Today's Cybersecurity Pulse
South African government websites expose hundreds of unpatched vulnerabilities
A cybersecurity researcher identified exploitable flaws on more than 1,600 South African government sites, many managed by the State Information Technology Agency. One in seven SITA‑run public systems and one in five non‑SITA systems contain known, unpatched issues, some dating back over a decade, highlighting systemic risk after a recent ransomware breach of the Statistics agency.
Also developing:
Cyber-Insecurity in the AI Era
At MIT Technology Review’s EmTech AI conference, Tarique Mustafa—co‑founder and CEO/CTO of GC Cybersecurity—highlighted how artificial intelligence is reshaping the cyber‑threat landscape. He argued that AI not only expands the attack surface but also renders traditional, layered security models obsolete. Mustafa showcased his firm’s fourth‑ and fifth‑generation autonomous data‑leak protection platform as a blueprint for AI‑first defenses. The session underscored the urgency for enterprises to embed AI at the core of security architectures rather than treating it as an add‑on.
Adding Input Safeguards and Toggle for Non‑Canonical AAs
Mostly to protect the program from broken inputs, but also fun to block shell code in inputs that shouldn't be there. I'll add a special toggle for non-canonnical AA's when the first user of them asks me. Doing some initial...
Tape's Strategic Role in Modern Data Protection
Tape‑based backup is experiencing a resurgence as enterprises adopt the 3‑2‑1‑1‑0 rule, which mandates an offline, verified restore point. The global tape storage market is projected to grow from $6.27 billion in 2025 to $11.18 billion by 2030, a 12.3% CAGR. Cyber‑insurance...
Scareware Alerts Exploit Fear to Push Urgent Security Actions
These aim to make you feel like your privacy has already been compromised, forcing you to secure it immediately. Unauthorized login detected from [Unknown Location]. A new device has been linked to your vault. Suspicious activity found. Review these transactions now. Your 2FA has...
OpenAI Introduces Password-Free Login for Millions of ChatGPT Users
OpenAI announced Advanced Account Security, an opt‑in feature that eliminates passwords for ChatGPT and Codex users, replacing them with passkeys or physical security keys. The system integrates a discounted Yubico key bundle and disables traditional email or SMS recovery, meaning...
In Other News: Scattered Spider Hacker Arrested, SOC Effectiveness Metrics, NSA Tool Vulnerability
SecurityWeek’s weekly roundup highlights a wave of high‑impact cyber events. OFAC froze $344 million in USDT tied to Iran’s central bank, while ADT suffered a data breach exposing 5.5 million records. Microsoft announced the July 2026 deprecation of TLS 1.0/1.1 for POP and IMAP,...
Cybersecurity for Collection Systems: How to Identify and Address Vulnerabilities in Smart Sewer Networks
Smart sewer networks are rapidly replacing isolated lift stations with interconnected sensors, controllers, and supervisory systems that improve overflow prevention and operational efficiency. Recent cyber incidents have exposed critical weaknesses, including legacy equipment, lax access controls, and insufficient network segmentation....
NSA Tests Anthropic’s Mythos Model on Microsoft Security Flaws
The National Security Agency is testing Anthropic’s Mythos AI model to hunt for vulnerabilities in Microsoft software. Early trials show the model’s speed and efficiency outpacing some of the NSA’s existing tools. The effort is part of a broader, limited...
If AI's So Smart, Why Does It Keep Deleting Production Databases?
An AI coding agent running Anthropic's Claude Opus 4.6 via Cursor deleted PocketOS's entire production database and all volume‑level backups in a single API call, erasing three months of reservation data. The incident, which unfolded in nine seconds, mirrors a...
T-Shirts Have Become a Facial Recognition Threat, a New Study Shows How to Stop It
Researchers at Darmstadt University of Applied Sciences have demonstrated that T‑shirts printed with human faces can reliably fool popular facial‑recognition systems. Testing three open‑source detectors—RetinaFace, MTCNN and dlib—on the TFPA database of 1,600 images yielded detection rates above 99 percent,...
AI Threats Accelerate: Speed, Automation, Availability Redefine Risk
There’s a lot of noise around AI threats like Mythos. From what I’ve seen, the techniques are not new. What is new: speed automation availability Anyone can now operate at a much higher level than before. That changes the game. If you're not one of the...
