Advisoryloom Editor

Russia Hacked Routers to Steal Microsoft Office Tokens lumen-forestblizzard

lumen-forestblizzard

Russia Hacked Routers to Steal Microsoft Office Tokens

Advisoryloom Editor April 22, 2026

Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass...

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab shchukin-kravchuk

shchukin-kravchuk

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

Advisoryloom Editor April 22, 2026

An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab...

‘CanisterWorm’ Springs Wiper Attack Targeting Iran aikido-iranwiper

aikido-iranwiper

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

Advisoryloom Editor April 22, 2026

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war,...

[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)

<div>[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)</div>

[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)

Advisoryloom Editor April 22, 2026

[This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor’s...

ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)

ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)

ISC Stormcast For Wednesday, April 22nd, 2026 https://isc.sans.edu/podcastdetail/9902, (Wed, Apr 22nd)

Advisoryloom Editor April 22, 2026

A .WAV With A Payload, (Tue, Apr 21st)

A .WAV With A Payload, (Tue, Apr 21st)

A .WAV With A Payload, (Tue, Apr 21st)

Advisoryloom Editor April 22, 2026

There have been reports of threat actors using a .wav file as a vector for malware.

Handling the CVE Flood With EPSS, (Mon, Apr 20th)

Handling the CVE Flood With EPSS, (Mon, Apr 20th)

Handling the CVE Flood With EPSS, (Mon, Apr 20th)

Advisoryloom Editor April 22, 2026

Every morning, security people around the world face the same ritual: opening their vulnerability feed to find...

ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900, (Tue, Apr 21st)

ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900, (Tue, Apr 21st)

ISC Stormcast For Tuesday, April 21st, 2026 https://isc.sans.edu/podcastdetail/9900, (Tue, Apr 21st)

Advisoryloom Editor April 22, 2026

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Advisoryloom Editor April 22, 2026

Cybersecurity researchers have warned of malicious images pushed to the official “checkmarx/kics” Docker Hub repository. In an...

Google Fixes Critical RCE Flaw in AI-Based ‘Antigravity’ Tool

<div>Google Fixes Critical RCE Flaw in AI-Based ‘Antigravity’ Tool</div>

Google Fixes Critical RCE Flaw in AI-Based ‘Antigravity’ Tool

Advisoryloom Editor April 22, 2026

The prompt-injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed...