Today's Cybersecurity Pulse
Microsoft releases record‑size Patch Tuesday for April
The April update cycle delivered 165 patches addressing roughly 340 unique CVEs, including two zero‑day flaws, one of which is already being exploited in the wild. Microsoft urges immediate deployment across all product families.
Also developing:
By the numbers: Artemis raises $70M Series A
The AI Supply Chain Is Actually an API Supply Chain: Lessons From the LiteLLM Breach
A recent supply‑chain breach involving Mercor’s use of the open‑source LiteLLM proxy exposed how AI middleware can become a critical attack vector. By compromising the LiteLLM gateway, attackers accessed API keys, raw prompts and model responses, bypassing traditional model‑level defenses. The incident underscores that the weakest link in enterprise AI is the API layer that connects internal data to external LLMs. Security firms such as Salt propose dedicated Agentic Security Posture Management and intent‑based detection to protect this “Agentic Action Layer.”
AI And Cybersecurity: A Glass Half-Empty/Half-Full Proposition, Where The Glass Is Holding Nitroglycerin
Anthropic unveiled Mythos, an AI model that can locate and exploit zero‑day vulnerabilities across all major operating systems and browsers, including decades‑old bugs. To curb misuse, Anthropic launched Project Glasswing, granting more than 40 leading tech firms early access, $100 million...
Enterprises Must Revamp IAM for Comprehensive Security
Enterprises are confronting a surge in credential‑based attacks that bypass traditional identity and access management (IAM) controls. A new Omdia white paper, commissioned by ID Dataweb, argues that legacy IAM frameworks can no longer protect customer, workforce, and third‑party environments. It...
Senator Launches Inquiry Into 8 Tech Giants for Failures to Adequately Report CSAM
Senate Judiciary Committee chair Chuck Grassley has opened a congressional inquiry into eight major tech firms—Meta, Amazon AI Services, TikTok, Snapchat, Discord, X.AI, Grindr and Roblox—over alleged failures to provide complete child sexual abuse material (CSAM) reports to the National...
Seeking Real-World Feedback on SAFE GRC Platform
Do you use the SAFE GRC platform? Had a chance to see it at RSAC and was impressed but don't hear from many folks using it. Would love to hear real-world feedback from current users.
Robust Patch Management Needed Before AI Vulnerability Crisis
The technical debt repo man is coming, especially for those that don’t have robust patch creation & management — & it’s clear we can’t keep cranking out bugs in the 1st place. Stay hydrated, ops teams, & tip your doordashers...
Connected Cars: Privacy Compliance Guidance
Cooley special counsel Claire Gibbs warned that original equipment manufacturers (OEMs) face mounting privacy and compliance hurdles as connected cars continuously capture sensitive driver data. She emphasized that OEMs must provide clear, timely notice and secure meaningful consent before any...
Why Legacy Networks Are a Growing Liability
Legacy networking infrastructures built on outdated hardware and operating systems are still common, but they create management complexity, performance bottlenecks, and security gaps. Organizations cling to these networks because engineers rely on familiar skill sets, budgets are tight, and executives...
Top Secret Clearance Holder Charged With Leaking Classified National Defense Information
The FBI arrested Courtney Williams, a former Special Military Unit member with a Top Secret/Sensitive Compartmented Information clearance, and charged her with leaking classified national‑defense information. Prosecutors allege that between 2022 and 2025 she provided secret data to a journalist via 10 hours...
GraphAlgo Scam: Lazarus Hackers Register Real US LLCs to Spread Malware
Cybersecurity firm ReversingLabs uncovered that North Korea‑linked Lazarus Group launched the GraphAlgo campaign by registering a bona‑fide Florida LLC, Blocmerce, to lend credibility to fake job offers targeting blockchain developers. The group now embeds malicious Remote Access Trojans in GitHub...
OneDigital Warns Clients of Alleged Salesforce Data Breach
OneDigital Investment Advisors disclosed that a breach of its Salesforce CRM exposed up to 28,414 client records, including names and Social Security numbers. The intrusion stemmed from the Drift chat‑agent integration rather than Salesforce’s core platform, and OneDigital’s internal network...
