scale.
| *Actors: Quantum | Countries: Netherlands* |
[LOW] [CYBER] Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime
Source: Bleeping Computer | Date: 2026-04-02 | Severity: LOW
Threat actors are exploiting vacant homes as “drop addresses” to intercept mail and enable fraud. Flare shows how postal services and fake identities are abused to turn mail into a fraud vector. […]
[LOW] [CYBER] vSphere and BRICKSTORM Malware: A Defender’s Guide
Source: Mandiant Threat Research | Date: 2026-04-02 | Severity: LOW
Written by: Stuart Carrera Introduction Building on recent BRICKSTORM research from Google Threat Intelligence Group (GTIG), this post explores the evolving threats facing virtualized environments. These operations directly target the VMware vSphere ecosystem, specifically the vCenter Server Appliance (VCSA) and ESXi hypervisors. To help organizations stay ahead of these risks, we will focus on the essential hardening strategies and mitigating controls necessary to secure these critical assets.
Actors: BRICKSTORM Malware, Stuart Carrera Introduction Building, Google Threat Intelligence Group, VMware
[LOW] [CYBER] New Progress ShareFile flaws can be chained in pre-auth RCE attacks
Source: Bleeping Computer | Date: 2026-04-02 | Severity: LOW
Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable unauthenticated file exfiltration from affected environments. […]
Actors: New Progress, Progress ShareFile
[LOW] [CYBER] Medtech giant Stryker fully operational after data-wiping attack
Source: Bleeping Computer | Date: 2026-04-02 | Severity: LOW
Stryker Corporation, one of the world’s leading medical technology companies, says it’s fully operational three weeks after many of its systems were wiped out in a cyberattack claimed by the Iranian-linked Handala hacktivist group. […]
| *Actors: Stryker, Stryker Corporation, Iranian, Handala | Sectors: Healthcare* |
[MEDIUM] [FINANCE] Minutes: CBDC Academic Advisory Group - January 2026
Source: Bank of England | Date: 2026-04-02 | Severity: MEDIUM
Meeting of the CBDC Academic Advisory Group
Actors: CBDC Academic Advisory Group - January 2026, the CBDC Academic Advisory Group
[LOW] [GEN] The Identity Paradox: The Hidden Risks in Your Valid Credentials
Source: SentinelOne | Date: 2026-04-02 | Severity: LOW
Identity attacks are rising as trust expands — learn how to detect misuse, close gaps, and defend beyond authentication.
Actors: The Hidden Risks in Your Valid Credentials
[MEDIUM] [CYBER] Bank Trojan ‘Casbaneiro’ Worms Through Latin America
Source: Dark Reading | Date: 2026-04-02 | Severity: MEDIUM
Augmented Marauder’s multipronged banking-Trojan cyber campaigns are targeting Spanish speakers, evading detection, and replicating rapidly.
| *Actors: Bank Trojan ‘, Casbaneiro, Spanish | Sectors: Finance* |
[LOW] [CYBER] ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
Source: The Hacker News | Date: 2026-04-02 | Severity: LOW
The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the internet right now. No corporate fluff or boring lectures here, just a quick and honest look at the messy reality of keeping systems safe this week. Things are moving fast. The list includes researchers chaining small bugs together to create massive backdoors, old software flaws
Actors: ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
[LOW] [GEN] Siemens SICAM 8 Products
Source: CISA Cybersecurity Advisories | Date: 2026-04-02 | Severity: LOW
View CSAF Summary Multiple SICAM 8 products are affected by multiple vulnerabilities that could lead to denial of service, namely: - SICAM A8000 Device firmware - CPCI85 for CP-8031/CP-8050 - SICORE for CP-8010/CP-8012 - RTUM85 for CP-8010/CP-8012 - SICAM EGS Device firmware - CPCI85 - SICAM S8000 - SICORE - RTUM85 Siemens has released new versions for the affected products and recommends to update to the latest versions. The following versions of Siemens SICAM 8 Products are affected: CPCI85 Ce
Actors: Siemens SICAM 8 Products, CP-8010, Siemens
[LOW] [GEN] Yokogawa CENTUM VP
Source: CISA Cybersecurity Advisories | Date: 2026-04-02 | Severity: LOW
| View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions. The following versions of Yokogawa CENTUM VP are affected: CENTUM VP >=R5.01.00 | CENTUM VP >=R6.01.00 | CENTUM VP vR7.01.00 (CVE-2025-7741) CVSS Vendor Equipment Vulnerabilities v3 4 Yokogawa Yokogawa CENTUM VP Use of Hard-coded Password Background Critical Infrastructure Sectors: Critical Manufacturing, Energy, Food and Agriculture Countries/Areas Deployed: Wo |
