[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1TiWFkLn-5AlO_nPNLNOy4BQ_1jbjv0m2ymIS5yilXE":3},{"items":4},[5,16,25,34,43,52,61],{"id":6,"week_label":7,"slug":8,"date_from":9,"date_to":10,"tldr":11,"article_count":12,"status":13,"created_at":14,"published_at":15},"424b09cb-061c-4cb1-8acc-839db0217ad1","2026-W19","2026-w19","2026-05-04","2026-05-10","- 🎓 **Canvas Crisis**: ShinyHunters breached Instructure's Canvas LMS affecting 9,000+ schools and 275M users during finals season\n- 🔥 **Firewall Zero-Day**: Chinese state actors exploited critical Palo Alto Networks PAN-OS flaw for nearly a month\n- 🤖 **AI Supply Chain**: Multiple vulnerabilities in AI coding tools (Claude, Gemini CLI, Cursor) enable code execution via malicious repos\n- 🏥 **Healthcare Under Fire**: Major breaches hit medical labs, insurers, and transport networks across multiple countries\n- 💳 **Financial Data Exposed**: Credit bureaus and banking institutions suffer massive credential theft campaigns\n- ☁️ **Cloud Turf Wars**: PCPJack malware evicts rival TeamPCP while stealing credentials from AWS, Docker, Kubernetes",80,"published","2026-05-10T05:01:44.372261+00:00","2026-05-10T05:00:04.926+00:00",{"id":17,"week_label":18,"slug":19,"date_from":20,"date_to":21,"tldr":22,"article_count":12,"status":13,"created_at":23,"published_at":24},"a66f767c-d98d-4800-8cc0-86a1f9943fcf","2026-W18","2026-w18","2026-04-27","2026-05-03","🚨 Critical cPanel authentication bypass (CVE-2026-41940) under mass exploitation for ransomware deployment\n🔗 Supply chain attacks hit SAP packages and PyTorch Lightning, stealing developer credentials\n👮 Two US cybersecurity professionals sentenced to 4 years for conducting BlackCat ransomware attacks\n💳 30,000+ Facebook accounts compromised via Google AppSheet phishing operation\n🔍 Linux privilege escalation (CVE-2026-31431) added to CISA's known exploited vulnerabilities\n🤖 AI-powered phishing kits emerge with automated campaign generation capabilities","2026-05-03T07:36:12.240534+00:00","2026-05-03T07:34:47.6+00:00",{"id":26,"week_label":27,"slug":28,"date_from":29,"date_to":30,"tldr":31,"article_count":12,"status":13,"created_at":32,"published_at":33},"738f0b28-608e-400e-9b21-709d3819dec9","2026-W17","2026-w17","2026-04-20","2026-04-26","🔥 Supply chain attacks evolved with wormable npm malware targeting developer toolchains\n🛡️ Cisco firewalls compromised with persistent backdoors surviving firmware updates\n🎯 Nation-state actors industrializing botnets while exploiting home routers for corporate access\n📱 Mobile and AI threats expanding with fake wallet apps and prompt injection campaigns\n⚖️ Regulatory pressure mounting with DORA compliance and CISA emergency directives\n🏢 Major breaches hit telehealth, insurance, and government agencies across multiple countries","2026-04-26T07:59:12.542269+00:00","2026-04-26T07:59:38.626127+00:00",{"id":35,"week_label":36,"slug":37,"date_from":38,"date_to":39,"tldr":40,"article_count":12,"status":13,"created_at":41,"published_at":42},"d80a0a88-6825-43d0-8969-fc1e0988c746","2026-W16","2026-w16","2026-04-13","2026-04-19","🔥 Critical infrastructure under fire as water treatment malware surfaces, 13-year-old Apache bug exploits go wild, and North Korean infiltration schemes continue\n⚡ Zero-day exploitation accelerates with Windows Defender flaws actively used in attacks while law enforcement takes down 53 DDoS domains\n🏦 Major breaches cascade across sectors from Vercel's $2M ransom demand to France's 1.9M basketball federation records\n🛡️ Supply chain attacks