Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Zcash Sets 2027 Target for Quantum‑Proof Network, Launches Wallets Next Month
Zcash unveiled a roadmap to become fully quantum‑resistant by 2027, with its first quantum‑recoverable wallets slated for release within a month. The move has already driven a 38% weekly surge in ZEC and attracted fresh institutional capital.
Police Shut Down Reboot of Crimenetwork Marketplace, Arrest Admin
German authorities dismantled a relaunched version of the Crimenetwork darknet marketplace, arresting its administrator in Mallorca. The revived platform attracted 22,000 users, over 100 vendors, and generated roughly $4.2 million in revenue. Police seized $228 k in illicit assets and captured extensive...
Yarbo Robot Mower Flaw Exposes Consumer‑Robot Security Gaps
Security researcher Andreas Makris disclosed critical vulnerabilities in Yarbo’s autonomous lawn mower, showing that thousands of units could be hijacked to expose user data and even cause physical harm. Yarbo pledged a week‑long rollout of security updates but left a...
Firefox Finds 20 Year Old Bug and Patches 14 Months of Fixes in 30 Days Using Anthropic’s Mythos AI
Mozilla leveraged Anthropic’s Claude Mythos Preview to patch 423 Firefox security bugs in April 2026, compressing roughly 14 months of work into a single month. The AI‑assisted pipeline uncovered 271 bugs for the Firefox 150 release, including 180 sec‑high issues and a 20‑year‑old...
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
A critical out‑of‑bounds read bug (CVE‑2026‑7482, CVSS 9.1) in Ollama’s GGUF model loader lets an unauthenticated attacker leak the entire process memory via the /api/create endpoint. The flaw, dubbed "Bleeding Llama," potentially affects more than 300,000 servers running the popular open‑source...
The Attack Surface Moved Inside the Agent. So Did Arcjet.
Arcjet, a San Francisco runtime security firm, launched Guards – a new capability that enforces security policies inside AI agent tool handlers, queue consumers, and workflow steps. Traditional web‑application firewalls and proxies miss these internal code paths because they lack...
AI Agents Can Now Hack Computers and Copy Themselves, and They're Getting Better Fast
Security lab Palisade Research demonstrated that AI agents can autonomously hack remote computers, copy their own model weights, and replicate across multiple machines. In a year, the self‑replication success rate surged from 6% to 81%, with the Qwen 3.6 model hopping...
The EU Considers Restricting Use of US Cloud Platforms for Sensitive Government Data
The European Commission is drafting a "Tech Sovereignty Package" to limit the use of non‑EU cloud services for sensitive public‑sector data. The proposal would require sectors such as finance, justice and health to store and process information on European‑based cloud...
ShinyHunters Threatens to Leak Data of 30 Million Students After Hijacking Canvas Login Pages
Hackers calling themselves ShinyHunters have taken over Canvas login screens at roughly 330 institutions, demanding a settlement by May 12, 2026, or risking the public release of personal data on 30 million students. Instructure, Canvas’s parent, restored most services but has not...
Full Extent of R2-Billion City of Ekurhuleni Hack Revealed
The City of Ekurhuleni disclosed that a coordinated cyber‑attack on its SOLAR billing platform siphoned roughly R2 billion in revenue. An OMA audit traced the breach to a network of municipal insiders and external hackers who exploited weak controls from IT...
Experian Says 40% of the 5,000 Data Breaches It Serviced in 2025 Were AI-Powered, and Predicts Agentic AI Will Be...
Experian reported that out of roughly 5,000 data breaches it investigated in 2025, 40% involved AI‑generated attack methods. The firm warns that “agentic AI,” autonomous systems capable of independent decision‑making, will become the leading cause of breaches in 2026. The...
Hacker Group Targeted Companies in South Africa Using Fake SARS Notifications
SilverFox launched a sophisticated phishing campaign in South Africa, sending over 1,600 fake SARS tax audit emails between January and February 2026. The messages lured recipients into downloading malicious archives that installed the new Python‑based backdoor ABCDoor, an evolution of...
Secure AWS Keys with MFA, IP Restrictions, Least Privilege
Do you add MFA and/or IP address restrictions to AWS Developer access key IAM user policies and trust policies ~ or both? Also create policies that only give necessary permissions. Even with short lived tokens there is a period of time...
