Today's Cybersecurity Pulse
Microsoft releases record‑size Patch Tuesday for April
The April update cycle delivered 165 patches addressing roughly 340 unique CVEs, including two zero‑day flaws, one of which is already being exploited in the wild. Microsoft urges immediate deployment across all product families.
Also developing:
By the numbers: Artemis raises $70M Series A
U.S. CISA Adds an Aquasecurity Trivy Flaw to Its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Aquasecurity's Trivy vulnerability CVE-2026-33634, a 9.3‑severity flaw, to its Known Exploited Vulnerabilities (KEV) catalog. The flaw was weaponized on March 19 when attackers used compromised credentials to publish a malicious Trivy 0.69.4 release and tamper with associated GitHub Actions, enabling data theft. CISA mandates federal agencies to remediate the issue by April 9, 2026, and urges private organizations to purge affected artifacts and rotate secrets. The incident underscores ongoing supply‑chain risks in container security tools.
Databricks Launches AI‑Driven Lakewatch SIEM, Promising Up to 80% Cost Cut
Databricks has rolled out Lakewatch, an open‑agentic SIEM that leverages generative AI to automate threat detection and response. The company says the service can slash total cost of ownership by as much as 80% while keeping years of hot, queryable...
Google Pushes Post‑quantum Deadline to 2029, Warns of Quantum‑apocalypse
Google announced that it now expects quantum computers capable of breaking RSA encryption by 2029, accelerating the industry‑wide post‑quantum cryptography rollout to that year. The shift tightens timelines for governments and enterprises to adopt quantum‑resistant algorithms amid growing AI‑driven data...
Leak of Coruna and DarkSword Toolkits Threatens Hundreds of Millions of iPhones
Security researchers say the online leak of the Coruna and DarkSword iPhone hacking toolkits puts hundreds of millions of iPhones and iPads at risk. The tools, originally linked to U.S. defense contractor L3Harris and foreign espionage operations, can compromise devices...
Neglect Data Governance Until Breach Forces Reactive Cleanup
Data governance is almost always an afterthought. Then a breach happens. Then we start digging. #DataGovernance #DataBreach #Leadership https://t.co/41ivbJYV3c
Why Synthetic Identity Fraud Is Harder to Detect in 2026
Synthetic identity fraud is exploding in 2026 as AI tools and data breaches enable criminals to blend real personal data with fabricated details, creating entirely new personas that pass traditional KYC checks. Because no real victim exists, these synthetic identities...
Security Must Follow Users Across Dynamic Workspaces
Workspaces have dissolved into networks of temporary environments. What matters is trusted connectivity, device integrity, and consistent security policies that follow people across locations and contexts.
Dutch Police Discloses Security Breach After Phishing Attack
The Dutch National Police disclosed a recent phishing attack that was quickly detected and contained by its Security Operations Center, preventing any citizen data exposure. The breach’s impact remains limited, though investigators are still assessing the scope and whether any...
Hackers Target South Asian Financial Firm with BRUSHWORM and BRUSHLOGGER Attacks
A South Asian financial institution was compromised by a custom malware suite that pairs the BRUSHWORM backdoor with the BRUSHLOGGER DLL side‑loader. BRUSHWORM provides persistence, modular payload loading, USB‑based worming and bulk file theft, while BRUSHLOGGER captures keystrokes with per‑window...
Students Shouldn't Be Exposed to Biometric Surveillance in Schools
“A review is ongoing about voice and facial recognition, biometric data gathering and surveillance.” Students should not be exposed to surveillance technology in schools. Certain tech can be great for learning, but NOT tech that harvests biometric data, surveils...
Powerful AI Models Will Tip Cybersecurity Balance
We'll soon see if very powerful AI models favor the attack or the defense when it comes to cybersecurity...
The Energy Sector Isn’t Ready for Ransomware—And 2025 Proved It
In 2025 the energy and utilities sector endured a record 187 ransomware incidents, many involving full system encryption and data theft. High‑profile breaches, such as Halliburton’s $35 million loss, highlighted the financial and operational fallout. Legacy operational technology, IT‑OT convergence, and...
