Today's Cybersecurity Pulse
Microsoft releases record‑size Patch Tuesday for April
The April update cycle delivered 165 patches addressing roughly 340 unique CVEs, including two zero‑day flaws, one of which is already being exploited in the wild. Microsoft urges immediate deployment across all product families.
Also developing:
By the numbers: Artemis raises $70M Series A
Fake Airline ‘Help’ Accounts Surge on X as Middle East Disruption Fuels New Wave of Scams
Travelers across the UK and Europe are seeing a sharp rise in fake airline customer‑service accounts on X as the Middle East conflict forces widespread flight cancellations and delays. Fraudsters impersonate carriers such as Emirates, Etihad and Qatar Airways, replying within minutes to public help requests and then moving conversations to direct messages. In those DMs they solicit personal data, booking references and payment details, often directing victims to counterfeit refund sites. Airlines and regulators have issued urgent warnings, urging passengers to use only official websites or apps for assistance.
Thousands of Corewell Health Patients Affected by Security Breach
Corewell Health disclosed that its former consulting partner, Pinnacle Holdings, suffered a data breach in 2024, potentially compromising the personal information of thousands of patients. The health system promptly initiated an internal review to determine the scope of exposure and...
IRS Issues Dirty Dozen Alert as AI-Powered Tax Refund Scams Surge
The Internal Revenue Service released its 2026 "Dirty Dozen" list, flagging 12 tax‑refund scams—including AI‑generated robocalls and sophisticated phishing—targeting millions of filers. The agency logged over 600 social‑media impersonators in FY 2025 and warned that the scams are more aggressive...
Supply‑Chain Breach of Aqua Security's Trivy Hits Millions of Developers
Aqua Security confirmed that its open‑source Trivy vulnerability scanner was hijacked on March 19, 2026 by the hacker group TeamPCP. The attackers injected malicious binaries and GitHub‑Actions tags, stealing 300 GB of credentials and affecting millions of developers who rely on the tool.
GitHub to Train Copilot Models on User Data, Sharing Results with Microsoft
GitHub announced that, beginning April 24, it will collect usage data from free, Pro and Pro+ Copilot users to train its own AI models and share the data with Microsoft. Business, Enterprise and users who opt out are exempt, sparking...
Secure Authentication Starts With Secure Software Development
The MojoAuth blog stresses that secure authentication begins with secure software development, not just choosing the right protocol. It highlights how modern methods like passkeys, WebAuthn, OAuth, and JWT introduce implementation challenges that can become breach vectors. The article outlines...
What Is Shift Left Security?
Shift‑Left Security embeds protection into the earliest phases of the software development lifecycle, moving security checks leftward on the SDLC diagram. Gartner forecasts cloud spending will exceed $1 trillion by 2028, intensifying the need for proactive AppSec. By integrating automated SAST,...
Open VSX Scanner Vulnerability Lets Malicious Extensions Go Live
Open VSX, the extension marketplace for VS Code forks, patched a critical “Open Sesame” vulnerability that let malicious extensions bypass its pre‑publish scanning pipeline. The flaw stemmed from a Boolean logic error that treated scanner failures as a “no scanners configured”...
China Used Fake LinkedIn Profiles to Spy on NATO, EU: Security Source
Chinese state security operatives deployed fabricated LinkedIn recruiter accounts to infiltrate NATO and EU institutions, posing as head‑hunters to solicit sensitive information. The fake profiles, such as the "Kevin Zhang" persona, offered paid reports before requesting classified data, paying recruits...
NightBeacon's Primary Model Acts as Evaluator for Better Reasoning
One cool component of NightBeacon is different models trained on the same data, but look at the work that the main model does - think of it as an evaluator, judge, or tier 3 soc analyst that looks at the...
South Korea Launches $13 Million Data Space Pilot Program to Accelerate Secure Data Sharing
South Korea's Ministry of Science and ICT and the National Information Society Agency announced a call for Data Space pilot projects, pledging up to 16.8 billion won (about $13 million) for a medical initiative and additional funding for general‑field pilots. The move...
