Today's Cybersecurity Pulse
Anthropic CEO meets White House over federal access to Mythos AI
Anthropic CEO Dario Amodei will meet White House chief of staff Susie Wiles to discuss government access to the company's Mythos AI model, which can discover and exploit zero‑day vulnerabilities. The meeting follows a Pentagon‑imposed blacklist after Amodei refused to lift safety restrictions, while Treasury, intelligence agencies and CISA are already testing the model.
Also developing:
By the numbers: Artemis raises $70M in combined seed and Series A round
Foster City Ransomware Attack Triggers Emergency as RSAC Spotlights Municipal Threats
A ransomware intrusion crippled Foster City’s computer systems, leading the city council to declare a state of emergency. The incident unfolded as more than 40,000 cybersecurity professionals gathered at the RSAC conference in San Francisco, turning the breach into a live case study for municipal defenders.
Invoice Fraud Costs UK Construction Sector Millions, NCA Warns
UK’s National Crime Agency, together with the National Federation of Builders, has launched an awareness campaign targeting invoice‑fraud in the construction sector. In September 2025, fraudulent invoices cost the industry almost £4 million (≈$5.3 million) across 83 reported cases, and construction plus...
Google Says Quantum Computers Could Break RSA by 2029, Raising Security Alarm
Google announced that a quantum computer with just one million noisy qubits could factor a 2048‑bit RSA key in under a week, shifting the industry‑wide “Q‑Day” deadline to 2029. The warning accelerates calls for rapid adoption of post‑quantum cryptography across...
Blackwired and ARMIS Join Forces to Boost Cyber Resilience
Blackwired and ARMIS International have formed a strategic alliance to enhance cyber resilience against nation‑state attacks. The partnership combines Blackwired’s ThirdWatch platform—featuring 3‑D threat visualisation and the Aim‑Ready‑Fire methodology—with ARMIS’s operational crisis frameworks and deep government relationships. Together they aim...
Dell and HP Roll Out Quantum-Resistant Device Security
HP and Dell announced new hardware‑level security features aimed at defending against physical attacks and emerging quantum‑computing threats. HP introduced TPM Guard, which encrypts the TPM‑CPU link, and added quantum‑resistant cryptography to its LaserJet Pro and Enterprise printer lines along...
Node.js Fixes Critical Flaws, Patches DoS Risk in Latest Security Update
The Node.js project released a March 2026 security rollout covering its 20.x, 22.x, 24.x and 25.x branches. The update patches a critical TLS handling flaw (CVE-2026-21637) that could trigger remote denial‑of‑service, and a high‑severity HTTP header bug (CVE-2026-21710) that may...
DataBahn Brings AI-Driven Intelligence Into the Security Pipeline
DataBahn.ai unveiled Autonomous In‑Stream Data Intelligence (AIDI), an AI‑native model that interprets, validates, and acts on security telemetry as it flows through the pipeline. The accompanying DataBahn Agent Farm deploys specialized AI agents to automate connector creation, asset mapping, and...
Scalefusion Unveils the Future of Endpoint Management at 33rd Convergence India Expo
Scalefusion showcased its unified endpoint management vision at the 33rd Convergence India Expo in Delhi, demonstrating its UEM, OneIdP, and Veltar solutions. The startup highlighted a single‑agent platform that merges device management, zero‑trust identity, and compliance security. Thousands of attendees...
GenAI-Based Development Platform - Part 3: Announcing Isolarium, Three Flavors of Secure Sandboxes for GenAI-Based Coding Agents
Open‑source project Isolarium was announced as a companion to the Idea‑to‑Code workflow, providing secure sandboxes for GenAI coding agents such as Claude Code. The tool lets developers run agents in three isolation modes—Nono (lightweight), container, and virtual machine—balancing security against...
Announcing Kubescape 4.0 Enterprise Stability Meets the AI Era
Kubescape 4.0 launches with enterprise‑grade stability, delivering General Availability for Runtime Threat Detection and a new Kubernetes‑native Storage layer. The release consolidates security agents by deprecating the host‑sensor and merging its functions into a single node‑agent, simplifying cluster management. It...
