Today's Cybersecurity Pulse
Anthropic CEO meets White House over federal access to Mythos AI
Anthropic CEO Dario Amodei will meet White House chief of staff Susie Wiles to discuss government access to the company's Mythos AI model, which can discover and exploit zero‑day vulnerabilities. The meeting follows a Pentagon‑imposed blacklist after Amodei refused to lift safety restrictions, while Treasury, intelligence agencies and CISA are already testing the model.
Also developing:
By the numbers: Artemis raises $70M in combined seed and Series A round
Apple Releases iOS 18 Security Updates for iOS 26 Holdouts
Apple began rolling out iOS 18.7.7 on April 1, delivering critical security patches to every device still running iOS 18, even those capable of upgrading to iOS 26. The update addresses high‑profile exploits such as DarkSword and Coruna, allowing users who have postponed the major OS jump to stay protected without a full upgrade. Apple’s move highlights a contrast with macOS, where older versions receive longer support windows. The patch demonstrates that remaining on iOS 18 is now safer, though the platform’s support timeline remains tighter than its desktop counterpart.
Trump’s FY27 Budget Makes Both Boosts and Cuts to Tech Operations
President Trump’s FY27 budget proposes a $707 million cut to the Cybersecurity and Infrastructure Security Agency while preserving and expanding funding for emerging technologies. Artificial intelligence research across the Department of Energy receives $1.2 billion, and the National Nuclear Security Administration sees...
Uffizi Museum in Florence Denies Severity of Security Breaches Resulting From February Cyber Attack
The Uffizi Gallery in Florence confirmed it was hit by a cyber attack on February 1, 2026, but insists no data, security maps, or employee contacts were stolen. The museum attributes the temporary closure of the Pitti Palace and the relocation...
A Core Infrastructure Engineer Pleads Guilty to Federal Charges in Insider Attack
Core infrastructure engineer Daniel Rhyne pleaded guilty to a $750,000 bitcoin extortion scheme after using ordinary admin tools to shut down his former employer's network. He opened unauthorized RDP sessions, deleted admin accounts, altered passwords, and scheduled tasks on the...
How Hackers Faked a Zombie Apocalypse Alert on Live TV
On February 11, 2013, hackers infiltrated the Emergency Alert System (EAS) of at least five U.S. television stations and aired a fabricated warning that the dead were rising and attacking the living. The fake alert first appeared on KRTV in...
EU Cyber Agency Attributes Major Data Breach to TeamPCP Hacking Group
EU cybersecurity agency CERT‑EU confirmed that the hacking group TeamPCP breached the European Commission’s Amazon Web Services account, exfiltrating about 92 GB of data on March 19. The stolen information, affecting 42 internal clients and at least 29 EU entities, included names,...
Reality Defender Strikes Deal to Provide Deepfake Detection to French Orange
Reality Defender, a U.S. AI‑security firm, has signed a deal to embed its multimodal deep‑fake detection into Orange Business, the enterprise arm of French telecom giant Orange. The integration will protect Orange’s video‑conferencing, contact‑center and voice‑telephony services with real‑time, API‑driven...
AI-Driven Lambda Troubleshooting Auto‑detects Missing VPC Security Group
This past week I wrote a lambda troubleshooter using the concept on this blog post where it deterministically queries a bunch of logs and sends them to an ai 🤖 agent for analysis and troubleshooting. I had to redact...
Internet Bug Bounty Program Hits Pause on Payouts
HackerOne announced a pause on payouts for the Internet Bug Bounty program as AI‑generated vulnerability submissions surge. Since its 2012 launch, the program has awarded over $1.5 million, with 80 % of payouts for new flaws. The shift in discovery speed has...
Apple Breaks Precedent, Patches DarkSword for iOS 18
Apple has extended a back‑ported patch for the DarkSword exploit chain to iOS 18 devices, a move previously reserved for the newest iOS 26 release. The fix arrived on April 1, days after the tool leaked on GitHub, and covers vulnerabilities that span...
