Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
'A Single 732-Byte Python Script Can Be Used to Obtain Root on Essentially All Linux Distributions Shipped Since 2017': Time...
Theori’s research uncovered a local privilege‑escalation flaw dubbed “Copy Fail” (CVE‑2026‑31431) that lets a user write four controlled bytes to any readable file’s page cache and gain root on Linux kernels released since 2017. A 732‑byte Python proof‑of‑concept script can obtain root on major distributions such as Ubuntu 24.04 LTS, Amazon Linux 2023, RHEL 10.1 and SUSE 16. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities Catalog and, under Binding Operational Directive 22‑01, requires federal civilian agencies to patch systems by May 15. Threat actors have already been observed exploiting the flaw in the wild, prompting urgent remediation across the Linux ecosystem.
Treasury Warns AI Model Could Hack Bank Accounts, Urges Immediate Action
Treasury Secretary Scott Bessent told Fox News that Americans should be worried about AI-driven hacks to their bank accounts, citing Anthropic’s Claude Mythos model that can locate thousands of software flaws. The warning follows an emergency April meeting with Federal Reserve...
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
The Apache Software Foundation disclosed a critical vulnerability, CVE‑2026‑23918, in the HTTP/2 module of Apache HTTP Server 2.4.66, earning an 8.8 CVSS rating. The flaw is a double‑free in `mod_http2` that can be triggered by sending a HEADERS frame followed by...
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
Kaspersky has uncovered a supply‑chain attack that trojanized DAEMON Tools Lite installers released between April 8 and early May 2026 (versions 12.5.0.2421‑12.5.0.2434). The compromised binaries launch a loader that contacts a command‑and‑control server, downloads a .NET info‑gatherer and a minimalist backdoor, and in...
The Convenience Trap and Why Retail Fraud Has Outgrown Checkout
Retailers' push for frictionless experiences has widened the fraud attack surface, with fraud now spanning account creation, login, loyalty and BNPL, not just checkout. A 2026 survey of over 1,000 fraud and AML leaders shows only 47% of retailers have...
Please Report My Hacked X Account
Dr. Joseph Sansone disclosed that his X (formerly Twitter) account was compromised on March 1, 2026 and is now being used to promote Bitcoin scams. He has repeatedly contacted X’s support team without success, filed a Better Business Bureau complaint, and reported...
These 5 Critical Windows Defender Settings Are Off by Default - Turn Them on ASAP
Microsoft’s built‑in Windows Defender protects most PCs, but five key defenses remain off by default. The article walks readers through enabling Controlled Folder Access, Memory Integrity, Reputation‑Based Protection, Smart App Control, and Tamper Protection, each found under the Windows Security...
UAE Cyber Security Council, Cisco and Open Innovation AI Launch National AI Test and Validation Lab
The UAE Cyber Security Council, Cisco and Open Innovation AI announced the creation of a National AI Test and Validation Lab in Abu Dhabi. The facility will certify AI models for security, safety and compliance, marking the first government‑backed AI...
State Audit Slams NYC Schools for Lack of Student Data Privacy Oversight
The New York City Department of Education failed a state audit that revealed extensive gaps in student data privacy oversight. Auditors found the district lacks a comprehensive inventory of third‑party software, has experienced 141 security incidents—including breaches affecting 820,000 students—and...
Exclusive: What the Celebrity Stalkerware Breach Means for Executive Protection
Cybersecurity researcher Jeremiah Fowler uncovered a publicly accessible database containing 86,859 screenshots taken from a celebrity’s device, exposing personal communications, invoices, and identification data. The leak appears tied to stalkerware used by an individual targeting a European entrepreneur‑media figure, and...
AI Agents Expose a Costly Blind Spot in Fraud Prevention
Merchants are now seeing legitimate AI‑driven purchases flagged as fraud as AI shopping agents mimic bot behavior. Traditional fraud models, which rely on human‑centric signals, struggle to distinguish authorized agents from malicious bots. The resulting false declines generate lost revenue...
The Coming Hackastrophe
The Atlantic and NYT highlight a looming shift as AI models such as Claude Mythos enable bots to discover and exploit software flaws at scale. Experts warn that within a year or two these tools could make most existing applications...
