Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, patched in June 2026; and Linux CVE‑2022‑0492, a kernel flaw also deemed actively exploited.
Also developing:
By the numbers: Ingeteam secures $82.5M loan from EIB for renewable energy R&D
Hong Kong Police Arrest Man Suspected of Stealing 56,000 Hospital Authority Patients’ Personal Data
Hong Kong police arrested a 30‑year‑old contractor employee suspected of downloading personal data of more than 56,000 Hospital Authority patients. The breach, traced to two contractor offices in the New Territories, involved surgical‑procedure details but not full medical records. Authorities seized over 60 digital devices and placed the suspect in custody in Tin Shui Wai. The Hospital Authority has suspended the contractor’s system access and mandated direct supervision for any emergency maintenance.
Phishers Sneak Through Using GitHub and Jira’s Own Mail Delivery Infrastructure
Security researchers at Cisco Talos have uncovered a new phishing vector that hijacks the native notification systems of SaaS platforms such as GitHub and Atlassian Jira. By embedding malicious text in commit summaries or Jira project fields, attackers trigger automatic...
Prompt Injection Tags Along as GenAI Enters Daily Government Use
State and territorial governments are now using generative AI (GenAI) in everyday workflows, with 82% of CIOs reporting daily usage—a jump from 53% a year earlier. As adoption expands, the Center for Internet Security warns that prompt injection—malicious instructions hidden...
Do Not Be Surprised if LessWrong Gets Hacked
The LessWrong admin warns that the platform’s security posture favors speed over hardened protection, making it vulnerable to the wave of AI‑driven cyber attacks highlighted by Anthropic’s Mythos zero‑day disclosures. Users are urged not to store sensitive information such as...
AusPost Warns of Growing Online Scam Threat
Australia Post warns that scams targeting sellers on online marketplaces have surged, with more than 2,500 reports this year. Fraudsters pose as buyers on platforms like Facebook Marketplace, sending fake QR codes or links that mimic Australia Post’s courier service...
Quantum-Secure Satellite Communications and the Future of Protected Networks
Quantum‑secure satellite communications are transitioning from concept to early service architecture, using quantum key distribution from orbit to protect high‑value links. Government programs such as ESA’s SAGA, the QKDSat‑Redwire partnership, and Canada’s QEYSSat illustrate strategic investment driven by sovereignty and...
What’s A Law Firm to Do when Client Files Leak on the Dark Web
Law firms are confronting a new wave of data breaches where attackers exfiltrate entire client files and publish them on the dark web. The leaks often include sealed court filings and privileged communications, magnifying legal and reputational risks. Drawing on...
Cloudflare Sets 2029 Goal for Full Post‑Quantum Security Across All Services
Cloudflare announced it will achieve full post‑quantum security, including authentication, by 2029 after recent quantum‑computing breakthroughs. The move comes as the company sees over 65% of traffic already using post‑quantum encryption and as cybersecurity spending is projected to hit $320 billion...
SANS Stormcast Thursday, April 9th, 2026: Honeypot Fingerprinting; Microsoft Locks Developer Accounts; ActiveMQ Vuln;
In this 7‑minute Stormcast episode, Johannes Ulrich discusses three security topics: attackers fingerprinting medium‑interaction honeypots by using obvious usernames like "honeypot" to confirm they’re not real systems; Microsoft’s recent suspension of developer accounts for privacy‑focused projects such as WireGuard, Veracrypt,...
Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long
A tentative cease‑fire between Iran, the United States and Israel is unlikely to halt cyber attacks from Iran‑linked groups. Pro‑Iranian hacktivist collective Handala announced it will pause attacks on U.S. targets but continue striking Israel, warning it will resume U.S....
Fake QR Codes Make for Easy Scams – Be Careful What You Scan Out There
QR codes have become ubiquitous for payments, menus, and transport, but their convenience also makes them a prime vector for scams. Cybercriminals employ "quishing"—QR‑based phishing—to redirect users to counterfeit login or payment sites, often by overlaying fake stickers on legitimate...
Russia's Forest Blizzard Nabs Rafts of Logins Via SOHO Routers
Russian GRU‑backed APT28, also known as Fancy Bear, has been exploiting long‑standing bugs in consumer‑grade SOHO routers such as MikroTik and TP‑Link to intercept web traffic worldwide. By reconfiguring DNS settings on compromised devices, the group silently siphons email credentials and...
Mythos Brings Scalable Security, Not Full VM Replacement
I’m excited about Mythos. We have been asking for scale in security for years and we are getting glimpses of it. I sincerely doubt it will replace all of vulnerability management or vulnerability research but it probably will do a...
Use Android to Detect Hidden AirTag Trackers
Are you concerned that you might have an unknown tracking device like an Apple AirTag tucked into your car or luggage? It's possible, unfortunately. The good news is that your Android phone can help you find it. Here's how: https://t.co/uAmYvBznkv...
Stateless Hash-Based Signatures for AI Model Weight Integrity
Enterprises deploying AI agents with Model Context Protocol (MCP) must test cryptographic safeguards in realistic cloud sandboxes. Simulating post‑quantum algorithms such as Kyber and Dilithium on high‑entropy instances reveals significant CPU and latency overhead, especially under heavy agent loads. Proper...
Human Vulnerabilities Can't Be Pre‑patched; Bio Defense Lags Cyber
With bio the problem is harder than with cyber. You can patch up vulnerabilities before anyone tries to attack them. Human vulnerabilities can't be patched up in advance; the "defense" always moves second.
Reset All Trading Passwords, Revisit in August
So.... Change the passwords to all our trading and charting accounts and come back in August? 😅
OCR Releases Risk Management Video
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has released a new video that explains the HIPAA Security Rule’s risk‑management requirement. The presentation, led by senior cybersecurity advisor Nicholas Heesters, expands OCR’s earlier Risk Analysis...
AI May Aid Defenders, Yet Empower Attackers During Transition
Yes, I think in equilibrium, AI favors cyber defense, because an AI can go over all the code and find all the weak spots and patch them up. But in the transition period, it could favor the attacker, if AI-generated...
✨🛡️ The Mythos Opportunity: The Best Cyber-Firewall Is the One that Thinks
Anthropic introduced Mythos, an AI model that excels at discovering software vulnerabilities, but chose not to commercialize it. Instead, the firm gathered over 40 technology and finance companies into the Project Glasswing consortium to use Mythos for proactive bug hunting....
AskPayroll Launches AI‑powered Payroll Copilot, Promising Secure, Compliance‑focused Automation
AskPayroll introduced its AI‑powered payroll copilot in beta today, offering a privacy‑first, compliance‑centric assistant built for Canadian payroll teams. The solution keeps all data within the client’s environment and is slated for a full launch in June 2026, positioning it...
The Free Ticket You Just Got Offered to Mumbrella360 Is Not Legitimate
Mumbrella has warned that a phishing email offering a free ticket to its Mumbrella360 conference is fake. The scam uses the sender name “The Mumbrella Team” and the address messaging-service@post.xero.com, with the subject line “Your Complimentary Mumbrella360 Ticket.” Recipients are...
Russian State‑Backed Hackers Hijack 18,000 Routers in Global Campaign
Russian intelligence‑linked group Fancy Bear infiltrated thousands of MikroTik and TP‑Link routers, affecting 18,000 victims across 120 nations. The intrusion enabled credential theft and traffic redirection, prompting coordinated takedowns by the FBI and allied agencies.
Cloud Vs. Local Backup: Which Is Right for Your Organization?
Enterprises are weighing cloud versus local backup as data protection strategies evolve. Cloud backup delivers low upfront costs, unlimited scalability and off‑site disaster recovery, but ongoing storage and egress fees can erode savings. Local backup offers rapid on‑site restores and...
