Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Published on April 21, 2026

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability. [...]

Continue reading on website
Other news

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs

April 21, 2026
Cybersecurity researchers have discovered a new iteration of an Android malware family calledNGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate."The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that appears to have been AI-generated," ESET security researcher Lukáš Štefanko said in a report

No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks

April 21, 2026
The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn't changed: stolen credentials.Identity-based attacks remain a dominant initial access vector in breaches today. Attackers obtain valid credentials through credential stuffing