Today's Cybersecurity Pulse
Anthropic CEO meets White House over federal access to Mythos AI
Anthropic CEO Dario Amodei will meet White House chief of staff Susie Wiles to discuss government access to the company's Mythos AI model, which can discover and exploit zero‑day vulnerabilities. The meeting follows a Pentagon‑imposed blacklist after Amodei refused to lift safety restrictions, while Treasury, intelligence agencies and CISA are already testing the model.
Also developing:
By the numbers: Artemis raises $70M in combined seed and Series A round
STV Group and Post-Quantum Successfully Trial World’s First Quantum-Resilient Drones
STV Group and UK‑based Post‑Quantum announced the successful trial of the world’s first quantum‑resilient drones, demonstrating secure, future‑proof communications between unmanned aircraft and operators. The tests, conducted in operational environments linked to Ukraine and other allied theatres, proved the drones can maintain encrypted links even against emerging quantum‑computing attacks. This marks the first active‑deployment‑ready quantum‑safe drone system for NATO‑aligned forces. The partnership blends STV’s defence integration expertise with Post‑Quantum’s cryptographic solutions.
What Makes Browser Hijacking a Silent Threat?
Browser hijacking, where attackers covertly alter browser settings or install malicious extensions, is emerging as a silent threat to enterprises. Researchers have identified 33 rogue extensions affecting over 2.6 million users, and Microsoft reported a 111 % surge in token‑replay attacks in...
Scaling Speed and Trust in AI-Driven Systems
How do we build systems where speed and trust can scale together? I explored this with @MichaelLeland, field CTO of #island at RSA and it’s the challenge of the AI era. AI is now an actor. Fast, boundaryless, and creating risks most...
Bitcoin Must Start Quantum-Resilience Work Today
Bitcoin needs to get ready for the quantum era. We need to strengthen initiatives like BIP 360. We need to invest more efforts in finding creative, smart solutions to ensure Bitcoin is post-quantum secure. Saying that quantum computers are coming is not FUD....
World Backup Day 2026: A Telecom B2B Guide to Data Protection in the AI Age
World Backup Day on March 31 highlights telecoms’ need for robust data protection amid AI‑driven growth. AI adoption has surged, with 77% of telecom executives citing operational benefits and 61% using AI for analytics, but it also inflates data volumes and...
Npm Supply Chain Attacks Becoming Disturbingly Frequent
is it me or supply chain attacks on npm are getting regular occurrence these days?
AI Automation Fuels Sophisticated, Costly Cyberattacks Across Businesses
AI-driven cyberattacks are becoming more sophisticated and costly, with automation enabling highly targeted phishing, synthetic identities, and a surge in ransomware and coordinated attacks impacting businesses of all sizes. cybersecurity
Axios Compromised on NPM – Malicious Versions Drop Remote Access Trojan
On March 30‑31 2026, attackers compromised the npm maintainer account for the popular HTTP client library axios and published two malicious releases, axios@1.14.1 and axios@0.30.4. Both versions added a fake dependency, plain‑crypto‑js@4.2.1, which runs a post‑install script that drops a...
Hardware Advances Slash RSA Break Time to Minutes
Still a lot to build on the hardware side, but the last state of the art papers were stating about 8 hours to crack RSA, now it's 9 minutes. Lots of gates, lots of hardware, but we are seeing quite...
Federal ‘Fedware’ Apps Flagged as Spyware, Raising Alarm for Government CIOs
A review of recently released federal mobile applications, dubbed “Fedware,” uncovered extensive permission requests and embedded third‑party trackers, including sanctioned Chinese components. The findings warn public‑sector CIOs of heightened privacy and security exposure.
SANS Stormcast Tuesday, March 31st, 2026: Honeypot Session Lifetime; Let’s Encrypt Tests Mass Revocation; F5 RCE Exploited
In this 5‑minute Stormcast episode, host Johannes Ulrich discusses three security topics: the typical short lifespan of honeypot sessions and how the final command attackers run can reveal they’re in a honeypot; Let’s Encrypt’s staged test of its mass‑revocation process...
