Cyber Security News

Hacking Editorial Brief: April 14, 2026

Active Zero-Day Exploitation and Ransomware Campaigns

Multiple zero-day vulnerabilities are under active exploitation today. A Windows local privilege escalation exploit dubbed "BlueHammer" was publicly leaked after a disclosure dispute with Microsoft, allowing attackers to gain SYSTEM-level access on unpatched systems. Fortinet's FortiClientEMS is being targeted via CVE-2026-35616, an improper access control vulnerability with public exploit code now available. Meanwhile, TrueConf video conferencing software was exploited as a zero-day (CVE-2026-3502) in the TrueChaos campaign targeting Southeast Asian government networks with Havoc malware. CISA has added four previously disclosed Windows vulnerabilities to its Known Exploited Vulnerabilities catalog, with the Storm-1175 ransomware group actively deploying Medusa ransomware through Exchange Server and other attack vectors.

Major Data Breach and Ransom Demands

The ShinyHunters threat group claimed responsibility for a breach of Rockstar Games, allegedly compromising 78.6 million records from the company's Snowflake account and demanding ransom payment by today's date. The group accessed the data through a security vulnerability in Anodot, a third-party service used by the GTA 6 developer. Separately, Booking.com confirmed a security incident in which unauthorized parties may have accessed customer information. In a notable security research development, AI models including Anthropic's Mythos are reportedly identifying software vulnerabilities at unprecedented rates, raising concerns about accelerated exploit development capabilities for threat actors.

Sources: Security Boulevard · Tenable · The Hacker News · The Register · Mashable · CNET · WSJ