Today's Cybersecurity Pulse
Microsoft releases record‑size Patch Tuesday for April
The April update cycle delivered 165 patches addressing roughly 340 unique CVEs, including two zero‑day flaws, one of which is already being exploited in the wild. Microsoft urges immediate deployment across all product families.
Also developing:
By the numbers: Artemis raises $70M Series A
Juniper Networks Patches Dozens of Junos OS Vulnerabilities
Juniper Networks released patches for nearly three dozen vulnerabilities affecting its Junos OS and Junos OS Evolved platforms. The most critical flaw, CVE-2026-33784 (CVSS 9.8), involves a default password in the Support Insights Virtual Lightweight Collector that could be exploited remotely for full device takeover. Additional high‑severity bugs include a weak‑password issue in CTP OS (CVE-2026-33771) and an SSH host‑key validation flaw in Apstra that enables MITM attacks. Juniper reports no known exploitation in the wild and urges customers to apply the updates promptly.
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Researchers have uncovered a new GlassWorm variant that hides a Zig‑compiled native binary inside a counterfeit WakaTime VS Code extension. The binary acts as a dropper, locating every IDE that supports VS Code extensions and silently installing a malicious VSIX package. The...
Hungarian Government Email Passwords Exposed Ahead of Election
Bellingcat uncovered that passwords for nearly 800 Hungarian government email accounts are publicly available, affecting 12 of the 13 ministries, including national‑security officials. The leaks stem from simple, easily guessable passwords rather than sophisticated cyber attacks. The exposure comes weeks...
Hackers Claim 10‑Petabyte Theft From China’s Tianjin Supercomputer, Experts Skeptical
A self‑identified group called FlamingChina alleges it exfiltrated roughly 10 petabytes of classified data from the National Supercomputing Center in Tianjin. Cybersecurity specialists, including SentinelOne consultant Dakota Cary, say the samples look plausible but warn that the leak cannot be independently...
“We Are Trying to Scare the Daylights Out of You…
The Inside Quantum Technology newsletter this week spotlights several hot topics in the quantum sector, most notably Infleqtion’s first look at its Sqale neutral‑atom quantum computer. It also references a revised assessment that RSA/ECC cryptosystems remain vulnerable to future quantum...
Hadrian Named a Representative Vendor in the Gartner® Market Guide for Adversarial Exposure Validation
Hadrian, an agentic AI offensive security platform, has been named a Representative Vendor in Gartner’s Market Guide for Adversarial Exposure Validation (AEV) released on March 24, 2026. The guide positions AEV as the successor to breach and attack simulation and...
Powell and Bessent Met with Major U.S. Banks over Anthropic Cyber Threats
Federal Reserve Chair Jerome Powell and Treasury Secretary Scott Bessent met with top U.S. bank CEOs to discuss cyber‑security risks tied to Anthropic’s newly released Mythos AI model. The discussion was part of Project Glasswing, a joint initiative that includes...
Gmail’s End-to-End Encryption Comes to Mobile, a Year After Its Web Launch
Google has extended its client‑side, end‑to‑end encryption for Gmail to Android and iOS, completing the mobile rollout that began with the web launch in April 2025. The feature is limited to Workspace Enterprise Plus customers with the Assured Controls add‑on, allowing encrypted...
What Is an LLM Proxy and How Proxies Help Secure AI Models
Enterprises are increasingly exposing large language models (LLMs) through APIs, internal copilots, and partner integrations, driving AI spending to an estimated $2.022 trillion in 2026. To mitigate leakage, abuse, and runaway costs, organizations are adopting LLM proxies—runtime enforcement layers that inspect...
UNC6783 Hackers Use Fake Okta Pages in Corporate Breach Campaign
Google Threat Intelligence Group has identified a new threat actor, UNC6783, conducting data‑theft extortion campaigns by compromising Business Process Outsourcers. The group leverages live‑chat social engineering to deliver counterfeit Okta login pages, stealing clipboard credentials and enrolling malicious devices for...
Cynet Named Leader and Outperformer in 2026 GigaOm Radar for XDR
Cynet has been positioned as a Leader and Outperformer in the 2026 GigaOm Radar for XDR, landing in the Innovation/Platform Play quadrant for its comprehensive AI‑driven platform. The vendor earned perfect 5/5 scores in both Agentic AI detection and ecosystem...
