👉 What’s trending in cybersecurity today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Listen to our podcast here ⏬

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. CERT-UA Impersonation Spreads Malware

The Computer Emergency Response Team of Ukraine recently identified a phishing operation where attackers impersonated the agency to trick organizations into installing a malicious remote administration tool. Using deceptive emails that appeared to be official security alerts, the threat actors distributed a password-protected archive containing a sophisticated trojan known as AGEWHEEZE.

2. Casbaneiro Phishing Targets Europe

A multi-pronged phishing campaign by a Brazilian threat actor is targeting Spanish-speaking organizations in Latin America and Europe to deploy banking trojans. The attack utilizes a complex delivery system involving WhatsApp automation, email hijacking, and deceptive PDF summons to spread malware like Casbaneiro and Horabot.

3. Chrome Zero Day CVE Under Exploit

Google recently launched security patches for Chrome to fix 21 different security issues, including a critical zero-day vulnerability that is already being used by attackers. This specific flaw affects the Dawn component of the browser and could allow hackers to run unauthorized code on a user’s computer through a malicious website.

For more alerts click here!

Subscribe Now

💥 Cyber Incidents

4. Vertex AI Flaw Exposes Cloud Data

Cybersecurity researchers have identified a flaw in Google Cloud’s Vertex AI platform where default service agent permissions allow for potential data exfiltration and unauthorized environment access. By exploiting the excessive scopes of the Agent Development Kit’s service identity, an attacker can extract credentials to bypass isolation and gain read access to a project’s entire cloud storage.

5. Cyberattack Disrupts Phones In MA Towns

A cybersecurity attack discovered early Tuesday has disrupted several Massachusetts towns connected to the Patriot Regional Emergency Communications Center, impacting administrative systems and business phone lines for local police and fire departments. Despite the breach, officials confirm that the 911 emergency system remains fully operational and there is currently no evidence that private citizen data has been compromised.

6. Mercor Hit By Supply Chain Cyberattack

Mercor, a ten billion dollar artificial intelligence recruiting firm, recently confirmed a major data breach originating from a supply chain attack on the open-source LiteLLM project. The incident has impacted thousands of global organizations relying on the library, with the Lapsus hacking group claiming to have stolen sensitive internal communications, ticketing data, and platform interaction videos.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. Anthropic Responds To Claude Code Leak

Anthropic is currently working to mitigate the impact of a leak involving the foundational instructions for Claude Code, its popular AI agent for developers. After initially issuing a broad copyright takedown that removed thousands of copies from GitHub, the company has since narrowed its request to focus on a smaller number of specific repositories.

8. Proton Launches Privacy Meet Platform

Proton has launched Meet, a privacy-centric video conferencing tool designed to compete with major platforms by offering end-to-end encryption for all calls. The service is accessible for free without requiring a Proton account and provides a secure alternative for users wary of data collection and AI training practices.

9. Apple Expands iOS Update To Block Exploit

Apple has expanded the distribution of iOS 18.7.7 and iPadOS 18.7.7 to a wider selection of hardware to protect users against the DarkSword exploit kit. This unusual move allows individuals using older software versions to patch critical security vulnerabilities without being forced to upgrade to the newest major operating system.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks were mixed to slightly lower on Thursday, April 2, 2026, as the initial Q2 “relief rally” took a breather. While the broader market remains sensitive to interest rate speculation and shifting IT budgets, the cybersecurity sector continues to show lower beta compared to other high-growth software segments, reinforcing its status as a defensive tech play.

The price action today suggests a period of consolidation. Investors are closely monitoring the shift from “pure-play” endpoint protection toward holistic identity and secure access service edge (SASE) frameworks.

• Platform Stability: Fortinet (FTNT) remained a pillar of relative strength, ending the period down only -0.82%. Its ability to hold near the flatline despite broader tech volatility underscores strong enterprise demand for firewall and hybrid-mesh security.

• Identity Resilience: Okta (OKTA) also displayed relative outperformance, closing at -1.85%. As identity continues to be the primary attack vector for AI-driven phishing campaigns, OKTA remains a core holding for many institutional security portfolios.

• Growth Sector Rebound: CrowdStrike (CRWD) showed signs of a floor forming, trading at -21.98%. While still down significantly for the period, the stock has clawed back some ground from its March lows as analysts re-evaluate its long-term AI-Falcon platform dominance.

Key Insight: We are seeing a “consolidation of trust.” Organizations are moving away from managing forty different security vendors and are instead doubling down on three or four core platforms. Today’s performance highlights that the market is currently rewarding vendors who can prove their platform’s “stickiness” in a tightening budgetary environment.

💡 Cyber Tip

🤖 Update Now: Chrome Zero-Day Under Active Attack.

Google has released an emergency update to fix CVE-2026-5281, a high-severity “zero-day” vulnerability currently being exploited by hackers in the wild. This flaw exists in the Dawn graphics component and could allow an attacker to execute malicious code on your system just by luring you to a compromised website.

🛠️ What You Should Do

• Update Chrome Immediately: Click the three dots (⋮) in the top-right corner, go to Help > About Google Chrome.

• Verify the Version: Ensure you are running version 146.0.7680.177 (Linux) or 146.0.7680.178 (Windows/Mac) or higher.

• Relaunch the Browser: The patch is not fully applied until you click Relaunch; simply closing the window may not be enough.

• Check Other Browsers: If you use Microsoft Edge, Brave, or Vivaldi, check their settings for updates as they also use the affected Chromium engine.

⚠️ Why This Matters

This vulnerability is particularly dangerous because it is a “zero-day,” meaning hackers discovered and used it before a fix was available to the public. If left unpatched, a remote attacker can exploit this memory error to bypass security boundaries and take control of your device through your web browser.

Visit BookClub

📚 Cyber Book

The Patient’s Playbook by Leslie Michelson

GET BOOK

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium