Today's Cybersecurity Pulse
Microsoft releases record‑size Patch Tuesday for April
The April update cycle delivered 165 patches addressing roughly 340 unique CVEs, including two zero‑day flaws, one of which is already being exploited in the wild. Microsoft urges immediate deployment across all product families.
Also developing:
By the numbers: Artemis raises $70M Series A
FDA Tightens Its Medical Device Cybersecurity Guidance for Manufacturers
The FDA has issued updated cybersecurity guidance for medical devices through Section 524B, imposing stricter lifecycle security requirements. Manufacturers must now provide a software bill of materials, manage component risks, and adopt secure development processes. The guidance forces hospitals, federal agencies and vendors to overhaul legacy device security with tools like passive monitoring and network segmentation. Industry groups such as Health‑ISAC are coordinating efforts to help the sector meet the new standards.
Are US Businesses Ready for Privacy Fragmentation? Why E-Commerce and Marketing Teams Are Now on the Front Line
U.S. privacy regulation is fragmenting as new state laws in Indiana, Kentucky and Rhode Island join existing statutes, forcing businesses to embed compliance into front‑end digital experiences. E‑commerce and marketing teams now execute consent, targeting and analytics rules that vary...
Review: Box Facilitates Secure Collaboration Across Campus
Box’s cloud‑based content management platform now offers a full suite of collaboration tools, workflow automation, e‑signatures and AI‑driven features for universities. The service integrates with more than 1,500 SaaS applications, allowing seamless file sharing across Microsoft 365, Google Workspace and...
Microsoft Drops Its Second-Largest Monthly Batch of Defects on Record
Microsoft’s April Patch Tuesday addressed 165 vulnerabilities, the second‑largest monthly release in the company’s history. The update includes an actively exploited zero‑day in Office SharePoint (CVE‑2026‑32201) and a high‑severity Defender flaw (CVE‑2026‑33825) with public exploit code. Trend Micro’s Dustin Childs...
Electrosoft Wins $500M CISA Digital Transformation BPA to Modernize Federal IT
Electrosoft Services, LLC was awarded a $500 million, five‑year blanket purchase agreement by the Cybersecurity and Infrastructure Security Agency (CISA). The contract positions Electrosoft as one of four firms to provide digital transformation, cybersecurity and AI services to federal agencies, accelerating...
Cloudflare Unveils Mesh Private Networking to Replace VPNs for Agents and Workers
Cloudflare announced the launch of Cloudflare Mesh, a private networking service that integrates with its Cloudflare One platform to give developers, AI agents and serverless workers secure, zero‑trust access to internal resources. The solution promises minutes‑long setup, automatic policy enforcement...
4 Questions to Ask Before Outsourcing MDR
Security teams face relentless alerts, staffing gaps and rising expectations for uptime, making Managed Detection and Response (MDR) a strategic necessity rather than a luxury. Outsourcing MDR provides round‑the‑clock monitoring across endpoints, identities and cloud workloads, ensuring threats are spotted...
EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses
The ecosystem of EDR‑killer tools that exploit bring‑your‑own‑vulnerable‑driver (BYOVD) techniques has expanded dramatically, with researchers cataloguing nearly 90 distinct killers. Although only about 35 vulnerable Windows drivers are actively abused, each can be re‑hashed thousands of times, complicating blocklist defenses....
State Department Cyber Leader: AI Must Serve Mission Outcomes, Not Drive Them
At the Splunk GovSummit 2026, State Department Security Operations Center chief Manuel Medrano warned that artificial intelligence must serve mission outcomes, not become the objective. He outlined how AI is already sharpening cyber monitoring and incident response across the department’s...
5 Trends Defining the Future of AI-Powered Cybersecurity
The N‑able and Futurum report outlines how AI is reshaping cybersecurity, turning generative models into both attack tools and defensive assets. Attackers now automate phishing, vulnerability scanning and exploit delivery at machine speed, forcing security teams to abandon static, perimeter‑based...
Edelson Lechtzin LLP Launches Class‑Action Probe Into Kloeckner Metals Data Breach
Edelson Lechtzin LLP announced it is investigating a potential class action over the Kloeckner Metals Corporation data breach that exposed personal information for thousands of individuals. The breach, discovered on Feb. 23, 2026, involved unauthorized access between Feb. 17‑23, prompting privacy claims...