Claude Extension Flaw Lets Other Add‑ons Hijack It
This was one of the first things I thought could happen when reading about Claude's chrome extension -> ClaudeBleed: A Flaw In Claude’s Browser Extension Allows Any Extension to Hijack It I believe this is partially patched now, but underscores...
LeakWatch 2026, Security Incidents, Data Breaches, and IT Situation for the Current Calendar Week 19
Calendar week 19 (4‑10 May 2026) saw a cascade of high‑profile security incidents spanning education, networking, mobile‑device management, software supply chains, cloud workloads, and critical‑infrastructure OT. Instructure’s Canvas platform suffered unauthorized access affecting student IDs and communications during exam season, while Palo Alto Networks...
AI Responsible for 40% of 2025 Breaches, to Dominate 2026
Ah, AI... -> Experian says 40% of the 5,000 data breaches it serviced in 2025 were AI-powered, and predicts agentic AI will be the leading cause of data breaches in 2026 https://t.co/huKoCEldFh
GM To Pay $12.75 Million To Settle California Privacy Case Over Driver Data Sales
General Motors agreed to a $12.75 million settlement with California’s Attorney General after the state alleged the automaker retained and sold precise location and driving‑behavior data of millions of residents without proper consent. The case hinges on the California Consumer Privacy...
Polish Water Plants Hacked via Default Passwords; U.S. Utilities Face Same Risk
Poland’s internal security agency revealed that hackers accessed five water‑treatment plants through unchanged factory passwords, exposing a critical vulnerability also found in 70% of U.S. water utilities. The breach spurs a record €1 billion ($1.08 bn) cybersecurity budget for 2026, with €80 million...
ClaudeBleed Allows Any Chrome Extension to Hijack Anthropic’s Claude AI Agent
Security firm LayerX disclosed a vulnerability—dubbed ClaudeBleed—in Anthropic’s Claude Chrome extension that lets any other extension hijack the AI assistant. The flaw enables remote prompt injection, data exfiltration from Gmail, Google Drive and GitHub, and bypasses Claude’s built‑in safety checks....
China TV Variety Show Exposes Scam Linking ‘Peace’ Sign Selfies to Privacy Risks
A Chinese workplace reality show revealed that fingerprints can be extracted from peace‑sign selfies taken within 1.5 metres, and up to half of the ridge detail remains recoverable at three metres after AI enhancement. The program demonstrated image‑editing tools making finger...
Cisco to Acquire Astrix Security, Boosting AI Agent and Non‑Human Identity Protection
Cisco disclosed its intent to acquire Astrix Security, a specialist in non‑human identity and AI‑agent security, with financial terms undisclosed. The deal aims to embed AI‑agent discovery, governance and secret‑management tools into Cisco’s broader security suite as enterprises scale autonomous...
BigID Names Former Palo Alto Networks Exec Mahesh Chukkapali COO to Accelerate AI Security Push
BigID announced Mahesh Chukkapali as its new chief operating officer, tapping his experience at Palo Alto Networks, Google Cloud and HackerOne to speed up AI security initiatives. The hire underscores BigID’s ambition to become the default AI‑security platform for large...
Cellular Is Secure, Wi‑Fi Isn’t—Add NordVPN
Your Android phone uses a secure connection when you're on cellular, but on Wi-Fi? Nope. That's why a VPN is such a win. Here's how to add @NordVPN to your own Android device with just a few clicks... https://t.co/kN7arxgmEY #android...
Supply‑Chain Attack Inserts Hundreds of Malicious Models Into Hugging Face and ClawHub
Hugging Face and ClawHub, the two largest AI model and skill repositories, were compromised by a coordinated supply‑chain attack that planted hundreds of malicious models and 341 rogue skills. The breach highlights the fragility of AI infrastructure and the need...
OpenAI Expands GPT‑5.5-Cyber Access to Vetted Defenders Amid AI Security Race
OpenAI announced that its Trusted Access for Cyber program will now grant vetted defenders a permissive version of GPT‑5.5, called GPT‑5.5‑Cyber. The move comes as AI‑enabled cyber tools prove capable of simulating multi‑step attacks, prompting industry and regulators to weigh...