Breaking Down “The Mosaic Effect”
Artificial intelligence is accelerating the "mosaic effect," where separate, permissible data points are combined to reveal sensitive insights. The effect, originally noted in intelligence work, now emerges in seconds as AI correlates thousands of low‑risk records, threatening compliance in regulated...
Zero-Trust on OKE: How to Actually Secure Your Clusters With Terraform
The article outlines a Terraform‑driven approach to building a zero‑trust Oracle Kubernetes Engine (OKE) cluster. It replaces overlay networking with OCI VCN‑Native CNI, deploys a private control plane without a public IP, and enables AMD SEV confidential computing for memory...
Importance Of Hardware Security Verification In Pre-Silicon Design
Hardware security verification is becoming a prerequisite for any silicon destined for cloud, automotive, industrial or edge AI applications. The discipline rests on two pillars: functional security verification, which confirms that security features behave as specified, and protection verification, which...
UAE Positions Cyber Security as Pillar of National Resilience and Digital Growth
The United Arab Emirates has formalized a nationally coordinated cyber‑security framework that links government, strategic industries and private partners. Continuous monitoring, AI‑enhanced threat detection and 24/7 response teams are embedded in a unified structure to protect critical infrastructure. The strategy...
Dangerous DarkSword Malware Has Emerged—iPhone Users Should Take Action Now
Security researchers have released the DarkSword exploit kit on a public platform, turning a previously state‑level iOS attack tool into a commodity for cyber‑criminals. The kit chains multiple Apple OS vulnerabilities, enabling drive‑by compromise of iPhones without any user interaction...
Grafana Security Release: Critical and High Severity Security Fixes for CVE-2026-27876 and CVE-2026-27880
Grafana Labs announced version 12.4.2 and patched releases for 12.3, 12.2, 12.1 and 11.6, addressing two high‑impact vulnerabilities. CVE‑2026‑27876 is a critical 9.1‑rated remote‑code‑execution flaw in the sqlExpressions feature that allows arbitrary file writes. CVE‑2026‑27880 is a high‑severity 7.5‑rated denial‑of‑service...
The Price of Privacy? HK$100k and 1 Year in Prison.
Hong Kong’s National Security Law implementation rules were amended to criminalize refusal to provide passwords for seized electronic devices, imposing up to one year in prison and a fine of HK$100,000 (≈US$12,800). The changes were issued by decree, bypassing Legislative...
AI Finds Vulns You Can't With Nicholas Carlini
In this episode, host Deirdre and David Amos sit down with vulnerability researcher Nicholas Carlini to discuss how large language models (LLMs) are now being used to discover software bugs, including zero‑day vulnerabilities. Carlini explains that recent advances allow a...
SOC 2: Theater, Yet Reveals AI Companies’ Third‑Party Stack
SOC 2 is largely useless theater, much like SOX compliance, but it’s quite useful for identifying the third-party providers a website relies on. DeployGraph: What infrastructure does every AI company run on? https://www.deploygraph.com/
AI Now Contains Cyberattacks in Seconds, Humans as Exception Handlers
27 seconds. That's the fastest observed cyberattack breakout time. Average: 29 minutes. CrowdStrike + IBM just integrated their AIs for machine-speed containment. Human analysts are no longer the first responder. They're the exception handler. https://t.co/47q7R5dt3q
WebAssembly Proposed as Secure Sandbox for AI‑Generated Code
At the Wasm I/O conference in Barcelona, Dan Phillips, founder of WebAssembly Chicago, advocated using WebAssembly to sandbox AI‑generated code, arguing it eliminates shared‑kernel risks and speeds deployment. The proposal targets DevOps teams grappling with unsafe agent execution.
Coruna iPhone Exploit Kit Tied to Operation Triangulation
News about an iPhone exploit kit called Coruna has generated a lot of buzz. Boris Larin (@oct0xor) of the GReAT team digs into the kit and explores the attack chain. And yes, there are clear links to Operation Triangulation. Details:...
Boost Student Data Security Awareness on World Backup Day
🔦 Shine a light on student data security awareness this #WorldBackupDay next week 💽 Tune into this episode & learn how to enhance student data security 🔓Unlock powerful strategies for a secure future today https://t.co/SkQFRzN8q8 @roxi_thompson
Ledger Finds Flaw Lets Hackers Steal PINs and Crypto Keys From Powered‑Off Android Phones
Ledger’s Donjon research team demonstrated that attackers can retrieve PINs, encrypted storage and crypto‑wallet seed phrases from Android phones that are turned off. The flaw, present in MediaTek processors paired with Trustonic’s Trusted Execution Environment, impacts roughly one‑quarter of Android...
