Cybersecurity Headlines — April 18, 2026
- Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched — Internet
- Tracking Mirai Variant Nexcorium: A Vulnerability-Driven IoT Botnet Campaign — Fortinet.com
- Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild — Help Net Security
- CISA flags Apache ActiveMQ flaw as actively exploited in attacks — BleepingComputer
- NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions — Internet
- Mythos Poses Risk to SEC Market-Tracking Database, Group Says — Insurance Journal
- Discourse Is Not Going Closed Source — Discourse.org
- Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation — Internet
- How Zscaler and OpenAI turn zero-trust security into an AI accelerator — SiliconANGLE News
- Mythos poses risk to SEC market-tracking database, group says — Financial Post
From the Trenches
As a cybersecurity practitioner, I’m seeing an uptick in actively exploited zero-days across multiple platforms. The recent discovery of three Microsoft Defender Zero-Days that are being actively exploited is particularly concerning. Two of these vulnerabilities remain unpatched, leaving organizations vulnerable to attacks.
This highlights the importance of keeping software up-to-date and patching known vulnerabilities promptly. In this case, it’s not just about the vulnerability itself, but also about the potential impact on an organization’s network if they’re left exposed. The fact that two of these vulnerabilities are still unpatched is a stark reminder that no system is completely secure.
The active exploitation of these zero-days also underscores the need for organizations to have robust security controls in place, including intrusion detection and prevention systems. As attackers continue to find new ways to exploit vulnerabilities, it’s essential that defenders stay one step ahead by prioritizing patching and securing their networks.
🔧 Patch Priority: Apache ActiveMQ CVE-2026-34197 matters because it has been added to the CISA KEV amid active exploitation, making it a high-priority target for patches.
Compiled daily. Stay patched, stay vigilant.