Fidelity's $2.5M Settlement Highlights Persistent Banking Cyber Risks
Fidelity is preparing to close the door on a class action lawsuit stemming from a recent data breach, agreeing to pay $2.5 million to affected customers. While the settlement amount is relatively modest for a company of Fidelity's scale, the...
Delete Scam Emails; Verify Through Official Sites Only
Another day, another scam 🚨 SSA won’t email you a benefits PDF IRS won’t send account info as an attachment If you get one → delete it. Need info? Go straight to the official site and log in. https://t.co/ambNOfA6NZ
A New Phishing Scheme Is Targeting NFL and NBA Stars: Here’s How the ‘Adult Film Star’ Scam Works
A Georgia man, Kwamaine Jerell Ford, is accused of running a phishing operation that duped NFL and NBA players by posing as an adult film star. The scheme harvested iCloud credentials, stole credit‑card data and secretly filmed victims during coerced...
Don't YOLO Your File System
Developers are increasingly seeing AI agents wipe files, empty directories, and corrupt home folders when given unrestricted system access. The new open‑source tool jai offers a single‑command sandbox that isolates an agent’s workspace while keeping the current working directory writable....
TrendAI Report Finds 67% of Firms Push GenAI Forward Amid Rising Security Risks
TrendAI's latest survey of 3,700 decision‑makers shows 67% of enterprises are under pressure to adopt generative AI even as they grapple with data‑leak risks, malicious prompts and weak governance. The firm also announced a partnership with NVIDIA to embed security...
Instantly Generate Detection Rules From Any Source
If you missed this post, it’s a good read on a the ability to rapidly almost instantly push new detection capabilities or gaps within a monitoring environment. I developed a component of NightBeacon called Nexus Intelligence, it’s an agent where you...
'From 16 Hours to Under 5 Minutes': How Gen AI Is Turning Fraud Into a $400B+ Global Industry — and...
Generative AI is slashing the time needed to craft fraud schemes from over 16 hours to under five minutes. The acceleration has helped push global financial losses past $400 billion in a single year, with two‑thirds of scams succeeding within a...
Breach of Confidence – 27 March 2026
The security community faced a wave of incidents in late March, starting with the compromise of Trivy, a popular open‑source scanner, which turned a defensive tool into an attack vector. A separate breach of McKinsey’s AI platform exposed 22 unauthenticated...
![[Expired – Class Action Settlement] [Targeted, CA only] Patelco Credit Union $300 Checking Bonus](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://www.doctorofcredit.com/wp-content/uploads/2025/01/patelco-400.png)
[Expired – Class Action Settlement] [Targeted, CA only] Patelco Credit Union $300 Checking Bonus
Patelco Credit Union is offering a $400 new‑account bonus, split into $300 for opening a free or interest checking account, $50 for adding a Money Market account, and $50 for enrolling in the RoundUp savings feature. To earn the $300...
ShinyHunters Walk Away From BreachForums, Leak 300,000-User Database
The ShinyHunters hacker collective announced it is abandoning BreachForums, labeling the platform a waste of time after an FBI seizure in October 2025. Simultaneously, the group released a fresh dump containing data on more than 300,000 BreachForums users, including full...
AI‑SOC Tool Deconstructs Attacks, Slashes MTTR and False Positives
Here's a small taste of NightBeaconAI (our human driven but AI-SOC augmented solution I've built) @Binary_Defense - it has attack path deconstruction - can see every part of an attack chain with details on each part of it. Doesn't matter...
F5, Breached by an APT Last Year, Says BIG-IP APM Exploited
F5’s BIG‑IP Access Policy Manager (APM) vulnerability CVE‑2025‑53521 is being actively exploited, granting unauthenticated remote code execution. Attackers can disable SELinux, write in‑memory webshells, and seize control of authentication and VPN services used by Fortune 500 firms. The exploit follows a...
Windows PCs Crash Three Times As Often As Macs, Report Says
Omnissa’s 2026 State of Digital Workspace report, based on global telemetry, finds Windows PCs crash 3.1 times more often than Macs and freeze 7.5 times more frequently. Windows devices are typically refreshed every three years, compared with five years for Macs, leading...