Bitcoin Community Mobilizes Against Long‑Term Quantum Threat to Crypto Security
Bitcoin developers and governance bodies are racing to harden the network against a future quantum computer capable of breaking elliptic‑curve signatures. Proposals such as Pay‑to‑Merkle‑Root, the Hourglass mitigation, and post‑quantum hash‑based signatures aim to protect millions of BTC that could...
SANS Stormcast Thursday, March 26th, 2026: Apple Patches; SmatApeSG Update; Trivy/LiteLLM/TeamPCP Update; Google Accelerates Quantum Save Crypto Rollout
In this 7‑minute Stormcast episode, Johannes Ulrich reviews Apple’s latest patch cycle—85 vulnerabilities across iOS, macOS, and watchOS—emphasizing the importance of timely updates even though none are known to be actively exploited. He then provides an update on the LiteLLM...
Incident Response & Hiring Trends: What HR Can Learn From Semperis
Semperis has positioned its platform as a full‑stack incident response solution, offering real‑time threat detection, automated alerting, and rapid containment tools. The suite also streamlines recovery by rolling back unauthorized changes and supports compliance with detailed audit logs. In addition...
Stay Incognito: Hide Your Chats From AI Profiling
Every chat you have with your favorite AI is fuel for its analysis of you and the profile that it's building of your interests. Instead, here's how to go incognito or private in ChatGPT, Gemini, Claude, and Copilot: https://t.co/YHaJYbOh9E #ai...
LEO Satellite Operators Could Be Beyond Australian Data Laws
Australia’s Cyber Security Centre, together with international partners, warned that commercial low‑Earth‑orbit (LEO) satellite operators can deliver connectivity to Australian users without a local footprint, leaving data outside the reach of domestic privacy laws. The advisory highlights that LEO constellations...
Got One of Those Weird Fake Microsoft Security Warning Screens
A fake Microsoft security warning overlay appeared in the Brave browser, locking the screen and preventing normal navigation. The pop‑up, triggered by malicious ads—often from Facebook—forced the user to terminate the browser via Task Manager. Upon restart, the warning did...
GitHub Adds AI-Powered Bug Detection to Expand Security Coverage
GitHub announced an AI‑powered scanning layer for its Code Security suite, complementing the existing CodeQL static analysis. The hybrid approach expands vulnerability detection to languages and frameworks such as Bash, Dockerfiles, Terraform, and PHP, while CodeQL continues deep semantic analysis...
European Officials Highlight Private Sector Help in Major Cybercrime Takedowns
European cyber law enforcement leaders at RSAC highlighted the growing role of private‑sector partners in dismantling major ransomware groups such as LockBit and Scattered Spider. Officials from the Netherlands, UK and Germany noted that industry briefings helped legitimize takedowns and...
Beyond IOCs: A Framework for High-Impact Cyber Threat Intelligence - Samuel Hassine - RSAC26 #3
Samuel Hassine, CEO of Filigran, outlined a shift from reactive indicator‑of‑compromise (IOC) alerts to a business‑focused Continuous Threat Exposure Management (CTEM) framework. He emphasized unifying threat intelligence with adversarial attack simulation using platforms like OpenCTI to drive measurable risk reduction....
Alleged RedLine Infostealer Conspirator Extradited to US
An Armenian national, Hambardzum Minasyan, was extradited to the United States and appeared in a Texas federal court on charges tied to the RedLine infostealer. Prosecutors allege he helped develop, host, and monetize the malware, which siphons billions of user...
ORNL Introduces ‘Photon’ Framework for Accelerating AI Vulnerability Discovery on Frontier
Oak Ridge National Laboratory’s CAISER team unveiled Photon, a new framework that uses the Frontier exascale supercomputer to accelerate AI vulnerability discovery. By repurposing the DeepHyper training system, Photon runs thousands of jailbreak prompts in parallel, achieving over 95% GPU...