Die Linke German Political Party Confirms Data Stolen by Qilin Ransomware
The Qilin ransomware group infiltrated Die Linke, Germany’s left‑wing parliamentary party, and stole internal data, though the membership database remained untouched. The attackers threatened to publish sensitive communications and employee information, prompting the party to report the incident to authorities. Die Linke...
Senators Ask Tulsi Gabbard To Tell Americans That VPN Use Might Subject Them To Domestic Surveillance
A group of progressive senators and two representatives wrote to Director of National Intelligence Tulsi Gabbard warning that commercial VPN use could inadvertently expose Americans to domestic surveillance, as encrypted traffic may be classified as foreign. The letter cites billions...
Trump’s FY2027 Budget Again Targets CISA
President Trump’s FY2027 budget proposal slashes the Cybersecurity and Infrastructure Security Agency’s (CISA) funding by $707 million, roughly a 30 percent reduction from its FY2025 $2.4 billion budget. The administration frames the cuts as a refocus on protecting federal networks and critical infrastructure...
Hack of Solana DeFi Platform Drift Steals $280 Million, Exposing Admin-Key Vulnerabilities
A coordinated exploit on Solana's Drift protocol siphoned roughly $280 million in crypto assets. The attacker leveraged a durable‑nonce transaction to seize the protocol’s admin key, prompting a rapid market sell‑off and renewed scrutiny of DeFi governance and key‑management practices.
Data Breaches Hit Hims & Hers and TriZetto, Exposing Millions of Patient Records
Telehealth giant Hims & Hers confirmed a hack of its customer‑service ticketing system, while Cognizant‑owned health‑tech insurer verification platform TriZetto disclosed a breach that exposed over 3.4 million patient records. Both incidents underscore growing cyber risks in digital health infrastructure.
FBI Declares China-Linked Intrusion of Surveillance System a Major Cyber Incident
The FBI announced that a China-linked intrusion into its internal surveillance system has been classified as a major cyber incident, the first such designation since 2020. The breach, detected on Feb. 17, exposed law‑enforcement‑sensitive data and underscores growing aggression from sophisticated...
China Drafts Rules to Label Digital Humans, Ban AI‑Addictive Kids Services
China’s Cyberspace Administration released draft regulations that require clear labeling of digital avatars, prohibit AI‑driven intimate services for anyone under 18, and set new safeguards against misuse of personal data. The draft, open for comment until May 6, signals a tightening...
SAP Security Investment Still Misses Where Risk Is Highest, Benchmark Data Shows
SecurityBridge introduced the Cybersecurity Resilience Index for SAP (CRIS), a benchmarking model built on anonymized data from thousands of production systems. The index evaluates eight security domains against more than 550 controls, revealing that most organizations score only 30‑40% overall...
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Microsoft’s Defender Security Research team has uncovered a new web‑shell tradecraft that leverages HTTP cookies as a covert control channel for PHP loaders on Linux servers. The shells remain dormant until a specific cookie value is presented, then execute malicious...
6G Could Introduce New Cybersecurity Vulnerabilities, Report Finds
The FCC’s Communications Security, Reliability and Interoperability Council warned that 6G networks could bring unprecedented cybersecurity and reliability risks. The report highlights that 6G’s reliance on virtualization, artificial intelligence, and cloud‑native infrastructure expands attack surfaces and complicates threat detection. It...
New Presidential Executive Order Targets Transnational Cybercrime
In March 2026 President Trump signed an Executive Order targeting transnational cybercrime, directing the State, Treasury, War, Homeland Security and Justice departments to produce a coordinated action plan by July. Fraud losses have surged 430% since 2020, with AI‑driven scams...
Sri Lanka Arrests 152 in Alleged Chinese-Run Cyberscam
Sri Lankan police arrested 152 foreign nationals, primarily Chinese, in a hotel‑based cyber‑scam raid in Chilaw. The operation uncovered 143 laptops, 120 desktops and 370 mobile phones, indicating a sophisticated fraud hub. The Chinese embassy pledged cooperation, while officials cited...
Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting
TeamPCP’s supply‑chain campaign has broadened, compromising open‑source tools like Trivy and LiteLLM and giving attackers stolen AWS credentials. The breaches surfaced at AI startup Mercor and the European Commission, where compromised code‑scanning utilities enabled unauthorized cloud access. Third‑party groups ShinyHunters...
Cybersecurity's New Challenge: Decision, Not Tools
Cybersecurity isn’t a tooling problem anymore. It’s a decision problem. AI-driven threats are moving faster than human response models. Most orgs still rely on: • alerts • dashboards • manual decisions That’s the real vulnerability. The shift? → Decision Intelligence systems Comment “DECISION” and I’ll show you how to implement...
FBI Calls China-Linked Intrusion a Major Cyber Incident
The FBI reportedly classified a China-linked effort to penetrate one of its surveillance systems this week as a “major cyber incident,” meaning it was a significant risk to U.S. national security. The definition of a “major incident” was established by the...
High-Severity Vulnerabilities, Supply Chain Breaches, and AI Threats Redefine Cybersecurity This Week
This week’s cybersecurity landscape was dominated by a wave of high‑severity flaws, including a Cisco IMC vulnerability (CVSS 9.8) that grants unauthenticated admin access, a Chrome WebGPU use‑after‑free exploit actively seen in the wild, and a critical GIGABYTE Control Center remote‑code‑execution...
5 Steps to Overcome Alert Fatigue and Strengthen Security Ops
5 Steps to break free from alert fatigue and build resilient #security operations https://t.co/cR0YprtxOS https://t.co/BpZtAMzn8k
Bulletproof Your Endpoint Security in Five Steps
5 essential steps to bulletproof your endpoint #security (and avoid the biggest mistakes) https://t.co/zU8A6OSSWH https://t.co/WqnyE11KOK
Data Privacy At The Kitchen Table
Lawmakers are increasingly prioritizing data privacy as voters bring the issue to the kitchen table, highlighted by Delaware Rep. Krista Griffith at the IAB Public Policy & Legal Summit. The topic gained further traction at two Washington, DC privacy conferences,...
Shared Observability Unites SOCs, DevOps, and Risk View
RT SOCs and DevOps will need shared observability for agents: data access, tool calls, MCP interactions, and risk levels in one view. #Security #DevOps @Star_CIO https://t.co/tRGwCPc4Mb
Prioritize Post‑Quantum Signatures for Bitcoin Now
My take on Bitcoin and quantum computing: https://t.co/bq2HdAsnXQ tl;dr: I think the risk is high enough to warrant prioritizing designing, implementing, and evaluating post-quantum signature schemes and consensus upgrades in Bitcoin now.
Evolution of Ransomware: Multi-Extortion Ransomware Attacks
Ransomware attacks surged 49% in 2025, affecting healthcare, finance and manufacturing, with incidents like the University of Mississippi Medical Center shutdown forcing chemotherapy cancellations. Threat actors have evolved from simple encryption to double and triple extortion, stealing data before encrypting...
Restrict DB Access; Run with Minimal Privileges
Okay honestly this makes vibe coding into production very dangerous, you guys were all right I think what I'll do is cut off all access to DBs and run it as a user with almost no privileges
Frontier AI Halves Expert Task Time, 5.7‑month Doubling
Here’s an independent domain extension of METR’s famous time-horizon analysis, applying it to offensive cybersecurity with real human expert timing data Similar to METR: 5.7 months doubling time. Frontier models now succeed 50% of the time at tasks that take human...
AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech
Tech week saw a surge in AI investment and model releases, highlighted by OpenAI’s record $122 billion funding round and Alibaba’s Qwen3.5 Omni multimodal system. At the same time, major security incidents—from the NoVoice Android rootkit infecting 2.3 million devices to a...
