MUST READ

CVE-2026-39987: Marimo RCE exploited in hours after disclosure

 | 

UAT-10362 linked to LucidRook attacks targeting Taiwan-based institutions

 | 

EngageLab SDK flaw opens door to private data on 50M Android devices

 | 

Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials

 | 

Eurail data breach impacted 308,777 people

 | 

Malicious PDF reveals active Adobe Reader zero-day in the wild

 | 

Masjesu botnet targets IoT devices while evading high-profile networks

 | 

The alleged breach of China’s National Supercomputing Center can have serious geopolitical consequences

 | 

Internet-Exposed ICS Devices Raise Alarm for Critical Sectors

 | 

U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog

 | 

Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics

 | 

Signature Healthcare hit by cyberattack, services and pharmacies impacted

 | 

Project Glasswing powered by Claude Mythos: defending software before hackers do

 | 

U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs

 | 

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

 | 

Major outage cripples Russian banking apps and metro payments nationwide

 | 

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

 | 

GPUBreach exploit uses GPU memory bit-flips to achieve full system takeover

 | 

Phishing LNK files and GitHub C2 power new DPRK cyber attacks

 | 

BKA unmasks two REvil Ransomware operators behind 130+ German attacks

 | 

CVE-2026-39987

Pierluigi Paganini April 11, 2026
CVE-2026-39987: Marimo RCE exploited in hours after disclosure

A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure. A critical flaw in Marimo, tracked as CVE-2026-39987 (CVSS score of 9.3) was exploited just 10 hours after disclosure (On April 8, 2026). Sysdig Threat Research Team observed exploitation of the Marimo flaw within 9 […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

CVE-2026-39987: Marimo RCE exploited in hours after disclosure

Hacking / April 11, 2026

UAT-10362 linked to LucidRook attacks targeting Taiwan-based institutions

Security / April 10, 2026

EngageLab SDK flaw opens door to private data on 50M Android devices

Hacking / April 10, 2026

Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials

Cyber Crime / April 10, 2026

Eurail data breach impacted 308,777 people

Data Breach / April 09, 2026