Marimo Notebook Exploited Within Nine Hours of Critical Flaw Disclosure
Within nine hours of disclosing CVE‑2026‑39987, a critical remote‑code‑execution flaw in the open‑source Marimo notebook, threat actors built and deployed a functional exploit. Sysdig observed the attack chain from reconnaissance to credential theft in under three minutes, underscoring the speed...
U.S. Treasury Unveils Cybersecurity Info‑Sharing Program for Digital‑Asset Firms
The U.S. Treasury’s Office of Cybersecurity and Critical Infrastructure Protection launched a cybersecurity information‑sharing program that will deliver actionable threat intelligence to eligible digital‑asset firms and industry groups, fulfilling a key recommendation from the President’s Working Group on Digital Asset...
NSA and FBI Urge Router Reboot After Russian GRU Hijacks Thousands of Devices
The National Security Agency and the FBI are urging U.S. residents to reboot and harden their home internet routers after a Russian military‑intelligence unit hijacked thousands of devices nationwide. The advisory follows a court‑authorized operation that removed malicious DNS settings...
The Phishing-as-a-Service Pipeline: How a Scalable Fraud Ecosystem Is Driving Global Attacks
Flashpoint’s latest research shows phishing has morphed into a full‑service ecosystem, offering subscription‑based platforms that bundle kit development, hosting, delivery and real‑time dashboards. Low‑skill actors can now launch campaigns for as little as $10, while advanced services employ reverse‑proxy (AiTM)...
Fake Claude Site Installs Malware that Gives Attackers Access to Your Computer
Researchers uncovered a counterfeit website masquerading as Anthropic’s Claude AI, offering a “Claude‑Pro‑windows‑x64.zip” installer. The zip installs a functional Claude client while silently deploying a PlugX remote‑access trojan via a signed G DATA updater and malicious avk.dll sideloading. The dropper copies...
MediStreams Achieves Clean SOC 2 Type II Certification, Strengthening Security in Healthcare Revenue Cycle Management and Payment Automation
MediStreams announced it has received a clean SOC 2 Type II audit for the full 2025 calendar year, covering Security, Availability, and Processing Integrity. The unqualified opinion was issued by independent CPA firm Aprio LLP after a year‑long assessment of its payment‑posting...
Analysis: Anthropic Claude Mythos Won’t ‘Reshape Cybersecurity’
Anthropic unveiled Claude Mythos, a frontier AI model touted to overhaul vulnerability discovery and management. The company paired the preview with Project Glasswing, granting early access to firms like CrowdStrike and Palo Alto Networks. Investor reaction was swift, sending shares of major...
What “Lilith” Actually Is
Lilith is an open‑source C++ remote administration tool designed for hands‑on learning of RAT architecture and command‑and‑control techniques. The project requires solid C++ skills, Windows internals knowledge, and a sandboxed virtual lab to compile and run safely. By building the...
FIU Researchers Demonstrate Quantum‑Resistant Video Encryption, Boosting Security by Up to 15%
A team led by S.S. Iyengar at Florida International University announced a hybrid encryption framework that scrambles video frames with quantum‑resistant keys, delivering 10‑15% stronger protection in simulations. The method works on conventional computers, positioning it for near‑term deployment in...
Compute Fuels Attacks, Committees Lag Defense Gap
Offense scales with compute. Defense scales with committees. New piece on why the attacker-defender gap is widening faster than anything we've built to close it -- and what actually moves the needle. Link in bio or cje.io
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
FINRA announced the launch of the Financial Intelligence Fusion Center (FIFC), a secure portal that enables member brokerage firms to share real‑time cybersecurity and fraud intelligence. The platform builds on FINRA Forward initiatives and incorporates data from government and private‑sector...
Electronics Industry Says FCC's Foreign-Made Router Policy Is a Bit of a Mesh
The FCC’s new rule places foreign‑made consumer routers on a Covered List, allowing only those cleared by the DoD or DHS and committed to U.S. manufacturing to receive approval. The Global Electronics Association argues the policy is misguided, noting past...
