Here is the most recent Cybersecurity news for the past week:
🎲 Hasbro Initiates Controlled Shutdown Following Cyber Attack
Toy and entertainment giant Hasbro, the company behind Monopoly and Transformers, recently suffered a cyber attack that resulted in a controlled shutdown of select systems. After detecting unauthorized access, the company rapidly initiated incident response protocols, taking parts of its digital infrastructure offline to contain the intrusion and working with external cybersecurity experts to investigate the breach.
https://cybermagazine.com/news/how-did-hasbro-handle-a-cyber-attack
💊 Hims & Hers Discloses Data Breach Linked to Social Engineering
Telehealth provider Hims & Hers filed a breach notification following a sophisticated social engineering attack that compromised a third-party customer service platform. The attackers gained unauthorized access to customer service tickets, exposing user names and email addresses, though the company confirmed that electronic medical records and communications with healthcare providers remained secure.
https://www.cybersecuritydive.com/news/hims-hers-data-stolen-social-engineering/816707
🌐 Google Patches Actively Exploited Chrome Zero-Day
Google has rolled out an emergency security update to address a high-severity zero-day vulnerability (CVE-2026-5281) in its Chrome browser that is being actively exploited in the wild. The flaw is a use-after-free bug in Dawn, an open-source implementation of the WebGPU standard, which could allow remote attackers to execute arbitrary code via crafted HTML pages.
https://thehackernews.com/2026/04/new-chrome-zero-day-cve-2026-5281-under.html
🪟 Exploit Code Released for Unpatched ‘BlueHammer’ Windows Zero-Day
A security researcher has publicly released exploit code for an unpatched Windows local privilege escalation vulnerability dubbed “BlueHammer.” The zero-day flaw combines a time-of-check to time-of-use (TOCTOU) bug with path confusion, potentially allowing a local attacker to access the Security Account Manager (SAM) database and escalate privileges to the SYSTEM level.
https://www.scworld.com/brief/windows-zero-day-vulnerability-bluehammer-exploit-code-released
🤖 Anthropic’s ‘Claude Code’ AI Assistant Source Code Leaked
The source code for Anthropic’s popular artificial intelligence assistant, Claude Code, was accidentally leaked to the public. According to security researchers, an Anthropic employee inadvertently exposed the proprietary code via a map file in their npm registry, highlighting the ongoing risks of human error in securing critical AI intellectual property.
