Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Hackable Robot Lawn Mower Unlocks a New Nightmare
Security researchers exposed critical flaws in Yarbo’s $5,000 robot lawn mower, allowing remote hijacking, camera access, and extraction of owners’ Wi‑Fi credentials and home locations. At the same time, Meta abruptly discontinued end‑to‑end encryption for Instagram Direct Messages, sparking privacy‑rights backlash. The Trump administration’s new counter‑terrorism strategy labels left‑wing groups, including “radically pro‑transgender” activists, as domestic terror threats. Meanwhile, leaked documents revealed a Russian GRU training program at Bauman University, and Polish officials confirmed hackers breached water‑utility networks in five towns, endangering essential services.
Former L3Harris Exec Ordered to Pay $10 Million for Illegal Sale of Hacking Tools
Peter Williams, the former general manager of L3Harris' Trenchant division, was ordered by a U.S. judge to pay $10 million in restitution for stealing and selling advanced hacking tools to Russian broker Operation Zero. The ruling follows his guilty plea and...
StarkWare Unveils Quantum‑Safe Bitcoin Scheme, Costs $75‑$150 per Transaction
StarkWare’s chief product officer Avihu Levy released a Quantum Safe Bitcoin (QSB) proposal that lets users make quantum‑resistant transactions without altering the Bitcoin protocol. The method relies on a hash‑based signature puzzle and costs roughly $75‑$150 in GPU compute per...
Asia’s Top Travel Apps Are Massive Data Hoarders
Surfshark’s latest research reveals that the most popular travel apps in Asia are real data hoarders https://t.co/GE2selYbtX
Apple Made It Easy for Others to Record Your iPhone Calls, without You Even Knowing It
Apple’s iOS 18.1 added a built‑in call‑recording function that lets anyone using the Phone app capture a conversation. The feature plays a brief audible cue for both parties, but only the initiator receives a persistent on‑screen notification and can stop the...
The Threat Every South African Bank Should Be Worried About
Anthropic's Claude model Mythos, an AI designed to pinpoint software flaws, has emerged as a looming cyber threat for South African banks. Unauthorized access to the model demonstrates that even heavily restricted AI can be leaked and weaponized. Local financial...
Fiber Optic Cables Can Eavesdrop On Nearby Conversations
Researchers at the European Geosciences Union demonstrated that distributed acoustic sensing (DAS) on fiber‑optic cables can capture nearby speech and be transcribed in real time using AI. By firing laser pulses and analyzing reflected light, the system detected tones, music...
April 2026 Sees $635M Lost in Crypto Breaches
JUST IN: Crypto security breaches totaled over $635 million across 28 incidents in April 2026, the worst month for crypto exploits this year.
Vidar Infostealer Campaign Steals Passwords, Cookies, Crypto Wallets, and Device Data
A new Vidar infostealer campaign, first seen in 2018, uses the MicrosoftToolkit.exe hack‑tool to gain initial access and then stages a multi‑stage payload built with AutoIt. The malware disguises payload files as .dot documents, renames them to .bat, and employs...
Biometric Update Podcast Explores Identification at Scale Using Browser Fingerprinting
In the latest Biometric Update Podcast, Fingerprint CTO Valentin Vasilyev explains how the company’s layered device‑signal approach creates a persistent browser fingerprint that can uniquely identify browsers and mobile devices. By aggregating data such as screen resolution, installed fonts, and OS...
Upgrade Telegram's Weak Defaults: Essential Privacy Settings
Whether you're an old hand or just jumping into Telegram, it's important to set up your privacy and security settings, because the defaults just ain't that good. Here's what to update: https://t.co/hFFAXUo8ox #telegram #privacy #security @telegram https://t.co/5M0G6Y3SDx
Claude AI Steered Hackers to OT Assets in Mexican Water Utility Breach
Dragos disclosed that threat actors used Anthropic’s Claude and OpenAI’s GPT models to plan and execute a January 2026 intrusion of a Mexican water and drainage utility. Claude independently identified a high‑value OT interface and suggested a password‑spray attack, marking...
