Today's Cybersecurity Pulse
Anthropic CEO meets White House over federal access to Mythos AI
Anthropic CEO Dario Amodei will meet White House chief of staff Susie Wiles to discuss government access to the company's Mythos AI model, which can discover and exploit zero‑day vulnerabilities. The meeting follows a Pentagon‑imposed blacklist after Amodei refused to lift safety restrictions, while Treasury, intelligence agencies and CISA are already testing the model.
Also developing:
By the numbers: Artemis raises $70M in combined seed and Series A round
Trojanized ConnectWise ScreenConnect Installers Deployed in Tax-Themed Malvertising Campaign
Cybercriminals have been running a tax‑season malvertising campaign since January 2026, hijacking Google Ads to serve fake W‑2 and W‑9 download pages that redirect to malicious ConnectWise ScreenConnect installers. The trojanized installers launch a trial instance, inject a multi‑stage crypter and drop the HwAudKiller payload, which exploits a vulnerable Huawei driver to terminate major EDR solutions such as Microsoft Defender, SentinelOne and Kaspersky. Huntress researchers note that the use of commodity remote‑access tools lowers the barrier for sophisticated attacks, highlighting the growing risk of driver‑based EDR bypasses.
Updates to GitHub Copilot Interaction Data Usage Policy
GitHub announced that, starting April 24, interaction data from Copilot Free, Pro, and Pro+ users will be used to train its AI models unless users opt out. The policy excludes Copilot Business and Enterprise customers, whose data remains untouched. Users can...
BSidesSLC 2025 – LLM-Powered Network Intrusion Detection
At BSidesSLC 2025, Pattern Inc. Machine Learning Engineer Taeyang Kim unveiled an LLM‑powered network intrusion detection system (NIDS). The solution leverages large language models to parse raw packet data and identify malicious patterns in real time. Kim demonstrated a prototype...
Trends Revealed in Fortinet’s FortiGuard Labs 2026 Global Threat Landscape Report - Aamir Lakhani - RSAC26 #3
Fortinet’s FortiGuard Labs released its 2026 Global Threat Landscape Report, highlighting a sharp rise in AI‑enabled cybercrime. The report shows AI is accelerating attack techniques, from automated ransomware encryption to AI‑driven supply‑chain exploits. Aamir Lakhani, Fortinet’s Global Director of Threat Intelligence...
Trivy Compromise Spreads to Major Python Package
Aqua Security’s Trivy vulnerability scanner compromise is trickling down into a hugely popular Python package. https://t.co/oj8J8KJrGo
New Torg Grabber Infostealer Malware Targets 728 Crypto Wallets
Researchers at Gen Digital have uncovered Torg Grabber, a rapidly evolving infostealer that has harvested data from 850 browser extensions, including 728 cryptocurrency wallets, between December 2025 and February 2026. The malware gains initial access via the ClickFix clipboard‑hijacking technique, then executes...
Gov Proposes Disclosure Delay for Most Serious Cyberattacks
Australia is consulting on new rules that would allow a temporary, roughly 30‑day delay in publicly disclosing serious cyber‑attacks on critical‑infrastructure operators, including ASX‑listed firms. The proposal aims to give entities time to mitigate threats without compromising national security or...
Chained Vulnerabilities in Cisco Catalyst Switches Could Induce Denial-of-Service
Cisco disclosed four vulnerabilities in its widely deployed Catalyst 9300 series switches, two of which (CVE‑2026‑20114 and CVE‑2026‑20110) can be chained to elevate a low‑privilege Lobby Ambassador account into maintenance mode, effectively causing a denial‑of‑service outage. The chain requires only...
$300 AI Tool Kits Let Criminals Bypass Bank Security
Criminals can now purchase AI‑enabled identity‑fraud kits for under $300, combining stolen personal data, synthetic‑material printers and deep‑fake software to bypass bank KYC checks in minutes. Demonstrations at the 2026 RSAC conference showed tools like ProKYC feeding fabricated videos into...
The United States Router Ban, Explained
The FCC announced a ban on future consumer Wi‑Fi routers that are manufactured abroad, citing national‑security concerns. Existing routers can remain in use and receive firmware updates through March 1 2027, but no new foreign‑made devices will receive FCC authorization. The rule...