SSE Vs. SASE: Federal Agencies’ Guide to Cloud Security Architecture
Federal agencies advancing zero‑trust and hybrid work are shifting from perimeter security to cloud‑delivered models. Two frameworks—Security Service Edge (SSE) and Secure Access Service Edge (SASE)—offer distinct paths: SSE provides security‑only services such as SWG, CASB and ZTNA, while SASE...
Bipartisan Senate Bill Takes Aim at AI Voice Cloning and Deepfake Fraud Targeting Mobile Users
The bipartisan AI Fraud Accountability Act (S.3982), introduced by Senators Lisa Blunt Rochester and Tim Sheehy, would make it a federal crime to use AI‑generated voice clones, synthetic video, or other deepfakes for financial fraud and identity theft on mobile...
Synthetic Identity Fraud Now 11 Percent of All Global Fraud, Posing Escalating Threat to Mobile Banking
LexisNexis Risk Solutions’ 2025 cybercrime report finds synthetic identity fraud now represents 11% of all global fraud, an eightfold rise since 2024. The study also documents a 450% surge in agentic bot traffic and a 59% year‑over‑year increase in malicious...
Oracle Will Patch More Often to Counter AI Cybersecurity Threat
Oracle announced it will move from quarterly to monthly security patch cycles for its ERP, database and other software, beginning May 28, 2026. The first Critical Security Patch Update (CSPU) will be released on the fourth Thursday of May, with subsequent patches...
The Former President of NABIP Was Minutes Away From Losing $25,000
Former NABIP president David Saltzman narrowly avoided a $25,000 loss after a sophisticated vishing scam. A fake Apple pop‑up prompted him to call an 800 number where a calm voice, posing as an FTC agent, instructed him to create a...
Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
Microsoft Edge decrypts and retains all saved passwords in cleartext within its process memory, even when the browser isn’t actively used. Security researcher Tom Rønning demonstrated a proof‑of‑concept that lets an attacker with administrative rights dump these credentials via memory...
FTC to Ban Data Broker Kochava From Selling Americans’ Location Data
The Federal Trade Commission has moved to ban data‑broker Kochava and its subsidiary Collective Data Solutions from selling precise location data without explicit consumer consent. The order stems from a 2022 FTC lawsuit alleging that Kochava harvested and sold geolocation...
Cyborg Partners with Austin Artificial Intelligence to Deliver End-to-End Secure AI in Production
Cyborg announced a partnership with Austin Artificial Intelligence to deliver end‑to‑end encrypted AI infrastructure using its CyborgDB vector database. CyborgDB offers sub‑millisecond latency for searching hundreds of millions of vectors while keeping all data encrypted, targeting regulated industries. The collaboration...
CISA Urges Critical Infrastructure Firms to ‘Fortify’ Before It’s Too Late
The Cybersecurity and Infrastructure Security Agency (CISA) released new guidance under its international “CI Fortify” initiative to help critical infrastructure operators isolate and recover from cyber intrusions. The advice, modeled on Australian 2025 guidance, stresses preparing for unreliable third‑party connections...
The EOL Blind Spot in Your CVE Feed: What SCA Tools Miss
HeroDevs warns that most vulnerability scanners miss end‑of‑life (EOL) open‑source packages because CVE advisories rarely list those versions. Their analysis shows roughly 80 % of new CVEs affect EOL releases that are not flagged, and only about 7,000 of the 5.4 million...
Emphasis on Cybersecurity in Medical Practices Could Protect Both Patients and Health Care
Healthcare providers are increasingly targeted by cyberattacks as digital workflows expand, raising the risk of data leaks and service disruptions. The February 2024 Change Healthcare ransomware incident exposed the records of roughly 192.7 million Americans and highlighted the vulnerability of even large...
What If Your Digital Footprint Could Shrink?
TechRepublic Academy highlights two steeply discounted offers aimed at bolstering digital security and career growth. The Surfshark One+ with Incogni bundle, now $91.99 for two years (down from $500.40), combines VPN, antivirus, breach alerts, and automated data‑broker removal. Meanwhile, ExpertEase...
