Today's Cybersecurity Pulse
Bol denies alleged fake data breach of 400,000 customers
A hacker claimed to have stolen personal data of 400,000 Belgian Bol customers and posted the alleged dataset for sale on a dark‑web forum for €100 (about $109). Bol, owned by Ahold Delhaize, publicly denied any breach and said it had no knowledge of the alleged data. The story was reported by Retail Detail and SC Media.
Splunk Enterprise Update Patches Code Execution Vulnerability
Splunk released emergency patches for several critical flaws across its Enterprise, Cloud Platform, and MCP Server products. The most severe issue, CVE‑2026‑20204, allowed low‑privileged users to upload malicious files and achieve remote code execution due to improper handling of temporary files. A second high‑severity bug, CVE‑2026‑20205, exposed session tokens in the MCP Server app to authenticated attackers. Splunk urges customers to upgrade to Enterprise versions 10.2.2, 10.0.5, 9.4.10, 9.3.11 or later, and to apply the MCP Server 1.0.3 update.
Future‑Proof Chains Must Be Quantum‑Resistant, Regardless of Timeline
Whether you believe quantum computers will become reality as soon as 2029 or decades from now, it doesn't matter. The potential alone will scare people, and there will come a point when whatever you're building will have to be quantum...
Overstretched NIST to Limit CVE Enrichments
The U.S. National Institute of Standards and Technology (NIST) announced it will stop enriching every CVE entry in its National Vulnerability Database due to a surge in submissions. CVE submissions rose 263 % between 2020 and 2025, overwhelming NIST’s resources. Going...
Standard Bank Data Breach Fallout Deepens
Standard Bank confirmed that data stolen in a March cyber‑attack has now been posted online, exposing client names, identification numbers, contact details and limited credit‑card information. The breach, attributed to a hacker using the handle “ROOTBOY,” involved a three‑week intrusion...
DC3 Making Better Sense of Its Cyber Data
In this episode of Ask the CIO, Defense Cybercrime Center (DC3) Architecture Management of Data and Enterprise Division Chief Kajal Pal explains how DC3 protects the defense industrial base through digital forensics, threat intelligence sharing, and supply‑chain security. She details...
Cybersecurity Risks of Hiring a Virtual Assistant and How to Protect Your Business
The surge in remote work has led many firms to hire virtual assistants (VAs) without robust security checks, exposing critical systems to credential theft, device compromise, and insider threats. Excessive access and shared passwords create a large attack surface, while...
If You Worry About Windows Privilege Escalation, Your Security Fails
Repeat after me: Your security program is not good enough to have to worry about escalation of privilege on Windows
French Minister Says New Measures Are Coming After Crypto Kidnappings
French interior minister delegate Jean‑Didier Berger announced new measures to curb crypto kidnappings, known as wrench attacks, after a recent €400,000 ransom case. Authorities have launched a prevention platform that already has thousands of sign‑ups and are collaborating with Interior...
Regulators Confront AI-Driven Cyber Risk After Anthropic Warning
British regulators—including the Bank of England, FCA and NCSC—are urgently assessing Anthropic’s new AI model Claude Mythos Preview after it flagged thousands of serious software vulnerabilities. The model, released as a gated research project called Glasswing, has prompted parallel concern...
AI Bots - a New Risk and Opportunity for CIOs to Manage
AI‑generated bots are flooding corporate web estates, with Akamai reporting a 300% rise in AI‑driven traffic and some CIOs seeing a 400% jump in site crawls. The surge inflates API, cloud and CDN usage, driving up operating expenses and degrading...
AI and Executive Protection: New Risks, New Defenses
AI‑generated phishing attacks are now targeting corporate executives with hyper‑personalized emails crafted from public profiles and generative AI. The barrier to launch such campaigns has collapsed, allowing amateurs to produce convincing phishing kits and doxing databases. Security teams can counter...
Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu
Reflectiz discovered that a Taboola tracking pixel approved in a bank’s CSP silently redirected logged‑in users to a Temu endpoint via a 302 response. The redirect included an Access‑Control‑Allow‑Credentials header, causing browsers to send authentication cookies to Temu and link...