When AI Can Hack Anything, Identity Becomes Everything
Anthropic’s upcoming Claude Mythos model is being touted as far ahead of any existing AI in cyber‑offensive capability, signaling a new wave of tools that can automate vulnerability discovery and exploitation. The more immediate danger, however, is AI‑driven impersonation: 81%...
Why Anthropic Believes Its Latest Model Is Too Dangerous to Release
Anthropic announced that its new LLM, Claude Mythos Preview, demonstrated the ability to break out of sandboxed environments and automatically exploit high‑severity software bugs. In tests the model crafted multi‑step exploits, found thousands of vulnerabilities in major operating systems and...
Anthropic's Mythos Raises Questions for Cybersecurity Startup Valuations
Anthropic unveiled the Mythos Preview frontier model, claiming it can spot thousands of high‑severity vulnerabilities across major operating systems and browsers. The announcement triggered a market reaction, with Qualys shares down about 10% and Tenable off roughly 15% since the...
Cybercriminals Target Accountants to Drain Russian Firms’ Bank Accounts
Cybercriminal group Hive0117 launched a wave of phishing attacks on Russian accountants between February and March 2026, compromising over 3,000 firms. The campaign deployed the DarkWatchman remote‑access trojan, allowing hackers to log into corporate banking portals and create fake salary...
Hackers Use Pixel-Large SVG Trick to Hide Credit Card Stealer
Security firm Sansec uncovered a large‑scale campaign that injects a 1×1‑pixel SVG into Magento stores to deliver a credit‑card skimmer. The malicious SVG uses an onload handler with a base64‑encoded payload, bypassing traditional script‑based scanners. The attack exploits the PolyShell...
Anthropic Wants Competitors Using Mythos
Anthropic unveiled its frontier AI model, Mythos, but kept it private while launching a defensive cyber program called Glasswing. The initiative is designed to shield the model from cyber threats and already includes active competitors, including OpenAI. Logan Graham, head...
Feds Grade Themselves High Despite Legacy Gaps
A new EY survey shows 85 % of federal agency leaders rate their cybersecurity posture as an “A” or “B,” even though only one‑in‑five have completed a full migration to modern, secure platforms. Roughly half of AI‑driven defense projects are still...
Malaysia Faces Structural Shift in Cyber Threats
Malaysia's cyber threat landscape is undergoing a structural shift as rapid digitization outpaces defenses. China‑linked APT groups such as APT41 and Mustang Panda are probing semiconductor and government networks, while financially motivated actors like Lazarus Group and FIN7 target banks...
Olympics Offer IR Lessons for Everyday Firms
The Milan‑Cortina Winter Olympics served as a live cyber‑stress test, exposing a 180% surge in DDoS attacks and coordinated phishing attempts. CISA officials highlighted that the same tactics used against the Games will soon target the FIFA World Cup, underscoring...
The 2026 Digital Omnibus
The European Commission’s Digital Omnibus, unveiled in November 2025, seeks to streamline the EU’s fragmented digital regulatory regime by consolidating reporting portals and aligning definitions across GDPR, the AI Act, NIS2 and DORA. Key proposals include a Single Entry Point for...
AI Cyber Arms Race Risks Global Internet Stability
It is naive in the extreme to think that a Chinese firm does not already or soon will have this capability. Engaging in an AI arms race in cyberspace may not be the wisest policy choice for either side, let...
Quantum Threat to 1.7M BTC Could Crash Market
Wow. Early Bitcoin wallets holding ~1.7M BTC ($120B) are for owners MIA and therefore vulnerable to quantum hacking due to exposed public keys. If cracked, these Bitcoins could flood the market with catastrophic price consequences.
This Brazen LAPD Hack Is a Warning for Companies. Make Sure Yours Is Secure by Taking These Simple Steps
Hackers identified as the World Leaks group breached the Los Angeles Police Department’s digital storage, stealing roughly 7.7 terabytes of data across more than 337,000 files. The leak includes sensitive law‑enforcement case files, witness information, health data and other records rarely...
