Threat Views

April 20, 2026

April 20, 2026 Hash 18359ae20b16814e350d4fd1a8c364065 22a785b15d3ea50fb04df42b4f310bb6f 3f5226ce1642cb508c57ec62d4696eb3a URL 1http[:]//kgwoodworksandcabinets[.]com/ 2https[:]//conasegur[.]com[.]co/ 3http[:]//swiftpaynetworks[.]com/ IP 1186[.]219[.]184[.]142 245[.]251[.]115[.]132 343[.]132[.]225[.]208...

  • Apr 20 2026
ManageEngine (Password Manager Pro, PAM360, and others) Family April 2026 Security Update Advisory
Security Advisory

ManageEngine (Password Manager Pro, PAM360, and others) Family April 2026 Security Update Advisory

Overview. Multiple high-risk vulnerabilities have been disclosed in Zoho’s ManageEngine suite. the disclosure date is April 16, 2026. Affected products and affected versions. Password Manager Pro: Versions from 8600 to 13230 are affected. PAM360: Versions up to 8530 are affected. Log360: Versions between builds 13000 and 13013 are affected. Summary

  • Apr 20 2026
Cisco Product Security Update Advisory
Security Advisory

Cisco Product Security Update Advisory

Cisco Security Update Summary. Remote code execution (RCE) and path traversal vulnerabilities in the Cisco Identity Services Engine (ISE) and ISE-PIC product families have been addressed. CVE-2026-20147 is an RCE vulnerability that affects both Cisco ISE and ISE-PIC, and CVE-2026-20180 and CVE-2026-20186 are RCE vulnerabilities in Cisco ISE. Affected Versions.

  • Apr 20 2026
Siemens Product Security Update Advisory
Security Advisory

Siemens Product Security Update Advisory

Siemens product security update overview. Siemens has released security updates that address multiple authentication and authorization-related vulnerabilities in its SINEC NMS, RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P), and Industrial Edge Management product lines. the main vulnerabilities are authentication bypass, password reset due to bypassing authorization verification, privilege escalation, and

  • Apr 20 2026
Nginx UI Product Security Update Advisory (CVE-2026-33032)
Security Advisory

Nginx UI Product Security Update Advisory (CVE-2026-33032)

Overview. CVE-2026-33032 is an authentication bypass vulnerability discovered in the Nginx UI. the vulnerability allows access to the MCP endpoint with an unauthenticated request, creating conditions that could allow remote control of Nginx configuration or behavior. Impact and risk. affected products are Nginx UI version 2.3.5 and earlier. through authentication

  • Apr 20 2026
March 2026 APT Attack Trends Report (Domestic)
APT

March 2026 APT Attack Trends Report (Domestic)

Overview ahnLab monitored APT attacks against domestic targets during the month of March 2026. most of the attacks were launched through Spear Phishing emails sent after reconnaissance of specific targets. APT Attack Trends in Korea the majority of distribution vectors were shortcut (.lnk) files, with LNK-based attacks dominating. Type A

  • Apr 20 2026