Has GSA Adopted DOD’s CMMC Requirements?
On January 5 2026 the General Services Administration issued an IT Security Procedural Guide that instantly raises cybersecurity requirements for any contractor handling Controlled Unclassified Information. The guide forces compliance with NIST SP 800‑171 Rev 3, selected SP 800‑172 Rev 3 controls, and privacy controls from...
RPKI vs Social Engineering: A Case Study in Route Hijacking
At APRICOT 2026, APNIC and LACNIC disclosed a BGP hijack in July 2025 that combined technical spoofing with social engineering. The attacker forged identity documents to convince a multinational upstream provider to activate transit for a stolen ASN, enabling short‑lived, unauthorized route...
AI Will Supercharge Security, But Transition Will Be Rough
I think the situation with AI and security this talk highlights is kind of indicative of how AI disruption will play out. AI is going to make it really, really easy and cheap to find exploits in software. The end...
Beyond Pinning: Harden Node and Python Supply Chains
Supply chain attacks are becoming more frequent, and far more serious. What are sensible practices to protect against these when using Node or Python packages? I assume pinning versions is the bare minimum; for those with security teams / tools: why else...
How We Eliminated Long-Lived CI Secrets Across 70+ Repos
Pulumi eliminated long‑lived CI secrets across more than 70 repositories by swapping static GitHub secrets for short‑lived, OIDC‑driven credentials via Pulumi ESC. The new flow exchanges a GitHub‑issued JWT for a Pulumi access token, which then opens an ESC environment...
Treat AI Agents Like Malware: Three Safety Lessons
AI Agents Act a Lot Like Malware. 3 core lessons that can help companies safely adopt agentic AI https://t.co/jmHx1BceXK https://t.co/nhAWPPp2OG
Beware: Surge of Fake Scammer Profiles Targeting DMs
big influx of fake scammer profiles on here, be careful out there folk (be very wary of people DM-ing you out of the blue or inviting your to chatrooms etc)
Kernel Observability for Data Movement
Modern security stacks rely on user‑space logs, leaving a blind spot at the operating system layer where data actually moves. Kernel‑mediated events—file reads, network writes, process creation—provide a complete, immutable record of every data flow, yet most tools never tap...
AI Bot PwnedClaw Analyzes This Week's Data Breaches
Weekly update is up! Join Me in Investigating Today’s Data Breaches With the PwnedClaw, the OpenClaw Agentic AI Bot Doing My Legwork: https://t.co/KeML1pLTOL
Popular AI Gateway Startup LiteLLM Ditches Controversial Startup Delve
LiteLLM, a widely used AI gateway for developers, announced it is ending its partnership with compliance startup Delve and will pursue new certifications through Vanta and an independent auditor. The move follows a credential‑stealing malware breach that exposed weaknesses in...
UN Norms: Tackling the Rise of Cyber Capabilities
The UN Open‑Ended Working Group (OEWG) wrapped up its 2025 cycle, reaffirming the 2015 GGE’s eleven cyber norms but delivering few fresh agreements. A new permanent Global Mechanism has been created to keep multilateral dialogue on state behaviour in cyberspace...
![[Payments Arriving] Evolve Bank & Trust Data Breach + $20 Settlement](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://www.doctorofcredit.com/wp-content/uploads/2024/07/evolve-data-breach.png)
[Payments Arriving] Evolve Bank & Trust Data Breach + $20 Settlement
Evolve Bank & Trust disclosed a ransomware breach in May 2024 attributed to the LockBit criminal group. An employee’s click on a malicious link allowed attackers to download customer data and encrypt files, though backups limited operational loss and no...
Hybrid Vishing Campaigns Abuse Online Services to Evade Anti-Spam Filters
Hybrid vishing attacks now combine phishing emails with voice scams by abusing trusted SaaS platforms such as Google Calendar, Microsoft Teams, Zoom, and Squarespace to deliver authenticated invitations that prompt victims to call fraudulent numbers. By leveraging SPF, DKIM, and...
