Today's Cybersecurity Pulse
Anthropic CEO meets White House over federal access to Mythos AI
Anthropic CEO Dario Amodei will meet White House chief of staff Susie Wiles to discuss government access to the company's Mythos AI model, which can discover and exploit zero‑day vulnerabilities. The meeting follows a Pentagon‑imposed blacklist after Amodei refused to lift safety restrictions, while Treasury, intelligence agencies and CISA are already testing the model.
Also developing:
By the numbers: Artemis raises $70M in combined seed and Series A round
Whoops: Russia’s Attempt To Block VPNs Causes Major Banking Failure
Russia's latest attempt to curb VPN usage backfired, triggering a nationwide outage of online banking services. The government's filtering system mistakenly targeted IP ranges belonging to major banks such as Sberbank, VTB and T‑Bank, overwhelming the network and disabling mobile payment apps for several hours. An estimated 50 million Russians use VPNs to access platforms like Telegram, underscoring the reliance on circumvention tools. The incident mirrors a similar disruption in 2018, highlighting the fragility of centralized financial infrastructure under heavy‑handed internet controls.
How the Explosion in Machine Identities Is Changing Cyber Defense
Machine identities—API keys, service accounts, certificates—now outnumber human accounts by over 100 to 1, with some sectors hitting 500 to 1, according to Obsidian Security. Fifty percent of enterprises reported breaches linked to compromised machine credentials in the past year, while only 12 % have...
FBI Classifies Suspected Chinese Breach of Wiretap Surveillance System as ‘Major Incident’
The FBI announced that a suspected Chinese state‑sponsored intrusion compromised its Digital Collection System Network (DCSNet), the internal platform that manages pen‑register and trap‑and‑trace wiretap data. The breach, achieved through a commercial ISP vendor, was classified as a “major incident”...
AWS Security Digest #256 - TY Mythos
AWS inadvertently pushed a test IAM managed policy into production, a slip caught by IAM Trail. The incident coincides with the first Mythos‑reported vulnerability appearing in AWS security bulletin 2026‑015, highlighting AI‑driven code‑scanning efforts under Project Glasswing. Research disclosed critical flaws in...
Scammers Pose as Kickstarter on Publishing Platforms—Stay Vigilant
Now publishing scammers are posing as people at Kickstarter? What is next. It came from an obvious fake Gmail address. Writer friends, please be careful.
Adobe Finally Patches PDF Pest After Months of Abuse
Adobe released a patch on April 11 for CVE‑2026‑34621, a critical zero‑day in Acrobat and Reader that allowed arbitrary code execution on Windows and macOS. The flaw was actively exploited for months, using heavily obfuscated JavaScript to profile victims and deliver...
‘Grand Theft Auto’ Publisher Rockstar Hit by Hackers Again
Rockstar Games suffered a second breach when the ShinyHunters gang used stolen authentication tokens to masquerade as a legitimate user of the AI analytics platform Anodot and infiltrate the company’s Snowflake data warehouse. The attackers accessed a limited set of...
Seven IBM WebSphere Liberty Flaws Can Be Chained Into Full Takeover
Security researchers disclosed seven interrelated flaws in IBM WebSphere Liberty, a modular Java application server, that can be chained to achieve full server takeover. The chain begins with a pre‑authentication remote code execution (RCE) vulnerability in the SAML Web SSO...
Your MTTD Looks Great. Your Post-Alert Gap Doesn't
The security industry has narrowed mean‑time‑to‑detect (MTTD) but still suffers a lengthy post‑alert gap, where analysts spend 20‑40 minutes investigating alerts. Recent AI‑driven exploits, such as Anthropic’s Mythos model, demonstrate that attackers can move in seconds, making human‑speed investigations untenable....
New Industry Resource Announced by DSA: Best Practice Guidelines for ID Documents
The Document Security Alliance, together with INTERGRAF and the Secure Identity Alliance, released the Minimum Security Standards for Identity Documents, a best‑practice guide for state issuers. The guidelines address integration of physical security features with embedded digital elements and aim...
Why DHS No Longer Has a Compliance Mindset for Cybersecurity
In this episode of Ask the CIO, former DHS Chief Information Security Officer Hemant Badewin discusses his 15‑year federal career, why he chose to leave at this pivotal moment, and his new role as Executive CISO at Knox Systems. He...
