Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, patched in June 2026; and Linux CVE‑2022‑0492, a kernel flaw also deemed actively exploited.
Also developing:
By the numbers: Ingeteam secures $82.5M loan from EIB for renewable energy R&D
Claude Code's Source Code Leaks Via Npm Source Maps
A security researcher uncovered the entire Claude Code repository after source maps in its npm package exposed a Cloudflare R2 bucket containing every file. The leak reveals a sophisticated architecture: a 40‑tool plugin system, a 46,000‑line query engine, multi‑agent “swarms”, an IDE bridge with JWT authentication, and a persistent memory directory. Technical choices such as the Bun runtime, Ink‑based React terminal UI, Zod v4 validation, and lazy‑loaded heavy dependencies are also visible. Analysts are now dissecting the code for both insights and potential vulnerabilities.
‘StravaLeaks’: How Le Monde Located 18,000 French Military Personnel with a Fitness App
Le Monde’s investigation, dubbed “StravaLeaks,” identified roughly 18,000 French military personnel who publicly shared workout data on the Strava app. The disclosed routes pinpointed high‑value assets, including the Charles de Gaulle carrier strike group, nuclear‑submarine base Île Longue, and even the movements of...
Understanding the Updated COPPA Rules and Their Impact on Child Safety
The Federal Trade Commission’s updated COPPA rules will take effect on April 22, 2026, marking the first major overhaul since 2013. The amendments require separate, opt‑in parental consent for targeted ads and third‑party data sharing, broaden the definition of personal...
Black Hat USA
Black Hat USA 2026 returns to Las Vegas for a six‑day cybersecurity showcase, featuring four days of expert‑led trainings, a summit day, and a two‑day conference with briefings, Arsenal tool demos, and a Business Hall. Attendees can use promo code...
Investing in Depthfirst
Depthfirst, an AI‑focused security startup, announced its Series B funding and introduced dfs‑mini1, a specialized model that outperforms leading AI systems at detecting smart‑contract vulnerabilities while costing far less to run. The platform builds a semantic model of a customer’s environment,...
Anthropic's Claude Code Leak Exposes Internal Architecture
Oh boy, including "Undercover" Claude -> Claude Code's source code appears to have leaked via a misconfigured npm package, revealing internal codenames, a “Self-Healing Memory” architecture, and more "For Anthropic, a company currently riding a meteoric rise with a...
IDnow and Trustfull Partner for Continuous Fraud Prevention
IDnow, Europe’s leading identity‑verification provider, has teamed up with fraud‑prevention specialist Trustfull to launch a continuous, end‑to‑end risk‑management solution. The joint offering merges IDnow’s AI‑driven verification suite with Trustfull’s real‑time digital and behavioural intelligence, extending protection beyond the initial onboarding...
TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks
A high‑severity zero‑day (CVE‑2026‑3502) in TrueConf’s video‑conferencing client was exploited in the wild, allowing attackers to replace legitimate updates with malicious code. The flaw, rated 7.8 CVSS, enables arbitrary code execution via DLL side‑loading and was used in the TrueChaos...
Rethinking Vulnerability Management Strategies for Mid-Market Security
Mid‑market security teams are confronting a widening gap between the surge in disclosed vulnerabilities—rising from roughly 30,000 to 50,000 CVEs annually—and their ability to remediate them quickly. Chris Wallis, founder of Intruder, argues that counting CVEs is insufficient; the real...
AI and Quantum Are Forcing a Rethink of Digital Trust
Enterprises are confronting a seismic shift in digital trust as AI agents multiply, pushing machine‑to‑human identity ratios from 100:1 toward 1,000:1. At the same time, digital certificates are being issued with ever‑shorter lifespans, complicating lifecycle management and increasing the risk...
Dynamic Identity Systems Needed for Independent AI Agents
Identity for AI agents came up in almost every serious conversation last week at RSAC. It is not just “give them an identity.” It is that: identities are dynamic agents act independently and they will outnumber humans We built identity systems for people. Now we need...