The Cyber Express Weekly Roundup: Major State Threats, Crypto Attacks, and Legal Gaps
The Cyber Express weekly roundup highlights a surge in state‑sponsored DNS hijacking by Russia‑linked APT28, a $285 million theft from the Drift Protocol DeFi exchange, and a looming EU regulatory gap on child‑sexual‑abuse‑material detection. The U.S. Treasury announced a Digital Asset...
Catalogic Software Delivers Full NDMP Web Management and Advanced Encryption Controls with DPX 4.15
Catalogic Software unveiled DPX 4.15, its latest all‑in‑one backup and recovery platform, adding full NDMP management through a web interface, tag‑based VMware backup policies, and KMIP‑compliant key management for vStor. The release also encrypts data before it is sent to cloud...
Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
A recent threat report found that just three ransomware groups—Conti, REvil and LockBit—were responsible for roughly 40% of all ransomware incidents recorded last month. The concentration of activity drove a 15% increase in average ransom demands, reaching about $250,000 per...
SpartanX Launches Autonomous AI Full-Stack Red Teaming Platform
SpartanX unveiled an autonomous full‑stack red‑teaming platform that deploys over 500 AI‑driven offensive agents across six attack surfaces. The system continuously validates vulnerabilities with real exploits, delivering end‑to‑end attack chains without human intervention. It also auto‑generates code‑level remediation, maps findings...
Orthanc DICOM Vulnerabilities Lead to Crashes, RCE
A CERT/CC advisory disclosed nine critical vulnerabilities (CVE‑2026‑5437 to CVE‑2026‑5445) in the open‑source Orthanc DICOM server, affecting versions up to 1.12.10. The flaws include out‑of‑bounds reads, decompression‑bombs, memory‑exhaustion bugs, and heap buffer overflows that can crash servers, leak image data,...
Poisoned “Office 365” Search Results Lead to Stolen Paychecks
Microsoft researchers identified a financially motivated hacking group, Storm‑2755, that poisons Office 365 search results and runs malicious ads to lure Canadian employees to a counterfeit Microsoft 365 login page. The attackers capture credentials and proxy authentication tokens in real time, bypassing...
ImPAC Labs and Cyera Partner to Deliver Data-Aware Cloud Security
imPAC Labs announced a new integration with Cyera that blends imPAC’s cloud‑visibility and custom security controls with Cyera’s data discovery and classification engine. The partnership delivers data‑aware guardrails, allowing security teams to enforce policies based on the sensitivity of the...
Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
LayerX’s new report reveals that AI-powered browser extensions are an overlooked yet high‑risk attack vector for enterprises. While 99% of corporate users run at least one extension, AI extensions are 60% more likely to contain vulnerabilities, have three times more...
Quantum‑Safe Bitcoin Transactions Now Possible with New Binding Method
ELI5 of @avihu28's brilliant paper: 1. In a Bitcoin tx there are two parts: (1) The first part used to show that you own a Bitcoin. That part can be made post-quantum safe. (2) The second part that says who controls it...
XRP More Quantum-Resistant Than Bitcoin
Experts say XRP is less vulnerable to quantum threats than Bitcoin, thanks to key rotation and escrow time-locks, exposing fewer accounts. Source: Coindesk https://t.co/I2y893X172
UK Considers Ban on Owning Signal Jamming Devices Used by Car Thieves and Shoplifters
The UK government has launched a call for evidence on banning the possession of radio‑frequency jammers, which criminals use to disrupt security systems, GPS tracking, and emergency communications. Misuse ranges from disguising jammers as watches to block video doorbells, to...
Enterprises Store Data Right, but Lose Key Control
Data sovereignty is not data residency. Three things have to align: where data is stored, how it is encrypted, who controls the encryption keys. Most enterprises get the first right. Almost none get the third.
Binance Helps Freeze $12M in Phishing Scam Funds
BIG: 🚨 Binance supported a UK National Crime Agency–led operation targeting approval phishing scams, helping freeze $12M in illicit funds and protect over 20,000 victims across the UK, US, and Canada https://t.co/dB0eSANr9o
How AI Is Transforming Cloud-Native Identity and Access Management
AI is reshaping cloud‑native identity and access management (IAM) by replacing static rule sets with adaptive, real‑time security controls. Research shows 40% of enterprises suffered identity‑related breaches in 2024, prompting a shift toward behavioral analytics, automated least‑privilege provisioning, and zero‑trust...