Managing Cyber Risks in the Era of Decentralized Energy
The U.S. electric grid is rapidly integrating distributed energy resources (DERs) such as rooftop solar, storage and vehicle‑to‑grid systems, creating a more resilient but digitally complex network. This shift has expanded the attack surface, with utility cyber‑attacks up 75% from...
Booking.com Warns Customers Their Private Travel Details May Have Been Accessed by ‘Unauthorised Party’
Booking.com has warned that an unauthorized third party may have accessed customers' personal travel information. The breach notification was sent to a subset of Australian users, indicating that names, booking details and itineraries could be exposed. The company said it...
GTA-Maker Rockstar Games Hacked Again but Downplays Impact
Rockstar Games, the studio behind Grand Theft Auto, suffered a second cyber intrusion within three years, as disclosed by cybersecurity outlets on Saturday. A hacker collective claimed responsibility, posting details of the breach online. Rockstar publicly downplayed the incident, stating...
MN: Spring Lake Park Schools Closed After Suspected Ransomware Attack
Spring Lake Park School District in Minnesota shut all campuses on Monday after a suspected ransomware attack crippled its computer systems. The intrusion forced the district to suspend classes and administrative operations as a precaution while local law enforcement and...
LG Uplus Gets Physical on USIM Security Update
LG Uplus has launched a free USIM replacement programme to fix a weakness in IMSI number security. The rollout began on 8 April and has already attracted at least 157,811 customers who booked store visits for the swap, with extra staff...
Google Makes It Harder to Exploit Pixel 10 Modem Firmware
Google has bolstered the security of its Pixel 10 smartphones by embedding a Rust‑based DNS parser into the cellular baseband modem firmware. The new component, derived from the open‑source hickory‑proto library, replaces legacy C code and adds roughly 371 KB to the...
N‑able Makes UEM AI-Native with MCP Server Launch
N-able unveiled its Model Context Protocol (MCP) server, a secure bridge that connects everyday AI tools directly to live data within its Unified Endpoint Management (UEM) platforms, N‑central and N‑sight. Alongside the server, the company introduced N‑zo, an in‑product AI...
Command Line: Mythos Burnout and the Boardroom
Anthropic’s Mythos large‑language model is prompting boardroom alarm as AI‑accelerated vulnerability discovery threatens to flood enterprises with exploitable findings. A new “Getting Mythos Ready” paper, authored by top CISOs, urges layered defenses—segmentation, canaries, honey tokens, and automated response playbooks—to contain...
The Dumbest Hack of the Year Exposed a Very Real Problem
In April 2026 a hacker hijacked Bluetooth‑enabled crosswalk buttons in multiple U.S. cities, uploading spoofed recordings of tech CEOs by exploiting the default password "1234" used by Polara devices. The breach affected intersections in Menlo Park, Redwood City, Palo Alto, Seattle and Denver,...
Alleged German DDoS-for-Hire Kingpin Behind Fluxstress Caught in Thailand
German national Noah Christopher, alleged operator of the Fluxstress and Neldowner DDoS‑for‑Hire services, was arrested in Bangkok last week. The 27‑year‑old had been evading capture by moving between Dubai, China and Thailand after a multi‑year probe by German and EU...
Siemens Expands Industrial Automation DataCenter with Edge AI and Cybersecurity
Siemens announced an upgraded Industrial Automation DataCenter that ships as a pre‑installed, AI‑ready turnkey solution for production environments. The platform combines NVIDIA GPUs and BlueField DPUs for edge AI acceleration with Palo Alto Networks Prisma AIRS delivering zero‑trust security. By integrating...
Rockstar Games Confirms Third‑Party Data Breach, Says No Player Impact
Rockstar Games confirmed that a breach through third‑party analytics provider Anodot exposed a limited set of non‑material corporate information, but assured there is no impact on its organization or players. Hackers ShinyHunters have set an April 14 deadline to demand...
VENOM Phishing Kit Hijacks Microsoft 365 Credentials of CEOs and CFOs
A newly documented phishing platform called VENOM is targeting CEOs, CFOs and other senior executives to steal Microsoft 365 credentials and session tokens, even when multi‑factor authentication is enabled. The service uses tailored emails, Unicode QR codes and real‑time adversary‑in‑the‑middle...