Linx Security Raises $50M Series B as Identity Becomes Security’s Biggest Failure Point
Linx Security announced a $50 million Series B round led by Insight Partners, bringing its total capital to $83 million. The New York‑based startup offers an AI‑native identity governance platform that continuously maps, monitors and automates control of human, machine and AI‑agent identities. With...
Autonomous Agents Risk Malicious Prompts Despite Sandbox Efforts
This is the type of thing I’m worried about with completely “autonomous” agents only the inclusion of something more malicious than ads. It could be unintentional or via prompt injection. I have some tools that can run while I’m sleeping...
How to Handle Unexpected Calls About Unclaimed Funds
Scammers are increasingly posing as government agencies to lure victims with promises of unclaimed funds, often citing specific amounts and urgent deadlines. They use phishing tactics such as fake texts, phone calls, and requests for upfront processing fees. Legitimate unclaimed...
AI Safety Becomes a Cybersecurity Priority
AI safety has entered the cybersecurity era. @IrenaCronin and I write this newsletter every week. AI safety is becoming a cybersecurity issue because advanced AI can now help both defenders and attackers, making the risks more immediate and practical. As AI systems...
Iran Conflict Highlights Cyberthreat Exposure of U.S. Facilities
State‑backed actors tied to the Iran conflict are exploiting insecure smart‑building and operational‑technology systems, as highlighted in WiredScore’s 2026 resiliency report. The report notes that retrofitted legacy assets and internet‑connected IoT devices dramatically expand the cyber‑physical attack surface for commercial...
BREAKING: Anthropic Just Leaked Claude Code’s Entire Source Code
Anthropic inadvertently published the Claude Code 2.1.88 source map to the npm registry, exposing the full JavaScript source and 44 internal feature flags. The leak revealed fully built, but unreleased, capabilities such as 24/7 background agents, multi‑Claude orchestration, cron scheduling,...
Securing Cloud Infrastructure for AI
The brief warns that AI workloads running in cloud environments create novel attack surfaces that existing vulnerability‑management frameworks cannot adequately protect. Nation‑state actors are accelerating discovery and exploitation cycles, while public resources like the National Vulnerability Database are overwhelmed by...
Axios Software Tool Used by Millions Compromised in Hack
Axios, a widely used NPM client for HTTP requests, was compromised after a hacker breached a maintainer's GitHub account and published malicious versions. The package, downloaded roughly 80 million times weekly, could deliver payloads to Windows, macOS and Linux machines. By...
Siemens Adds Viakoo Platform for OT and IoT Security
Siemens Smart Infrastructure has signed an agreement with Viakoo to integrate the Viakoo Action Platform into its service portfolio. The cloud‑based solution provides automated firmware updates, certificate management, password enforcement, and compliance tracking for OT and IoT device fleets. By...
AI Code Leaks Boost Demand for Software Security Jobs
Woke up to news of supply chain attacks on NPM and Claude Code’s source code leaking…again. It seems the only tech jobs that AI with any job security are going to be software security jobs. It’s only going to get...
CrewAI Vulnerabilities Expose Devices to Hacking
Open‑source AI orchestration framework CrewAI disclosed four interrelated vulnerabilities. The flaws—CVE‑2026‑2275, ‑2285, ‑2286, and ‑2287—stem from the Code Interpreter tool’s fallback to an insecure sandbox and improper configuration checks. Exploited together, they enable remote code execution, SSRF, and arbitrary file...
Iran Deploys 'Pseudo-Ransomware,' Revives Pay2Key Operations
Iran has resurrected the state‑backed Pay2Key ransomware operation, enlisting Russian cybercriminal affiliates to target high‑impact U.S. and Israeli entities. The campaign employs “pseudo‑ransomware,” encrypting data while delivering destructive wiper payloads to obscure motives. Affiliate rewards have been boosted to 80%...
New Bitdefender Assessment Helps Organizations Identify and Eliminate Hidden Internal Attack Paths
Bitdefender launched a complimentary Internal Attack Surface Assessment to help enterprises pinpoint hidden internal cyber risks tied to excessive user access and shadow IT. The service leverages the GravityZone PHASR platform to deliver data‑driven visibility down to the individual user...