Hackers Hit Patel Email While Cyber Defenses Weakened by Shutdown
The Cybersecurity and Infrastructure Security Agency (CISA) is operating with roughly 60% of its workforce furloughed amid a partial DHS shutdown, forcing the agency to shift from proactive threat hunting to merely reacting to imminent attacks. Within days, Iranian-linked hackers...
OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens
BeyondTrust Phantom Labs uncovered a critical command‑injection flaw in OpenAI's Codex that leveraged hidden Unicode characters in GitHub branch names to steal OAuth tokens. The vulnerability affected the ChatGPT web interface, Codex SDK, and several developer extensions, exposing full repository...
New RoadK1ll WebSocket Implant Used to Pivot on Breached Networks
Security firm Blackpoint uncovered a new Node.js WebSocket implant called RoadK1ll, which enables attackers to pivot from a compromised host to internal systems via outbound tunnels. The lightweight reverse‑tunneling tool establishes a persistent WebSocket connection to attacker infrastructure, allowing multiple...
ILTA Just-in-Time: When Data Becomes More Valuable Than Downtime, Law Firms Become a Prime Target
Ransomware attacks have shifted focus from merely disrupting operations to stealing and monetizing sensitive data, making downtime less valuable than the information compromised. Law firms, with their troves of confidential client and case files, have become prime targets for these...
Shadow AI Emerges as Active Threat Amid Rapid Adoption
Shadow IT was always a problem. Shadow AI is different. Now it can act, not just exist. And the pace of adoption is like nothing I have seen before. What are you doing to manage shadow AI?
Enhancing Security Operations Builds on Zero Trust: Strengthening National Security Through Deception
The Pentagon is moving zero‑trust from policy to full‑scale execution, establishing maturity goals across the department. Recognizing that breaches are inevitable, defense leaders are adding cyber deception to actively engage attackers and gather intelligence. AI‑driven deception platforms now automate decoy...
APRA Pulls Data Submission System After Security Pentest
The Australian Prudential Regulation Authority (APRA) decommissioned its legacy Direct To APRA (D2A) data‑submission system after a routine penetration test on March 19 uncovered unnamed vulnerabilities. The regulator took the system offline on March 20 and urged all banks, insurers and superannuation funds to...
Why Identity-Led Security Services Matter Now for MSPs
Identity-led security is becoming a growth engine for managed service providers as 60 % of breaches now involve compromised identities. MSPs that layer modern IAM—phishing‑resistant MFA, passwordless login, and continuous risk assessment—onto existing services can differentiate themselves and command higher margins....
Okta CEO Todd McKinnon Unveils AI‑Powered Agent Identity Platform
Okta chief executive Todd McKinnon introduced an AI‑powered agent identity platform that will manage credentials for autonomous software agents. The move targets growing security concerns as enterprises deploy more AI tools, and it reflects Okta’s effort to stay ahead of...
Iran‑linked Hackers Breach FBI Director Kash Patel’s Personal Email, $10 M Bounty Announced
A group identified as the Iran‑linked Handala Hack Team infiltrated FBI Director Kash Patel’s personal email, leaking hundreds of private messages and documents. U.S. authorities have offered a $10 million reward for information leading to the hackers’ arrest, underscoring the vulnerability...
Public Health Providers Have to Obey Strict Cyber Security Rules – so Should Private Contractors
New Zealand’s recent cyber‑security strategy follows high‑profile health data breaches that exposed over 120,000 patients’ records. The government argues that existing privacy legislation does not impose enforceable cyber standards on private IT contractors supporting public health providers. It calls for...
Steakhouse Financial Warns Users of Phishing Attack
Steakhouse Financial, a Zug‑based DeFi platform, warned users on March 30 to stop using its website and app after detecting a phishing attack that duplicated its front‑end. The compromise, traced to code from the Angelferno wallet‑drainer operation, primarily targets new...
