Risk
-
Critical LeRobot flaw could let attackers run code on robotics systems
A critical flaw in Hugging Face’s LeRobot robotics platform could let an unauthenticated attacker run code on affected systems. The issue is tracked as CVE-2026-25874 and remains unpatched, with a fix planned for version 0.6.0.
-
Microsoft says Windows Shell flaw was actively exploited after patch
Microsoft said a Windows Shell spoofing flaw was actively exploited after patching, with researchers linking the issue to an incomplete fix and a zero-click path that could expose NTLM credentials.
-
Medtronic confirms network breach after hackers claim theft of 9 million records
Medtronic said hackers breached corporate IT systems and may have accessed personal data after ShinyHunters claimed theft of more than 9 million records and terabytes of internal data.
-
PhantomCore linked to attacks on TrueConf servers in Russia
PhantomCore has been tied to attacks on TrueConf servers in Russia since September 2025, using three vulnerabilities to run commands remotely and move deeper into victim networks, according to a technical analysis by Positive Technologies.
-
Researchers flag 73 fake VS Code extensions tied to GlassWorm campaign
Researchers flagged 73 fake Visual Studio Code extensions on Open VSX tied to the GlassWorm campaign. Six were confirmed malicious, while the rest were sleeper packages designed to build trust before delivering malware.
-
Fake CAPTCHA scam used SMS charges, Keitaro abused in 120 campaigns
Researchers said fake CAPTCHA pages have been used since at least 2020 to trigger costly international SMS traffic, while more than 120 other campaigns abused Keitaro TDS for malware, crypto theft and investment scams.
-
Itron says unauthorized party accessed internal systems in cyberattack
Itron said an unauthorized third party accessed some internal systems in a cyberattack and that it blocked the activity after detecting it on April 13, 2026. The company said business operations were not materially disrupted and customer systems were not affected.
-
LMDeploy flaw exploited within 13 hours of disclosure, researchers say
LMDeploy flaw CVE-2026-33626 was exploited within 13 hours of disclosure, researchers said. The SSRF issue could expose cloud credentials and internal services, and early attacks probed metadata, databases and loopback targets.
-
Tropic Trooper campaign uses trojanized SumatraPDF to deploy AdaptixC2
A campaign tied to Tropic Trooper is using a trojanized SumatraPDF reader to deploy AdaptixC2 and, in some cases, Visual Studio Code tunnels for remote access against targets in Taiwan, South Korea and Japan.
-
SentinelOne finds old malware that may have aimed to sabotage engineering software
SentinelOne says it found old malware that may have been built to sabotage engineering and physics simulation software. The sample appears to predate Stuxnet by years and may have targeted precision calculation tools used in several technical fields.