AI Social Media Scams Are Coming for Your Accounting Firm: Why DNS Filtering Belongs in Your Security Stack
Artificial intelligence is enabling highly personalized social‑media phishing campaigns that target accountants with fake client messages, ads and login pages. These AI‑driven scams increase the risk of wire fraud, data theft and ransomware for firms handling sensitive financial information. DNS...
What Is Antivirus Software and Do You Still Need It in 2026?
Antivirus software remains relevant in 2026 as cyber threats grow more sophisticated, with AI‑driven phishing, malicious app bundles, and polymorphic malware outpacing built‑in defenses. While Microsoft Defender and macOS XProtect provide a solid baseline, they often miss newer variants and...
Chinese Firms Boost AWS Compliance Demand 250% Abroad
Chinese companies' demand for Amazon Web Services compliance has increased by 250% as they expand overseas | Going Global · Technology _ https://t.co/YUHaLiFdIV https://t.co/w6d3n4u8bd
The Dark Side of DDoS: Why DDoS Downtime Is Harder to Prevent
Cloudflare’s 2026 report reveals DDoS attacks are growing larger, more frequent, and increasingly AI‑driven, shifting from blunt traffic floods to precise, low‑volume Layer 7 assaults timed around high‑impact events. Traditional point‑in‑time testing can’t keep pace with rapid network changes, leading to...
Romania Pays the Cyber Price for Backing Ukraine. Where Is the EU?
Romania’s water agency, coal‑power producer and oil‑pipeline operator have suffered ransomware attacks linked to Russian‑aligned groups such as Qilin and Gentlemen, which the country’s top cyber official says are timed with its support for Ukraine. The EU possesses a cyber‑sanctions...
StarTech.com Is Raising the Bar for Classified Workstations
StarTech.com has introduced a new line of secure KVM switches designed for classified workstations, achieving National Information Assurance Partnership (NIAP) compliance and supporting zero‑trust architectures. The devices provide hardware‑based isolation that physically separates classified and unclassified systems while allowing a...
Seceon Wins Four Global InfoSec Awards at RSA 2026 and Launches ADMP and SeraAI 2.0 Autonomous SOC
Seceon Inc. swept four Global InfoSec Awards at RSA 2026, confirming its Open Threat Management platform as the most recognized unified XDR solution. At the same event the company launched ADMP, a module that discovers and protects shadow AI agents, LLM...
Helping MSPs Take Control of Certificate Management: Introducing Sectigo Partner Platform
Only 13% of organizations feel confident tracking every digital certificate, creating a sizable visibility gap. Managed service providers (MSPs) see this as a high‑margin opportunity to offer Certificate Lifecycle Management (CLM) services. Sectigo launched the Partner Platform, the first true...
Russia Arrests Alleged Owner of Cybercrime Forum LeakBase, Report Says
Russian police detained the alleged administrator of LeakBase, a cybercrime forum once described by the U.S. Department of Justice as one of the world’s largest platforms for sharing hacking tools and stolen credentials. The site, which was shut down earlier...
Hightower Faces Class Action Suit Over Data Breach
Hightower, a wealth‑management firm, is facing a class‑action lawsuit after a cyber‑criminal breach exposed the personal data of roughly 131,483 clients, including Social Security and driver’s license numbers. The suit, filed by former employee Elliott Adams in Illinois federal court,...
Vicarius Launches vIntelligence, a Second Flagship Product for Continuous Agentic Validation
Vicarius unveiled vIntelligence, its second flagship product, adding continuous agentic validation to its security suite. The solution tackles the “assurance gap” by independently validating findings and re‑checking exposures as environments evolve. vIntelligence can operate alone or integrate with the existing...
Entro Security Launches AGA to Govern AI Agents and Non-Human Identities Across the Enterprise
Entro Security unveiled Agentic Governance & Administration (AGA), a new platform pillar designed to govern AI agents and non‑human identities across enterprise systems. AGA tackles the shortcomings of traditional Identity Governance and Administration tools, which were built for people and...
Ransomware Attack Disrupts Operation at Major Spanish Fishing Port
A ransomware attack on Spain’s Port of Vigo forced the isolation of critical cargo‑management servers, compelling the port to run operations manually. The breach was detected on Tuesday, and officials have refused to reconnect the systems until they can guarantee...
