Threat intel

What's happening in cyber, in plain English

We pull from NCSC, CISA, Have I Been Pwned and the NVD every six hours, then summarise each item into what it is, who it affects, and what you can do about it.

SeverityAll Critical High Medium Low Info

KindAll Alert Data breach Vulnerability Advisory Report

SourceAll CISA — Known Exploited Vulnerabilities (1583)NVD — high/critical CVEs (rolling 7d) (1233)Have I Been Pwned — public breach catalog (973)Microsoft MSRC — security update guide (99)Cisco PSIRT — security advisories (52)CISA — cybersecurity advisories (40)FCA — UK unauthorised firms & scam warnings (36)NCSC — news & alerts (15)NCSC — weekly threat report (0)ICO — UK data-breach trends (manual) (0)Action Fraud — UK fraud and cybercrime alerts (0)

MediumAlertNCSC — news & alerts· 23 Apr 2026· summary pending
Defending against China-nexus covert networks of compromised devices
Explaining the widespread shift in tactics, techniques and procedures (TTPs) towards networks of compromised infrastructure, and how to defend against it
MediumAlertNCSC — news & alerts· 23 Apr 2026· summary pending
NCSC: Leave passwords in the past - passkeys are the future
Passkeys are the more secure and user-friendly login method and should be the default authentication option for consumers.
MediumAlertNCSC — news & alerts· 23 Apr 2026· summary pending
International cyber agencies share fresh advice to defend against China-linked covert networks
New advisory highlights how to defend against attacker tactics believed to be used by China-linked actors to hide malicious cyber activity.
MediumAlertNCSC — news & alerts· 23 Apr 2026· summary pending
Executive Summary: Defending against China-nexus covert networks of compromised devices
Organisations should map and baseline their edge device traffic, especially VPN and remote access connections, and adopt dynamic threat feed filtering that includes known covert network indicators.
MediumAlertNCSC — news & alerts· 22 Apr 2026· summary pending
World-first NCSC-engineered device secures vulnerable display links
SilentGlass, a plug-and-play device, actively blocks any unexpected or malicious HDMI and Display Port connections.
MediumAlertNCSC — news & alerts· 21 Apr 2026
Cyber chief: UK faces "perfect storm" for cyber security
AI offline placeholder summary for: Title: Cyber chief: UK faces "perfect storm" for cyber security Kind: Alert Seve.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-5958 Race Condition in GNU Sed
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-5187 Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSL
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31473 media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31494 net: macb: use the current queue number for stats
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31525 bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31453 xfs: avoid dereferencing log items after push callbacks
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31528 perf: Make sure to use pmu_ctx->pmu for groups
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31478 ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len()
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31500 Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31507 net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31483 s390/syscalls: Add spectre boundary for syscall dispatch table
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-41988
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-41989
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31531 ipv4: nexthop: allocate skb dynamically in rtm_get_nexthop()
Information published.
MediumCVEMicrosoft MSRC — security update guide· 24 Apr 2026· summary pending
CVE-2026-31532 can: raw: fix ro->uniq use-after-free in raw_rcv()
Information published.
MediumBreachHave I Been Pwned — public breach catalog· 24 Apr 2026· summary pending
Carnival — 7.5M accounts
In April 2026, the notorious hacking collective ShinyHunters claimed they had obtained a substantial volume of data belonging to the Carnival cruise operator and attempted to extort the organisation to prevent the data from being leaked. The following week, th
MediumCVEMicrosoft MSRC — security update guide· 23 Apr 2026· summary pending
CVE-2026-21515 Azure IoT Central Elevation of Privilege Vulnerability
Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network.
MediumCVEMicrosoft MSRC — security update guide· 23 Apr 2026· summary pending
CVE-2026-32210 Microsoft Dynamics 365 (online) Spoofing Vulnerability
Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized attacker to perform spoofing over a network.
MediumCVEMicrosoft MSRC — security update guide· 23 Apr 2026· summary pending
CVE-2026-35431 Microsoft Entra ID Entitlement Management Spoofing Vulnerability
Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.
MediumCVEMicrosoft MSRC — security update guide· 23 Apr 2026· summary pending
CVE-2026-26150 Microsoft Purview eDiscovery Elevation of Privilege Vulnerability
Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.
MediumCVEMicrosoft MSRC — security update guide· 23 Apr 2026· summary pending
CVE-2026-33102 Microsoft 365 Copilot Elevation of Privilege Vulnerability
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
MediumCVEMicrosoft MSRC — security update guide· 23 Apr 2026· summary pending
CVE-2026-32172 Microsoft Power Apps Remote Code Execution Vulnerability
Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network.
MediumCVEMicrosoft MSRC — security update guide· 23 Apr 2026· summary pending
CVE-2026-24303 Microsoft Partner Center Elevation of Privilege Vulnerability
Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.
MediumCVEMicrosoft MSRC — security update guide· 23 Apr 2026· summary pending
CVE-2026-33819 Microsoft Bing Remote Code Execution Vulnerability
Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network.

Sources are pulled directly from each provider's public feed and never modified. AI summaries are produced for plain-English readability and are clearly labelled — always follow the source link for the authoritative advisory.