Full archive
Latest cybersecurity alerts and incident archive
This page lists the full published alert archive for readers searching the latest cybersecurity alerts, phishing warnings, breach disclosures, malware campaigns and exploited vulnerability coverage in one place.
Use this archive when you want the complete flow of published incident reporting instead of the tighter homepage selection, including category filters, risk views and direct paths to response tools.
Filter the alert archive
Narrow the archive by category and risk level to review phishing alerts, data breach alerts, malware coverage, vulnerability updates and ransomware incidents faster.
Full alert archive
Showing 12 of 351 matching alerts. 351 published alerts are currently available in the archive.
Each alert card surfaces the threat type, documented summary and best next step so the listing itself can answer intent around latest cybersecurity alerts, phishing alerts, breach alerts and incident response without forcing every visitor to click through immediately.
Older alerts from 2021-2025 are still available, but stronger, documented and more recent reporting is ranked first so the archive stays aligned with current Google quality expectations.
Critical nginx-ui Authentication Bypass (CVE-2026-33032) Under Active Exploitation Enables Full Server Takeover
Human review: Marcin Pocztowski | Source date: Apr 15, 2026 | Sources: 3A severe authentication bypass vulnerability (CVE-2026-33032) in nginx-ui, an open-source web-based Nginx management interface, is actively exploited in the wild. This... Verified across 3 sources. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Identity Theft Recovery Planner
Prompt Injection Flaws in Microsoft Copilot and Salesforce Agentforce Enable Data Exfiltration via Form Inputs
Human review: Marcin Pocztowski | Source date: Apr 15, 2026 | Sources: 1Security researchers have identified critical prompt injection vulnerabilities in Microsoft Copilot Studio and Salesforce Agentforce that allow attackers to embed mali... Documented alert summary. Focus: affected products, exploit urgency and remediation guidance.
Best next step: Identity Theft Recovery Planner
Possible Patient Data Theft Confirmed in ChipSoft Ransomware Attack
Human review: Artur Ślesik | Source date: Apr 15, 2026 | Sources: 2Following a ransomware attack on healthcare IT provider ChipSoft, new investigations suggest that patient data may have been stolen despite earlier reassurances. We al... Verified across 2 sources. Focus: exposed data, who may be affected and breach-response priorities.
Best next step: Identity Theft Recovery Planner
Critical and High-Severity Vulnerabilities Identified in Multiple Software Products Including Online Reviewer System and Microsoft.NET
Human review: Marcin Pocztowski | Source date: Apr 15, 2026 | Sources: 7A recent bulletin from INCIBE details several critical and high-severity vulnerabilities affecting various software products such as Online Reviewer System, Microsoft.... Verified across 7 sources. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Identity Theft Recovery Planner
13 Critical Questions to Mitigate Third-Party Cybersecurity Risks
Human review: Artur Ślesik | Source date: Apr 15, 2026 | Sources: 1As organizations increasingly rely on third-party IT providers and software, their exposure to cyber threats expands significantly. This article consolidates expert in... Documented alert summary. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Identity Theft Recovery Planner
Critical Vulnerabilities in Linux Kernel BPF, Windows, MLFlow, and Other Key Systems Require Immediate Attention
Human review: Marcin Pocztowski | Source date: Apr 14, 2026 | Sources: 3Multiple high-severity vulnerabilities affecting widely used software including the Linux Kernel BPF subsystem, Windows file system driver, MLFlow, and BuhoCleaner hav... Verified across 3 sources. Focus: affected products, exploit urgency and remediation guidance.
Best next step: Identity Theft Recovery Planner
Zurich Launches Comprehensive Corporate Fraud Insurance to Shield Businesses in 2026
Human review: Artur Ślesik | Source date: Apr 14, 2026 | Sources: 1Zurich Seguros has introduced Zurich Fraudes Corporativas, a new insurance product designed to protect corporations and financial institutions against a broad spectrum... Documented alert summary. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Identity Theft Recovery Planner
McGraw-Hill Data Breach Confirmed Due to Salesforce Misconfiguration Exploited by Hackers
Human review: Artur Ślesik | Source date: Apr 14, 2026 | Sources: 1McGraw-Hill confirmed a data breach caused by a Salesforce misconfiguration, allowing unauthorized access to sensitive internal data. The breach followed an extortion... Documented alert summary. Focus: exposed data, who may be affected and breach-response priorities.
Best next step: Identity Theft Recovery Planner
APT41 Uses Typosquatting and SMTP Malware to Steal AWS, GCP, Azure, and Alibaba Cloud Credentials
Human review: Artur Ślesik | Source date: Apr 14, 2026 | Sources: 1The Chinese APT41 group has conducted a multi-year campaign targeting AWS, GCP, Azure, and Alibaba Cloud by exploiting typosquatted domains and SMTP-based malware to s... Documented alert summary. Focus: infection path, likely payload impact and containment priorities.
Best next step: Identity Theft Recovery Planner
Malware Campaign Exploits Obsidian Shell Commands Plugin to Target Finance and Cryptocurrency Professionals
Human review: Marcin Pocztowski | Source date: Apr 14, 2026 | Sources: 2A malware campaign abuses the Obsidian Shell Commands plugin to execute malicious code on Windows, macOS, and Linux devices, targeting financial and cryptocurrency pro... Verified across 2 sources. Focus: lure pattern, spoofing signals and account-protection next steps.
Best next step: Crypto Scam Checker for Fake Investments and Recovery Fraud
ViperTunnel Backdoor Linked to DragonForce Ransomware Targets UK and US Windows Servers
Human review: Marcin Pocztowski | Source date: Apr 14, 2026 | Sources: 1ViperTunnel, a Python-based backdoor linked to DragonForce ransomware, is actively compromising Windows servers in UK and US businesses. Organizations should verify pa... Documented alert summary. Focus: exposed data, who may be affected and breach-response priorities.
Best next step: Identity Theft Recovery Planner
APT41 Deploys New ELF Winnti Backdoor Targeting Linux Cloud Servers on AWS, GCP, Azure, and Alibaba
Human review: Marcin Pocztowski | Source date: Apr 14, 2026 | Sources: 1APT41 has developed a new ELF-format Winnti backdoor targeting Linux cloud servers across AWS, GCP, Azure, and Alibaba Cloud. Using SMTP-based command-and-control, it... Documented alert summary. Focus: infection path, likely payload impact and containment priorities.
Best next step: Identity Theft Recovery Planner
Alerts archive SEO topics
Archive maintenance and remediation tracking. HackWatch does not treat alerts as one-time posts. We continue checking whether vendors have issued patches, workarounds or final remediation updates, then refresh the article with the latest incident status so readers can see whether a threat is still active, mitigated or already resolved.