Real Apple notifications are being used to drive tech support scams

Scammers have found a way to abuse legitimate Apple account notification emails to trick targets into calling fake tech support numbers. According to a report from BleepingComputer, scammers create an Apple account and insert a phishing message into the personal information fields, then modify th...

CVE-2026-40520

creationtimestamp| type| source ---|---|--- 2026-04-21 04:16:20+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40520 2026-04-21 15:16:16+00:00| published-proof-of-concept| Telegram/XbMH3UV0wobPxXOaFwFwC5FRUKFy5Z4xnFl9eFCQDFeiw...

GHSA-J526-66F6-FXHX

creationtimestamp| type| source ---|---|--- 2026-04-21 03:18:08+00:00| seen| Telegram/y8A40ypWR-zTQL04UvuWU-fhawBkUz4Q7ssav8OQJXhAoc...

GHSA-7GCJ-PHFF-2884

creationtimestamp| type| source ---|---|--- 2026-04-21 03:18:04+00:00| seen| Telegram/QlBPoNymR9hPCPyX2NtJM9uRRriKED-kqAlb1qrMP0xHygk...

AgentSOC: A Multi-Layer Agentic AI Framework for Security Operations Automation

Security Operations Centers SOCs increasingly encounter difficulties in correlating heterogeneous alerts, interpreting multi-stage attack progressions, and selecting safe and effective response actions. This study introduces AgentSOC, a multi-layered agentic AI framework that enhances SOC...

CVE-2026-26943

creationtimestamp| type| source ---|---|--- 2026-04-20 21:21:58+00:00| seen| Telegram/itZIvBa41gHmxLOZ4e3ooVdAvJm4yIE4KZd9P4HVJMq4o...

CVE-2026-6619

creationtimestamp| type| source ---|---|--- 2026-04-20 11:53:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjwfttkvi72k...

CVE-2026-6583

creationtimestamp| type| source ---|---|--- 2026-04-20 00:13:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjv6pknaq72e...

Enhancing Anomaly-Based Intrusion Detection Systems with Process Mining

Anomaly-based Intrusion Detection Systems IDSs ensure protection against malicious attacks on networked systems. While deep learning-based IDSs achieve effective performance, their limited trustworthiness due to black-box architectures remains a critical constraint. Despite existing explainable...

CVE-2026-5966

creationtimestamp| type| source ---|---|--- 2026-04-19 23:52:00+00:00| seen| https://www.twcert.org.tw/en/cp-139-10855-e6d1b-2.html 2026-04-20 09:17:22+00:00| seen| Telegram/Lm9dzPhVRFRRMgyzsUGG1X5A2Qj2Q71JCDe8XQUe2-0mpLw 2026-04-20 10:08:41+00:00| seen|...

airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +37 more potentially affected by CVE-2026-25917 via apache-airflow-core (>=3.0.0 <=3.1.8rc2)

apache-airflow-core PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =3.12.0rc1 and more Source cves: CVE-2026-25917 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-16119148...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +17 more potentially affected by CVE-2026-44109 via openclaw (>=0.0.1 <=2026.4.12)

openclaw NPM version =0.0.1, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: CVE-2026-44109 Source advisory: OSV:GHSA-XH72-V6V9-MWHC...

GHSA-7JQ3-6J3C-5CM2

creationtimestamp| type| source ---|---|--- 2026-04-17 21:23:35+00:00| seen| Telegram/Q64crjFZRAFhidSIvAgPD7j9KS4Pns0gYZhyfeiZ9MDp9II...

CVE-2026-5919 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-6439

creationtimestamp| type| source ---|---|--- 2026-04-17 10:23:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjopg5kzre2f 2026-04-17 11:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mjotaarzaz2u...

AVTECH Room Alert 3E Exposure of Resource to Wrong Sphere (CVE-2019-13379)

On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=RA reset and using the default credentials to get in. This plugin only works...

AVTECH Room Alert Cleartext Storage of Sensitive Information (CVE-2024-33470)

When an administrator authenticates with the device and browses the settings pages, the SMTP password is loaded from the device and presented in the DOM in plaintext. When settings are saved, the SMTP credentials are sent back to the device in plain text. This allows an actor with administrative...

AVTECH Room Alert Cleartext Transmission of Sensitive Information (CVE-2024-33471)

An individual with administrative access can change the mail server host within the device. An attacker who has obtained administrative access can update the mail server to an attacker controller IP. When the device attempts to authenticate to the mail server, it will pass the previously configur...

CVE-2026-35496

creationtimestamp| type| source ---|---|--- 2026-04-16 20:00:00+00:00| seen| https://jvn.jp/en/jp/JVN78422311 2026-04-17 06:08:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjob6d5mmj2f...

GHSA-72C6-FX6Q-FR5W

creationtimestamp| type| source ---|---|--- 2026-04-16 15:20:04+00:00| seen| Telegram/YbTUbIPLh0mBIC2v2cs-sH-0kBWzIOZ-tc0xqHP7s3YdmQ...