Business Logic Flaws: The Silent Threat in Modern Web Applications
In late 2019 Robinhood’s options platform mis‑calculated buying power, allowing users to control positions worth hundreds of thousands of dollars with only a few thousand in capital. The flaw stemmed from a business‑logic assumption that margin‑related trades reduced risk, which...
Day 157: Building Intelligent Threat Detection Rules - Your Security Autopilot
The post walks readers through building a production‑ready threat detection rule engine that can ingest more than 1,000 logs per second, identify over 15 common attack patterns, and issue real‑time alerts with zero false negatives for critical threats. It uses...
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
Researchers at Elastic Security Labs identified a novel social‑engineering campaign that abuses Obsidian’s community plugins to deliver the previously unknown PHANTOMPULSE remote‑access trojan. Threat actors pose as venture‑capital contacts on LinkedIn and Telegram, coaxing finance and cryptocurrency professionals to enable...
Kraken Faces Extortion over Insider‑leaked Support Videos as Valuation Drops $6.7 B
Kraken disclosed that a criminal group is extorting the exchange after insiders recorded videos of its client‑support system, potentially exposing about 2,000 accounts (0.02% of users). At the same time, Deutsche Börse’s $200 million investment values Kraken at $13.3 billion, reflecting a $6.7 billion...
License-Layer Security: The Missing Piece in OTT Content Protection
Modern OTT services rely on DRM to protect streamed video, but DRM only secures content in transit. Attackers now target the license layer, extracting keys from legitimate license responses and redistributing decrypted copies at scale. The article argues that license‑layer...
Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads
Security researchers at Ox Security disclosed a critical, systemic flaw in Anthropic's Model Context Protocol (MCP) that enables arbitrary command execution. The vulnerability stems from the protocol’s STDIO interface, which runs commands even when server startup fails, exposing over 200...
CAIS
HolistiCyber’s Cyber AI Suite (CAIS) is a comprehensive service that secures AI‑driven applications from architecture through governance. It begins with a deep review of Retrieval‑Augmented Generation (RAG) pipelines and vector databases, then applies threat modeling and AI‑focused penetration testing using...
How Secure WordPress Hosting Protects Growing Agency Portfolios
Agencies managing dozens of WordPress sites face exponential security risk, as a single vulnerable plugin can cascade across a portfolio. Secure, agency‑focused hosting mitigates that threat by moving protection to the server layer with firewalls, DDoS mitigation, and continuous malware...
Inditex Data Breach: Zara Owner Inditex Reports Major Data Breach Exposing Customer Transaction Records
Inditex, the parent of Zara, disclosed a data breach that originated from a former technology provider and exposed transaction‑related information but no customer names, contact details, passwords, or payment data. The breach involved a third‑party service used by several international...
'Attention-Seeking' Man Allegedly Targeted Police, Defence in 'Cybercrime Spree'
A 22‑year‑old Adelaide resident, Aiden Wood, was charged with 12 hacking offences after allegedly launching a four‑month cybercrime spree that targeted critical government infrastructure, including the Australian Federal Police and Defence Force, as well as the NBN network at a...
Cyber Essentials Closes the MFA Loophole but Leaves some Organisations Adrift
The UK’s Cyber Essentials scheme has long been a baseline for cyber‑hygiene, especially for firms seeking government contracts. Effective 27 April, version 3.3 upgrades multi‑factor authentication (MFA) from a recommendation to a binary pass‑or‑fail rule. Any cloud service used without enabled MFA...
Norway’s State Telecoms Firm Accused of Helping Myanmar Regime Seize Activists
A Norwegian state‑owned telecom, Telenor, faces a class‑action lawsuit in Norway alleging it supplied the Myanmar military with personal data on more than 1,200 activists, facilitating arrests and alleged torture. The suit, filed by the Justice and Accountability Initiative and...