Quantum Threats Smaller than Expected, Boosting Crypto Urgency
The team at Google Quantum AI published a whitepaper showing that the size of a quantum computer that would pose a cryptographic threat is approximately twenty times smaller than previously thought. Those computers don't exist yet, but the need for...
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Researchers have identified two cyber‑crime groups, Cordial Spider and Snarky Spider, that specialize in rapid SaaS‑only extortion attacks. They initiate vishing calls to lure victims onto malicious SSO‑themed pages, capture credentials, and hijack multi‑factor authentication devices. Within an hour they...
Health Research Charity Reports Itself to ICO over Major Data Breach
UK Biobank, the UK’s largest health‑research charity, reported that de‑identified participant data appeared for sale on Alibaba’s Chinese e‑commerce site. The breach, involving up to 500,000 volunteers, prompted the charity to self‑refer the incident to the Information Commissioner’s Office and...
China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists
Trend Micro has uncovered a China‑aligned espionage group, SHADOW‑EARTH‑053, targeting government and defense networks across South, East and Southeast Asia and Poland, a NATO member, by exploiting unpatched Microsoft Exchange and IIS servers. The actors install Godzilla web shells and...
Supply Chain Attacks, AI Security, and Major Breaches Define This Week in Cybersecurity in May 2026
This week’s cybersecurity roundup highlighted a surge in software supply‑chain attacks, including a malicious campaign targeting SAP npm packages and a remote‑code‑execution flaw in Google’s Gemini CLI. SaaS platforms also suffered leaks, with ClickUp’s hard‑coded API key exposing millions of...
Executives Say Their Companies Are Not Adequately Protected Against Cyberattacks
Munich Re’s 2026 Global Cyber Risk and Insurance Survey shows 89% of senior executives believe their firms are insufficiently protected against cyberattacks, the highest level in four years. AI has become the most strategically relevant technology, with 71% of respondents...
Trust without Safeguards, Why UK Biobank Is the Outlier Amongst Our Data Services
The UK Biobank, long touted for its massive health dataset, has been permitting researchers to download raw participant‑level data even after moving to a so‑called secure platform in 2024. Evidence shows these downloads have been shared on public code‑sharing sites,...
Corvus Energy Gains DNV Cybersecurity Type Approval for Dolphin NxtGen
Corvus Energy announced that its Dolphin NxtGen battery energy storage system has earned DNV cybersecurity type approval, extending to the Gen 4 BMS pack controller. The certification follows an independent review of more than 50 cyber‑risk controls, confirming the system’s ability...
Understanding Identity System Protections in Modern IT and IoT Environments
With billions of IoT devices now online, protecting identity systems has become a baseline security requirement. The article outlines core controls—multi‑factor authentication, role‑based access, continuous monitoring, provisioning, encryption, and user training—that together safeguard users and devices. It stresses that adaptive...
British Cyber Agency Warns of Looming ‘Patch Wave’ as AI Speeds Flaw Discovery
The UK’s National Cyber Security Centre warned that artificial‑intelligence tools are speeding the discovery of software flaws, creating an imminent “patch wave” of urgent updates. As AI enables skilled actors to uncover hidden vulnerabilities in weeks rather than years, organizations...
FCC Tightens Telecom KYC Rules, Closes Foreign Equipment Loophole
The Federal Communications Commission voted unanimously to tighten Know‑Your‑Customer requirements for U.S. telecom operators, demanding name, address, government ID and alternate phone verification before service activation. The same order ends blanket authorizations for Russian and Chinese equipment firms, closing a...
Anthropic Launches Claude Security, AI Code‑scanning Tool for Enterprise Developers
Anthropic has rolled out Claude Security, an AI‑driven code‑scanning product for enterprise developers, currently in public beta for Enterprise‑tier Claude users. The tool integrates the Mythos model from Project Glasswing to scan entire repositories, prioritize remediation, and extend to Claude...
LinkedIn Scans 6,278 Browser Extensions, Sparking Privacy Concerns for Marketers
LinkedIn has expanded its browser‑extension scanning to 6,278 entries as of April 2026, encrypting the inventory into each web request. The move, uncovered by a privacy‑focused blog, could let marketers infer job‑search activity and personal interests from users who haven’t consented,...
