Security – Page 3 – TheCyberThrone

Fortinet FortiSandbox — Critical Vulnerability Advisory

Fortinet published a sweeping security advisory on April 14, 2026, disclosing multiple vulnerabilities across its FortiSandbox platform. Two of the flaws are rated Critical with unauthenticated attack vectors, demanding immediate…

PravinKarthik April 16, 2026

Microsoft Patch Tuesday — April 2026

TheCyberThrone | Vulnerability Advisory | April 15, 2026 Volume & Scale — A Near-Record Release Microsoft patched 163 CVEs in the April 2026 Patch Tuesday release — the second largest…

PravinKarthik April 15, 2026

CISA Adds Seven Vulnerabilities to KEV Catalog — April 13, 2026

CISA has expanded the Known Exploited Vulnerabilities catalog with seven new entries on April 13, 2026, based on evidence of active exploitation. The batch spans three vendors — Microsoft, Adobe,…

PravinKarthik April 14, 2026

Booking.com Confirms Data Breach

On April 13, 2026, Booking.com confirmed that unauthorized third parties accessed customer booking information. The company began notifying affected users via email on Sunday evening, stating it had detected "suspicious…

PravinKarthik April 13, 2026

CVE-2026-34621: Adobe Acrobat Reader Prototype Pollution RCE

Vulnerability Summary A critical Prototype Pollution vulnerability (CWE-1321) affecting Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier, capable of arbitrary code execution in the context of the current user. Severity…

PravinKarthik April 12, 2026

Google Device Bound Session Credentials — Now GA in Chrome 146

Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of Chrome 146, with macOS expansion planned in an upcoming Chrome release. What is DBSC? DBSC…

PravinKarthik April 10, 2026

BlueHammer: When MSRC Process Failures Become Zero-Days

On April 3, 2026, a security researcher operating under the alias "Chaotic Eclipse" did something Microsoft hoped would never happen again. They dropped a fully functional Windows privilege escalation exploit…

PravinKarthik April 9, 2026

OpenSSL 3.6.2: The Moderate Severity Wave

OpenSSL 3.6.2 landed this week carrying eight CVE fixes, with the project rating the most severe issue as Moderate. On the surface, that sounds reassuring—no critical exploits, no ransomware-grade zero-days.…

PravinKarthik April 8, 2026