LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation…
Cyber Security
CyberHoot’s Cybersecurity Newsletter: April 2026
This month we need to talk about something big. Not doomsday big, but pay-attention-now big. On April 7th, Anthropic quietly…
Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets
The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it’s branching out in…
Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io…
China-Backed Hackers Are Industrializing Botnets
China’s state-backed groups are now using covert networks of compromised devices to execute attacks in a low-cost, low-risk, and deniable…
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to…
Bad Memories Still Haunt AI Agents
Cisco found and fixed a significant vulnerability in the way Anthropic handles memories, but experts warn that mishandled memory files…
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new…
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but…
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
Imagine a world where hackers don’t sleep, don’t take breaks, and find weak spots in your systems instantly. Well, that…