👉 What's happening in cybersecurity today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Listen to our podcast here ⏬

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Fake Microsoft support website tricks users into downloading password-stealing malware

A fake Microsoft support website, microsoft-update[.]support, is distributing a password-stealing malware disguised as a legitimate Windows update (WindowsUpdate 1.0.0.msi). This campaign exploits the aftermath of significant data breaches in France, targeting users with high-value personal information. CISOs must block access to the domain microsoft-update[.]support and monitor for the installation of WindowsUpdate 1.0.0.msi using endpoint detection tools.

2. Palo Alto Cortex Microsoft Teams Integration Vulnerability Enables Data Access for Attackers

Palo Alto Networks issued an urgent alert regarding CVE-2026-0234, a high-severity vulnerability in the Microsoft Teams integration of Cortex XSOAR and Cortex XSIAM. Attackers can exploit this flaw to remotely access and modify sensitive data without user interaction, potentially compromising security incident responses. CISOs must immediately disable the Microsoft Teams integration in Cortex XSOAR and XSIAM until a secure patch is applied.

3. GitLab Patches Multiple Vulnerabilities That Enables DoS and Code Injection Attacks

GitLab has issued critical security updates for versions 18.10.3, 18.9.5, and 18.8.9 to fix high-severity vulnerabilities including remote code execution and denial-of-service flaws. Administrators are urged to upgrade self-managed Community and Enterprise Edition instances immediately to prevent unauthorized server access and system crashes.

For more alerts click here!

Subscribe Now

💥 Cyber Incidents

4. Hackers Pose As Linux Foundation Lead

A sophisticated social engineering campaign is currently targeting open source developers by exploiting the trust established within professional communities. An attacker posing as a respected Linux Foundation leader has been using Slack to trick individuals into clicking malicious links hosted on seemingly reputable platforms.

5. Bitcoin Depot Hack Steals $3.6M

Bitcoin Depot, the leading operator of Bitcoin ATMs in the United States, recently disclosed a security breach that resulted in the theft of approximately 3.6 million dollars worth of cryptocurrency. The company reported that hackers gained access to its IT systems and obtained credentials to settlement accounts, though they maintain that customer platforms and data remain unaffected by the intrusion.

6. 7.7TB LAPD Records Leaked In Hack

A security breach at a major Los Angeles city office recently exposed sensitive information, including personal data of police officers and internal affairs documents. The Los Angeles Police Department confirmed that the leak originated from a digital storage system within the City Attorney’s office rather than their own internal networks.

For more incidents click here!

Claim Your Workspace

📢 Cyber News

7. Advenica Launches File Scanner Kiosk to Combat USB Malware

Deploy the SE ViT-BiLSTM intrusion detection framework using the EdgeIIoT dataset to achieve up to 99.33% accuracy in detecting threats within IIoT and MIoT environments. Address the high-risk vulnerabilities identified by the MVRAF framework, focusing on CVE-2023-1234, which poses significant risks to large-scale cloud infrastructures. The Qilin ransomware group and React2Shell exploit present immediate threats to data integrity and financial stability, particularly for organizations like Microsoft and Google. Immediately implement detection rules for CVE-2023-1234 in your SIEM systems and deploy Certes v7 for quantum-safe encryption across hybrid cloud environments.

8. Cybersecurity Stocks Drop On AI Fears

Software stocks experienced a significant downturn on Thursday as cybersecurity firms faced steep losses following reports that advanced AI models can now detect vulnerabilities in legacy systems. The broader software sector felt the pressure of these technological shifts and ongoing geopolitical concerns, leading to a nearly five percent drop in the industry’s primary exchange-traded fund.

9. MITRE Releases Fight Fraud Framework

The MITRE Corporation has launched a behavior-based framework known as F3 to provide organizations with a structured knowledge base for identifying and countering fraudulent tactics. By mapping out specific techniques used in real-world attacks, the tool fosters global collaboration to improve the detection and prevention of cyber-enabled fraud.

For more news click here!

Get Help

📈Cyber Stocks

Cybersecurity stocks were mostly lower on Friday, April 10, 2026, as the sector faced a sharp technical correction. Investor sentiment soured following reports of a “generational leap” in AI-driven vulnerability discovery, sparking fears that legacy defense frameworks may struggle to keep pace with automated threat actors. While larger platforms attempted to hold support, the broader group saw aggressive profit-taking to close out the week.

Market Summary

The dominant theme today is AI-driven disruption. The market is reassessing valuations as frontier AI models demonstrate the ability to identify zero-day vulnerabilities at scale, shifting the focus from traditional “detection” to proactive “exposure management.”

• Endpoint Volatility: CrowdStrike (CRWD) experienced a notable pullback, trading down -7.46% on the day to finish at -1.63% for the period. Despite the sharp intraday drop, CRWD remains a primary focal point for institutional investors looking to play the long-term AI-security cycle.

• Infrastructure Resilience: Palo Alto Networks (PANW) was the lone green shoot among the majors, managing a slight gain of +0.89%. CEO share purchases and recent AI-centric partnerships appear to be providing a “valuation floor” that its peers currently lack.

• Identity Under Pressure: Okta (OKTA) saw a significant decline, falling to -23.39%. The stock is grappling with heightened skepticism regarding identity security’s effectiveness against sophisticated AI-led social engineering and bypass techniques.

• Legacy Floor Testing: Rapid7 (RPD) continued its downward trajectory, ending at -51.40%. The company’s recent acquisition of Kenzo Security has yet to convince the market that it can successfully pivot to an AI-first preemptive operations model.

Key Insight: This Friday’s sell-off represents a “Fundamental Reality Check.” The launch of frontier AI models capable of autonomous hacking has forced a rapid repricing of “detection-only” tools. For the briefing audience, the message is clear: the market is now aggressively filtering for “AI-Native” platforms. Companies that cannot automate the defense as fast as AI automates the attack are being left behind in this new, high-speed threat landscape.

💡 Cyber Tip

🤖 Spot the “Support” Scams

Cybercriminals are using a professionally designed, fake Microsoft support domain to trick users into downloading a malicious “Windows Update” that steals passwords and browser data. This sophisticated campaign mimics official branding to bypass your skepticism and deliver malware that remains hidden from many traditional antivirus programs.

🛠️ What You Should Do

• Use Built-in Updates Only: Always update Windows through Settings > Windows Update on your device; Microsoft will never ask you to download updates manually from a support website.

• Verify the Domain: Check the URL carefully for subtle errors—official Microsoft links will always end in microsoft.com, not variations like “microsoft-update.support.”

• Block the Threat: For IT admins, immediately block the domain microsoft-update[.]support and scan for any installation of WindowsUpdate 1.0.0.msi.

• Enable Multi-Factor Authentication (MFA): Ensure MFA is active on all accounts so that even if your password is stolen, attackers cannot gain access.

⚠️ Why This Matters
This malware is specifically engineered to harvest your digital identity, including stored credentials and financial tokens, leading to total account takeover. Because the site and the file look legitimate, it exploits your desire to stay secure, turning a routine maintenance task into a high-risk security breach.

Visit BookClub

📚 Cyber Book

Agentic AI for Offensive Cybersecurity by Orhan Yildirim

Get book: https://amzn.to/3Q1fZAH

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium