Official intelligence summary

HAIJA INTEL REPORT

Generated 20/04/2026, 15:34. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources9
Tweets / X6
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.

Tweets / X

6 items
@mrgretzky avatar
mrgretzky @mrgretzky
17 Apr, 10:39 · core
0.64
With the recent Windows Defender LPE 0-day running wild, it is as good a time as any to remind everyone how to disable this malware, which Microsoft is trying very hard to make unremovable. Disable Windows Defender with DefendNot by @es3n1n : https:// github.com/es3n1n/defendn ot
tweet mediatweet media
open on X
@nahamsec avatar
nahamsec @nahamsec
20 Apr, 14:55 · core
0.56
new ep is out with @MrJoeyMelo where he shows me how to jailbreak AI chatbots using roleplaying, token splitting, prompt injection and more. https:// youtu.be/BehGpUB-frc
tweet media
open on X
@Synack avatar
Synack @Synack
17 Apr, 18:16 · secondary
0.55
Synack CTO @MarkKuhr : emerging AI models like Mythos are redefining exploit development. Learn more about #ClaudeMythos, #ProjectGlasswing and continuous coverage in our latest blog: https:// synack.com/blog/mythos-at tack-surface-risk-ai-cyberattacks/?utm_campaign=5710593-Pente
tweet media
open on X
@SentinelOne avatar
SentinelOne @SentinelOne
17 Apr, 22:18 · secondary
0.45
Authorities joined forces to crack down on a $20M Phishing Ring and jailed two for aiding the DPRK IT worker scheme. A novel malware called “AgingFly” is targeting Ukrainian critical services to steal data. Attackers have zeroed in on a critical flaw in Nginx UI to hijack
tweet media
open on X
@SpecterOps avatar
SpecterOps @SpecterOps
17 Apr, 14:52 · core
0.40
At #BSidesPrague next week, @martinsohndk will walk through a large-scale disclosure effort involving vendors recommending AD CS configurations that led to critical risk. https:// ghst.ly/4vrocya : 1/2
tweet media
open on X
@Synack avatar
Synack @Synack
17 Apr, 02:17 · secondary
0.39
Synack CEO @JayKaplan explains why emerging AI capabilities like Mythos are forcing organizations to rethink cybersecurity entirely. Learn how to prepare for AI-driven attacks in our latest blog: https:// synack.com/blog/mythos-at tack-surface-risk-ai-cyberattacks/?utm_campaign=5
tweet media
open on X

Regular sources

9 items
1.00general · 20 Apr, 12:42thehackernews.comRCE

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture that could pave the way for remote code exec…

primary
1.00exploit · 19 Apr, 16:45seclists.orgRCE

[CVE REQUEST] terminal-controller-mcp: trivially bypassable command blocklist enables unrestricted RCE (CVSS 10.0)

Posted by Pico 🧬 on Apr 19 Hi, https://pypi.org/project/terminal-controller/) GitHub:...

pypi.org/project/terminal-controller/
primary · linked
1.00exploit · 18 Apr, 00:53seclists.orgAttack path

CVE-2026-40948: Apache Airflow Keycloak Provider: OAuth Login CSRF — Missing State Parameter in Keycloak Auth Manager

Posted by Jarek Potiuk on Apr 17 Severity: low Affected versions: - Apache Airflow Keycloak Provider (apache-airflow-providers-keycloak) 0.0.1 before 0.7.0 Description: …

primary
1.00general · 17 Apr, 15:00sentinelone.comAttack pathResearch

The Good, the Bad and the Ugly in Cybersecurity – Week 16

Authorities take down W3LL phishing ring, AgingFly malware steals Ukrainian government data, and actors exploit Nginx flaw to hijack servers.

primary
1.00general · 17 Apr, 14:00securityweek.comWild exploit

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Other noteworthy stories that might have slipped under the radar: ShinyHunters targets Rockstar Games, ShowDoc vulnerability exploited in the wild, and EPA to boost cybe…

primary
1.00general · 17 Apr, 12:04helpnetsecurity.comPoCWild exploitTradecraft

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild

The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back…

primary
1.00general · 17 Apr, 11:50securityweek.comRCEWild exploit

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April. The post Recent Apache ActiveMQ Vulnerability Exploited in the Wild appea…

primary
0.89exploit · 19 Apr, 23:13seclists.org

Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes

Posted by Matthias Ferdinand on Apr 19 [ hopefully, discussing binary releases is not off-topic ] Personally, I am guilty of not compiling packages myself (except for so…

primary