Anthropic’s Mythos Leak Is a Wake-Up Call: Phishing 3.0 Is Already Here
Anthropic’s accidental disclosure of its upcoming Claude Mythos model has ignited concerns about AI‑driven cyber threats, but the real alarm is that today’s publicly available generative AI already powers sophisticated phishing attacks. These models can scrape public data, mimic corporate tone,...
FBI Director Kash Patel and White House Instagram Hacked by Iran
The episode dives into recent Iranian cyber‑operations, focusing on the hack of FBI Director Kash Patel's personal email and the simultaneous breach of the White House's Instagram and X accounts. Host Dean Blundell reviews leaked photos and emails from Patel's...
Cyber‑Safety Book Series 'Byte Sized Lessons' Launches for Young Readers
Cybersecurity expert Dr. Rae Rivera has released the children's book series 'Byte Sized Lessons with Zola and Zena,' a playful guide that teaches kids how to spot phishing, create strong passwords and stay safe online. The series is now available...
Secure Tomorrow’s Data Centers with Platform Firmware Resiliency
The National Institute of Standards and Technology released SP800‑193, a framework for platform firmware resiliency (PFR) that guides data‑center operators in protecting, detecting, and recovering from firmware attacks. The standard distinguishes secured boot, which blocks untrusted code, from measured boot,...
BSidesSLC 2025 – LLM-Assisted Risk Management For Small Teams & Budgets
At BSidesSLC 2025, cloud architect Connor Turpin presented a framework for leveraging large‑language models (LLMs) to streamline risk management in security‑constrained environments. He demonstrated how open‑source LLMs can automate vulnerability triage, threat‑intel summarization, and ticket generation for teams with limited...
Skullcandy Taps Riskified for Fraud Prevention
Skullcandy partnered with Riskified via the Shopify app to overhaul its fraud‑prevention workflow. By adding a secondary review layer and recalibrating AI‑driven thresholds, the retailer cut its fraud‑decline rate to about 0.1% and kept chargebacks around 0.06% over 12 months....
GPT Can’t Trace an Attack Chain. A Purpose-Built Cybersecurity LLM Can.
Cybersecurity teams face a chronic talent gap, with 4.8 million positions unfilled and 71% of SOC analysts reporting burnout. General‑purpose LLMs like GPT‑4 can summarize alerts but fail to trace attack chains or correlate data across dozens of tools. Purpose‑built cybersecurity...
RSAC 2026: Sonar Shares Why Code Security Must Shift Before CI
At RSAC 2026, Sonar’s VP of Code Security Jeremy Katz warned that traditional CI/CD checkpoints are no longer sufficient as AI‑assisted, agent‑driven development accelerates code creation. He highlighted a critical gap: security must be applied before code reaches CI, with...
Biometrics Adoption, Inclusion Gains Depend on Bridging the Understanding Gap
Researchers from Hong Kong and Germany examined 22 older Chinese adults’ experiences with biometric payments, finding that convenience and perceived security drive adoption while fears of loss of control and data misuse hinder it. The study, slated for the 2026...
Gitleaks Creator Returns with Betterleaks, an Open Source Secrets Scanner for the Agentic Era
The creator of the popular secret‑scanning tool Gitleaks has launched Betterleaks, an open‑source scanner designed as a drop‑in replacement with faster performance and more flexible validation. Backed by AI‑focused security startup Aikido, Betterleaks swaps hard‑coded entropy checks for CEL‑based rules...
Single-Account Governance Led to $25M DeFi Exploit
$25 million stolen. In this episode of Uneasy Money, hosts @kaiynne, @tayvano_ & @LucaNetz are joined by @omeragoldberg to unpack the Resolv exploit and Aave v4 governance approval: 🤔 Why was the USR minting function governed by a single account? ⁉️ How did...
