Cyber Security News

Hacking Brief – April 10, 2026

Active Zero-Day Exploits and Emergency Patching

Three active zero-day vulnerabilities are being exploited in the wild. Fortinet issued an emergency patch for CVE-2026-35616, a critical vulnerability in FortiClient Endpoint Management Server currently under active exploitation. Adobe Reader users face ongoing attacks from a sophisticated zero-day exploit enabling data theft and system fingerprinting through malicious PDFs without user interaction beyond opening the document. A disgruntled researcher publicly released exploit code for "BlueHammer," an unpatched Windows privilege escalation vulnerability allowing local users to gain SYSTEM-level access. Security teams should prioritize patching FortiClient installations immediately while monitoring for suspicious PDF activity and Windows privilege escalation attempts.

Major Breach Claims and Supply Chain Incidents

A hacker operating under the alias "FlamingChina" claims to have exfiltrated over 10 petabytes of sensitive military and aerospace data from China's National Supercomputing Center in Tianjin over a six-month period. The alleged breach includes aircraft schematics, missile systems data, and military simulations, with the attacker demanding cryptocurrency for full access while offering limited previews for thousands of dollars. Security researchers remain skeptical about the claim's authenticity and scope. In a confirmed supply chain attack, over a dozen Snowflake customers suffered data theft after third-party SaaS integration provider Anodot was breached, allowing attackers to steal authentication tokens. Iranian-linked threat actors, including the Handala group, published photos allegedly obtained from systems connected to former Israeli Chief of Staff Herzi Halevi, while Iran-linked hackers have pledged to continue cyber operations despite the fragile U.S.-Iran ceasefire.

Sources: Dark Reading · Bleeping Computer · Cybersecurity News · TechRadar · Security Affairs · i24NEWS