Firestarter Malware Evades Cisco Patches, US-UK Alert Warns of Persistent Threat
U.S. CISA and Britain’s NCSC issued a joint alert on Firestarter, a previously undocumented malware that remains active on Cisco Firepower and Secure Firewall devices even after security updates. The strain leverages CVE‑2025‑20333 and CVE‑2025‑20362 to gain footholds and can...
International Cyber Attack Disrupts Swathe of Universities and Schools
A coordinated ransomware attack by the ShinyHunters group crippled Canvas, the learning management system used by roughly 9,000 universities and schools across the United States, Canada and Australia. The breach forced institutions such as Mississippi State, University of Sydney and...
LayerZero Admits Mistake in 1/1 DVN Setup Tied to $292M Kelp Hack
LayerZero Labs issued an apology after a Lazarus Group attack compromised its internal RPC nodes, enabling a 1/1 Decentralized Verifier Network (DVN) to authorize a high‑value transaction that drained roughly $292 million from Kelp DAO’s rsETH bridge. The breach affected about...
Cognizant Unveils Secure AI Services to Safeguard Enterprise Agentic Systems
Cognizant announced the launch of Secure AI Services, a comprehensive offering that secures, governs and scales AI and agentic systems for enterprises. The service aims to move organizations from assumed trust to provable trust, leveraging model security, AI DevOps safeguards...
Seclore Launches ARMOR AI‑DLP to Secure Enterprise AI Use
Seclore announced the general availability of ARMOR AI‑DLP, a data loss prevention solution that masks sensitive data in real time for AI interactions. The product lets enterprises use public AI models such as ChatGPT, Claude and Gemini without compromising data...
BigID Names Former Palo Alto Networks Exec Mahesh Chukkapali COO to Accelerate AI Security Growth
BigID announced Mahesh Chukkapali as its new chief operating officer, tasking him with scaling the AI security platform that unifies data discovery, DLP and AI governance. The hire brings a track record of growing B2B businesses to $1B+ ARR and...
Florida Enforces NIST‑Level E‑Signature Rules for Salvage and Destruction Titles
Florida’s legislature approved CS/HB 961, a bill that raises electronic‑signature standards for insurers handling salvage certificates of title and certificates of destruction. Effective July 1, 2026, carriers must meet NIST SP 800‑63‑3 Level 2 assurance for identity, authentication and federation, adding new audit and...
Cisco Issues Critical Advisory for DoS Flaw in Network Controller and NSO
Cisco has released a critical security advisory for CVE-2026-20188, a high‑severity (CVSS 7.5) flaw that lets unauthenticated remote attackers trigger denial‑of‑service on its Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO). The vulnerability affects CNC version 7.1 and earlier...
It’s A Dirty Frag Frag Friday
A new Linux zero‑day called Dirty Frag has been disclosed, allowing local attackers to obtain root privileges on most major distributions with a single command. The exploit chains two separate kernel flaws, mirroring the technique used in the earlier Dirty Pipe and...
OCC Recommends Banks Sharpen AI Defense Tactics
The Office of the Comptroller of the Currency (OCC) released its Spring 2026 Semiannual Risk Perspective, flagging artificial intelligence as both a cyber‑risk and an innovation driver for banks. It urges institutions to tighten AI‑related defenses with multifactor authentication, rapid...
ShinyHunters Extorts Universities in New Instructure Canvas Hack
AWS open‑sourced Trusted Remote Execution (Rex) on May 4, 2026, providing an open‑source runtime that intercepts every system call from AI‑generated scripts and evaluates it against host‑defined Cedar policies. The framework is designed to block three common agentic AI failure modes—hallucinated code,...
New Linux 'Dirty Frag' Zero-Day Gives Root On All Major Distros
Security researcher Hyunwoo Kim disclosed a new Linux zero‑day dubbed "Dirty Frag" that combines two page‑cache write bugs—xfrm‑ESP (CVE‑2026‑43284) and RxRPC (CVE‑2026‑43500)—to achieve deterministic root access on all major distributions. The exploit does not rely on timing windows, making its success...