AI‑Powered Fraud Evolves Into Fast, Organized Threat
Fraud has scaled into an organized system driven by AI speed, complex deception methods, and limited response windows for institutions worldwide. https://t.co/daIf9K8o01
Ransomware Attack Totally Cripples Jackson County Sheriff’s Office in Indiana
A ransomware attack crippled the Jackson County Sheriff’s Office IT infrastructure last week. The breach likely began with a phishing email that delivered malicious code, which lay dormant before encrypting files and spreading laterally. The resulting total network outage forced...
Panasonic Launches First Grid‑scale BESS Cybersecurity Monitoring Trial
Panasonic claims world’s first trial of cybersecurity monitoring for grid-scale BESS #energysky -- via pv magazine global: https://t.co/BPgKqiFdUD
US Puts $10M Bounty on Iranian IOControl Hackers
US offering $10 million for info on Iranian hackers behind IOControl malware | The Record from Recorded Future News https://t.co/2wnlp84kjx
FBI Confirms Theft of Director’s Personal Emails by Iran-Linked Hacking Group
The FBI confirmed that a hacking group tied to Iran's Ministry of Intelligence and Security, operating under the name Handala, breached the personal email account of FBI Director Kash Patel and leaked photos and routine correspondence from 2010 and 2019....
Systemd's Birthdate Storage Sparks Distro Privacy and Compliance Debate
Recent systemd updates store user birth dates for age verification, causing debate across Linux distros over legal compliance and privacy concerns. https://t.co/lWEa7CN3BT
Iran-Linked Hackers Breach FBI Director Kash Patel's Email
FBI Director Kash Patel's email breached by hackers linked to Iran, sour... https://t.co/CmeuUp2yiA via @YouTube
Cubs' VDX.tv Partner Faces Scrutiny Over Deep Fan Data Collection
The Chicago Cubs' partnership with VDX.tv, a sports streaming vendor, has come under fire for harvesting extensive fan data—including IP addresses, device identifiers, browsing behavior and location—through cookies that persist for up to 90 days. Privacy advocates warn the practice...
Democrats Question VPN Use Over Foreign Surveillance Risks
Six Democrats sent a letter to the Director of National Intelligence seeking clarity on whether using a commercial VPN could strip citizens of their privacy rights by exposing them to foreign surveillance laws. https://t.co/6Uq3Y7oKvv
IOS 26.4 and iPadOS 26.4 Patch Numerous
A lot of security vulns addressed in this update About the security content of iOS 26.4 and iPadOS 26.4 - Apple Support https://t.co/R0oUJMKheX
AI Security Concerns Intensify as Firms Expand Generative Tools and Face Regulatory Pushback
Google rolled out a Gemini feature that moves chats and personal data between bots, Meta announced a $10 billion AI data center in Texas, and a U.S. judge temporarily halted the Pentagon's blacklist of Anthropic. The three developments underscore mounting security...
Google Targets 2029 for Post‑quantum Authentication Rollout
Quantum cryptography now has a deadline. Google has announced that it has set 2029 as the year by which it will have migrated authentication services to post-quantum cryptography. Will it win the race to secure against quantum attacks before they...
Palantir Wins £360K FCA Pilot, Boosting Its Government‑Sector Credibility
Palantir Technologies has secured a 12‑week pilot with the UK Financial Conduct Authority worth more than £30,000 a week—about £360,000 ($460,000) in total. The deal gives the data‑analytics firm access to flag fraud, money‑laundering and insider‑trading activity, prompting praise from...
Anthropic’s ‘Mythos’ Model Leaked, Marking a Step‑Change in AI Power
Anthropic disclosed that its unreleased Claude Mythos model, described as a “step change” in AI performance, is being tested with early‑access customers after a Fortune‑reported data leak exposed internal documents. The leak also revealed a new model tier named Capybara,...
Pro-Iran Hackers Claim Breach of FBI Director’s Email
Pro‑Iran hacktivist group Handala announced it accessed FBI Director Kash Patel’s personal email and posted screenshots online. An insider familiar with the breach said the leaked material appears authentic, though the FBI maintains it contains only historical personal information and...