Latest Cybersecurity News

HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)

HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)

This weekend, we saw a few requests to our honeypot that included an "X-Vercel-Set-Bypass-Cookie" header. A sample request:

SANS ISCApr 28, 20261m2

NSA GRASSMARLIN

CISA AlertsApr 28, 20263m2

NSA GRASSMARLIN

View CSAF

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA AlertsApr 28, 20261m2

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th)

ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th)

No description available.

SANS ISCApr 28, 20261m2

TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)

TeamPCP Supply Chain Campaign: Update 008 - 26-Day Pause Ends with Three Concurrent Compromises (Checkmarx KICS, Bitwarden CLI Cascade, xinference PyPI), CanisterSprawl npm Worm Identified, and Tier 1 Coverage Returns, (Mon, Apr 27th)

This update succeeds&#;x26;#;xc2;&#;x26;#;xa0;TeamPCP Supply Chain Campaign Update 007, published April 8, 2026, which left the campaign in credential-monetization mode following the Cisco source code theft via Trivy-linked credentials, Google GTIG&#;x26;#;39;s formal designation of the operators...

SANS ISCApr 27, 20261m2

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA AlertsApr 24, 20261m2

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th)

ISC Stormcast For Friday, April 24th, 2026 https://isc.sans.edu/podcastdetail/9906, (Fri, Apr 24th)

No description available.

SANS ISCApr 24, 20261m2

Milesight Cameras

CISA AlertsApr 23, 20263m3

Milesight Cameras

View CSAF

Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera

CISA AlertsApr 23, 20263m3

Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera

View CSAF

SpiceJet Online Booking System

CISA AlertsApr 23, 20264m3

SpiceJet Online Booking System

View CSAF

Carlson Software VASCO-B GNSS Receiver

CISA AlertsApr 23, 20262m3

Carlson Software VASCO-B GNSS Receiver

View CSAF

Defending Against China-Nexus Covert Networks of Compromised Devices