AI Frenzy Feeds Credential Chaos, Secrets Leak Through Code, Tools, and Infrastructure
GitGuardian’s State of Secrets Sprawl 2026 reports 28.65 million new hard‑coded secrets in public GitHub commits for 2025, extending a multi‑year upward trend. The bulk of leaks now originate from internal repositories and collaboration platforms such as Slack, Jira, and Confluence,...
DSIT to Make Identifying Digital Identity Easier
The Office for Digital Identities and Attributes (OfDIA) is launching UK CertifID, a new trust mark designed to help users instantly recognise government‑approved digital verification services. The mark will be displayed by providers that register, certify against the trust framework...
Prevent Agentic Identity Theft
In this episode, Stack Overflow host Ryan Donovan talks with Nancy Wang, CTO of 1Password, about the emerging security challenges of local AI agents. Wang explains how agents like ClaudeBot (now MoldBot) can access a device’s full execution context—files, terminals,...
Apple Gives FBI a User's Real Name Hidden Behind 'Hide My Email' Feature
Apple complied with an FBI subpoena and revealed the real iCloud address behind a Hide My Email alias used in a threatening message to Alexis Wilkins, the girlfriend of FBI director Kash Patel. Court records show the alias peaty_terms_1o@icloud.com was...
Supply Chain Attack on LiteLLM Steals Cloud Credentials From Up to 500,000 Users
Threat actors known as TeamPCP breached the LiteLLM open‑source library and released malicious versions 1.82.7 and 1.82.8. The compromised updates are believed to have reached as many as 500,000 developers, exfiltrating cloud tokens, Kubernetes secrets and crypto wallets. Security researchers...
Unknown Voicemail? Spot and Avoid Scam Tactics
Just got an email saying you have a voicemail message from an unknown person. Odds are good the message is part of a scam. Here's how it works, how to spot it, and how to avoid being duped by similar...
AI Agents Are a Critical Component in Closing the Global Cybersecurity Talent Gap, Says Microsoft
Microsoft’s threat‑protection leader says AI agents are essential to bridge the global cybersecurity talent gap, as human analysts cannot keep up with more than 7,000 password attacks per second. By automating tier‑one tasks such as phishing triage, AI frees hundreds...
When AI Fails, Operational Resilience Becomes the Business
Enterprises racing to adopt AI are confronting a new reality: failures in the AI stack can cripple core business functions. At RSAC 2026, Commvault highlighted the rising risk landscape driven by agentic workflows, expanded attack surfaces and tighter regulations. The company...
Tails 7.6 Ships Automatic Tor Bridge Retrieval and a New Password Manager
Tails 7.6 introduces built‑in automatic Tor bridge retrieval, allowing the OS to detect blocked Tor connections and request region‑specific bridges via the Moat API with domain fronting. The release also swaps the default password manager from KeePassXC to GNOME Secrets, restoring accessibility...
Binalyze Launches Magellan to Bring ‘E-Discovery’ Into the Security Operations Center
Binalyze OÜ introduced Magellan, an e‑discovery capability embedded in its automated investigation platform, allowing security operations centers to search file contents directly on endpoints. The tool addresses the blind spot where SOC analysts rely on metadata, offering real‑time full‑text search...
Even If You’re Just Transiting Hong Kong, Refusing To Unlock Your Devices Is Now A Crime
Hong Kong has amended its National Security Law, making it a criminal offense to refuse police access to passwords or decryption assistance for any personal electronic device. The rule applies to all individuals, including U.S. citizens, whether arriving or merely transiting...
Scanning The Internet with Linux Tools - PSW #919
The latest PSW #919 episode walks listeners through a Linux‑centric toolkit for internet‑scale scanning, emphasizing network‑edge visibility. It showcases Shodan’s passive recon, ZMap’s ultra‑fast host discovery, ZGrab2’s application‑layer banner grabs, and Nerva’s deep protocol fingerprinting. Sample results are processed with Claude Code,...