Anthropic’s Glasswing Highlights AI’s Security Paradox
Anthropic unveiled Project Glasswing, an initiative that gives more than 40 leading tech firms early access to its Claude Mythos model for proactive vulnerability detection. The program is designed to identify, test and mitigate software flaws before they can be weaponized...
You Can't Trust macOS Privacy and Security Settings
A new macOS demo shows the Privacy & Security panel can lie about folder access. Using the free app Insent on macOS 13.5‑26, the author proves an app can retain Documents access even after the toggle is disabled, provided the user later opens...
What Anthropic’s New Nightmare Means, in Plain English
Anthropic announced that its latest model, Claude Mythos Preview, can automatically discover zero‑day vulnerabilities across all major operating systems and web browsers. Rather than releasing the model publicly, Anthropic is collaborating with a consortium that includes Apple, Google and Microsoft...
Anthropic Tries to Keep Its New AI Model Away From Cyberattackers as Enterprises Look to Tame AI Chaos
Anthropic unveiled Claude Mythos, a powerful AI model designed to spot software vulnerabilities, but will only share it with a curated group of cloud and security firms under the Project Glasswing initiative. The move reflects growing concern that advanced models could become...
Nordic Banks Turn to CaaS to Fight Rising Fraud
Nordic banks are grappling with a surge in digital fraud as cashless payments dominate the region. Norwegian banks blocked roughly NOK 2.3 bn (about $250 m) and Danish banks prevented DKK 500 m (around $70 m) in attempted fraud in 2025. At the same time, compliance...
What To Know When Evaluating Sensitive Data Discovery And Classification Solutions
The Forrester Wave™ Q2 2026 evaluates the leading sensitive data discovery and classification solutions, emphasizing accuracy, scalability, and breadth of data‑source coverage. Vendors now claim 95%‑plus detection rates and support cloud, on‑prem, and in‑motion scanning, but buyers must validate performance in...
AHA Names Its Preferred Cybersecurity Provider
The American Hospital Association (AHA) has appointed Rubrik as its Preferred Cybersecurity Provider, giving roughly 5,000 member hospitals access to Rubrik’s cyber‑resilience tools and a breach‑recovery playbook. The designation is part of the AHA’s Preferred Cybersecurity & Risk Provider Program...
AI Journaling Demands Privacy as Core, Not Feature
The most personal data you will ever generate deserves more than a terms of service. When you journal with AI, you are sharing things that, for a lot of people, nobody else hears outside of a therapist. That level of trust...
Pentesting: Human Insight Over Automated Scanners
🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖 Pentesting is not a scanner or a fuzzer - whether SAST, DAST, AI, deterministic or non-deterministic. Pentesting is a human * using those tools * to see if they can find a security problem that your teams and tools may...
Stryker Warns of Earnings Fallout From March Cyberattack
Stryker disclosed that a March 11 wiper attack linked to the Iran‑backed Handala group disrupted its manufacturing, ordering and shipping systems, denting first‑quarter earnings. The breach wiped data from thousands of devices via the company’s Microsoft Intune environment and forced the...
Ultra-Powerful Vulnerability Model Reserved for Intelligence Agencies
We’ve created a model that we think could find and fix all the vulnerabilities in your application. You can’t have it. A model this powerful should only be used by the CIA and NSA to exploit your services.
Thousands of Gov Officials' Emails and Passwords Exposed Online
The emails and plaintext passwords of thousands of government representatives have been found online. https://t.co/WaJd3bjpd5
CryptoNext Security First in EU With Full NIST Quantum-Safe Certification
CryptoNext Security became the first European Union company to achieve full NIST quantum‑safe certification, confirming its implementation of the three standardized post‑quantum algorithms—CRYSTALS‑Kyber, CRYSTALS‑Dilithium and Falcon—within ProvenRun’s ProvenHSM hardware security module. The NIST CAVP validation extends beyond software, proving hardware‑level...
