Category archive
Scam alerts
Track the latest scam alerts, fake support incidents, delivery fraud, payment scams and rapid verification guidance in one archive.
This landing page groups scam alerts into one indexable archive so users and Google can navigate the incident stream by topic instead of only by date, with stronger internal links into the right tools and recovery paths.
Filter the alert archive
Narrow the archive by category and risk level to review phishing alerts, data breach alerts, malware coverage, vulnerability updates and ransomware incidents faster.
Full alert archive
Showing 12 of 241 matching alerts.
Each alert card surfaces the threat type, documented summary and best next step so the listing itself can answer intent around latest cybersecurity alerts, phishing alerts, breach alerts and incident response without forcing every visitor to click through immediately.
Older alerts from 2021-2025 are still available, but stronger, documented and more recent reporting is ranked first so the archive stays aligned with current Google quality expectations.
Critical and High-Severity Vulnerabilities Identified in Multiple Software Products Including Online Reviewer System and Microsoft.NET
Human review: Marcin Pocztowski | Source date: Apr 15, 2026 | Sources: 7A recent bulletin from INCIBE details several critical and high-severity vulnerabilities affecting various software products such as Online Reviewer System, Microsoft.... Verified across 7 sources. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Identity Theft Recovery Planner
Remote Code Execution Risk in AI Agent Ecosystem Rooted in MCP Architectural Design
Human review: Marcin Pocztowski | Source date: Apr 16, 2026 | Sources: 7A fundamental architectural choice in the Model Context Protocol (MCP) reference implementation by Anthropic has exposed a widespread remote code execution (RCE) vulne... Verified across 7 sources. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Identity Theft Recovery Planner
Axios NPM Supply Chain Attack Delivers Malicious Payloads to Developers
Human review: Artur Ślesik | Source date: Apr 03, 2026 | Sources: 6In early April 2026, attackers compromised Axios NPM packages, injecting malicious payloads through dependencies. This supply chain breach threatens developers and org... Verified across 6 sources. Focus: infection path, likely payload impact and containment priorities.
Best next step: Identity Theft Recovery Planner
Malware Campaign Exploits Obsidian Shell Commands Plugin to Target Finance and Cryptocurrency Professionals
Human review: Marcin Pocztowski | Source date: Apr 14, 2026 | Sources: 2A malware campaign abuses the Obsidian Shell Commands plugin to execute malicious code on Windows, macOS, and Linux devices, targeting financial and cryptocurrency pro... Verified across 2 sources. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Crypto Scam Checker for Fake Investments and Recovery Fraud
Basic-Fit Data Breach Exposes Personal Data of One Million European Users
Human review: Artur Ślesik | Source date: Apr 13, 2026 | Sources: 2Basic-Fit confirmed a data breach impacting around one million users across Europe, with 200,000 accounts in the Netherlands affected. The incident exposes personal in... Verified across 2 sources. Focus: exposed data, who may be affected and breach-response priorities.
Best next step: Identity Theft Recovery Planner
Critical Weak Password Vulnerability in Horner Automation Cscape and XL4, XL7 PLCs Enables Unauthorized Access
Human review: Marcin Pocztowski | Source date: Apr 16, 2026 | Sources: 3A high-severity vulnerability (CVE-2026-6284) affecting Horner Automation’s Cscape software and XL4, XL7 PLCs allows attackers with network access to brute force weak... Verified across 3 sources. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Identity Theft Recovery Planner
Adobe Reader Zero-Day CVE-2026-34621 Exploited via Malicious PDFs: Immediate Patch Required
Human review: Marcin Pocztowski | Source date: Apr 13, 2026 | Sources: 4A critical zero-day vulnerability (CVE-2026-34621) in Adobe Reader is actively exploited through malicious PDFs, allowing attackers to execute code remotely. Adobe has... Verified across 4 sources. Focus: affected products, exploit urgency and remediation guidance.
Best next step: Identity Theft Recovery Planner
Iran-Linked Handala Group Allegedly Breaches Major UAE Government Entities, Claims Massive Data Destruction and Theft
Human review: Artur Ślesik | Source date: Apr 07, 2026 | Sources: 5The Iranian-affiliated threat actor Handala reportedly compromised key United Arab Emirates government bodies, including the Dubai Courts Department, Dubai Land Depart... Verified across 5 sources. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Identity Theft Recovery Planner
McGraw-Hill Data Breach Confirmed Due to Salesforce Misconfiguration Exploited by Hackers
Human review: Artur Ślesik | Source date: Apr 14, 2026 | Sources: 1McGraw-Hill confirmed a data breach caused by a Salesforce misconfiguration, allowing unauthorized access to sensitive internal data. The breach followed an extortion... Documented alert summary. Focus: exposed data, who may be affected and breach-response priorities.
Best next step: Identity Theft Recovery Planner
Critical nginx-ui Authentication Bypass (CVE-2026-33032) Under Active Exploitation Enables Full Server Takeover
Human review: Marcin Pocztowski | Source date: Apr 15, 2026 | Sources: 3A severe authentication bypass vulnerability (CVE-2026-33032) in nginx-ui, an open-source web-based Nginx management interface, is actively exploited in the wild. This... Verified across 3 sources. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Identity Theft Recovery Planner
EngageLab SDK Vulnerability Exposes 50 Million Android Users to Data Breaches
Human review: Artur Ślesik | Source date: Apr 10, 2026 | Sources: 4A critical flaw in the EngageLab SDK affects over 50 million Android users, enabling malicious apps to exploit trusted permissions and access sensitive personal data w... Verified across 4 sources. Focus: exposed data, who may be affected and breach-response priorities.
Best next step: Crypto Scam Checker for Fake Investments and Recovery Fraud
Critical Marimo Pre-Authentication RCE Vulnerability in Flowise AI Agent Builder Under Active Exploitation
Human review: Marcin Pocztowski | Source date: Apr 12, 2026 | Sources: 3A critical pre-authentication remote code execution vulnerability named Marimo in Flowise AI Agent Builder is actively exploited, exposing over 12,000 instances to cre... Verified across 3 sources. Focus: affected products, exploit urgency and remediation guidance.
Best next step: Crypto Scam Checker for Fake Investments and Recovery Fraud
Alerts archive SEO topics
Archive maintenance and remediation tracking. HackWatch does not treat alerts as one-time posts. We continue checking whether vendors have issued patches, workarounds or final remediation updates, then refresh the article with the latest incident status so readers can see whether a threat is still active, mitigated or already resolved.