Newsletter on it-learn.io | IT, Networking & Cybersecurity Blog

Newsletter on it-learn.io | IT, Networking & Cybersecurity Bloghttps://blog.it-learn.io/tags/newsletter/Recent content in Newsletter on it-learn.io | IT, Networking & Cybersecurity BlogHugoen-usThu, 16 Apr 2026 00:00:00 +0000Cisco ISE and Webex RCE Flaws Patched — CVE-2026-20184, nginx-ui Exploited, SAP CVSS 9.9https://blog.it-learn.io/posts/2026-04-16-cisco-ise-and-webex-rce-flaws-patched-cve-2026-20184-nginx-u/Thu, 16 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-16-cisco-ise-and-webex-rce-flaws-patched-cve-2026-20184-nginx-u/Four critical Cisco ISE and Webex vulnerabilities patched, nginx-ui authentication bypass actively exploited, SAP April Patch Tuesday includes a CVSS 9.9 SQL injection, and Cisco Talos exposes the PowMix botnet hiding C2 traffic in Heroku API calls.Microsoft April 2026 Patch Tuesday: 167 Fixes, Exploited SharePoint Zero-Day CVE-2026-32201, and n8n Phishing Abusehttps://blog.it-learn.io/posts/2026-04-15-microsoft-april-2026-patch-tuesday-167-fixes-exploited-share/Wed, 15 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-15-microsoft-april-2026-patch-tuesday-167-fixes-exploited-share/April 2026’s record Patch Tuesday, Cisco Talos research on n8n workflow abuse for phishing, a fake Ledger Live app that drained $9.5M through Apple’s App Store, and an Android RAT turning 220K devices into proxy nodes.SAP Critical ABAP Patch, FortiClient EMS CVE-2026-21643, W3LL Phishing Takedown — 2026-04-14https://blog.it-learn.io/posts/2026-04-14-sap-critical-abap-patch-forticlient-ems-cve-2026-21643-w3ll/Tue, 14 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-14-sap-critical-abap-patch-forticlient-ems-cve-2026-21643-w3ll/SAP’s April 2026 patch cycle includes a critical ABAP vulnerability affecting 13+ products. CISA adds FortiClient EMS SQL injection CVE-2026-21643 to KEV with confirmed exploitation. FBI and Indonesia dismantle the W3LL phishing kit behind $20M in fraud. wolfSSL ECDSA flaw breaks certificate trust for embedded devices.Adobe Reader Zero-Day CVE-2026-34621 Exploited for Months — CPUID Supply Chain Compromise and OpenAI Certificate Revocationhttps://blog.it-learn.io/posts/2026-04-13-adobe-reader-zero-day-cve-2026-34621-exploited-for-months-cp/Mon, 13 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-13-adobe-reader-zero-day-cve-2026-34621-exploited-for-months-cp/Adobe Reader’s CVE-2026-34621 was actively exploited for months before the April 12 patch. CPUID’s site was compromised to serve trojanized CPU-Z and HWMonitor. OpenAI revokes its macOS signing certificate after the Axios supply chain incident cascades. APT37 shifts to Facebook for initial access.Adobe Reader Zero-Day Exploited for Months Before Emergency Patchhttps://blog.it-learn.io/posts/2026-04-12-adobe-reader-zero-day-exploited-for-months-before-emergency-patch/Sun, 12 Apr 2026 00:00:00 +0000https://blog.it-learn.io/posts/2026-04-12-adobe-reader-zero-day-exploited-for-months-before-emergency-patch/An Adobe Reader RCE exploited in the wild for months, a 19-hour supply chain compromise at CPUID, and active exploitation of a Marimo notebook flaw — plus detection guidance for trojanized utility installers.