| *Actors: Yokogawa CENTUM VP, CENTUM VP vR7.01.00, Password Background Critical Infrastructure Sectors: Critical Manufacturing, Energy, Food and Agriculture Countries/Areas Deployed | Sectors: Energy, Critical Infrastructure* |
[LOW] [GEN] CISA Adds One Known Exploited Vulnerability to Catalog
Source: CISA Cybersecurity Advisories | Date: 2026-04-02 | Severity: LOW
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-3502 TrueConf Client Download of Code Without Integrity Check Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a liv
| *Actors: Known Exploited Vulnerabilities, KEV, CVE-2026 | Countries: CISA, Catalog | Sectors: Government* |
[LOW] [GEN] Hitachi Energy Ellipse
Source: CISA Cybersecurity Advisories | Date: 2026-04-02 | Severity: LOW
View CSAF Summary Hitachi Energy is aware of a Jasper Report vulnerability that affects the Ellipse product versions mentioned in this document below. This vulnerability can be exploited to carry out remote code execution (RCE) attack on the product. Please refer to the Recommended Immediate Actions for information about the mitigation/remediation. The following versions of Hitachi Energy Ellipse are affected: Ellipse vers:Ellipse/<=9.0.50 (CVE-2025-10492) CVSS Vendor Equipment Vulnerabilities v
| *Actors: Hitachi Energy Ellipse, Jasper Report, Ellipse, the Recommended Immediate Actions, CVSS Vendor Equipment Vulnerabilities | Sectors: Energy* |
[LOW] [CYBER] Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
Source: The Hacker News | Date: 2026-04-02 | Severity: LOW
A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs) and cryptocurrency miners since November 2023. “Beyond cryptomining, the threat actor monetizes infections through CPA (Cost Per Action) fraud, directing victims to content locker pages under the guise of software registration,” Elastic
Actors: Crypto Miners, REF1695
[LOW] [FINANCE] Minutes of the Money Market Committee meeting – March 2026
Source: Bank of England | Date: 2026-04-02 | Severity: LOW
The Money Markets Committee is a forum for market participants and authorities to discuss the UK unsecured deposits and funding market and securities lending and repo markets.
Actors: the Money Market Committee, The Money Markets Committee
[LOW] [CYBER] The State of Trusted Open Source Report
Source: The Hacker News | Date: 2026-04-02 | Severity: LOW
In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These insights shed light on what teams pull, deploy, and maintain day to day, alongside the vulnerabilities and
Actors: The State of Trusted Open Source Report, The State of Trusted Open Source
[LOW] [CYBER] Critical Cisco IMC auth bypass gives attackers Admin access
Source: Bleeping Computer | Date: 2026-04-02 | Severity: LOW
Cisco has patched several critical and high-severity vulnerabilities, including an Integrated Management Controller (IMC) authentication bypass that enables attackers to gain Admin access. […]
| *Actors: Admin, Integrated Management Controller, IMC | Countries: Cisco* |
[LOW] [FINANCE] Possible US Government iPhone Hacking Tool Leaked
Source: Schneier on Security | Date: 2026-04-02 | Severity: LOW
Wired writes (alternate source ): Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly sophisticated iPhone hacking toolkit that includes five complete hacking techniques capable of bypassing all the defenses of an iPhone to silently install malware on a device when it visits a website containing the exploitation code. In total, Coruna takes advantage of 23 distinct vulnerabilities in iOS, a rare collection of hacking components that sugg
| *Actors: Possible US Government iPhone Hacking Tool Leaked, Google, Coruna, iPhone | Sectors: Government* |
[LOW] [CYBER] WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
Source: The Hacker News | Date: 2026-04-02 | Severity: LOW
Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked into installing a bogus version of its iOS app that was infected with spyware. According to reports from Italian newspaper La Repubblica and news agency ANSA, the vast majority of the targets are located in Italy. It’s assessed that the threat actors behind the activity used social engineering
| *Actors: WhatsApp Alerts 200 Users After Fake, Italian Firm Faces Action, WhatsApp, Italian, La Repubblica | Countries: Italy* |
[LOW] [CYBER] Microsoft links Classic Outlook issue to email delivery problems
Source: Bleeping Computer | Date: 2026-04-02 | Severity: LOW
Microsoft is investigating a known issue that prevents some Classic Outlook users from sending emails via Outlook.com. […]
Actors: Microsoft, Outlook.com
Generated by GreySignal v2.0 at 2026-04-03 09:07 UTC