Official intelligence summary

HAIJA INTEL REPORT

Generated 22/04/2026, 10:16. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources8
Tweets / X7
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.

Tweets / X

7 items
@TalosSecurity avatar
TalosSecurity @TalosSecurity
21 Apr, 19:02 · secondary
0.55
Is your office printer secretly putting your network at risk? Amy and Martin Lee chat through 2025 phishing and APT trends to expose how threat actors are blending high-tech exploits with everyday business workflows to bypass your best defenses: https:// cs.co/6015BB66Pf
tweet media
open on X
@SpecterOps avatar
SpecterOps @SpecterOps
21 Apr, 21:40 · core
0.54
A compromised AI tool became an attack path into enterprise identity. @jaredcatkinson breaks down the lesson from the recent Vercel breach: AI tools are non-human identities w/ delegated access. If compromised, attackers inherit it. Read more
tweet media
open on X
@_dirkjan avatar
_dirkjan @_dirkjan
21 Apr, 20:41 · core
0.46
Me trying to figure out Agent Identities in Entra ID. I really wonder who decided apps and service principals weren't already difficult enough to understand and went with a design that is even wayyy more complicated .
tweet media
open on X
@Unit42_Intel avatar
Unit42_Intel @Unit42_Intel
21 Apr, 23:31 · secondary
0.39
#SEOPoisoning seen delivering #LummaStealer via fake YubiKey pages. The attack chain utilizes DLL sideloading and PowerShell-based defense evasion to deploy a heavily obfuscated AutoIt loader, which ultimately injects Lumma Stealer directly into memory: https:// bit.ly/4u5e8tp
tweet mediatweet media
open on X
@s0md3v avatar
s0md3v @s0md3v
22 Apr, 03:12 · secondary
0.29
Just released v6.0.0 It supports ECMA 2025 so you can parse js files with cutting-edge syntax. 4x speedup too ^_^ Parse javascript in python Introducing esprima2: https:// github.com/s0md3v/esprima2
tweet media
open on X
@gynvael avatar
gynvael @gynvael
21 Apr, 14:28 · secondary
0.25
A forum I visited had a CSRF bug and someone made a viral CSRF exploit that would post itself from victims account Devs fixed it, but posts with exploit still kept popping up. WTF? Turned out users decided it will be fun to just repost the exploit manually to mess with the devs I
open on X
@vxunderground avatar
vxunderground @vxunderground
22 Apr, 07:31 · secondary
0.24
Normal programs are like straight-A students who go to church on Sunday and respect their parents and elders. Malware is like the kid who skips school, smokes marijuana, and has pre-marital sex. Malware is BAD. Malware, not even once
open on X

Regular sources

8 items
1.00exploit · 22 Apr, 03:13seclists.org

Re: UAF in rsync 3.4.1 and below

Posted by Sam James on Apr 21 Salvatore Bonaccorso writes: https://github.com/RsyncProject/rsync/issues/871 Over there, tridge says: sam

github.com/RsyncProject/rsync/issues/871
primary · linked
1.00general · 21 Apr, 17:00darkreading.comRCE

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

The prompt injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and arbitrary code execut…

primary
1.00general · 21 Apr, 15:58rapid7.comResearch

From Bulk Export to AI-ready Security Workflows: Introducing Rapid7’s Open-Source MCP Server and Agent Skill

Security teams want more from their data than APIs and one-off reports. They want to ask better questions, move faster, and bring security context into the workflows the…

primary
1.00general · 21 Apr, 13:30thehackernews.com

No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks

The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, t…

primary
0.97critical · 21 Apr, 14:00cisa.govRCE

Hardy Barth Salia EV Charge Controller

View CSAF Summary Successful exploitation of these vulnerabilities could crash the device being accessed; a buffer overflow condition may allow remote code execution. Th…

primary
0.89exploit · 22 Apr, 03:342 mentionsseclists.org

Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes

Posted by Demi Marie Obenour on Apr 21 I believe Fedora manages to package multiple versions of Rust libraries without any problems. They don't ship them to users, thoug… | Posted by Michael Orlitzky on Apr 21 On its own this isn't sufficient because many packages pin their dependencies to specific versions or git commits. This causes a cas…

seclists.org/oss-sec/2026/q2/191
primary · linked
0.89exploit · 21 Apr, 13:10seclists.org

Libgcrypt security releases 1.12.2, 1.11.3, 1.10.x

Posted by Valtteri Vuorikoski on Apr 21 The following announcement regarding libcrypt security releases was posted to gnupg-announce and related lists today. The forward…

primary
0.84general · 21 Apr, 12:22thehackernews.com

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Cybersecurity researchers have discovered a vulnerability in Google's agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve c…

primary