7 Employer Tips For Handling Calif. Privacy Risk Assessments
California employers must now meet the California Consumer Privacy Act’s (CCPA) risk assessment mandate, which requires a systematic review of personal data practices. Law360 outlines seven practical steps, including data mapping, privacy impact analyses, vendor oversight, employee training, documentation, continuous...
Convicted Spyware Chief Hints that Greece’s Government Was Behind Dozens of Phone Hacks
Intellexa founder Tal Dilian, convicted of orchestrating a mass‑wiretapping campaign in Greece, announced his intention to appeal the eight‑year prison sentence. The scandal, dubbed “Greek Watergate,” involved the Predator spyware compromising phones of ministers, opposition leaders, military officials and journalists....
AI Supply Chain Attacks Don’t Even Require Malware…just Post Poisoned Documentation
Andrew Ng's Context Hub service supplies up‑to‑date API documentation to AI coding agents, but its open‑pull‑request workflow lacks any content sanitisation. Security researcher Mickey Shmueli demonstrated a proof‑of‑concept where poisoned documentation caused agents to add malicious PyPI packages to generated code....
AI Agent Identity and Next‑gen Enterprise Authentication Prominent at RSAC 2026
At RSA Conference 2026, vendors highlighted password‑less authentication for both humans and AI agents, with Swissbit unveiling a biometric FIDO2 key that adds post‑quantum resistance, and RSA extending its identity suite to Microsoft 365 E7. IBM, Auth0 and Yubico introduced...
Readying Industrial Connectivity for Cybersecurity Requirements
Cyber attacks on industrial operations have highlighted the lag in OT cybersecurity compared with IT. The EU Cyber Resilience Act (CRA), effective from December 2024, forces manufacturers to report vulnerabilities and obtain CE marking for new digital products by December 2027. Standards...
Identity Theft: Verizon Account Opened without Consent
Someone opened up a Verizon Business account in my name, got two lines and internet, but never changed the billing address so I just got the bill. Currently on hold with their fraud department
Built‑in Cyber Defense Keeps Public Safety Communications Uninterrupted
In public safety, cyber security can’t be an add-on. It needs to be designed into the network. @T_Priority on T-Mobile’s 5G network isolates threat traffic at the network layer, so priority communications stay secure. Resilience should be built in, not bolted on....
Why Revenue Cycle Teams Must Prepare for Extended Downtime in the Age of Cyber Threats
Healthcare providers face escalating ransomware and cloud‑outage threats that can instantly cripple revenue cycle operations, halting claim submissions and cash flow. Recent incidents, such as the Change Healthcare clearinghouse outage and a regional system’s backup encryption, exposed critical blind spots...
Public Allocator Flaw Cost Morpho $5K Hack
"At the time of the hack, the damage in Morpho was $5k. But the 'public allocator' feature, which was supposed to be good, was not." https://t.co/FwY7H6TiKM
Preventing USR Hacks: Expert Advice From Omer Goldberg
"There are ways to prevent this type of hacks," says @omeragoldberg on Uneasy Money, speaking about USR https://t.co/FwY7H6TiKM
In-Sensor Cryptography Links Physical Process to Digital Identity
Researchers unveiled a monolithic in‑sensor cryptographic system that hashes and digitally signs data at the moment of capture, linking each measurement to an immutable digital identity. The prototype, built on 180 nm CMOS, demonstrated real‑time signing of cardiac cell voltage recordings...
Curators Set Morpho Caps to Zero, Unaware It Fails
The moment curators realized the Resolv hack was happening, they set Morpho supply caps to zero. Morpho's own documentation warns that setting caps to zero doesn't stop the attack. Most curators didn't know that. https://t.co/P1vIs3eM4Z
Bubble AI App Builder Abused to Steal Microsoft Account Credentials
Threat actors are exploiting Bubble, an AI‑powered no‑code app builder, to host malicious web apps that impersonate Microsoft login pages. By serving phishing pages from the trusted *.bubble.io domain, email security solutions fail to flag the links, allowing credentials to...
TeamPCP Supply Chain Attack Hits LiteLLM PyPI Package
Open‑source Python library LiteLLM was compromised by the TeamPCP threat group, which uploaded malicious versions to PyPI that have since been removed. The packages deployed a three‑stage intrusion: credential harvesting, a Kubernetes lateral‑movement toolkit, and a persistent systemd backdoor. Endor...