Tageszusammenfassung - 16.04.2026

End-of-Day report

Timeframe: Mittwoch 15-04-2026 18:00 - Donnerstag 16-04-2026 18:00 Handler: Felician Fuchs Co-Handler: Guenes Holler

News

NIST Updates NVD Operations to Address Record CVE Growth

NIST is changing the way it handles cybersecurity vulnerabilities and exposures, or CVEs, listed in its National Vulnerability Database (NVD). In the past, NIST-s NVD program aimed to analyze all CVEs to add details - such as severity scores and product lists - that help cybersecurity professionals prioritize and mitigate vulnerabilities. Going forward, NIST will add details, or -enrich,- those CVEs that meet certain criteria, which are explained below.

https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth

New ATHR vishing platform uses AI voice agents for automated attacks

A new cybercrime platform called ATHR can harvest credentials via fully automated voice phishing attacks that use both human operators and AI agents for the social engineering phase.

https://www.bleepingcomputer.com/news/security/new-athr-vishing-platform-uses-ai-voice-agents-for-automated-attacks/

Nach Bluehammer: Frustrierter Forscher leakt weiteren Windows-Exploit

Angreifer können mit dem Exploit auf Windows -Systemen aufgrund eines Fehlers im Defender Systemrechte erlangen. Ein Patch ist noch nicht in Sicht.

https://www.golem.de/news/nach-bluehammer-frustrierter-forscher-leakt-weiteren-windows-exploit-2604-207637.html

Kognitive Schuld: KI-generierte Software erfordert traditionelle Praktiken

Damit Entwickler ihren mithilfe von KI generierten Code weiterhin verstehen können, wird die Besinnung auf traditionelle Praktiken empfohlen.

https://www.golem.de/news/kognitive-schuld-ki-generierte-software-erfordert-traditionelle-praktiken-2604-207646.html

[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)

Security cameras are great at monitoring physical doors, but terrible at locking their own digital ones. Across the internet, thousands of unpatched DVRs sit publicly exposed, many guarded only by the default vendor passwords they shipped with. For threat actors, these are low-hanging fruit. This write-up details a recent two-second Telnet capture, providing a mechanical breakdown of how quickly an exposed camera system goes from online to fully compromised by bad actors.

https://isc.sans.edu/diary/rss/32886

Anthropics Project Glasswing CVE tally is still anyones guess

Like the majority of the companies participating, it remains a mystery Last week, Anthropic surprised the world by declaring that its latest model, Mythos, is so good at finding vulns that it would create chaos if released. Now, under the title of Project Glasswing, over 50 selected companies and orgs are allowed to test the hyped up LLM to find security holes in their own products. But just how many problems have they really discovered?

https://go.theregister.com/feed/www.theregister.com/2026/04/15/project_glasswing_cves/

A fake Slack download is giving attackers a hidden desktop on your machine

This trojanized Slack installer looks normal, but quietly gives attackers an invisible desktop to access your accounts and data. We take a deep dive into the attack.

https://www.malwarebytes.com/blog/threat-intel/2026/04/a-fake-slack-download-is-giving-attackers-a-hidden-desktop-on-your-machine

Teen arrested in Northern Ireland over cyberattack on school network

A 16-year-old boy has been arrested in Northern Ireland after a cyberattack disrupted access to educational systems used by potentially hundreds of thousands of students.

https://therecord.media/northern-ireland-cyberattack-arrest

PowMix botnet targets Czech workforce

Cisco Talos discovered an ongoing malicious campaign, operating since at least December 2025, affecting a broader workforce in the Czech Republic with a previously undocumented botnet we call -PowMix.-

https://blog.talosintelligence.com/powmix-botnet-targets-czech-workforce/

Researchers Say Fiverr Left User Files Open to Google Search

Private Fiverr user documents, including tax records and IDs, were reportedly found in Google search results due to a storage configuration issue. Read more about the findings and the company-s response to the data exposure.

https://hackread.com/fiverr-left-user-files-open-to-google-search/

The German Cyber Criminal Überfall: Shifts in Europes Data Leak Landscape

Germany has reclaimed its position as a primary focus for cyber extortion in Europe. While data leak site (DLS) posts rose almost 50% globally in 2025, Google Threat Intelligence (GTI) data shows that the surge is hitting German infrastructure harder and faster than its regional neighbors, marking a significant return to the high-pressure levels previously observed in the country during 2022 and 2023.

https://cloud.google.com/blog/topics/threat-intelligence/europe-data-leak-landscape/

-Power Off-: BKA geht gegen DDoS-Angebote vor

Bundeskriminalamt und Generalstaatsanwaltschaft Frankfurt sind mit internationalen Partnern gegen sogenannte Stresserdienste vorgegangen. Es gab Festnahmen.

https://heise.de/-11261177

Europas Regierungen setzen auf eigene Messenger-Lösungen

Von Berlin bis Brüssel: Regierungen setzen verstärkt auf eigene Messenger, um Abhängigkeiten von US-Plattformen und Sicherheitsrisiken zu reduzieren.

https://heise.de/-11261147

Vulnerabilities

Cisco: Kritische Codeschmuggel-Lücken in ISE und mehr geschlossen

In Ciscos Identity Services Engine sowie Webex klaffen kritische Sicherheitslücken. Insgesamt stopfen die Entwickler 10 Sicherheitslecks.

https://www.heise.de/news/Cisco-Kritische-Codeschmuggel-Luecken-in-ISE-und-mehr-geschlossen-11259815.html

Anonymisierendes Linux: Notfallupdate auf Tails 7.6.2 schließt Flatpak-Lücke

Eine Sicherheitslücke in Flatpak ist Auslöser für ein Notfallupdate für die Linux-Distribution Tails, die anonymes Surfen ermöglicht.

https://www.heise.de/news/Anonymisierendes-Linux-Notfallupdate-auf-Tails-7-6-2-schliesst-Flatpak-Luecke-11260152.html

Gimp: Version 3.2.2 schließt Codeschmuggel-Lücke mit GIFs

Sicherheitslücken in Gimp erlauben das Einschleusen von Schadcode mit manipulierten Dateien wie GIFs. Version 3.2.2 schließt sie.

https://heise.de/-11260619