Cybersecurity April 2026
Global headlines curated by our intelligent agents.
Latest News
Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
Apple expanded iOS 18.7.7 on April 1, 2026 after DarkSword disclosure, enabling auto security updates across more devices.
Hasbro faces weeks of issues following major cyberattack and data breach
Hasbro, the toy producer that controls major properties including Peppa Pig and Dungeons & Dragons, has been hacked. It's not yet clear if personal information has been stolen, but given the severity, it seems likely.
Apple Issues Rare iOS 18 Security Update to Protect Against DarkSword Exploit
Apple today released a new build of iOS 18.7.7 and iPadOS 18.7.7, presumably with a fix for the DarkSword exploit. Apple told Wired that it would release an iOS 18 update for more devices, allowing users with auto-update turned on to receive the security update. iOS 18.7.7 was initially limited to the iPhone XS and XR models, but it is now available for other iPhones.
Apple releases iOS 18 security update for all iPhone users, update now
Apple has released a rare iOS 18 update to patch a spreading exploit for all iPhone users still running iOS 18.
CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
CERT-UA impersonation on March 26–27, 2026 spread AGEWHEEZE malware, infecting few devices despite 1M phishing emails.
Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures
Augmented Marauder targets Latin America and Europe since 2020, using dynamic PDF phishing to spread Casbaneiro via Horabot.
Users staying on iOS 18 will get a patch for the worst iPhone attack vector we've ever seen
Following the emergence and public code leak of the severe DarkSword iPhone exploit, Apple is preparing to release a patch for users who choose to run iOS 18, so that they can be protected without upgrading to iOS 26.
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
WhatsApp VBS campaign began February 2026, abusing AWS and UAC bypass to gain persistent remote access.
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
Chrome patches 21 flaws including exploited CVE-2026-5281 in Dawn, marking fourth zero-day fixed in 2026, reducing active attack risk.
3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don’t See It Coming)
84% of attacks abuse legitimate tools across 700,000 incidents, expanding internal attack surfaces and evading detection defenses.
Apple to Issue Rare iOS 18 Software Update for DarkSword Exploit
Apple on Wednesday will issue software updates to devices still running iOS 18 to protect them from an exploit called DarkSword, which can silently take over an iPhone if it visits a website infected with the malicious code.
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, impacting multiple OS.
Apple confirms iOS 18 update to patch DarkSword exploit for users who haven’t upgraded to iOS 26
According to Wired, Apple will release an iOS 18 update on Wednesday morning to patch vulnerabilities exploited by the DarkSword hack.
Audit your subscriptions this April Fool's and stop wasting money
It's April Fool's Day, so it's a great time to make sure you're not getting tricked out of your hard-earned cash and cancel those subscriptions you've forgotten about. Here's how to do it.