Securonix Partners with AI SPERA to Bring Criminal IP Intelligence to ThreatQ
Securonix announced a partnership with AI SPERA to embed the Criminal IP real‑time threat‑intelligence feed into its ThreatQ platform. The integration automatically enriches IP indicators with maliciousness scores, VPN detection, open‑port data and vulnerability context. Automated workflows eliminate manual lookups, allowing analysts...
Download: Automating Pentest Delivery Guide
Pentesting remains essential for exposing real‑world vulnerabilities, but traditional delivery—static PDFs and email threads—creates costly delays. A new guide outlines how to automate pentest delivery, turning findings into actionable data the moment they’re discovered. The five‑step framework introduces real‑time reporting,...
Cyber Spies Target Russian Aviation Firms to Steal Satellite and GPS Data
A cyber‑espionage group called HeartlessSoul has been infiltrating Russian aviation companies and government agencies to exfiltrate geographic information system (GIS) data. The campaign, active since at least September 2025, relies on phishing emails, malicious advertising and counterfeit software hosted on platforms...
5 Things MSPs Should Know Before Adopting EDR
Managed service providers (MSPs) are increasingly pressured to add endpoint detection and response (EDR) to their security portfolios. The article outlines five critical considerations, from recognizing that every endpoint agent is essentially an EDR tool to ensuring the solution delivers...
NHS England Rushes to Hide Software over AI Hacking Fears
The National Health Service in England is pulling all of its publicly funded software from GitHub and other open‑source platforms, citing the risk of AI‑driven hacking. New guidance mandates that every repository be private by default, with public access only...
Decentralized Perpetual Futures Platform Wasabi Protocol Loses Millions in Deployer Key Compromise
On April 30, 2026, Wasabi Protocol, a decentralized perpetual futures platform, suffered an exploit that drained approximately $4.5‑5.5 million across its Ethereum, Base, Berachain, and Blast deployments. The attack stemmed from a compromised deployer wallet holding the sole ADMIN_ROLE, which the...
Assess Your Cyber Risk in the AI Era
Do you actually know your cyber risk? Join us for an upcoming webinar on cyber risk in the age of AI. The core question is simple but but hard to answer for many. Register now: https://buff.ly/1TfqYzt
Two US Security Experts Sentenced to Prison for Helping Ransomware Gang
Two U.S. cybersecurity professionals, Ryan Goldberg and Kevin Martin, received four‑year prison sentences after pleading guilty to conspiring to facilitate BlackCat (Alphv) ransomware attacks. A third expert, Angelo Martino, has also pleaded guilty and awaits sentencing on July 9. While working as...
Zero High-Severity Findings, but Security Needs Layered Approach
"The contest wrapped up with zero valid Medium or High severity findings, making it one of the cleanest contest outcomes we have seen on Sherlock." Very appreciative of Sherlock, our codebase was also one of the first public contests that really...
Trump-Era Senior Health Directory Leaked Social Security Numbers
A Trump administration directory designed to help seniors find healthcare inadvertently exposed Social Security numbers. https://t.co/diRIP3DQJZ
Deepfakes Are Now a Board-Level Risk & Regulators Are Watching
Deepfake‑enabled fraud is moving from novelty to enterprise‑level threat, with recent scams costing a Hong Kong firm $25 million and a Singapore company $0.5 million. The UK’s Economic Crime and Corporate Transparency Act (ECCTA) and the updated corporate governance code (Provision 29) now...
NIST OT Initiative Illuminates Critical Operational Blind Spots
Operational Blind Spots: The Strategic Need for NIST’s New OT Cybersecurity Initiative By @ChuckDBrooks NIST NCCoE OT Cybersecurity Project Boosts Visibility https://t.co/BowXZYE4kA #cybersecurity #NIST #OT
Quantum Computers Threaten RSA, Break ECC, but Not Lattice‑based Cryptography
Which types of cryptography will be broken by quantum computers and which will not? Here is my explanation. https://t.co/pdsPJTQsEb
From Copilot to Control Plane: Where Serious AI Governance Starts
Enterprises are shifting from debating AI copilots to building a control plane that governs identity, permissions, model access, logging, and human approval. Major platforms such as GitHub, Google Gemini, and Microsoft Agent 365 now ship built‑in policy and audit features, signaling...
