Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent security vigilance.
Category: security
Project Zomboid identifies and bans over a dozen Steam Workshop mods containing ‘heavily obfuscated code’ that was ‘creating malicious files’
The exploit only affected Build 42 branches of Project Zomboid (the game’s current ‘unstable’ testing release), so if you’re on Build 41, you were “not vulnerable to this specific issue,” the dev said. While The Indie Stone hasn’t determined what the malicious files were actually doing, “we strongly recommend that anyone who downloaded them take appropriate security measures to ensure their system is safe. Simply uninstalling the mods is not sufficient.”
If you use mods in Project Zomboid, check them against the list below to determine if you’ve downloaded and run any of these mods, which all look to be sound or music-related.
Hackers use pixel-large SVG trick to hide credit card stealer
A massive campaign impacting nearly 100 online stores using the Magento e-commerce platform hides credit card-stealing code in a pixel-sized Scalable Vector Graphics (SVG) image.
When clicking the checkout button, the victim is shown a convincing overlay that can validate card details and billing data.
The campaign was discovered by eCommerce security company Sansec, whose researchers believe that the attacker likely gained access by exploiting the PolyShell vulnerability disclosed in mid-March.
Hackers exploit critical flaw in Ninja Forms WordPress plugin
A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution.
Identified as CVE-2026–0740, the issue is currently exploited in attacks. According to WordPress security company Defiant, its Wordfence firewall blocked more than 3,600 attacks over the past 24 hours.
With over 600,000 downloads, Ninja Forms is a popular WordPress form builder that lets users create forms without coding using a drag-and-drop interface. Its File Upload extension, included in the same suite, serves 90,000 customers.
New GPUBreach attack enables system takeover via GPU rowhammer
A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise.
GPUBreach was developed by a team of researchers at the University of Toronto, and full details will be presented at the upcoming IEEE Symposium on Security & Privacy on April 13 in Oakland.
The researchers demonstrated that Rowhammer-induced bit flips in GDDR6 can corrupt GPU page tables (PTEs) and grant arbitrary GPU memory read/write access to an unprivileged CUDA kernel.
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions.
Dubbed BlueHammer, the vulnerability was published by a security researcher discontent with how Microsoft’s Security Response Center (MSRC) handled the disclosure process.
Since, the security issue has no official patch and there is no update to address it, the flaw is considered a zero-day by Microsoft’s definition.
Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
Apple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of devices to protect users from the risk posed by a recently disclosed exploit kit known as DarkSword.
“We enabled the availability of iOS 18.7.7 for more devices on April 1, 2026, so users with Automatic Updates turned on can automatically receive important security protections from web attacks called DarkSword,” the company said. “The fixes associated with the DarkSword exploit first shipped in 2025.”