THE Hacker News’ weekly recap dated 13 April 2026 flags a busy security week, including a critical zero-day quietly living in PDFs for months and aggressive state‑sponsored meddling in infrastructure coming to light. It notes that fibre optic cables can be used to eavesdrop on private conversations, signalling a rare physical‑layer threat alongside broader AI vulnerability hunting and autonomous exploit potential.
A new Windows kernel rootkit named RegPhantom, described by Nextron Systems, can achieve kernel‑mode code execution from an unprivileged context and was first seen in the wild on 18 June 2025. The piece also highlights long‑running concerns around APT28, detailing NTLMv2 hash relay attacks across multiple regions and the use of EdgeOS routers to drop phishing and credential‑theft campaigns.
Finally, the report touches MITRE’s Fight Fraud Framework (F3), aimed at standardising cyber‑enabled financial fraud tactics to help defenders detect and prevent such activity.