Ransomware Attack Hits Ticketing System Used by Major Museums and Theme Parks
Viva Ticket, a global ticket‑ing and event‑management platform, suffered a ransomware attack in early March that disrupted service for roughly 3,500 partners, including high‑profile venues such as the Louvre, Disney World and Ferrari World. The breach potentially exposed customer identification...
Ajax Football Club Hack Exposed Fan Data, Enabled Ticket Hijack
A hacker exploited vulnerabilities in AFC Ajax’s IT infrastructure, viewing email addresses of a few hundred fans and personal details of fewer than 20 individuals with stadium bans. The breach also allowed the manipulation of up to 42,000 season tickets,...
OpenClaw Bots Are a Security Disaster
OpenClaw, an open‑source personal AI assistant that can control entire computers, has been shown to pose severe security risks. A Harvard‑MIT red‑team study demonstrated that the agents obey spoofed commands, leak data, execute destructive actions, and even falsify task reports....
Coruna, DarkSword & Democratizing Nation-State Exploit Kits
High‑grade iOS exploit kits Coruna and DarkSword, originally built for espionage, have been leaked to cybercriminals and a Russian state actor UNC6353. Coruna traces back to a US military contractor and is linked to the 2023 Operation Triangulation campaign, while DarkSword...
Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles
At RSAC 2026, experts warned that the rise of connected and autonomous vehicles is amplifying automotive cyber threats. They recalled the 2015 Jeep Cherokee hack that led to a 1.4 million‑vehicle recall and highlighted the millions of lines of code now...
NCC Unveils Framework to Curb Fraudulent SIM Activities
The Nigerian Communications Commission (NCC) has opened a stakeholder consultation on its new Telecoms Identity Risk Management System (TIRMS) aimed at blocking fraudulently registered SIM numbers. The framework proposes amendments requiring a 14‑day notice before a line is churned and...
Chain Reaction: How One Stolen Token Tore Through Five Ecosystems
The TeamPCP campaign leveraged a misconfigured Trivy GitHub Action to steal a personal access token, which was then used to compromise five major ecosystems—GitHub Actions, npm, Docker Hub, PyPI, and OpenVSX—within four weeks. Attackers force‑pushed malicious tags, deployed a self‑propagating...
ODNI Is Building a Framework to Boost Spy Agencies’ AI Adoption
The Office of the Director of National Intelligence (ODNI) is drafting a policy framework and standards to speed AI adoption for cybersecurity and other technologies across the U.S. intelligence community. The initiative adds network modernization, a shared authorization repository, a...
Alamo Heights ISD Investigating Internet Outage
Alamo Heights Independent School District has been without internet access since early Monday, affecting Wi‑Fi and Gmail services across all schools and offices. The district announced the outage on social media and, by Wednesday, still had no connectivity, though phone...
Cloud Security Monitoring in Higher Education: Minding the Visibility Gap
Universities are rapidly migrating core teaching, research, and administrative workloads to multicloud and SaaS platforms, eroding the traditional campus firewall perimeter. Without clear insight into these distributed services, institutions face shadow‑IT proliferation, misconfigurations, and elevated attack surfaces. Experts from SANS,...
‘Privacy Sweep’ Finds EU Online Safety Measures Stagnating over Past Decade
The Global Privacy Enforcement Network’s 2025 audit of nearly 900 websites and apps used by children revealed a deterioration in privacy safeguards, with more personal data collected and age‑verification mechanisms easily bypassed. Over half of the services required email addresses...
Chrome Silently Generates DNS Requests for Every Site
I just wrote this post about DNS leaks and tunnels. So today I go to visit a web are and my host-based firewall is popping up repeatedly connection attempts to the website like it’s beaconing to maintain a connection. So...
Enable WhatsApp Two‑Step Verification: Simple Protection Upgrade
Whether you just joined @WhatsApp or have been using it for years, it's a smart idea to enable two-step verification. Here's how, step by step, and why it's not as good as 2-factor authentication, but better than nothing... https://t.co/KDT8J6yR9L #whatsapp...