multiply via GitHub malware distribution and compromised OAuth apps targeting developer workflows\n💰 Criminal markets evolve as threat actors pivot from disrupted phishing kits to sophisticated crypto theft operations\n🏛️ Regulatory pressure mounts with €200K+ GDPR fines for excessive monitoring and API security failures","2026-04-20T04:31:16.828337+00:00","2026-04-20T04:33:32.25+00:00",{"id":44,"week_label":45,"slug":46,"date_from":47,"date_to":48,"tldr":49,"article_count":12,"status":13,"created_at":50,"published_at":51},"636f9555-a97e-462d-82c9-750f423fd2a6","2026-W15","2026-w15","2026-04-06","2026-04-12","🚨 Mexican government breached at scale using Claude AI and ChatGPT to exfiltrate 195M tax records\n🎯 Adobe patches critical Reader zero-day exploited since November 2025 with APT connections\n⚡ Marimo RCE flaw weaponized within 10 hours of disclosure, showing acceleration of exploit timelines\n🏭 Iranian APTs confirmed inside US critical infrastructure with SCADA manipulation capabilities\n🔒 Chrome 146 deploys device-bound sessions to combat cookie theft attacks\n💰 Major ransomware week with multiple state\u002Flocal governments and healthcare providers hit\n🔧 Supply chain attacks surge: CPUID, Smart Slider 3 Pro, and W3LL phishing kit disrupted","2026-04-13T00:01:17.779321+00:00","2026-04-19T07:02:17.625+00:00",{"id":53,"week_label":54,"slug":55,"date_from":56,"date_to":57,"tldr":58,"article_count":12,"status":13,"created_at":59,"published_at":60},"39f54b36-d63e-4f43-9ed3-60f0a8233259","2026-W14","2026-w14","2026-03-30","2026-04-05","🔥 Critical week for supply chain attacks with React2Shell (CVE-2025-55182) exploited to harvest credentials from 766+ Next.js hosts\n🎯 North Korean UNC1069 compromised Axios npm maintainer via fake Teams call, injecting malware into packages with 100M weekly downloads\n🚨 European Commission breached via TeamPCP supply chain attack, exposing 92GB of data from 30+ EU entities\n💸 $285M DeFi heist attributed to North Korean hackers using sophisticated durable nonce social engineering\n🛡️ FortiClient EMS zero-day (CVE-2026-35616) actively exploited with emergency patches released\n⚠️ LinkedIn secretly scans 6,000+ browser extensions for competitive intelligence and user profiling\n🎭 Multiple ransomware groups (Qilin, Krybit) target government entities while threat actors sell initial access to critical infrastructure","2026-04-06T00:02:09.939987+00:00","2026-04-06T05:37:13.329+00:00",{"id":62,"week_label":63,"slug":64,"date_from":65,"date_to":66,"tldr":67,"article_count":12,"status":13,"created_at":68,"published_at":69},"32b3c064-102c-454f-9330-fd90820fc016","2026-W13","2026-w13","2026-03-23","2026-03-29","🚨 FBI Director Kash Patel's personal Gmail breached by Iran-linked Handala hackers in major retaliation operation\n🏛️ European Commission investigating 350GB data breach as ShinyHunters claims AWS infrastructure compromise\n📦 TeamPCP threat actors execute 50+ supply chain attacks in 8 days, targeting PyPI packages with steganography\n🔐 Critical Citrix NetScaler memory overread flaw (CVE-2026-3055) under active reconnaissance, echoing CitrixBleed risks\n⚡ F5 BIG-IP vulnerability (CVE-2025-53521) added to CISA's KEV catalog after confirmed exploitation in wild\n🛡️ Google accelerates post-quantum cryptography deadline to 2029 as quantum threats advance faster than expected\n📱 Apple pushes emergency alerts to outdated iPhones over active web-based iOS exploits targeting unpatched devices","2026-03-31T19:50:57.384076+00:00","2026-03-31T19:50:58.013459+00:00"]