Fake Claude Website Distributes PlugX RAT
Security researchers discovered a counterfeit Anthropic Claude website that offered a fake "pro" version of the LLM, but the download actually installed a trojanized MSI. The installer runs a VBScript dropper that places a signed G DATA updater in the startup...
How Claude Mythos Preview Found Thousands of Zero-Day Vulnerabilities and Why the Health Tech Sector’s Absence From Project Glasswing Should...
On April 7, 2026 Anthropic unveiled Claude Mythos Preview, an AI model that autonomously discovered thousands of zero‑day vulnerabilities across major operating systems and browsers. The company kept the model private and launched Project Glasswing, a defensive coalition of 40+...
Seized VerifTools Servers Expose 915,655 Fake IDs, 8 Arrested
Dutch police, in coordination with the FBI, arrested eight men aged 20‑34 after seizing VerifTools servers that had produced 915,655 counterfeit identity documents. The investigation uncovered 5,169 fake Dutch IDs and 236,002 U.S.-linked documents sold for roughly $1.47 million. VerifTools generated...
OpenAI API Keys Widely Exposed Across GitHub Repositories
Seriously we gotta be grateful to vibe coders. You can literally search OPENAI_API_KEY on GitHub and find an endless supply of exposed credentials 🙏 https://t.co/1DBLMIUhyk
CISOs Tackle the AI Visibility Gap
CISOs are confronting a growing AI visibility gap as organizations race to deploy generative models and AI‑enabled tools. A Pentera 2026 survey shows 67% of security leaders lack clear insight into where AI runs, and 48% cite limited visibility as...
Hackers Minted and Sold 1 Billion DOT on Ethereum
Hackers minted 1 billion $DOT tokens on the Ethereum mainnet and then successfully sold them, according to CertiK. https://t.co/bbEO4FEH38
Iran-Linked Group Handala Claims to Have Breached Three Major UAE Organizations
Handala, an Iran‑linked hacktivist group believed to be a front for Void Manticore, claimed a massive cyberattack on three UAE agencies—Dubai Courts, Dubai Land Department, and Dubai Roads & Transport Authority. The group alleges it destroyed six petabytes of data...
Why Securing GenAI Use Starts in the Browser
Enterprise adoption of generative AI has exploded, with daily usage rising nearly 60% in a year and weekly use tripling over two years. Employees now spend more than 80% of their workday in browsers, turning the browser into the primary...
We Catch up on the News, Including AI Vuln Hunting; Also More RSAC Interviews! - Mark Lambert, Samuel Hassine, John...
ArmorCode unveiled its AI Exposure Management (AIEM) solution on the Agentic AI Platform, giving enterprises real‑time visibility into AI usage, ownership, and risk across heterogeneous environments. The launch coincides with the release of the 2026 State of AI Risk Management...
ETSI’s Response to the European Commission’s Proposal for the Cybersecurity Act 2
On 15 April 2026 ETSI issued a formal position paper responding to the European Commission’s proposal for the Cybersecurity Act 2. The standards body endorses a risk‑based, tiered certification framework, calls for transparent governance and stakeholder input, and stresses the need...
Adobe Confirms Exploitation: Malware Uses Undocumented API
Adobe has confirmed active exploitation of the critical CVE‑2026‑34621 vulnerability in Acrobat and Reader on Windows and macOS. The flaw grants attackers arbitrary code execution when a user opens a crafted PDF. Exploit code abuses an undocumented API, SilentDocCenterLogin(), and...
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe released emergency updates to fix a high‑impact Acrobat and Reader flaw identified as CVE‑2026‑34621. The vulnerability, rated 8.6 on the CVSS scale, allows arbitrary code execution via prototype pollution and has been confirmed exploited in the wild. Affected products...
Accenture and Google Cloud Unveil Brussels Centre to Accelerate Sovereign AI Adoption
Accenture and Google Cloud have launched a Sovereign Centre in Brussels, featuring a dedicated training facility and an air‑gapped environment for secure AI and cloud experimentation. The centre combines Accenture’s industry and AI expertise with Google Distributed Cloud’s air‑gapped technology...