9‑Minute Window Poses Existential Risk to Bitcoin
When I first heard about on-spend attacks, I immediately thought: this is scary. @apruden08 on why the 9-minute window creates an existential risk for Bitcoin 😱 https://t.co/t4lZ3iQxIm
Fake Class-Action Emails Could Blur Truth and Scams
If scammers started sending out fake class action emails feel like that would be rally hard to distinguish between real vs fake
Massachusetts Emergency Communications System Impacted by Cyberattack
A cyberattack on the Patriot Regional Emergency Communications Center disrupted non‑emergency and business phone lines for several northern Massachusetts towns, though 9‑1‑1 services remained functional. The intrusion affected municipal public‑safety computer systems, prompting officials to engage insurers, external cybersecurity firms,...
Security Giants Bet Big; Execution Determines AI Success
When companies like ServiceNow and Mastercard start making big security bets, you know the lines are blurring. Now it’s about execution. Who deploys AI securely and actually succeeds? https://t.co/QOSbQN1WO8
Crypto’s Core Strengths Threaten Its Quantum Future
Here's the irony: the things that make crypto work, immutability, decentralization, public addresses, are exactly what make it extremely vulnerable to quantum computers. @apruden08 on why blockchain faces a deadline other systems don't. 😓 https://t.co/7Lt08CnIfJ
Enforcers Project Plans to Strengthen European Cybersecurity
The EU‑funded Enhanced Cooperation for Cybersecurity (Enforcers) project launched in February, bringing together manufacturers, security providers, and research institutes to build a unified platform for industrial automation protection. The system will interconnect private SOCs, trusted hardware anchors, automated mitigation playbooks,...
Discovered “NomShub” Sandbox Breakout Bug in Cursor
New blog: We found a sandbox breakout and remote dev tunnel bug in Cursor. Called it NomShub. It was fun making my vscode dev tunnel C2 dashboard pink. https://t.co/KfPBzqEOYe https://t.co/Owgxbnge1b
Metrics Mislead: Scans Don't Equal Security Progress
Counting scans and alerts isn’t security progress—it's masking unresolved vulnerabilities and rising cyber risk. https://t.co/fsb8M3fbRc
Ukraine Warns Russian Hackers Are Revisiting Past Breaches to Prepare New Attacks
Ukraine’s cyber incident response team (CERT‑UA) warns Russian‑linked hackers are revisiting previously compromised systems to re‑establish footholds, marking a shift from the 2025 “steal‑and‑go” approach to sustained, long‑term access. Attackers now favor sophisticated social‑engineering, using phone calls and video chats...
FBI Warns Chinese Apps Store Data Accessible to Government
Chinese apps store sensitive data on servers in China, which the government can access, FBI warns. https://t.co/irVklBM99j
Tönnjes Offers New RFID Security Solutions for Vehicle Identification
Tönnjes, in partnership with Swiss chip maker EM Microelectronic, unveiled a next‑generation hybrid RFID/NFC chip for vehicle identification at Intertraffic in Amsterdam. The dual‑frequency tag combines long‑range RAIN RFID with smartphone‑compatible NFC, featuring AES‑128 encryption and expanded memory for secure,...
Navigating Data Privacy and Compliance Challenges in Digital Transformation
Digital transformation is accelerating adoption of cloud, automation, and AI, but it also amplifies data‑privacy and compliance risks. Organizations must juggle regulations such as GDPR, CCPA/CPRA, HIPAA, and emerging AI oversight rules across multiple jurisdictions. Strategies like privacy‑by‑design, comprehensive data...
Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain
Chainguard introduced Factory 2.0 at the Assemble conference, revamping its supply‑chain hardening platform with an AI‑powered control plane and agentic reconciliation bots. The new DriftlessAF framework continuously updates and patches approved open‑source artifacts across containers, libraries, and CI/CD workflows. Chainguard also...
FIDO Seminar: Advancing Passkeys in the Workforce
On the opening day of the RSA Conference, the FIDO Alliance hosted a one‑day seminar titled “Advancing Passkeys in the Workforce.” The event gathered senior security and identity executives to discuss practical rollout strategies, user‑experience considerations, and measurable impact of...
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
This week’s cybersecurity roundup revealed a wave of high‑profile threats, from a new Android banking trojan called Mirax that can be rented for $3,000 a month to an Android rootkit dubbed NoVoice that has infected roughly 2.3 million devices via Google...