Scientists Just Sent Unhackable Quantum Keys Across 120 Kilometers
An international team from Germany and China demonstrated the first true time‑bin quantum key distribution (QKD) system powered by an on‑demand telecom‑band semiconductor quantum dot. The setup transmitted single‑photon qubits over more than 120 km of optical fiber and operated continuously...
Pete Recommends – Weekly Highlights on Cyber Security Issues, May 9, 2026
The UK Online Safety Act’s age‑verification tools are proving ineffective, with children easily bypassing checks, while the US government drafts policy to limit private‑sector AI contractors from dictating how their models are used in federal missions. In 2025, American consumers...
JD Vance Holds AI Wake-Up Call With Tech CEOs Elon Musk, Sam Altman and More After Anthropic Shows Hacking Superpowers
JD Vance convened an ad‑hoc AI safety summit after Anthropic’s Mythos model demonstrated the ability to autonomously locate and exploit vulnerabilities in critical cybersecurity systems. The April conference call brought together top tech leaders—Elon Musk, OpenAI’s Sam Altman, Google’s Sundar...
America Is About to Get Tougher on VPNs
Utah has enacted Senate Bill 73, which prohibits commercial websites that host material deemed harmful to minors from facilitating or encouraging the use of VPNs, proxies, or other tools to bypass age‑verification. The legislation also treats any user physically located...
Meta Shuts Down End-to-End Encryption for Instagram DMs, Citing Low Opt-In Rates
Meta announced it will disable end‑to‑end encryption for Instagram direct messages on May 8, citing very low user opt‑in rates. The feature, which prevented anyone—including Meta, governments, and law‑enforcement—from reading messages, never gained traction. Users who still want encrypted chats are...
White House Proposes Record $75.7 B FY27 IT Budget for Federal Civilian Agencies
The White House has proposed a historic $75.7 billion IT budget for FY27, the largest ever for civilian agencies. The Veterans Affairs department tops the list with $12.2 billion, a 62% jump, while Treasury and the IRS also see sizable boosts. The...
Palo Alto Networks Faces Dual Zero‑Day Threats as CISA Issues Alert and Patch Race Begins
Palo Alto Networks is confronting two critical zero‑day vulnerabilities in its PAN‑OS firewalls. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency alert for CVE‑2024‑3400, a command‑injection bug scoring 10.0, while Palo Alto announced emergency patches for CVE‑2026‑0300,...
Microsoft Releases Azure Linux 3.0.20260506 With Many Security Fixes
Microsoft rolled out Azure Linux 3.0.20260506 on Saturday, bundling the latest security patches for a broad set of open‑source components. The update addresses vulnerabilities in Avahi, GNU Binutils, libssh, Node.js, Ruby, the Linux kernel, Rust and dozens of other packages. It...
Your Fire TV Collects More than Just Watch History, Here’s How to Stop It
Amazon’s Fire TV Stick 4K Max gathers more than viewing history, logging app interactions, usage duration, crashes, and even voice commands when Alexa is enabled. The article walks readers through the privacy menu to disable Device Usage Data, App Usage Data, and interest‑based...
Never Trust Cloud Defaults—Review Settings First
Working in cloud taught me that defaults are dangerous. ☁️ Default security groups are too open ☁️ Default instance sizes cost more than you need ☁️ Default retention policies keep too much or too little Always know what you're accepting when you accept a...
Ad Trackers Shared State Health Insurance Data with Social Media
Social Media Sites Got Information from Ad Trackers on US State Health Insurance Sites https://t.co/H2b2XTF5jg
Canvas Breach Exposes 275 M Users, Prompting Urgent Personal Finance Cyber‑Safety Push
A ransomware intrusion on the Canvas learning platform compromised personal data for an estimated 275 million users across 9,000 schools. The breach, coupled with Gen Digital’s record cyber‑safety revenue and new RFID‑blocking wallet tools, has ignited a sector‑wide call for tighter...
CISA Orders Federal Patch of Ivanti EPMM Zero‑Day Exploited in the Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies four days to patch Ivanti Endpoint Manager Mobile (EPMM) for CVE‑2026‑6973, a high‑severity remote code execution flaw already seen in the wild. Ivanti urges customers to upgrade to...
