0day.digest

https://spbavarva.github.io/0day.digest/0day.digest0day.digest is a daily journal tracking AI launches, supply chain attacks, CVEs, breaches, and emerging threats — short signal items plus the occasional deep dive. 2026-04-14T17:12:24-07:00 Sneh Bavarva https://spbavarva.github.io/0day.digest/ Jekyll © 2026 Sneh Bavarva /0day.digest/assets/img/favicons/favicon.ico /0day.digest/assets/img/favicons/favicon-96x96.png April 2026 Patch Tuesday: SharePoint Zero-Day Among 167 CVEs Fixed2026-04-14T14:47:59-07:00 2026-04-14T14:47:59-07:00 https://spbavarva.github.io/0day.digest/posts/april-2026-patch-tuesday-sharepoint-zero-day/ Sneh Bavarva

Microsoft released patches for 167 security vulnerabilities, making this the second-largest Patch Tuesday by CVE count on record. Two zero-days are included: CVE-2026-32201, a SharePoint Server improper input validation flaw that is under confirmed active exploitation (now added to CISA’s KEV catalog), and a publicly disclosed Windows Defender weakness called “BlueHammer.” Separately, Google C...

OpenAI Launches GPT-5.4-Cyber, a Fine-Tuned Model for Defensive Security Use Cases2026-04-14T14:23:59-07:00 2026-04-14T14:23:59-07:00 https://spbavarva.github.io/0day.digest/posts/openai-gpt54-cyber-security-model/ Sneh Bavarva

OpenAI has released GPT-5.4-Cyber, a fine-tuned variant of GPT-5.4 specifically trained for defensive cybersecurity use cases. OpenAI describes the model as “cyber-permissive,” meaning it can engage with security tasks that standard models would decline. The release is paired with an expanded Trusted Access for Cyber program, which requires identity verification via a government-issued ID befo...

100+ Malicious Chrome Extensions in Web Store Steal Google OAuth Tokens and Deploy Backdoors2026-04-14T13:33:00-07:00 2026-04-14T13:33:00-07:00 https://spbavarva.github.io/0day.digest/posts/malicious-chrome-extensions-oauth-token-theft/ Sneh Bavarva

More than 100 malicious extensions in the official Chrome Web Store have been discovered actively stealing Google OAuth2 Bearer tokens, deploying backdoors, and conducting ad fraud. The extensions abuse broad permissions (cookies, storage, tabs) to silently exfiltrate authentication tokens, granting attackers persistent access to Google accounts without requiring a password. OAuth token theft ...

Anthropic Co-Founder Confirms Briefing Trump Administration on Mythos Despite Active Lawsuit2026-04-14T11:09:12-07:00 2026-04-14T11:09:12-07:00 https://spbavarva.github.io/0day.digest/posts/anthropic-mythos-trump-administration-briefing/ Sneh Bavarva

Anthropic co-founder Jack Clark confirmed at the Semafor World Economy summit that the company briefed the Trump administration on Claude Mythos Preview’s capabilities, even while Anthropic has an active lawsuit against the U.S. government. Clark explained the decision reflects Anthropic’s view that responsible AI development requires engaging government stakeholders regardless of adversarial c...

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers2026-04-13T22:50:00-07:00 2026-04-13T22:50:00-07:00 https://spbavarva.github.io/0day.digest/posts/showdoc-rce-cve-2025-0520-actively-exploited/ Sneh Bavarva

CVE-2025-0520 (CNVD-2020-26585), a CVSS 9.4 unrestricted file upload vulnerability in ShowDoc, a document management and collaboration service widely used in China, is now under confirmed active exploitation in the wild. The flaw stems from improper validation of uploaded file types, allowing unauthenticated attackers to upload arbitrary files and achieve remote code execution on the server. S...