Known Exploited Vulnerabilities and counting....

A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.

Cybersecurity Brief - April 22, 2026

The UK's National Cyber Security Centre is escalating its threat assessment, with Chief Executive Richard Horne expected to warn today that the nation faces a heightened risk of large-scale hacktivist attacks. According to the NCSC, nation-state actors now represent the most significant cyber threat to UK infrastructure and institutions. This public warning signals a notable shift in the UK's threat landscape, moving beyond traditional espionage concerns to acknowledge the potential for coordinated disruptive campaigns that blur the lines between state-sponsored operations and activist movements.

Meanwhile, U.S. government agencies are adapting their cybersecurity postures to address emerging challenges from AI and identity management. Officials from the U.S. Postal Service and Washington D.C.'s cyber leadership highlighted the critical role of identity security in modern government operations, with D.C. expanding mandatory AI and cybersecurity training across its workforce. The initiative reflects growing recognition that AI introduces both operational risks and data protection challenges that require baseline awareness across all employees, not just technical staff.

Sources: The Guardian · MeriTalk

Woman Looking at Computer Screen

CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.

Search Known Exploits

Search for CVEs by vendor to identify known exploited vulnerabilities in your environment

Loading vendors...

Upcoming Patch Due Dates

via Binding Operational Directive 22-01

(BOD) 22-01 is a directive issued by the Cybersecurity and Infrastructure Security Agency (CISA) in the United States to federal agencies and federal contractors in order to improve their cybersecurity practices. It provides a set of guidelines and requirements that these agencies and contractors must follow to increase their defenses against cyber threats.

Loading...

News Logo

Cyber Security News

You may have missed...


📌 Pinned

*

https:betanews.comMar 5

Inside a cyberattack: How hackers steal data

The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...

https://www.theguardian.comApr 22

UK could face 'hacktivist attacks at scale', says head of security agency - The Guardian

Richard Horne, chief executive of the National Cyber Security Centre (NCSC), will warn today that nation states now account for the most significant ....

https://www.thestreet.comApr 22

Major DeFi hack becomes the largest of 2026 yet

The Kelp DAO $293 million exploit marks the largest DeFi hack of 2026, with subsequent attacks on multiple protocols including CoW Swap and Grinex.

https://finance.yahoo.comApr 22

April 2026 Becomes Worst Month for Crypto Hacks Since February 2025

April 2026 crypto hack losses reach $606 million with a 68% year-over-year rise in DeFi incidents compared to 2025.

https://techcrunch.comApr 20

North Korean hackers blamed for $290M crypto theft

North Korean hackers accused of stealing $290 million from Kelp DAO through a LayerZero bridge exploit, marking the largest crypto theft of 2026.

https://www.securityweek.comApr 11

China Admitted to Volt Typhoon Cyberattacks on US Critical Infrastructure: Report

According to The Wall Street Journal, Chinese officials reportedly admitted in a secret December meeting with U.S. officials that China conducted Volt...

https://techcrunch.comApr 21

Ransomware negotiator pleads guilty to helping ransomware gang

Angelo Martino, a former ransomware negotiator at DigitalMint, pleaded guilty to helping cybercriminals extort companies by feeding confidential infor...

https://securityaffairs.comApr 22

Ransomware negotiator caught secretly assisting BlackCat extortion scheme - Security Affairs

Angelo Martino pleaded guilty to helping BlackCat ransomware group while acting as a ransomware negotiator.

https://cyberscoop.comApr 22

Former DigitalMint ransomware negotiator pleads guilty to extortion scheme | CyberScoop

Angelo Martino helped accomplices extort a combined $75.3 million in ransom payments from five victim companies.


Updated daily