Active Exploitation of Apache ActiveMQ Vulnerability CVE-2026-34197 — The Hacker News

A high-severity security flaw in Apache ActiveMQ Classic, identified as CVE-2026-34197, is being actively exploited. This vulnerability allows attackers to perform unauthorized operations on the message broker, potentially leading to data breaches or service disruptions. Security teams should prioritize applying available patches and monitor for unusual activity related to ActiveMQ deployments.

Exploitation of Microsoft Defender Zero-Days in the Wild — The Hacker News

Three zero-day vulnerabilities in Microsoft Defender have been disclosed, with active exploitation reported. Two of these vulnerabilities remain unpatched, posing significant risks to systems relying on Defender for endpoint protection. Security teams should implement mitigations, monitor for Indicators of Compromise (IOCs), and apply any available patches to reduce the risk of exploitation.

• Payouts King ransomware uses QEMU VMs to bypass endpoint security [BleepingComputer]
• US-sanctioned currency exchange says $15 million heist done by "unfriendly states" [Ars Technica Security]
• Grinex exchange blames "Western intelligence" for $13.7M crypto hack [BleepingComputer]
• Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts [The Hacker News]
• Microsoft: Some Windows servers enter reboot loops after April patches [BleepingComputer]