Android Zero-Click RCE Vulnerability Enables Remote Shell Access
Google has issued a patch for a critical Android zero‑click vulnerability (CVE‑2026‑0073) that grants remote shell access via the adbd daemon. The flaw spans Android 14 through 16‑QPR2, allowing attackers on the same network or within physical proximity to execute...
Surfshark Launches Native VPN App for Amazon Fire TV’s Vega OS, Restoring Streaming Privacy
Surfshark has released a native application for Amazon’s Vega OS, the Linux‑based platform that powers the newest Fire TV devices. The move restores VPN functionality that vanished when Amazon shifted away from Android‑based Fire OS in late 2025, giving users...
Instructure Breach Exposes Data of 275 Million Users, Raises DevSecOps Alarm
Instructure confirmed a cyberattack that exposed personal data of roughly 275 million teachers, students and staff across 9,000 schools. The breach, claimed by the ShinyHunters group, highlighted gaps in the ed‑tech platform’s DevSecOps processes and sparked industry‑wide calls for stronger security...
Broadcom Bets Big on VMware Cloud Foundation 9.1
Broadcom unveiled VMware Cloud Foundation 9.1, branding it as an AI‑ and Kubernetes‑native private cloud that supports AMD, Intel and Nvidia hardware. The release targets three pillars: mitigating hardware supply constraints, accelerating AI‑enabled application delivery, and enforcing zero‑trust security. New...
From Diagnosis to Deterrence: The Emerging U.S. Response to Adversarial Distillation
In April the White House and the House Foreign Affairs Committee moved to counter Chinese adversarial distillation of U.S. frontier AI models. The Deterring American AI Model Theft Act of 2026 (DAAMTA) would require a 180‑day assessment, publish an attackers...
Orange Cyberdefense Report Shows Insider Threats Now Top Enterprise Risk at 57%
Orange Cyberdefense’s latest threat‑landscape report reveals internal threats now account for 57% of cyber incidents, surpassing external hacking for the first time. The shift, driven by employee misuse and shadow‑IT, forces firms to double down on zero‑trust, credential hygiene and...
Berkshire Hathaway Flags Cyber Uncertainty and Holds Back on Data Centre Cover
Berkshire Hathaway’s insurance arm is deliberately holding back on two fast‑growing lines – cyber and data‑centre coverage. Vice Chairman Ajit Jain said the firm sees strong global demand for cyber policies but cannot reliably model aggregate exposure, and recent low...
EU Reaches Out to Anthropic Over Mythos AI Threat
EU Economy Commissioner Valdis Dombrovskis announced talks with Anthropic to test European firms and banks for vulnerabilities from the unreleased Mythos AI model. Finance ministers are pushing for access amid fears the model could expose systemic cyber risks to the...
SentinelOne (S) Partners with Silverfort on AI and Identity Security
On April 21, 2026 SentinelOne announced a strategic partnership with Silverfort to secure human, AI‑agent and other non‑human identities. The joint solution blends SentinelOne’s AI‑driven detection platform with Silverfort’s runtime identity protection across endpoints, cloud workloads and AI applications. By...
AWS Nitro Isolates Resources, Blocking Copy‑Fail Exploit
If you were wondering if this affects AWS VMs ~ per Google aimode and AWS documentation: The AWS Nitro System mitigates the Copy Fail vulnerability through architectural isolation, specifically by pinning dedicated physical resources and eliminating shared Dom0 kernel components. AWS...
Anti-ICE Site GTFO ICE Accused of Exposing Data of 17,000+ Activists
Former DHS chief Miles Taylor launched GTFO ICE, an anti‑ICE advocacy platform, in April 2026. Researchers discovered the site’s public REST API was unprotected and lacked rate‑limiting, allowing anyone to download the personal data of 17,662 users in seconds. The breach...
Foreign-Invested Apps and Taiwan’s Cybersecurity Blind Spot
Taiwan’s food‑delivery market is on the cusp of a major shift as Grab moves to acquire foodpanda for roughly $600 million, potentially securing over half of the sector’s share. The deal would transfer vast troves of location, consumption, and labor data...