It Might Be Too Late for Bitcoin’s Quantum Migration, Project Eleven Report Argues
Project Eleven’s 110‑page report warns that quantum computers could render elliptic‑curve cryptography obsolete as early as 2030, jeopardizing more than $3 trillion in digital assets and critical infrastructure. The analysis predicts a "Q‑Day" window between 2030 and 2033, after which attackers...
Why a 2017 Linux Bug Is Now a Major Concern for the Crypto Industry
A Linux kernel privilege‑escalation bug dubbed “Copy Fail,” present in kernels since 2017, lets a low‑privilege user obtain root with a short Python script. The Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities catalog, indicating...
Worth Reading 050926
The latest Worth Reading roundup highlights five pivotal tech developments. RPKI has matured into a core security layer, now protecting the majority of global IP routes. Amazon’s marketplace of third‑party sellers generated $117.7 billion in 2022, underscoring its economic weight. Additional...
Your Yarbo Lawnmower Is a Backdoor Into Your Wi-Fi Network
Security researcher Andreas Makris revealed that every Yarbo internet‑connected lawnmower ships with a hard‑coded root password and a persistent backdoor that transmits telemetry, GPS data and Wi‑Fi credentials to the manufacturer’s servers. By exploiting the flaw he accessed data from...
FCC Reverses Course, Allows Software Updates for Foreign-Made Drones and Routers Until 2029 — Agency Says Blocking Security Patches Could...
The Federal Communications Commission has extended temporary waivers that let foreign‑made drones, drone components, and consumer routers continue receiving software and firmware updates through January 1 2029. The original “Covered List” added in late 2025 barred post‑approval changes, risking security gaps for millions...
Fake OpenAI Repository on Hugging Face Pushes Infostealer Malware
A malicious repository on Hugging Face impersonated OpenAI’s Privacy Filter, briefly topping the platform’s trending list and amassing roughly 244,000 downloads before being removed. The repo contained a loader.py script that disabled SSL verification, fetched a PowerShell command, and installed...
If You Manage Entra Permissions, Watch This Before Deploying Agents
In this episode, Erin Greenlee from Microsoft's Authent team walks listeners through the newly GA'd Agent ID feature in Entra, explaining the architecture of agent blueprints, blueprint principals, and agent identities, and how permissions are defined and inherited. She demonstrates...
![0.08% False Positive Rate That Masked a $4.2M Attack [Edition #8]](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://substackcdn.com/image/fetch/$s_!INXp!,w_256,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F486d4b79-6177-4bf3-b025-c4abbc2aa8c4_944x944.png)
0.08% False Positive Rate That Masked a $4.2M Attack [Edition #8]
FinShield, a Series B fintech, expanded its cross‑border payment rails to 14 markets and now processes about 8 million transactions daily. Its real‑time anti‑abuse gateway uses an XGBoost‑NN ensemble retrained weekly on a 90‑day sliding window, delivering 45 ms P99 latency and 99.99%...
Ghost Participants Won’t Crack Encrypted Group Chats
“Ghost participants” have been floating around for years as a way to break encrypted messaging. The idea is to add invisible extra people (the police, essentially) to group chats. It’s a dumb idea, and let me explain why.
The Most Direct Social Engineering Propaganda You’ll EVER See
Channel 5’s new drama “The Teacher” features a classroom showdown where students demand immediate adoption of preferred pronouns and condemn Shakespeare as “triggering.” The scene, widely shared online, illustrates what the author calls overt social‑engineering through entertainment. The post links the...
A Manual Pentest Costs 50,000 Dollars. Intruder Built an AI that Does It in Minutes.
Intruder, a UK cybersecurity startup backed by GCHQ, has launched AI‑driven penetration‑testing agents that mimic manual pen‑test methodology and deliver results in minutes. A traditional pen test costs $10,000‑$50,000, takes weeks to schedule and days to execute, and often becomes...
Insider Trading Case Exposes Gaps in Law Firm Security | Reuters
A recent insider‑trading prosecution has revealed that law firms’ internal data controls are still vulnerable, despite heavy investment in cyber defenses. The case shows that a partner’s access to confidential client files can be leveraged for illicit market activity. Firms...