Cyber Security News

Hacking Editorial Brief — April 7, 2026

Multiple critical zero-day vulnerabilities are under active exploitation today. Fortinet confirmed CVE-2026-35616, a CVSS 9.8 vulnerability in FortiClient EMS, is being exploited in the wild with only a hotfix available while a full patch remains pending. Separately, a frustrated security researcher publicly leaked exploit code for "BlueHammer," an unpatched Windows privilege escalation zero-day, citing dissatisfaction with Microsoft's disclosure handling. Microsoft has also linked China-based threat actor Storm-1175 to high-velocity attacks weaponizing zero-days and n-day vulnerabilities while deploying Medusa ransomware against critical infrastructure targets.

Iranian state-aligned actors conducted three waves of password-spraying attacks in March 2026 targeting Microsoft 365 environments across government, energy, and municipal sectors in Israel and the UAE, according to Check Point tracking. Meanwhile, the European Commission confirmed its cloud infrastructure was breached by TeamPCP threat group, with EU-CERT attributing the incident that exposed data from at least 29 EU entities to the same actor. In a separate development, major U.S. law firm Jones Day disclosed that hackers accessed and posted client materials online following a data breach. Microsoft research reveals threat actors are accelerating AI integration across attack lifecycles, achieving 54% phishing click-through rates compared to 12% for traditional campaigns.

Sources: TechCrunch · Reuters · Cyberscoop · Bleeping Computer · Industrial Cyber · Microsoft Security Blog