Cyber Threats for PV: What Are Man-in-the-Middle Attacks and How Do They Work
Man‑in‑the‑middle (MITM) attacks are emerging as a critical cyber threat to network‑connected photovoltaic (PV) plants, allowing adversaries to intercept, modify, or block communications between controllers, inverters and monitoring systems. Such attacks can cause operational failures, physical damage to equipment, and...
Europe Is Dismantling Its Own Rulebook to Compete with America
On 19 November 2025 the European Commission unveiled a Digital Omnibus package that amends the AI Act, GDPR, ePrivacy Directive, Data Act and several cybersecurity rules. The proposal delays high‑risk AI obligations by up to 16 months, adds a GDPR “legitimate‑interest” basis for...
OpenBSD Installs with All Services, Even SSH, Disabled
When you install OpenBSD for the first time and everything is disabled by default (including SSH). 😅
CPUID Watering Hole Attack Spreads STX RAT Malware
Threat actors compromised the CPUID website between April 9‑10, 2026, swapping legitimate CPU‑Z and HWMonitor download links with malicious installers for roughly six hours. The trojanized files contained a malicious DLL that used DLL sideloading to deliver the STX remote‑access trojan,...
Check Point Launches WA PoP for Workplace Security SASE
Check Point Software Technologies has opened a Western Australia point of presence (PoP) for its Workplace Security SASE platform, delivering local data residency and compliance with WA‑specific legislation. The Perth PoP joins existing sites in Sydney, Melbourne and Auckland and...
India Unveils New Security Standards for Its Digital Payments System to Drive Global Adoption
India’s Bureau of Indian Standards (BIS) has rolled out new security norms covering biometric authentication, QR‑code payments, and digital‑currency handling. The guidelines aim to curb fraud, improve interoperability, and build consumer confidence in the country’s fast‑growing fintech ecosystem. BIS consulted...
A Legal Imperative for Strengthening Data Governance, Protecting Personal Information
South African companies face mounting pressure from the Protection of Personal Information Act (POPIA) to tighten data governance as digital transformation creates fragmented record‑keeping environments. Mohammed Vachiat of Konica Minolta South Africa argues that integrating digital record systems is now...
Fixing Vulnerability Data Quality Requires Fixing the Architecture First
Art Manion of Tharros argues that vulnerability data quality is fundamentally an architecture issue, not merely a metrics problem. He introduces the concept of Minimum Viable Vulnerability Enumeration (MVVE) and finds no single set of assertions can guarantee cross‑repository consistency....
Token Is All You Need: Finding 0days with LLMs and Agentic AI
The blog details how large language models (LLMs) have transformed zero‑day discovery from a niche skill into a scalable service. By using the "Carlini Loop"—a file‑by‑file prompting technique—Anthropic, OpenAI and open‑source projects have uncovered hundreds of high‑severity bugs in heavily...
Ground Control & VIAVI Partner to Secure Maritime Navigation Against GNSS Jamming
VIAVI Solutions and Ground Control have teamed up to embed VIAVI’s Secure µPNT STL‑1000 receiver into the RockFLEET Assured maritime tracking platform. The software‑defined, low‑power unit leverages SecureTime altGNSS LEO services to provide a trusted secondary source of positioning, navigation and...
ZeroID: Open-Source Identity Platform for Autonomous AI Agents
ZeroID is an open‑source identity platform that adds a credentialing layer for autonomous AI agents and multi‑agent systems. It uses RFC 8693 token exchange to create verifiable delegation chains, automatically attenuating scopes as tasks cascade. The platform supports real‑time revocation through...
CESNET, Ribbon Achieve PoC in Quantum-Secured Optical Networking
Ribbon Communications announced the successful completion of a quantum key distribution (QKD) proof‑of‑concept with CESNET, the Czech Republic’s national academic network. The test used Ribbon’s Apollo optical platform to deliver Layer‑1 encryption with virtually zero latency, proving quantum‑secured transmission can...
Best MDM Solutions for 2026: 9 Tools Worth Considering
Enterprises now juggle over 10,000 endpoints, with mobile devices comprising about 60% of the fleet, according to IDC. A new G2‑based evaluation of 20+ MDM platforms highlights nine solutions that excel in policy deployment, security enforcement, and remote lock‑down capabilities....