Daily Threat Briefing – April 19, 2026

Critical, actionable threat briefing reporting active exploitation of multiple Microsoft Defender zero-days (two unpatched), a widely-exploitable protobuf.js RCE with public exploit code, large-scale compromise of non-human/cloud service identities, Russian state-linked token-harvesting from compromised routers, and Payouts King ransomware using QEMU VM evasion; the report prioritizes immediate patching, credential audits, MFA/conditional access, and updated detection for VM-based evasion.