6 Biggest Cybersecurity Mistakes CEOs Make
A 2025 EY study found 84 % of organizations faced a cyber incident in the past three years, many of which were preventable with stronger leadership. CEOs often treat cybersecurity as a technical checkbox rather than a strategic priority, leading to...
AI-Driven Code Surge Is Forcing a Rethink of AppSec
AI‑driven code generation is causing organizations to produce ten to twenty times more software than a year ago, overwhelming traditional application‑security tools. The surge expands the attack surface, making vulnerabilities easier for adversaries to exploit. Black Duck’s CEO Jason Schmitt...
Italian Regulator Fines Financial Giant $36 Million for Data Protection Failures
Italian Data Protection Authority fined Intesa Sanpaolo €31.8 million ($36 million) for unauthorized access to over 3,500 customers' data between February 2022 and April 2024. The regulator cited serious shortcomings in technical and organizational safeguards, noting that internal controls failed to detect the breach....
Never Store Passports; Avoid KYC Data Leaks
I'm not sending anyone my passport anymore My Portuguese lawyer wanted me to email her a copy of my passport for KYC I rejected and she was confused "I've never been hacked" 99% of people are not aware any account probably can and will...
15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow
A fifteen‑year‑old integer underflow bug (CVE‑2026‑25075) in strongSwan’s EAP‑TTLS plugin can crash VPN services by requesting an impossible 18 exabyte memory allocation. The flaw affects versions 4.5.0 through 6.0.4 and triggers a two‑phase “ghost” attack that only crashes the charon daemon...
Secure Sandbox Empowers Local AI Assistants with Control
OpenClaw has proven that local AI assistants have product-market fit. But the big issue with them has been security. The team at @Pokee_AI is fixing it with PokeeClaw: works like OpenClaw, but with in a secure sandbox architecture with isolated environments, approval workflows,...
Most Firms Can't Apply Zero Trust to AI Agents
Zero trust for humans – but implicit trust for machines? - Raconteur “In 65% of organisations, zero trust controls cannot secure non-human identities (NHIs), including new agentic AI systems.” https://t.co/pK57KjAzoS https://t.co/JA0DMauDdc
OKCupid Gave User Photos To Facial Recognition Company, FTC Charges
The Federal Trade Commission alleges that OKCupid supplied photos and demographic data of roughly three million users to facial‑recognition startup Clarifai in 2014, contrary to its privacy policy. The FTC complaint says OKCupid and its owners concealed the transfer and...
National Labs Drive Multi‑Agency Solar Cybersecurity Standards
National laboratories lead multi-agency push for solar cybersecurity standards #energysky -- via pv magazine usa: https://t.co/2zCsruApti
Veteran Researcher Warns: AI-Driven Security Apocalypse Underway
Another veteran computer security research — Thomas Ptacek — says we're currently in middle of the Computer Security AIpocalypse: https://t.co/80HQZjpMDb https://t.co/8llU4N93SX
Huskeys Raises $8m Seed to Modernise Legacy Web Security
Edge security startup Huskeys announced its emergence from stealth after closing an $8 million seed round led by investors such as 10D, SV Angel and a roster of athlete angels. The company launched its Edge Security Management platform, which sits atop...
New Have I Been Pwned Features Boost Privacy, Usability, Performance
Today, after many months of hard work, we're launching a bunch of new @haveibeenpwned features that improve privacy, usability and performance. We're a little team, but we've done a lot since this pic in November. Here are all the details:...
New WordPress Flaw Lets Hackers Read Any File
Hackers can read arbitrary files, including those containing passwords, with this newly discovered WordPress flaw. https://t.co/rCE6SHGYXW
DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials
Researchers at ReliaQuest uncovered DeepLoad, a new malware loader delivered through a ClickFix social‑engineering lure that tricks users into running obfuscated PowerShell commands. The loader employs AI‑generated code obfuscation, APC injection, and dynamic C# compilation to avoid static and behavioral...