Show Notes - 2026-04-04
Stories Covered
- Today:
- TeamPCP Supply Chain Campaign: European Commission Cloud Breach (CVE-2026-33634) [Critical Alerts]
- SentinelOne Blocks LiteLLM Supply Chain Attack (CVE-2026-5281) [Critical Alerts]
- Axios npm Supply Chain Attack via Social Engineering [Critical Alerts]
- Die Linke German Political Party Confirms Qilin Data Theft [Ransomware & Extortion]
- University of Mississippi Medical Center Ransomware Impact [Ransomware & Extortion]
- Apex, NC Data Recovery via Court Order [Ransomware & Extortion]
- BakerHostetler 2026 Data Breach Report Findings [Ransomware & Extortion]
- Hasbro Confirms Cyberattack, Weeks to Recover [Ransomware & Extortion]
- Axios npm Supply Chain Attack [IOCs & Detection]
- TeamPCP Supply Chain [IOCs & Detection]
- TeamPCP Campaign: Sportradar AG Breach Confirmed [Business & Infrastructure Threats]
- Supply Chain Attacks: 25% of Top 100 Vulnerabilities [Business & Infrastructure Threats]
- Third-Party Risk: 30% of Breaches [Business & Infrastructure Threats]
- Cookie-Controlled PHP Web Shells Persist via Cron [Business & Infrastructure Threats]
- LinkedIn Scans for 6,000+ Chrome Extensions [Business & Infrastructure Threats]
- Hims & Hers Zendesk Data Breach [Business & Infrastructure Threats]
- TA416 Targets European Governments with PlugX and OAuth-Based Phishing [Windows / AD Security]
- TrueConf Zero-Day Exploited in Asian Government Attacks [Windows / AD Security]
- CISA Budget Cut: Trump Proposes $707M Reduction [General Security News]
- Infiniti Stealer Targets macOS via ClickFix [General Security News]
- Drift Protocol $285M Exploit Shows North Korea Indicators [General Security News]
- Amazon Bedrock Multi-Agent Applications Prompt Injection Risk [General Security News]
- Critical ShareFile Flaws Lead to Unauthenticated RCE [Vulnerability Disclosures]
- Apple Patches DarkSword for iOS 18 [Vulnerability Disclosures]
- Nacogdoches Memorial Hospital Data Breach [Healthcare Breaches]
- bqtlock Threatens Metro Hospital USA [Healthcare Breaches]
CVEs Referenced
CVE-2026-33634, CVE-2026-5281
Indicators of Compromise
Domains:
sfrclak[.]com., sfrclak[.]com
Hashes:
e10b1fa84f1d6481625f741b69892780140d4e0e7769e7491e5f4d894c2e0e09, fcb81618bb15edfdedfb638b4c08a2af9cac9ecfa551af135a8402bf980375cf, 617b67a8e1210e4fc87c92d1d1da45a2f311c08d26e89b12307cf583c900d101, 92ff08773995ebc8d55ec4b8e1a225d0d1e51efa4ef88b8849d0071230c9645a, ed8560c1ac7ceb6983ba995124d5917dc1a00288912387a6389296637d5f815c
IP Addresses:
142.11.206.73
Fler avsnitt av Cyber Threat Brief
Visa alla avsnitt av Cyber Threat BriefCyber Threat Brief med Carolina Clear Tech, LLC finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