Human Oversight Essential: AI Can’t Fully Guard Cybersecurity
Why We Can’t Let #AI Take the Wheel of Cyber Defense by Steve Durbin @SecurityWeek Learn more: https://t.co/m9sL8PCrDB #CyberSecurity #Infosec #IT #Technology https://t.co/VFKJzyJskQ
Telia Norway Stops over 8 Mln Scam Calls to Mobile Lines in Q1
Telia Norway reported that it blocked 8.4 million fraudulent calls from reaching mobile users in Q1 2026, potentially preventing roughly NOK 250 million (about $27.5 million) in losses. The telecom operator highlighted a surge in targeted SMS‑based attacks known as spearfishing, which aim at extracting...
Meta’s Muse Spark AI Asks Users for Health Data, Prompting Privacy and Safety Alarm
Meta launched Muse Spark, an AI assistant that invites users to paste fitness‑tracker, glucose‑monitor or lab‑report numbers for analysis. Early testing revealed inaccurate medical guidance and raised alarms about data privacy, HIPAA compliance and potential misuse of health information.
CrowdStrike's Identity Security Hits $520M ARR, 34% YoY Growth in FY2026 Q4
CrowdStrike announced that its Next‑Gen Identity business closed fiscal 2026 with over $520 million in annual recurring revenue, growing 34% year over year and surpassing the company's 24% overall ARR growth. The surge underscores a strategic pivot toward identity protection amid...
Google Quantum AI Flags Near‑term Crypto Break Risk, Bernstein Says Threat Now Manageable
Google Quantum AI warned that advances in quantum computing could soon break cryptocurrency encryption, prompting the division to publish a safety roadmap. Bernstein analysts said the threat is real but manageable, noting Google's reduced qubit requirements as a key catalyst.
Anthropic Flags Claude Mythos AI as Potential Cyber‑attack Catalyst, Limits Release
Anthropic announced a limited preview of its Claude Mythos AI model, warning that the system can discover high‑severity vulnerabilities across major operating systems and browsers. The company is restricting access to a 40‑company consortium while regulators and security experts debate...
Why Most Zero-Trust Architectures Fail at the Traffic Layer
Zero‑trust programs often excel at identity verification but stumble when traffic reaches the network edge. In many enterprises, inconsistent enforcement of TLS, fragmented ingress points, and partial mutual‑TLS deployments let malicious traffic bypass policy controls. The article highlights that the...
The Cyber Resilience Act: What It Means for the Rail Industry
The European Union’s Cyber Resilience Act (CRA) imposes mandatory cybersecurity requirements on all digital products, including those used in rail systems. It forces manufacturers to embed secure‑by‑design principles, manage vulnerabilities throughout a product’s lifecycle, and provide detailed supply‑chain transparency. The...
Gmail’s End-to-End Encryption Comes to Mobile, No Extra Apps Required
Google has extended its Gmail client‑side end‑to‑end encryption (E2EE) to Android and iOS, letting Enterprise Plus users protect sensitive emails on mobile devices. The feature works directly inside the Gmail app, requiring no extra software and preserving the familiar compose‑and‑send...
MITRE Releases Fight Fraud Framework
MITRE Corporation unveiled the Fight Fraud Framework (MITRE F3), a free, open‑source knowledge base that maps fraudsters’ tactics, techniques and procedures using a behavior‑based model. The framework extends the ATT&CK taxonomy with two fraud‑specific tactics—positioning and monetization—covering the full lifecycle from...
US Expands Cyber Threat Information Sharing to Digital Asset Firms
The U.S. Treasury’s Office of Cybersecurity and Critical Infrastructure Protection has launched a new information‑sharing program that extends the same cyber‑threat intelligence used by traditional banks to eligible digital‑asset firms. The service is provided at no cost and delivers actionable...
Cytora and Vulncheck Partner to Embed Exploit and Vulnerability Intelligence Into Insurance Workflows
Cytora has teamed up with exploit‑intelligence specialist VulnCheck, alongside European partner Infinite Insight, to embed machine‑consumable vulnerability data directly into its digital risk processing platform. The integration lets commercial insurers automatically enrich underwriting submissions with real‑time exploit and software‑vulnerability insights...