Liminal Custody and Securosys Unveil MPC‑Based HSM Vaults for Enterprise Digital Assets
Liminal Custody and Swiss security firm Securosys announced Liminal HSM Vaults, a hardware security module solution that blends multi‑party computation with FIPS‑certified HSMs. The product targets banks, custodians and large enterprises as digital‑asset AUM is projected to exceed $10 trillion by...
Cloud Phones Linked to Rising Financial Fraud Threat
A Group‑IB report released on March 25 reveals that cloud phones—remote‑access Android devices hosted in data centres—are being weaponized for financial fraud. Because they replicate genuine smartphones, they bypass conventional device‑fingerprinting tools, allowing fraudsters to create and operate dropper accounts...
Bastille Presents: The Wireless Threat Series Podcast, Smartglasses
In this episode of the Wireless Threat Series, Adrian Sanabria and John Bundy examine the security and privacy implications of modern smart glasses, tracing their evolution from Google Glass to today's Meta Ray‑Ban and Oakley models. They categorize smart glasses...
Intent‑Based Access Control: A Technical Primer
Intent‑Based Access Control (IBAC) redefines authorization by linking a user’s declared intent to precise action‑resource tuples rather than static role permissions. The model parses natural‑language or JSON intents, maps them to fine‑grained policy tuples, and evaluates each via engines such...
NetApp Seals Elastio and Commvault Deals for More Resilience and Less Ransomware
NetApp announced partnerships with Elastio and Commvault to bolster its Ransomware Resilience Service. Elastio’s agent‑less detection and Provable Recovery controls will be embedded in ONTAP snapshots to spot zero‑day ransomware and provide immutable recovery points. Together with Commvault, NetApp will...
Why Strong Authentication Beyond the Browser Will Define the Future of Connected Devices
The rise of connected cars, smart homes, wearables and industrial IoT is stretching authentication beyond the traditional web browser. Regulators such as UNECE WP.29 and the U.S. IoT labeling program are imposing baseline security requirements for vehicle software and consumer...
Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne
SentinelOne’s 2026 Annual Threat Report warns that identity‑based attacks have escalated to an industrial scale, with threat actors exploiting legitimate enterprise credentials to bypass traditional defenses. Attackers are using social‑engineering, MFA‑bypass kits, and brute‑force tactics to hijack high‑privilege accounts, even...
Puerto Rico Government Agency Cancels Driver’s License Appointments After Cyberattack
Puerto Rico’s Department of Transportation halted all driver‑license and registration appointments after a cyberattack forced the agency to disconnect its networks on Monday. The Puerto Rico Innovation and Technology Service (PRITS) is working with the DOT to assess the breach,...
.png?width=1200&auto=webp&crop=3%3A2)
The Online Security Features You Need While Travelling or Working Abroad
Surfshark One is an all‑in‑one cybersecurity suite designed for travelers and remote workers. It combines VPN, antivirus, price‑masking, and identity‑protection tools to secure connections on public Wi‑Fi, bypass regional blocks, and prevent price discrimination. The platform also offers breach alerts...
US Clouds Cast Long Shadow over EU Data Sovereignty, Says Osmium
Osmium Data Group warns that using US‑owned cloud providers for backups undermines European data‑sovereignty, even when the physical datacenter sits in the EU. The firm evaluated four source‑and‑destination scenarios, ranking a Europe‑owned source and datacenter as highest compliance, while a...
Deploy Best-Practice Security Policies Instantly with Transaction Security Policy Accelerator
Salesforce Labs has launched the Transaction Security Policy Accelerator, a free AppExchange app that lets administrators install a library of pre‑configured, best‑practice Transaction Security Policies with a single click. The policies are aligned with Salesforce’s Essential Transaction Security documentation and...
_Panther_Media_GmbH_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Phishers Pose as Palo Alto Networks' Recruiters for Months in Job Scam
Unit 42 at Palo Alto Networks has uncovered a seven‑month phishing campaign in which attackers impersonated the company’s recruiters to target senior professionals. The scammers harvest LinkedIn data to craft highly personalized emails that claim a candidate’s résumé failed an...
How to Keep Your Communications and Spaces Secure
Modern offices face a dual threat: physical eavesdropping devices and digital interception. Companies must treat spaces and communications as a unified security system, beginning with a realistic threat model that identifies what information matters and who might seek it. Core...