From AI Risks to Rapid Control Implementation
I hosted a roundtable at RSAC with NTT Data on AI risk. The conversation has shifted. We are past “what are the risks of AI.” Now it is: how do we operationalize controls fast enough? That is a very different problem.
Extending API Keys Beyond the RIPE Database
RIPE NCC is extending its API‑key authentication model from the RIPE Database to the LIR Portal services, allowing keys to be generated directly within each service while remaining centrally visible. The new design adds usage timestamps, fine‑grained permissions, modern password‑hashing...
AI Coding Assistants Poised to Flood Software with Zero‑Day Bugs
Security researchers say AI‑generated coding agents will soon produce a flood of zero‑day vulnerabilities, fundamentally altering exploit development. The shift could accelerate the pace of high‑impact bugs and strain the software supply chain.
ChatGPT Security Issue Enabled Data Theft via Single Prompt
Security researchers at Check Point uncovered a vulnerability in ChatGPT that allows a single crafted prompt to create a covert data‑exfiltration channel. The flaw leveraged a hidden DNS side‑channel from the model's isolated container, enabling both data leakage and remote...
AI Model Mythos Amplifies Attack Scale and Internal Threats
A leaked model is raising new concerns about AI and cybersecurity. Anthropic’s “Mythos” is described as a step change in capability, especially in how AI agents can act, reason and operate independently. That makes it easier for attackers to scale operations...
Quantum Leap Brings Excitement and Cryptographic Risks
"It's clear we are crossing a moment. It's exciting. We'll be able to use quantum computers. But it's CONCERNING too, because it'll be cryptographically relevant." Dolev Bluvstein https://t.co/OMA9HmxIQs
Download: 2026 SANS Identity Threats & Defenses Survey
The 2026 SANS Identity Threats & Defenses Survey reveals that 55% of organizations suffered an identity‑related breach in the past year. MFA fatigue contributed to 26% of those attacks, indicating user weariness with multi‑factor prompts. The report details how threat...
Quantum Leap Could Accelerate Crypto's Existential Threat
A new quantum breakthrough may have cut the timeline dramatically. On Unchained, Alex Pruden and Dolev Bluvstein join me to discuss: ⚛️ When quantum becomes a real threat 🔐 What breaks first in crypto ⏳ Whether we’re already behind https://t.co/OMA9HmxIQs
AI Agent Identity Layer: Next Cybersecurity Frontier
I recently joined @reckless on @DecoderPod to discuss the “SaaSpocalypse,” the future of software, and why the identity layer for AI agents could become the biggest category in cyber. Really enjoyed this conversation: https://t.co/afZ84f2ymM
The Axios Breach: What Salesforce Developers Need to Know
The popular JavaScript HTTP client Axios suffered a supply‑chain breach that injected a Remote Access Trojan into versions 1.14.1 and 0.30.4. The malicious code is delivered through npm, a channel that sees roughly 300 million downloads each week, giving the attack...
State Quantum Power Lies in Hidden Communications Exploitation
Ok I just want to add one thing. Folks, for state actors, the value of having a quantum computer is massively higher if you DON’T tell people you have a quantum computer. Exploiting Bitcoin is a parlor trick. Exploiting the world’s communications...
Victims Receive $27.92 Settlement After 2024 Evolve Hack
Remember back in 2024 when a Russian cybercrime group hacked Evolve and exfiltrated terabytes of data, including user data like SSN and account numbers? Victims are finally getting their settlement payments: $27.92 https://t.co/9rKUgGOh5I
Companies House ‘Developing a Case for Upgrade Investments’ After Five-Month Data-Security Breach
Companies House disclosed a five‑month data‑security flaw that let any user potentially edit another company’s details by pressing the back button four times. The defect, traced to an October software update, prompted a temporary shutdown of the WebFiling service and...
