Cyber Security News Daily Recap

Cybersecurity News | Daily Recap [18 Apr 2026]

admin
Cybersecurity News | Daily Recap [18 Apr 2026]
Daily Recap, Tycoon 2FA pressure pushed attackers to spread out across Mamba 2FA, EvilProxy, and Sneaky 2FA while increasingly using device code phishing to bypass modern authentication. Google Gemini helped block 602 million scam ads and contributed to removing or blocking over 8.3 billion ads in 2025 amid a major malvertising crackdown. #Tycoon2FA #Gemini #Qilin #Synnovis #PayoutsKing #Nexcorium

Phishing & Scamware

  • Tycoon 2FA takedown pressure pushed attackers to spread out across Mamba 2FA, EvilProxy, and Sneaky 2FA while increasingly using device code phishing to bypass modern authentication – Tycoon 2FA
  • Google said Gemini helped block 602 million scam ads and contributed to removing or blocking over 8.3 billion ads in 2025 amid a major malvertising crackdown – Scam Ads

Ransomware & Botnets

  • Qilinβ€˜s 2024 attack on Synnovis is still disrupting London healthcare, with delayed pathology results, cancelled operations, nearly 1 million exposed patient records, and continuing NHS recovery issues – Qilin Fallout
  • Payouts King ransomware is using QEMU virtual machines to hide activity, steal credentials, and evade endpoint defenses after initial access via exposed VPNs, CitrixBleed 2, and phishing – QEMU Ransomware
  • A Mirai variant called Nexcorium is exploiting CVE-2024-3721 to hijack TBK DVRs and expand a DDoS botnet – Mirai Variant

Law Enforcement & Disruptions

  • In Operation PowerOFF, authorities from more than 20 countries seized over 53 DDoS-for-hire domains, arrested 4 suspects, and warned or identified tens of thousands of users tied to booter services – PowerOFF Takedown, DDoS Crackdown
  • Two U.S. men were sentenced for helping North Korea place operatives inside more than 100 companies, generating over $5 million and stealing sensitive defense data – DPRK Scheme

Espionage & Policy

  • Ukraine confirmed a long-running APT28 campaign against prosecutors and anti-corruption agencies that abused Roundcube flaws and compromised more than 170 accounts – APT28 Roundcube
  • U.S. lawmakers are debating renewal of Section 702 under RISAA, with disputes over query counting, provider scope, and a contested FISC opinion – Section 702
  • The White House is set to meet with Anthropicβ€˜s CEO as officials examine the implications of the company’s new AI technology – Anthropic Meet

Crypto & Sanctions

  • Grinex, a Kyrgyzstan-based exchange tied to sanctioned Garantex, suspended operations after a $13.7 million hack that moved funds across TRON and Ethereum and drew allegations of a possible state-linked false flag – Grinex Hack, Grinex Blames

Vulnerabilities & Malware

  • A researcher released RedSun and UnDefend alongside BlueHammer, and all three Microsoft Defender privilege-escalation exploits are now being used in the wild – Defender Zero-Days
  • SecurityWeek’s roundup highlighted active threats including the W3LL phishing takedown, the GlassWorm IDE dropper, ShowDoc RCE exploitation, AWS fixes, and large leaks linked to ShinyHunters – Weekly Roundup

Security Products & AI

  • GitLab 18.11 adds agentic AI for security fixes, CI pipelines, and delivery analytics to speed software operations – GitLab 18.11
  • NAKIVO v11.2 expands ransomware defense, improves replication speed, and adds support for vSphere 9 and Proxmox VE 9.0 – NAKIVO v11.2
  • CoChat launched an AI collaboration platform to combat shadow AI by adding governance, visibility, and human-in-the-loop controls for enterprise use – CoChat Platform

Cybersecurity News | Daily Recap – hendryadrian.com