Legacy SDK Flaw Lets Attackers Steal Private Data
An outdated SDK carries a dangerous flaw that allows threat actors to steal private data. https://t.co/GKds3Ok79H
Aave Achieves SOC 2 Compliance, Raising DeFi Standards
Aave products and endpoints are now SOC 2 compliant, ensuring strong operational and security compliance, setting a new standard for DeFi application layer.
In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack
The weekly SecurityWeek roundup highlighted several high‑profile cyber incidents, including a March 2026 attack on medical‑device maker Stryker that will shave earnings from its first‑quarter results, and a newly disclosed Windows zero‑day dubbed BlueHammer that gives attackers full SYSTEM privileges....
Chrome's Device‑Bound Session Credentials Coming to macOS
New Device Bound Session Credentials feature for Google Chrome is also coming to macOS soon. https://t.co/AKyb6s77Fa
Tor Builds RAM‑only Relays to Thwart Hardware Seizures
The Tor Project is working with relay operators to develop "stateless" servers that run entirely in RAM. By forgetting all data upon reboot, these self-wiping relays will protect users and node operators from hardware seizures. https://t.co/C2MghAYpMj
Silent Ransom Group Leaked Another Big Law Firm: Orrick, Herrington & Sutcliffe
The Silent Ransom Group (SRG) breached law firm Orrick, Herrington & Sutcliffe in late January 2026 and spent a week inside its network before demanding a ransom. Negotiations stretched from early February to late February, with Orrick offering a maximum...
FBI Recovers "Deleted" Signal Messages Through iPhone Notifications
The FBI recovered deleted Signal messages from an iPhone by extracting push‑notification data stored by iOS. In a Texas terrorism case, agents accessed incoming messages that the defendant had set to expire and removed from the app. Apple’s operating system...
‘A Perfect Storm’: How AI Is Transforming the Global Scam Industry
A new Infoblox report reveals that AI‑driven remote‑access trojans are turning Southeast Asian scam compounds into industrial‑scale cybercrime operations. These malware tools give attackers full control of victims’ Android devices, enabling real‑time monitoring, data exfiltration and instant bank‑account draining. AI...
Anthropic’s AI Hacking Tech Triggers Concern in German Cyber Agency
Anthropic unveiled Mythos, an AI model that can locate and exploit software bugs faster than human hackers. The German Federal Office for Information Security (BSI) is in active dialogue with Anthropic after the model was shared with 12 cybersecurity firms...
Ransomware Attack on ChipSoft Knocks EHR Services Offline Across Hospitals in the Netherlands and Belgium
Dutch health‑IT firm ChipSoft confirmed a ransomware breach on April 7 that forced its flagship HiX electronic health‑record platform offline in the Netherlands and Belgium. The attack prompted the Dutch CERT (Z‑CERT) to shut down patient portals, HiX Mobile and the...
Big Tech, Big Exposure: Data From Over 3.5 Million Accounts Handed to US Authorities
Proton’s new research shows Google, Apple and Meta have handed over data from over 3.5 million user accounts to U.S. authorities in the past decade, a 770 % increase since transparency reporting began. In the first half of 2025 alone, more than...
Analysis of One Billion CISA KEV Remediation Records Exposes Limits of Human-Scale Security
Qualys analyzed over one billion CISA KEV remediation records from 10,000 organizations, revealing that critical vulnerabilities remain open longer despite a 6.5‑fold increase in ticket closures. The share of critical flaws still unpatched after seven days climbed from 56% to...
AI Expansion, Security Crises, and Workforce Upheaval Define This Week in Tech
This week’s tech headlines were dominated by AI breakthroughs, escalating security threats, and a wave of layoffs. Google unveiled a Gemini‑powered Notebooks workspace, Meta launched the multimodal Muse Spark model, and Microsoft pledged its own large‑model portfolio by 2027. At the...
XRP More Quantum-Resistant Than Bitcoin
Experts say XRP is less vulnerable to quantum threats than Bitcoin, thanks to key rotation and escrow time-locks, exposing fewer accounts. Source: Coindesk https://t.co/I2y893X172