Google Finds 1,200 Logical Qubits Could Break ECC, Driving Quantum‑Resistant Authentication Push
Google researchers announced that a quantum computer with as few as 1,200 logical qubits could break elliptic curve cryptography, the backbone of modern authentication. The finding has accelerated enterprise efforts to adopt post‑quantum authentication methods ahead of NIST’s 2030 deprecation...
AI‑Driven Deepfake Scams Prompt Crypto Industry to Adopt Cryptographic Proof Systems
AI‑generated deepfakes are fueling a 500% year‑over‑year surge in crypto scams, costing an estimated $30 billion in 2025. To counter the threat, blockchain pioneer Scott Stornetta is championing cryptographic proof systems that sign video content with decentralized identifiers, a move that...
0APT Threatens Rival Krybit with Doxxing and Extortion, Escalating Ransomware Turf War
Ransomware group 0APT announced it will publish personal details of Krybit affiliates unless a payment is made, marking a rare direct confrontation between rival cyber‑crime outfits. The threat includes leaked data samples and a warning that victim organizations can contact...
Malware Campaign Lures Users with Fake Windows Update Website
Malwarebytes uncovered a new campaign that lures French‑speaking Windows users to a counterfeit Windows Update page. The site offers a fake Windows 11 24H2 update packaged as a Windows Installer (MSI) built with the legitimate WiX Toolset. When run, the MSI installs...
Space Force Official Touts AI’s Impact on Cyber Compliance
Space Force acting cyber chief Seth Whitworth says large language models are reshaping how the service reviews cyber risk and achieves compliance. He highlighted that AI can automatically patch minor misconfigurations that often serve as entry points for state‑sponsored actors....
Evolution Equity Partners Hosts 4th Presidents Forum for Cyber Leaders
Evolution Equity Partners hosted its fourth Presidents Forum on March 24, 2026 in San Francisco during RSA Conference week, drawing more than 300 CISOs, cybersecurity founders and investors. The event featured a keynote by former California governor Arnold Schwarzenegger, who...
New ‘JanaWare’ Ransomware Targeting Turkish Citizens as Cybercriminal Ecosystem Fragments
Acronis has identified a new ransomware strain called JanaWare that exclusively targets computers in Turkey by checking system locale and IP geolocation. The malware, delivered mainly through phishing emails with malicious Java archives, demands low ransoms of roughly $200 to...
Diana: Enterprise AI Assistants Securely Integrated Into Slack
Engineers from Google, MIT, Amazon, and Carnegie Mellon just built what every enterprise has been waiting for. An AI agent platform that gives every employee their own assistant in Slack, with sandboxed execution, credential isolation, and a Governor AI that blocks...
April Patches for Azure DevOps Server
Microsoft released Azure DevOps Server Patch 3, the latest update for its self‑hosted DevOps platform. The patch addresses a null‑reference exception that could abort pull‑request completions, tightens sign‑out validation to block malicious redirects, and resolves a failure when creating personal access...
In the Blogs: HIPAA HIPAA Hooray
The U.S. Department of Health and Human Services has issued a December 2024 proposal that represents the most significant update to the HIPAA Security Rule since 2013, aiming to close long‑standing cybersecurity gaps in healthcare. The IRS released IR‑2026‑46, expanding Business...
AI-Driven Tools Heighten Exchange Cyber Risk; Boost Defenses
Anthropic's Mythos and similar AI raise cyber risk for exchanges; firms accelerate defenses as automated vulnerability discovery scales. Trade: reduce exchange custody exposure. — Viktor Kopylov, PhD, CFA More insights: t.me/si14Kopylov
NYC Cyber Leaders: Join Roundtable on Secure AI
If you are a cybersecurity leader in NYC, I'll be hosting a roundtable this Thursday on secure AI adoption. Small group, strong peer set, and candid discussion about what is actually working and what is not. Free food, drinks, and great...
Cloudflare’s EmDash Tackles WordPress Plug-In Security Crisis
Cloudflare has launched EmDash, a serverless CMS positioned as a "spiritual successor" to WordPress. Built on Cloudflare Workers, Astro, and V8 isolates, EmDash promises scalable edge delivery and sandboxed plug‑ins that mitigate the plugin‑driven security flaws plaguing WordPress. The platform...