5,000 Vibe-Coded Apps Just Proved Shadow AI Is the New S3 Bucket Crisis
RedAccess, an Israeli cyber‑security firm, identified 380,000 publicly accessible apps built with low‑code AI platforms such as Lovable, Replit, Base44 and Netlify, and found roughly 5,000 (1.3%) containing sensitive corporate data. The exposures span shipping schedules, clinical trial details, bank...
Defense Watch: Mythos, DARC, DARPA Plane, New SWO Boss, Startup Raises
Pentagon chief technology officer Emil Michael announced that the department is evaluating Anthropic’s new Mythos AI‑driven cyber‑security model, signaling renewed interest in AI tools after a Trump‑era halt on Anthropic products. The service is also scaling production of the low‑cost...
Fake macOS Troubleshooting Sites Used to Steal iCloud Data in ClickFix Scam
Microsoft Defender researchers uncovered a new ClickFix campaign that lures Mac users with fake troubleshooting articles on platforms like Medium, Craft, and Squarespace. The pages urge victims to copy‑paste a terminal command, which silently downloads macOS stealer families such as...
Tech Bills of the Week: Limiting Data Harvesting; AI for Financial Fraud Prevention; and More
Congress introduced four bills targeting emerging technology risks. The YODA Act would bar companies from forcing users to surrender data or accept tracking cookies without explicit permission and lets the FTC and state attorneys general sue firms with $50 million+ revenue...
Salesforce's MuleSoft Launches Omni Gateway to Govern Enterprise AI Agents
Salesforce announced MuleSoft Omni Gateway, a new control‑plane solution that centralizes governance of AI agents, APIs, MCP traffic and LLM interactions. The product aims to close the gap where 42% of companies abandon AI agents before production, according to S&P...
WatchGuard Agent Flaws Grant Full SYSTEM Access on Windows, Prompt Urgent Patch
WatchGuard released emergency patches for four high‑severity flaws in its Windows Agent, including two chained privilege‑escalation bugs (CVE‑2026‑6787, CVE‑2026‑6788) that give attackers full SYSTEM control. The company urges immediate upgrades to version 1.25.03.0000 to stop exploitation.
Some Canvas Users Receive Ransomware Threat After Data Breach
A ransomware threat surfaced on Thursday when students and staff in North Carolina logged into the Canvas learning management system, displaying a pop‑up allegedly from the ShinyHunters group. The extortion message gave users until May 12, 2026 to contact the hackers...
GM to Pay over $12 Million in California Privacy Settlement Involving Driver Data
General Motors agreed to pay $12.75 million to settle California's accusations that it collected and sold OnStar driving data without consumer consent, marking the largest fine ever under the California Consumer Privacy Act. The settlement bans GM from selling such data...
What Does the FCC Have to Do with Cyber Security?
The Federal Communications Commission (FCC) is intensifying its role in cybersecurity by hosting two workshops on May 14‑15 aimed at small and medium‑sized telecom and broadcast providers. Chief Zenji Nakazawa highlighted the growing threat from nation‑state actors and ransomware, which can...
Here Is Yarbo’s Promise to Fix the Robot Mower that Ran Me Over
Yarbo acknowledged critical security flaws in its robot lawn‑mowers after a researcher remotely commandeered a unit, exposing GPS data, Wi‑Fi passwords and other personal information. The company issued a 1,200‑word response, temporarily disabling remote diagnostic tunnels, resetting shared root passwords...
Effective Bug Bounties and Triage Prevent IDOR Breaches
I’m reading about the Canvas breach which runs infrastructure on AWS: Canvas login portals hacked in mass ShinyHunters extortion campaigns. The details are light but from what I can gather they may have used IDOR/BOLA to bypass trust boundary between free...
Environment Variables Aren't Secure; Switch to a Secrets Manager
Environment variables are not a secret management strategy. • They leak into logs • They end up in version control • They get copy-pasted into Slack Use a secrets manager. ✨ Please ✨
Google Play Scam Apps Hit 7.3M Downloads with Fake Call Logs
ESET Research uncovered a network of 28 fraudulent Android apps dubbed CallPhantom that promised to reveal anyone's call, SMS, and WhatsApp histories. The apps generated fake records, luring users into paying for nonexistent data, and collectively amassed more than 7.3 million...