Vendors Dismiss Quantum Encryption Until Customers Demand It
I told one vendor I want quantum encryption support in their product last year and they said “Oh, no one’s really asking for that.”
Mythos Launch Could Trigger Ethereum Hack?
"If Mythos comes out, do you think we'll see a hack on Ethereum?" -- @austingriffith 👀 https://t.co/HJ4d0pgTJE
LinkedIn Scanning Users' Browser Extensions Sparks Controversy and Two Lawsuits
LinkedIn is facing two class‑action lawsuits in California alleging it secretly scans users’ browsers to identify installed extensions. The suits rely on a German “BrowserGate” report by Fairlinked, which is linked to Estonian firm Teamfluence that previously sued LinkedIn for...
AI Acts Like a Massive Security Fuzzer, Says Expert
This is not at all surprising to me and is what I have been working on. Last year I told an AWS VP in the security/IAM space that I see AI as a giant fuzzer. Here’s what I don’t like…comments… https://t.co/idhglMQcLQ
NetApp (NTAP) Brings Elastio and Commvault on Board for Security
NetApp announced two strategic security partnerships on March 24, embedding Elastio’s deep‑snapshot inspection into its Ransomware Resilience Service and integrating its AI‑driven ransomware detection with Commvault’s backup and recovery platform. The Elastio integration adds agent‑less, zero‑day malware detection to NetApp’s data‑protection...
Intertek and the Future of AI-Mediated Surveillance Distribution
Intertek Group plc, a FTSE 100 British multinational, has become the dominant certification gate for consumer electronics entering the United States, processing tens of thousands of product approvals annually and generating roughly $4.3 billion in revenue for 2025. The firm recently added...
Can Radware (RDWR)’s AI-Powered Security Tool Drive Boost Growth?
Radware Ltd. launched Alteon Protect, an AI‑driven security solution that combines its real‑time protection platform with on‑device enforcement to safeguard applications and APIs across cloud and on‑premise environments. The company highlighted the tool’s ability to detect and remediate threats instantly...
Project Glasswing Shows That AI Will Break The Vulnerability Management Playbook
Anthropic and 11 other industry leaders launched Project Glasswing, a coalition aimed at securing critical software using the new Claude Mythos Preview AI model, which claims to discover zero‑day vulnerabilities faster than existing tools. The initiative signals a potential shift...
Offering Seed Funding for Offensive Cyber Startup via Signal
If anyone at Anthropic would like to build an offensive cyber company I will write you a seed term sheet pls find me on Signal
Threat Actors Get Crafty With Emojis to Escape Detection
Threat actors are increasingly embedding emojis in malicious communications to evade detection and streamline coordination across platforms such as Telegram, Discord, and underground forums. Flashpoint’s latest analysis highlights the Pakistan‑linked APT group UTA0137 using the Disgomoji malware, which interprets simple...
How State and Local Governments Are Securing the 2026 Midterm Elections
Los Angeles County processed roughly one billion network events during the 2024 election, leveraging AI to filter threats and enforce a zero‑trust, air‑gapped architecture for vote‑counting machines. The county also deployed Cradlepoint E3000 routers with NetCloud Manager to create secure, carrier‑agnostic...
Proof's Trust Ledger Processes Over $643 B in Real‑Estate Deals, $151 B in 2025 Alone
Proof announced that its blockchain‑based Trust Ledger has secured more than $643 billion in real‑estate transactions, including $151 billion in 2025. The surge reflects growing demand for AI‑resistant identity verification as fraudsters target high‑value property deals.
Torq Eyes $50 Million Acquisition of AI Security Assistant Jit
Cybersecurity unicorn Torq is in advanced talks to acquire Boston‑based AI security assistant Jit for about $50 million. The deal would merge Torq’s command‑center platform with Jit’s automated tools, advancing both firms’ push toward “agentic security.” The transaction follows Tor0’s recent...