Secure Hybrid Self‑Managed and Managed MCP Server Setup
You could use a mix of self-managed and managed MCP servers. Here's an example of using both, and securing them in a production-ready way. https://t.co/reHeaq6QEV https://t.co/5pLxHwGKWv
BeyondTrust Reveals New Token Injection and Exfiltration Vectors
Where else can the tokens be injected and exfiltrated. This is the original report from BeyondTrust.
Board Briefing: Data at Risk: What Boards Are Missing on Cyber, AI & Regulation
Corporate Board Member Network is hosting a one‑hour virtual briefing on April 23, 2026, titled “Data at Risk: What Boards Are Missing on Cyber, AI & Regulation.” The session features privacy‑law expert Kwabena Appenteng, who will explain where companies are...
DNS Covert Channel Bypasses AI Guardrails, Enables Remote Shell
“Specifically, it abuses a hidden DNS-based communication path as a "covert transport mechanism" by encoding information into DNS requests to get around visible AI guardrails. What's more, the same hidden communication path could be used to establish remote shell access...
Map Data, Centralize Control—Simple Shift, Big Cybersecurity Impact
Cybersecurity is overdue for a makeover. More of a focus on knowing where data lives, who has access, and how risk moves. One university proved it: map the data, identify real risks, centralize control. Simple shift. Big impact. https://t.co/GLJlBbM1uN
FBI Issues Urgent Warning: Cybercriminals Are Targeting Musicians
The FBI’s Internet Crime Complaint Center warned that cybercriminals are increasingly targeting musicians, industry staff, and fans. Between early 2024 and late 2025, complaints surged, highlighting extortion, AI‑driven streaming fraud, romance scams, and intellectual‑property theft. Criminals breach social‑media accounts, steal...
AI's Dual Role Fuels Security Edge at RSAC
“AI on Both Sides: Friend, Foe, and Everything In Between” RSAC 2026 Recap: Chatbots, Deepfakes, and Smart Glasses Highlight a Security World on Edge https://t.co/qHl5CXvVip #RSAC #RSAC26 https://t.co/IgIm5EZ5DI
Quantum Crypto Threats Unlikely Within Our Lifetime
Neat paper on securing cryptocurrencies against quantum attacks. I want to stress that I am not convinced we have anything to worry about in my lifetime. This tweet might haunt me. https://t.co/d1i4reP93g
How to Give Your Google Account a Quick ‘Security Checkup’
Google’s Security Checkup is a free, web‑based audit that guides users through essential account protections, including password strength, two‑factor authentication, recent sign‑in activity, and third‑party app access. The tool, introduced in 2018, helps both consumers and enterprises quickly identify and...
PQC Adoption Accelerates as Qubit Requirements Shrink
More warning lights keep blinking for the urgency of PQC adoption in many fields as advances in both hardware and algorithm construction keep reducing the number of qubits and gates needed for a CRQC. https://t.co/55FxttUDdD https://t.co/nmDa4iDWbr https://t.co/MOfzj3Tl4O
EnSilica Joins UK CHERI Adoption Collective to Accelerate Secure-by-Design Silicon
EnSilica has been selected to join the newly formed CHERI Adoption Collective, a UK‑government‑backed initiative aimed at embedding hardware‑level memory safety into critical systems. The collective brings together infrastructure operators such as BT, National Grid and SSE, along with semiconductor...
RSAC 2026: Cohesity Enhances Cyber Resilience with Next-Generation Malware Scanning Powered by Sophos
Cohesity announced native integration of Sophos next‑generation malware scanning into its Data Cloud platform. The feature, included with the Enterprise Edition, detects zero‑day, polymorphic and fileless threats hidden in backup data without requiring a separate Sophos license. Scans run incrementally...
RSAC 2026: Commvault Extends Enterprise Resilience to Structured and AI Data with Real-Time Governance Controls
Commvault announced an expansion of its data security posture management (DSPM) to include structured data and AI‑driven vector databases, leveraging its recent acquisition of Satori. The new real‑time data access governance lets security teams monitor and control structured data usage,...