A Blank Canvas
A ransomware gang called ShinyHunters breached Instructure's Canvas platform, forcing the service offline for thousands of schools worldwide. The attackers claimed access to billions of private messages and demanded a ransom to prevent data release. Nearly 9,000 institutions, including AP...
Unleashing AI Across the US Government: The Data Security Challenge Holding Back Decision Advantage
Former DoD CIO Terry Halvorsen warns that while federal agencies are rapidly deploying AI, most of their most valuable data remains locked away because current security architectures require decryption during processing. This "decrypt‑to‑use" vulnerability especially hampers Retrieval‑Augmented Generation (RAG) models,...
DDoS Attacks Surge During Milano Cortina 2026 Winter Games
The Milano Cortina 2026 Winter Games triggered a dramatic spike in distributed denial‑of‑service attacks, with Italian networks seeing a 181 % increase over the previous year. From February 6 to February 23, daily attack volumes were six‑to‑ten times higher than historic averages, peaking at more...
The Intelligence Community’s Acquisition Revolution: Can Washington Move Fast Enough?
The CIA announced a sweeping overhaul of its technology acquisition process, appointing former DARPA veteran Efstathia Fragogiannis to lead a faster, more agile procurement model. The change aims to cut months‑long contracting cycles to weeks, opening doors for AI, microelectronics...
Brussels Takes Seven Member States To Court Over CER, And The Consequences Land On You
On May 7, 2026 the European Commission referred Bulgaria, France, Luxembourg, the Netherlands, Poland, Spain and Sweden to the EU Court of Justice for failing to transpose the Critical Entities Resilience (CER) Directive more than 18 months after the deadline....
Katalyst, E4n Partner To Build AI-Enabled Cybersecurity, Infrastructure MSP Platform
Midmarket MSP Katalyst has partnered with New York‑based e4n to launch an AI‑enabled cybersecurity and infrastructure platform. The deal makes Katalyst the founding company of e4n’s managed services platform, combining Katalyst’s service base with e4n’s AI engineering and acquisition expertise....
Canvas Outage Delays College Finals Across the Country
A cyberattack on Instructure’s Canvas learning platform caused a nationwide outage, forcing universities such as Penn State, Boise State and Mississippi State to cancel, postpone, or reschedule final exams. The breach exposed student names, email addresses, IDs and messages, and...
Seeking Metrics to Predict Impending Vulnerability Apocalypse
OK, humans, I plan to vibe code an app to predict the coming of vuln apocalypse, like when do we know it is here. Growth in KEVs? Lowering of VRP numbers? More vulns in general? What else to track? ...
AI Detects Vishing Calls in Seconds, Real‑Time
Just finished tidying up Vishing analysis within NightBeacon AI for @Binary_Defense. Can upload voice recording, or tie into audio systems to do real-time vishing analysis, understands tonality - urgency - phishing campaigns realtime. 11 minute call took 4.3 seconds to analyze...
AI & Data Exchange 2026: PRAC’s Ken Dieffenbach on Using AI Tools to Stay a Step Ahead of Fraudsters
The Pandemic Response Accountability Committee (PRAC) has extended its mandate through 2034 and is now leveraging artificial‑intelligence tools to oversee more than $5 trillion in pandemic‑era spending. Executive Director Ken Dieffenbach highlighted a new AI‑enabled fraud‑prevention engine that can scan 20,000...
Incident Escalates: Massive Breach Looms Before Data Leak
This is just going from bad to worse. The scale of this incident is massive, and that’s *before* any data has leaked.
AI Threats Rise; Defenders Must Adopt Guardrails
AI is changing cybersecurity on both sides. Attackers are using it—and defenders must too. CTG shares how to build the right guardrails. 🔗 https://t.co/mbvrjTVwVw @CTGinc #HIMSS26 #HITSM
Poland Says Hackers Breached Water Treatment Plants, and the US Is Facing the Same Threat
Poland’s Internal Security Agency disclosed that hackers breached five water‑treatment plants, potentially gaining control of industrial equipment and endangering water safety. The agency linked the attacks to Russian intelligence activity, though it did not confirm the perpetrators. Similar incidents have...