Critical Marimo Flaw Exploited Hours After Public Disclosure
Security firm Sysdig reported that a critical‑severity RCE flaw in the open‑source Python notebook Marimo (CVE‑2026‑39987, CVSS 9.3) was exploited less than ten hours after its public disclosure. The vulnerability stems from an unauthenticated WebSocket terminal endpoint that grants a full...
Not a Signal Flaw: IPhone Notifications Became a Backdoor for Deleted Messages
A federal FBI investigation revealed that deleted Signal messages can be recovered from an iPhone because iOS stores notification previews in a hidden database, not because of a flaw in Signal’s encryption. Investigators extracted incoming message fragments from a suspect’s...
OpenAI Is Building a Cybersecurity Product for a Select Group of Companies
OpenAI is developing a cybersecurity product that will be offered only to a select group of companies through its Trusted Access for Cyber pilot. The offering, tied to the GPT‑5.3‑Codex model, provides highly capable AI tools for defensive security tasks...
Designing for Complexity: Lessons From Building a Digital Wallet Integration
The integration of digital wallets like Apple Pay forced banks to abandon traditional, siloed software projects and adopt an ecosystem‑first approach. By 2025 Apple Pay alone handled roughly $9‑9.5 trillion in transactions for over 800 million users, illustrating the massive scale and...
CMMC Compliance in the Age of AI
Cybersecurity Maturity Model Certification 2.0 (CMMC 2.0) now requires federal contractors to prove how they protect Controlled Unclassified Information, moving beyond self‑attestation to verifiable evidence. The biggest readiness gap is a lack of comprehensive data‑scope awareness, often uncovering a larger...
Recovery Scammers Hit You when You’re Down: Here’s How to Avoid a Second Strike
Recovery fraud, also called the “second strike,” preys on people who have already been scammed by promising to retrieve lost funds for an upfront fee. In the United States, 2024 recorded over 7,000 cases, netting criminals more than $102 million, and...
Iran Crisis Highlights Rising Gulf Cybersecurity Risks to Critical Infrastructure
The recent Iran‑U.S. escalation has exposed Gulf states’ critical infrastructure to heightened cyber threats. Ports, energy facilities, desalination plants and financial hubs are now seen as vulnerable to combined kinetic and digital attacks. The United Arab Emirates is integrating cyber...
Secure Your IoT Devices with Proven Cyber Defenses
How to Protect #IoT Devices from #CyberSecurity Threats by @antgrasso #InternetOfThings #Infosec #IT #Technology https://t.co/bHVcGm4rmX
Little Snitch for Linux Shows What Your Apps Are Connecting To
Objective Development released a free Linux version of its Little Snitch firewall, delivering per‑process outbound connection visibility using eBPF. The backend is written in Rust and the UI is a web application, allowing remote monitoring from any device. The kernel...
US Summons Bank Bosses over Cyber Risks From Anthropic’s Latest AI Model
The U.S. Treasury summoned CEOs of major banks, including Federal Reserve Chair Jerome Powell, to discuss the cyber risks associated with Anthropic’s newly released Claude Mythos AI model. Anthropic warns the model poses unprecedented cybersecurity threats, such as generating sophisticated phishing...
(Updated) CPUID Offline After Reports of Malware in CPU-Z and HWMonitor Downloads
CPUID, the maker of popular diagnostic utilities CPU‑Z and HWMonitor, faced a suspected supply‑chain breach when official download links began delivering malware instead of the expected installers. The compromised files, masquerading as HWMonitor 1.63 and CPU‑Z 2.19, were hosted on a Cloudflare...
AI Voice Scams, Airline Fee Hacks and the Apps Keeping You Hooked
The Rich on Tech weekend show highlighted three pressing tech trends: AI‑generated voice scams are becoming more convincing as bots outnumber humans online, allowing fraudsters to clone personal voices from brief recordings. Airline travel costs are climbing, with checked‑bag fees...
Microsoft Recall Flaw Exposes Decrypted User Data, Researchers Find
Microsoft re‑launched its Recall feature with a hardened security stack that includes VBS enclaves, AES‑256‑GCM encryption, Windows Hello, and a Protected Process Light host. Researchers discovered that while the encrypted vault remains secure, the AIXHost.exe process that renders decrypted data...