CISA gives agencies two weeks to patch video conferencing bug exploited by Chinese hackers
CISA has ordered federal agencies to patch CVE-2026-3502 in TrueConf by April 16 after confirming active exploitation. The bug affects the product’s updater validation mechanism and, according to reporting on Check Point’s research, can let an attacker controlling an on-prem TrueConf server push and execute arbitrary files across connected endpoints, making it notable for government and critical infrastructure environments that rely on self-hosted communications platforms.
Cyberattacks surge as hackers target small businesses
Small businesses and nonprofits are seeing a surge in financially motivated attacks, particularly AI-enhanced business email compromise and wire fraud schemes that rely on convincing impersonation and minimal verification gaps. Real-world losses, including six-figure fraudulent transfers, highlight how attackers continue to prioritize weaker operational controls over technical exploits, making basic process validation and out-of-band verification just as critical as technical defenses.
IT talent looks the other way as wireless security incidents pile up
New research shows enterprise wireless environments are becoming a growing attack surface, driven by device sprawl, hybrid work, and increased reliance on Wi-Fi for critical operations. Despite rising incident rates and costs, organizations are struggling with staffing and visibility gaps, suggesting that wireless security is still under-prioritized compared to other parts of the network even as it becomes a primary access layer.
As the Federal Government Rushes Toward AI, Old Cybersecurity Mistakes Risk Repeating
A new analysis warns that the rapid push to adopt AI across federal systems is following the same pattern seen during earlier cloud migrations, where speed outpaced security planning and oversight. The concern is that without stronger governance and lessons learned applied early, agencies could repeat past mistakes at a larger scale, especially given AI’s expanded attack surface and dependency on complex data pipelines.
Fortinet Rushes Emergency Fixes for Exploited Zero-Day
Fortinet released emergency patches for a critical FortiClient EMS vulnerability, CVE-2026-35616, that is already being exploited in the wild, allowing unauthenticated remote code execution through crafted requests. With roughly 2,000 internet-exposed instances observed, this is another case where enterprise management infrastructure becomes a high-value target, reinforcing the need to aggressively track KEV-style exposure and apply out-of-band patches immediately.
The post InfoSec News Nuggets 04/06/2026 appeared first on AboutDFIR – The Definitive Compendium Project.