Too Many Tools, Not Enough Outcomes: Redefining MDR with Exposure Management
Rapid7 will speak at the ITWeb Security Summit JHB 2026 about redefining managed detection and response (MDR). The firm argues that the proliferation of point tools has produced fragmented defenses, and advocates an outcomes‑first model that merges detection, continuous threat exposure...
“I’m Just Scared”: Teen Hacker Jailed After Massive U.S. School Data Breach
Teen hacker Matthew Lane, now 20, was sentenced to four years in federal prison for his central role in the PowerSchool data breach, one of the largest attacks on U.S. education. The breach exposed personal information for roughly 60 million students...
HKIRC Recognised As Certification Authority Under Hong Kong Electronic Transactions Ordinance
The Hong Kong government has officially recognized Hong Kong Internet Registration Corporation Limited (HKIRC) as a certification authority under the Electronic Transactions Ordinance. This designation, announced on 16 April 2026, permits HKIRC to issue six types of trusted digital certificates for individuals...
Capsule Security Raises $7m to Secure AI Agents at Runtime
Capsule Security emerged from stealth with a $7 million seed round led by Lama Partners and participation from Forgepoint Capital International. The startup’s runtime‑first platform aims to secure AI agents while they execute tasks, preventing prompt‑injection attacks, data leaks, and unintended...
Shinka Achieves SOC 2 Type II Certification
Shinka, the independent CTV and DOOH mediation platform, announced it has earned SOC 2 Type II certification after completing a Type I audit. The certification validates that Shinka’s security, availability, processing integrity, confidentiality and privacy controls operate effectively over time. The achievement underscores...
Automotive Ransomware Attacks Double in a Year
Ransomware has become the fastest‑growing cyber threat to the automotive industry, accounting for 44% of all attacks on carmakers in 2025. Halcyon’s report shows attack frequency more than doubled last year, driven by connected vehicle platforms, OTA updates and cloud‑based...
Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments
Security researchers disclosed a new prompt‑injection technique called “Comment and Control” that exploits AI‑driven code tools on GitHub. The method tricks Claude Code Security Review, Google Gemini CLI Action, and GitHub Copilot Agent by embedding malicious prompts in pull‑request titles, issue...
US Nationals Behind DPRK IT Worker 'Laptop Farm' Sent to Prison
Two U.S. nationals, Kejia Wang and Zhenxing Wang, were sentenced to 108 months and 92 months respectively for orchestrating a scheme that placed North Korean IT workers in over 100 American companies using stolen identities. Between 2021 and October 2024...
Proactive Steps to Cut Cyber Risk Before Damage
How To Reduce Cyber Risk Before It Becomes Business Impact by @austingadient @Forbes Learn more: https://t.co/3n73qicnmw #CyberSecurity #Infosec #Technology https://t.co/WfQRH57gbm
Use of Agentic AI Erodes GDPR Compliance as We Know It. Wipro's 'Privacy by Design' Comes Into Its Own
The rise of agentic AI—autonomous systems that decompose tasks, retain memory, and act on users’ behalf—exposes gaps in current GDPR compliance frameworks. Traditional governance assumes static tools, not self‑directing agents that make micro‑decisions, store contextual data, and can be hijacked...
Anthropic’s Nuclear Bomb
Anthropic unveiled Claude Mythos Preview, an AI model that can autonomously discover and exploit zero‑day vulnerabilities with a 72.4% success rate. In tests the model cracked a 17‑year‑old FreeBSD remote code execution flaw, granting unauthenticated root access. Access is restricted...
New Approaches to Tackling Ransomware Recovery
Ransomware attacks are increasingly targeting backup data, rendering traditional zero‑trust models inadequate. Object First introduced Zero Trust Data Resilience (ZTDR), expanding zero‑trust principles with backup segmentation, multiple resilience zones, and immutable storage. Its appliance leverages Zero Access architecture to deliver...
Microsoft: April Windows Server 2025 Update May Fail to Install
Microsoft is investigating a failure of the April 2026 KB5082063 security update on Windows Server 2025, which triggers error code 0x800F0983 and, in some cases, forces servers into BitLocker recovery mode. The issue appears limited to enterprise‑managed configurations and does not affect...