LinkedIn Faces GDPR Scrutiny Over Paid Profile View Data and Access Rights Dispute
LinkedIn is under renewed GDPR scrutiny after privacy group noyb filed a complaint in Germany, alleging the platform violates Article 15 by restricting profile‑visitor data to Premium subscribers. The social network’s practice of refusing a standard data‑access request while selling the...
Proton Mail Rolls Out Post-Quantum Encryption for All Users as Industry Braces for ‘Harvest Now, Decrypt Later’ Threat
Proton Mail announced that its email service now offers post‑quantum encryption (PQC) to all users, including those on free plans, adding a quantum‑resistant layer to newly sent messages. The PQC keys are generated alongside existing RSA and ECC algorithms rather...
Google Cloud Next ’26: Rubrik Announces Cyber Resilience for Google Cloud SQL
Rubrik announced a new cyber‑resilience add‑on for Google Cloud SQL, extending its Security Cloud platform to protect managed PostgreSQL databases. The integration delivers immutable, automated backups that operate alongside existing disaster‑recovery workflows without architectural changes. Customers can apply global policies,...
Opswat and Emerson to Strengthen Cybersecurity for Critical Infrastructure Operators with Global Reseller Agreement
Opswat and Emerson have signed a global reseller agreement to embed Opswat’s operational‑technology (OT) patch‑management suite into Emerson’s Ovation Automation Platform. The deal targets power generation and water‑utility operators, extending the existing DeltaV Alliance to a broader set of critical‑infrastructure...
What Are Managed Identities in SQL Server 2025? A Complete Guide
Managed identities—Microsoft Entra‑backed, password‑less identities—are now supported in SQL Server 2025 when the instance is Azure Arc‑enabled. The feature allows a system‑assigned managed identity to obtain tokens for Azure services, eliminating stored secrets and reducing credential‑rotation overhead. Configuration requires Windows Server,...
AI Finds 20-Year-Old Bugs in PostgreSQL and MariaDB
AI‑driven security tool Xint Code uncovered a high‑severity heap overflow in PostgreSQL’s pgcrypto extension and a buffer‑overflow in MariaDB’s JSON schema validation, both tracing back to code written over two decades ago. The PostgreSQL flaws (CVE‑2026‑2005 and CVE‑2026‑2006) received CVSS...
Security Vendors Must Own AI, Not Serve It
GenAI is going to augment nearly every layer of the security stack. The interesting question for vendors is not whether the stack disappears. It is whether you become a feature of someone else's AI, or whether AI becomes a feature of...
Hackers Hijack AWS Tools to Power Phishing Attacks
Hackers are stealing access to legitimate AWS tools and using them to launch phishing campaigns. https://t.co/qLfuOeGReN
Flip the Ratio: Cheap Assessment, Board‑
"The answer probably starts with flipping the ratio: making assessment as cheap as generation, paying for fixes instead of just finds, and treating supply chain security as the board-level priority it has been pretending to be."
AI and Quantum Threats Demand New Cybersecurity Frameworks
Why Cybersecurity Strategies and Frameworks Must Be Recalibrated in the Age of AI and Quantum Threats
Assess if Cloud Credentials Exposed Beyond Authentication
I need to take a look at this and see if you can essentially expose cloud platform credentials and permissions or it is purely auth with no additional attack surface.
Governance Gaps Amplify Risk; Enforce Ownership, Access, Monitoring
Digital infrastructure operates as a single layer across operations, where gaps in governance accumulate risk. Clear ownership, controlled access and real-time monitoring must become daily disciplines, since failures propagate across providers and teams. Microblog @antgrasso https://t.co/hplDKIGUOd
Tax‑authority Phishing Spreads ValleyRAT and New ABCDoor Backdoor
Phishing "from the tax authorities" → a modified downloader → the well-known ValleyRAT backdoor + the previously undocumented Python backdoor, ABCDoor. Learn more: https://t.co/8mFxmep5xC https://t.co/9yUZwdH8mO
World Rushes to Enforce ID, Threatening VPN Anonymity
There’s something ominous about the speed with which the entire world has marched to require identification on platforms and, as I expected, begin the process of banning anonymous VPNs.