Fuzzer Generated Real Exploits at RSA 2020 without AI
There are varying levels of exploits in terms of complexity but technically my fuzzer at RSA 2020 generated exploits. Without AI. It produced a working script and performed attacks. I did review it manually. But I had/have so many more...
Claude Mythos Preview Completes Full Cyberattack Simulation for the First Time
Anthropic’s Claude Mythos Preview, released in early April, has become the first AI model to autonomously execute a full 32‑step corporate network takeover in a controlled simulation. In tests conducted by the UK AI Security Institute, the model completed an...
BoEs Bailey Sees Major Cybersecurity Risks in New Anthropic Model
Bank of England Governor Andrew Bailey warned that Anthropic’s new Mythos AI model could dramatically amplify cyber‑attack capabilities, forcing regulators to assess its threat to banking systems. He said the model may enable rapid identification of system vulnerabilities, raising cyber...
Someone Planted Backdoors in Dozens of WordPress Plug-Ins Used in Thousands of Websites
A supply‑chain attack was uncovered after the Essential Plugin portfolio was sold, with a hidden backdoor inserted into dozens of WordPress plugins. The malicious code lay dormant until this month, then began delivering payloads to any site using the affected...
WolfSSL Vulnerability Hits IoT, Routers and Military Systems, Update to 5.9.1 Now
Security researcher Nicholas Carlini disclosed CVE‑2026‑5194, a critical flaw in the wolfSSL encryption library that impacts roughly 5 billion devices, including routers, IoT gadgets, and military systems. The vulnerability bypasses certificate digest size verification, allowing attackers to forge digital IDs across...
Popular DeFi Platform Warns Users to Stay Away From Its Site After Security Breach
CoW Swap, a decentralized exchange aggregator, temporarily paused its platform after a DNS hijacking attack redirected users to a fraudulent site. The breach occurred at 14:54 UTC on April 14, 2026, prompting the team to warn traders to avoid the interface while they investigate....
Philippines Launches Broad Crackdown on Deepfakes as AI Drives Identity Fraud Surge
The Philippines has launched a whole‑of‑government campaign against deepfakes and disinformation, formalized by a memorandum of agreement among the Department of Justice, the Presidential Communications Office and the Department of Information and Communications Technology. The initiative comes amid a dramatic...
Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities
Microsoft’s April 2026 Patch Tuesday delivered fixes for 165 vulnerabilities, highlighted by an exploited SharePoint Server zero‑day (CVE‑2026‑32201) rated “important” with a CVSS score of 6.5. The flaw enables network‑level spoofing and has been added to CISA’s Known Exploited Vulnerabilities list, prompting...
Microsoft Releases Windows 10 KB5082200 Extended Security Update
Microsoft released the Windows 10 KB5082200 extended security update, addressing the April 2026 Patch Tuesday fixes. The update patches 167 vulnerabilities, including two zero‑day flaws, and upgrades Windows 10 to build 19045.7184 (Enterprise LTSC 2021 to 19044.7184). It adds RDP file phishing protections, Secure Boot status...
Joint Industry Perspective Released by the Industrial Security Harmonization Group (ISHG)
The Industrial Security Harmonization Group (ISHG) released a joint industry perspective emphasizing that industrial cybersecurity depends on how communication protocols are deployed and managed, not merely on the protocols themselves. The group—comprising FieldComm, ODVA, OPC Foundation, and Profibus & Profinet International— stresses...
McGraw-Hill Confirms Data Breach Following Extortion Threat
McGraw‑Hill disclosed that hackers leveraged a misconfigured Salesforce page to view a limited set of internal data. The company emphasized that the breach did not compromise its Salesforce accounts, customer databases, courseware, or any sensitive student information. Extortion group ShinyHunters...
Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)
Microsoft’s April 2026 Patch Tuesday released updates for 163 CVEs, including eight critical and 154 important vulnerabilities. The update contains two zero‑day flaws, one of which (CVE‑2026‑32201) was exploited in the wild targeting SharePoint. Notable critical issues include a remote...
Anthropic Mythos: Separating Signal From Hype
Anthropic’s Mythos model pushes large‑language‑model reasoning into full codebases, enabling multi‑step vulnerability discovery and realistic exploit chaining. While it outperforms earlier LLMs that suffered from context fragmentation, its power hinges on having source‑code visibility, making closed‑source and SaaS environments less...
