Cyber Security News

Hacking Editorial Brief – April 9, 2026

Multiple threat actors escalated operations against critical infrastructure and software platforms over the past 24 hours. The FBI issued an urgent advisory warning that Iranian-linked hackers are actively targeting U.S. water and energy systems through attacks on programmable logic controllers. NERC confirmed it is actively monitoring the electrical grid following CISA alerts about the Iran-linked cyber threat, which has already disrupted critical infrastructure operations. Separately, Russia's GRU Unit 26165—known as Fancy Bear—conducted a global campaign exploiting vulnerable routers to steal sensitive information, according to a new probe into the military intelligence unit's operations.

Zero-day exploitation dominated the vulnerability landscape, with three unpatched flaws under active attack. Threat actors have been exploiting an Adobe Reader zero-day since December using fingerprinting-style malicious PDFs to steal data and deploy follow-on attacks. A high-severity TrueConf video conferencing zero-day was exploited against Southeast Asian government entities through compromised software updates. Meanwhile, a disgruntled researcher publicly leaked exploit code for "BlueHammer," an unpatched Windows privilege escalation flaw allowing attackers to gain SYSTEM-level access.

North Korean state hackers executed a six-month social engineering operation that culminated in a $270 million exploit of Drift Protocol, compromising contributor devices and securing multisig approvals for the theft. Security researchers also exposed a hack-for-hire group's spying campaign targeting Android devices through spyware and phishing operations designed to steal iCloud credentials and backups.

Sources: Euronews · WCNC · Utility Dive · TechCrunch · The Hacker News · Bleeping Computer · CISO Series