Daily Security Briefing #232
- DjediTech
- Security , Newsletter
- April 22, 2026
Table of Contents
April 22, 2026 | Read Online
Critical Spring Authorization Server flaw exposed, Firefox vulnerabilities patched, and AI-powered Check Point Firewall at Google Cloud Next…
Executive Summary
Cybersecurity threats continue to evolve with malicious actors adapting to disruptions. The recent discovery of a critical vulnerability in the Spring Security Authorization Server highlights the importance of robust security measures. Meanwhile, multiple high-severity flaws have been patched in Firefox 150, and Check Point has rolled out an AI-powered cloud firewall as a service on Google Cloud.
Top Articles
Critical Spring Authorization Server Issue Exposes Systems to XSS and SSRF Attacks A critical vulnerability, tracked as CVE-2026-22752, has been disclosed in Spring Security Authorization Server, affecting organizations running Dynamic Client Registration endpoints. The flaw allows attackers to inject malicious client metadata, potentially leading to Stored Cross-Site Scripting (XSS), Privilege Escalation, and Server-Side Request Forgery (SSRF) attacks. GBHackers
Mozilla Firefox 150 Released With Fixes for Multiple Code Execution Vulnerabilities Mozilla has released Firefox 150 to patch 41 security vulnerabilities, including multiple high-severity flaws that could lead to remote code execution. Users should immediately update their browsers to protect against these critical memory corruption and use-after-free bugs. GBHackers
AI-Powered Check Point Firewall at Google Cloud Next Check Point is continuing the rollout of an AI-powered cloud firewall as a service now available for preview on Google Cloud. This solution responds to enterprises’ demands for Zero Trust security, everywhere. Checkpoint Blog
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain Cybersecurity researchers have warned of malicious images pushed to the official “checkmarx/kics” Docker Hub repository. Unknown threat actors managed to have overwritten existing tags, including v2.1.20 and alpine. The Hacker News
Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens. The Hacker News
Apple fixes iOS bug that retained deleted notification data Apple has released out-of-band security updates for iPhone and iPad devices to fix a Notification Services flaw that could allow notifications marked for deletion to remain stored on the device. BleepingComputer
New Mirai campaign exploits RCE flaw in EoL D-Link routers A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet. BleepingComputer
‘The Gentlemen’ Rapidly Rises to Ransomware Prominence The ransomware gang has impressed researchers with its speed in scaling up operations — and its sophistication. Dark Reading
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.