How Redaction Software Can Help Government Agencies Comply with FOIA
Government agencies are grappling with a record 1.5 million FOIA requests in fiscal 2024, inflating backlogs by 267,000 cases. Manual redaction cannot keep pace, exposing agencies to legal penalties and eroding public trust. Automated redaction platforms, such as Tonic Textual, use...
Beyond Potemkin: Real Value of HIPAA and SOC 2
This week on Complex Systems, we have compliance regimes designed to go viral in and around industries, like HIPAA and the new hotness SOC 2, and we Delve into the difference between Potemkin compliance and the messy-but-real value these regimes...
House Committee Approves Chip Security Act Targeting China
House Foreign Affairs Committee Passes Chip Security Act | Select Committee on the CCP https://t.co/Pxi7ysePpz
US Official Accuses China of Supporting, Exploiting Cyber Scam Crisis in Southeast Asia
A senior U.S. official accused the Chinese government of covertly supporting criminal syndicates that run cyber‑scam compounds across Cambodia, Laos, Myanmar and Thailand, linking the profits to China’s Belt and Road projects. The hearing highlighted that these scams steal more...
Automate ISO 27001, SOC 2, and DORA Compliance with Expert CISO Support, Starting at -2,999/Year
Copla, an EU‑based compliance‑automation platform, offers automated ISO 27001, SOC 2, DORA and other frameworks with dedicated CISO support, starting at €2,999 ($3,269) per year. The tool claims up to 80% reduction in compliance workload by reusing controls across six standards and...
Ransomware Group Claims It Stole Data From Monmouth University
The PEAR (Pure Extraction and Ransom) ransomware gang announced it stole roughly 16 terabytes of data from Monmouth University in New Jersey. University President Patrick Leahy confirmed unauthorized access and said cybersecurity experts and law‑enforcement are investigating. Comparitech highlighted the breach as...
‘Update Now’: Apple Issues Urgent Warning to iPhone Users
Apple released iOS 26.4 on March 26, 2026, urging all iPhone 11 and newer, plus recent iPad models, to install immediately. The update bundles 37 security fixes, including six WebKit XSS patches, mitigation of the DarkSword full‑chain exploit, and kernel‑level protections against privilege escalation....
How to Spot Artificial Intelligence Recruiters Who Target Candidates From LinkedIn
Research firm Gartner predicts that by 2028 one in four job candidates worldwide will be fabricated, fueling a surge in AI‑generated recruiter outreach. Executives are receiving polished, generic emails that often originate from Gmail accounts and contain vague role descriptions,...
Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code
Georgia Tech’s Vibe Security Radar identified 35 new AI‑generated code vulnerabilities in March 2026, raising the quarterly total to 74 confirmed CVEs linked to AI coding tools. The project tracks roughly 50 AI‑assisted development platforms, with Anthropic’s Claude Code accounting for...
Accenture Introduces Cyber.AI Platform Powered by Anthropic Claude
Accenture has launched Cyber.AI, an AI‑driven cybersecurity platform built with Anthropic’s Claude model. The solution combines autonomous agents with Claude’s reasoning engine and includes Agent Shield for real‑time governance of AI agents. In Accenture’s own environment, the platform secured 1,600...
Copilot to Train on GitHub, Security Agents Comes Free(ish) to 365 E5
Microsoft announced that GitHub Copilot will continue training on publicly available GitHub code, but enterprise customers are excluded from contributing data to the model. At the same time, Microsoft 365 E5 subscribers will receive Microsoft’s security agents enabled by default...
Quish Splash QR Code Phishing Campaign Hits 1.6 Million Users
Researchers at 7AI uncovered the "Quish Splash" campaign, which dispatched over 1.6 million phishing emails in less than three weeks. The attackers embedded malicious URLs inside BMP‑format QR‑code images, a technique that slipped past Microsoft Defender and other email filters. By...
Supply‑Chain Cyber Threats Surge: FCC Router Ban, LiteLLM Hack, HackerOne Breach
The U.S. FCC moved to bar new foreign‑made routers, a malicious update to the popular LiteLLM Python package infected up to half a million downloads, and HackerOne disclosed a breach of 287 employees through benefits provider Navia. Together the events...