War with Iran Raises Proxy Attack Risk and Cyber Threats in Southeast Europe
Tensions between Iran and pro‑U.S./pro‑Israel Balkan states have moved from rhetoric to concrete threats, including cyberattacks on Albanian government systems and proxy‑style terrorist plots. Albania and Kosovo have labeled Iran a state sponsor of terrorism, while Montenegro, North Macedonia and...
How to Hide Sensitive Info From Your Notifications
The FBI recently recovered deleted Signal messages from a defendant’s iPhone by extracting them from the device’s push‑notification database, exposing a hidden privacy flaw. iOS, macOS, Android and Windows all retain notification content, even after an app is removed, making...
Ransomware Groups Are Actively Disabling Your EDR Before You Even Know It
Ransomware groups are increasingly deploying “EDR killers” to silently disable endpoint detection and response tools before launching encryption. By first neutralizing security agents, attackers create a blind spot that lets them move laterally, elevate privileges, and establish persistence without triggering...
Hackers Are Targeting Critical Infrastructure to Cause Real-World Damage
Hackers linked to Iran’s CyberAv3ngers group are shifting from symbolic cyber‑espionage to sabotage of U.S. critical infrastructure. They are exploiting internet‑exposed programmable logic controllers in water, energy and industrial environments, enabling direct physical disruption. The attacks expose the danger of...
Google Rolls Out Gmail Encryption and Meet on Android Auto
Google announced that Gmail will now support end‑to‑end encryption for personal and enterprise users, leveraging OpenPGP standards. At the same time, the company integrated Google Meet into Android Auto, allowing drivers to join video calls hands‑free. The encryption feature rolls...
Hackers Are Using GitHub and Jira to Bypass Your Security
Hackers are weaponizing collaboration platforms such as GitHub and Jira by sending malicious links through native notifications like pull‑request updates and ticket comments. Because these alerts originate from trusted services, they often evade email gateways and endpoint filters. The attacks...
California’s Cybersecurity Audit Rule Is Now in Effect: Its Impact for Class Litigation
The California Privacy Protection Agency’s new cybersecurity audit rule took effect on Jan. 1, 2026, obligating certain businesses to conduct and certify an annual audit covering 18 technical and organizational safeguards. While the audit report itself is not filed publicly, the certification...
Building a CUI Enclave in Fintech: A Practical Guide to CMMC Compliance
Fintech firms handling Controlled Unclassified Information (CUI) are increasingly required to isolate that data in hardened digital enclaves to meet Cybersecurity Maturity Model Certification (CMMC) standards. The latest CMMC 2.0 condenses the original five levels into three, with Level 2 aligning...
Ethereum Foundation Launches Audit Subsidy Program for Builders
The Ethereum Foundation announced a new audit subsidy program aimed at lowering the cost of security audits for developers building on Ethereum. The initiative, launched in partnership with leading audit firms, will provide financial assistance to eligible projects, making professional...
Hardening the Silicon: Why Analog Anti-Tamper IP Is the New Security Baseline
Analog anti‑tamper IP is emerging as a baseline for hardware security as billions of IoT and automotive SoCs face increasingly sophisticated physical attacks. Hackers now employ fault injection, glitching, side‑channel, and micro‑probing techniques that can bypass software‑only protections and compromise...
TechJutsu Launches Browser Extension to Bring MFA to the Web
TechJutsu, a Calgary‑based identity‑access firm founded in 2015, unveiled its Caller Verify Universal Connector, a browser extension that embeds multi‑factor authentication (MFA) into any web application. The plug‑in works in Chrome and Edge and integrates with major CRM and collaboration...
SEAL Alliance Offers Essential Crypto Security Playbooks Amid Rising Threats
.@_SEAL_Org has been publishing "the most practical tips" for crypto operations and security, like for multisigs. They ask teams to think about what privileged actions should exist, they have playbooks for incident response, how to coordinate disclosures, etc. -- @TuongvyLe12...
Passwords and 2FA Are Cumbersome; Security Needs Simplicity
All good and fine, but the fundamental problem is that long, complex passwords and 2FA are a pain in the a**. The cybersecurity industry needs to come up with a creative way to make our devices and apps more secure,...