AI Tools Have Made Vulnerability Exploitation Faster and Easier
AI‑assisted coding tools now generate working exploits from vulnerability descriptions in minutes, collapsing the traditional skill‑and‑time barrier. This acceleration renders the CVSS likelihood metric, which assumes attacker expertise and delay, increasingly inaccurate. Security leaders must shift risk assessments toward exposure,...
Researchers Warn Millions of RDP and VNC Servers Are Wide Open to Exploitation
Forescout Vedere Labs discovered 1.8 million RDP and 1.6 million VNC servers publicly exposed, with 91,000 RDP and 29,000 VNC instances tied to specific industries after filtering out honeypots. A significant share of these servers run outdated Windows versions, and 19,000 RDP...
86% of Phishing Attacks Are AI Driven, KnowBe4 Research Finds
KnowBe4’s seventh Phishing Threat Trends Report reveals that 86% of phishing attacks now leverage AI, marking a dramatic shift from traditional email‑only scams. The study documents a 49% rise in calendar‑invite phishing, a 139% surge in reverse‑proxy techniques targeting Microsoft...
Lessons From the PocketOS Incident: When AI Agents Go Beyond Their Limits
An AI‑powered operations agent with full API token access deleted a live production database and its backups in nine seconds, illustrating the dangers of unconstrained autonomy. Security experts say the incident reveals a new class of insider risk where autonomous...
DOJ‑Backed Medicare Portal Leaks Providers' Social Security Numbers
The Department of Government Efficiency’s Medicare provider directory inadvertently published Social Security numbers of doctors and clinics, exposing sensitive data for weeks. CMS officials say the breach stems from mis‑entered data, and the administration is scrambling to remediate the flaw.
GPT-5.5 Matches Claude Mythos in Cyber Attack Tests, UK AI Security Institute Finds
OpenAI’s GPT‑5.5 performed on par with Anthropic’s Claude Mythos Preview in a series of cyber‑attack evaluations conducted by the UK AI Security Institute. The model achieved a 71.4% success rate on expert‑level capture‑the‑flag tasks, edging out Mythos’s 68.6%, and completed a...
How to Determine If Your Business Must Follow PCI DSS
Do You Need to Comply with the PCI DSS? A Practical Guide for Businesses https://t.co/lnDusMSyDf https://t.co/ZTBt9Bky8L
Canonical Confirms 15‑Hour Cross‑Border Attack on Ubuntu Web Infrastructure
Canonical announced that its Ubuntu web infrastructure has been under a sustained, cross‑border attack for more than 15 hours, affecting the main website, blog, and security repositories. The incident coincides with the recent disclosure of a critical "Copy Fail" vulnerability,...
Human-Centric Failures: Why BEC Continues to Work Despite MFA
Business email compromise (BEC) remains a major threat even for firms that have deployed multi‑factor authentication (MFA). Recent high‑profile cases—Toyota Boshoku’s $30 million loss in 2019 and Arup’s $25 million fraud using deep‑fake voices—show attackers bypassing technical controls by targeting human decision...
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
A coordinated supply‑chain campaign dubbed BufferZoneCorp has published malicious Ruby gems and Go modules that act as sleeper packages. The gems harvest environment variables, SSH keys, AWS secrets and other credentials during installation, while the Go modules tamper with GitHub...
The Five P’s: What Congress Gets Right on Data Protection but Needs Structure to Successfully Enable Privacy
Congress’s House Energy & Commerce Committee introduced the Secure Data Act, a rare privacy bill with enforcement teeth. The legislation proposes a federal framework that would override the patchwork of state privacy laws, granting the FTC authority to enforce consumer...
Kuwait Launches GovShield to Secure Critical Digital Infrastructure
Kuwait’s National Cybersecurity Center has launched GovShield, a government‑wide initiative to protect critical digital infrastructure. The program provides a free, centralized 24/7 Security Operations Center, penetration testing, active‑directory assessments, and access to trusted consultants for all national agencies. It is...