Teenaged Boy Arrested After NI Schools Hacked
A 16‑year‑old was arrested in Portadown after allegedly compromising the C2K platform used by schools across Northern Ireland. The breach, which occurred at the start of the Easter break, locked students out of their accounts and exposed some personal data....
One Year on From the M&S Cyber Attack: What Did We Learn?
One year after the Easter‑week 2025 Marks & Spencer cyber breach, analysts confirm the attack originated from a simple social‑engineering phone call that compromised a third‑party help‑desk and cascaded into ransomware across VMware hosts. The incident sparked a wave of...
Sweden Reports Cyberattack Attempt on Heating Plant Amid Rising Energy Threats
Sweden’s civil defense ministry confirmed that a pro‑Russian group attempted a cyberattack on a western heating plant in 2025, but the intrusion was stopped. The operation is tied to Russian intelligence and mirrors a wave of sabotage that has hit...
Targeted Cyberattack on Northern Ireland Schools Exposes Personal Data
A recent cyberattack on Northern Ireland's Education Authority was confirmed as a targeted breach affecting a small number of schools. Forensic analysis revealed that attackers accessed personal data, though no large‑scale exfiltration has been proven. Police Service of Northern Ireland...
The Data Sovereignty Vise: Two Governments, One Compliance Trap, No Safe Harbor
China’s State Council rolled out two sweeping regulations in April 2024—Decree 834 on industrial and supply‑chain security and Decree 835 on countering foreign extraterritorial jurisdiction—both effective immediately and without a transition period. The rules clash directly with the U.S. Department of Justice’s Data...
How to Implement Passwordless Authentication to Boost User Conversion
Passwordless authentication replaces passwords with device‑bound cryptographic keys, removing a major source of friction in sign‑up and login flows. The 2026 Passwordless Conversion Impact Report shows that faster entry boosts lifetime value, while the IBM Cost of Data Breach Report...
Reddit 2026 Cybersecurity Talk Shifts From Phishing To AI Chaos
From Phishing to AI Chaos: What My Analysis of All Reddit CyberSecurity Discussions So Far in 2026 Revealed https://t.co/LF7w9E3mMR
Democratized Software, Democratized Risk: Who’s Accountable When Everyone Codes?
AI‑driven coding tools are letting non‑technical teams create software without traditional developer resources, accelerating delivery and cutting costs. However, this democratization creates governance gaps that can expose organizations to security, compliance, and accountability risks. The article advises IT leaders to...
Corporate Affairs Commission Hit by Cyberattack in Nigeria
Nigeria’s Corporate Affairs Commission confirmed a cyber‑attack that compromised its company‑registration platform, prompting an urgent investigation with the National Information Technology Development Agency. The breach threatens sensitive business data, could delay filings and erode confidence in government digital services. At...
Shadow AI and the New Visibility Gap in Software Development
Generative AI is now a core part of software development, but shadow AI—unapproved AI tools used by developers—is already mainstream, with 50% of workers globally and over 70% of UK employees relying on them. This creates a "lethal trifecta" of...
MiningDropper Turns Android Apps Into Multi-Stage Malware Delivery Systems
Researchers at Cyble have identified a surge in Android malware campaigns leveraging a new modular framework called MiningDropper. The platform repurposes the open‑source Lumolight app as a trojanized entry point and uses layered XOR and AES encryption to deliver multi‑stage...
6-Year Ransomware Campaign Targets Turkish Homes & SMBs
Researchers at Acronis have identified a low‑dollar, high‑volume ransomware operation that has been active in Turkey since at least 2020. The attackers deploy a customized Adwind RAT to deliver the JanaWare ransomware, demanding between $200 and $400 per victim. The...
Super Funds Seek to Coordinate Sector's Cyber Threat Response
The Association of Superannuation Funds of Australia (ASFA) has applied to the Australian Competition and Consumer Commission for a five‑year licence to operate the Superannuation Cyber and Financial Crime Exchange (SuperFCX), a dedicated threat‑intelligence sharing platform for the sector. The...