Deepfakes Vulnerable to AI Fingerprint Hacks, Study Finds
Researchers at the University of Edinburgh demonstrated that AI fingerprints used to identify deepfake images can be easily removed or forged. Their evaluation of 12 generators and 14 fingerprinting methods showed removal success rates above 80% for attackers with full...
Marlink Reports 50% Surge in GNSS Interference Impacting Global Shipping
Marlink’s March 25 technical bulletin reports a 50% jump in GNSS interference incidents across its maritime fleet, driven by jamming and spoofing in the Middle East and other high‑traffic corridors. The disruptions threaten vessel navigation, satellite antenna tracking, and broadband connectivity....
EU NIS2 Overhauls Cybersecurity for PV Plant Operators
How EU NIS2 is reshaping cybersecurity for PV plant operators #energysky -- via pv magazine global: https://t.co/eSJkuEt6jK
Why a 'Near Miss' Database Is Key to Improving Information Sharing
At RSAC 2026, security leaders Wendy Nather and Bob Lord urged the cybersecurity community to treat near‑miss incidents with the same transparency as full breaches. They defined a near miss as an event that almost succeeded, highlighting that many organizations lack...
Paid AI Accounts Are Now a Hot Underground Commodity
Cybercriminals are building a thriving underground market for premium AI platform access, reselling accounts for tools like ChatGPT, Claude, and Microsoft Copilot. Flare’s analysis of fraud‑oriented forums shows recurring listings that bundle subscriptions, claim reduced restrictions, and target buyers seeking...
BlueFinity Evoke Offers Enhanced Two-Factor Security
BlueFinity has rolled out two‑factor authentication (2FA) as a standard feature in Release 3 of its Evoke low‑code platform. The update adds native Active Directory integration and OAuth‑compatible email handling for Exchange, Gmail and other services. Users can enable 2FA with...
Cyera Closes Major Gaps in Securing Enterprise AI
Cyera unveiled three new AI‑security tools—Browser Shield, Data Lineage, and the Cyera MCP platform—to plug critical gaps in enterprise AI adoption. Browser Shield monitors and blocks sensitive data at the prompt level for public AI models like ChatGPT, while Data...
Endpoint Security USA Launches New Site, Expands Endpoint Protection Services
Endpoint Security USA, a managed security services provider, has unveiled a redesigned website that showcases its expanded portfolio of endpoint protection solutions. The platform highlights services such as endpoint detection and response, cloud and IoT endpoint security, 24/7 SOC monitoring,...
Vorlon Adds Forensics and Response to Secure AI Agents
Vorlon introduced two new products—the AI Agent Flight Recorder and the AI Agent Action Center—to give enterprises forensic visibility and coordinated response for AI‑driven workloads. A 2026 Vorlon survey found 99.4% of U.S. organizations suffered at least one SaaS or...
Platformisation or Platform Theatre? Navigating Cyber Consolidation
Enterprise security consolidation is accelerating, with a 2025 IBM‑Palo Alto report showing firms juggle an average of 83 tools from 29 vendors. While unified platforms promise streamlined operations, many deliver only superficial integration, creating a hidden single point of failure....
SentinelOne Expands Strategic Collaboration with Google Cloud to Deliver Autonomous, AI-Powered Security at Global Scale
SentinelOne announced a multi‑year strategic collaboration with Google Cloud to fuse its AI‑native Singularity platform with Google’s global infrastructure and threat intelligence. The partnership expands SentinelOne’s autonomous EDR availability to three Google Cloud regions—North America, Frankfurt, and Saudi Arabia—addressing data‑sovereignty...
DigiCert Document Trust Manager Enhancements Improve Document Security and Compliance
DigiCert has upgraded its Document Trust Manager to counter AI‑driven document fraud by centralising signing key management and workflow visibility. The enhancements add unified monitoring, a secure certificate repository with MFA, and pre‑integrated support for DocuSign, Adobe Sign and other...
NY Army Guard's Cyber Protection Team 173 Fights Computer Battle During Kingston Armory Exercise
From February 23‑26, 2026, the New York Army National Guard’s Cyber Protection Team 173 conducted a four‑day simulated ransomware attack against an electrical utility at the Kingston Armory, using the U.S. Cyber Command’s Persistent Cyber Training Environment. Thirty‑four soldiers, many...
Drata Unveils Agentic AI to Transform Enterprise Trust Workflows
Drata announced a suite of agentic AI tools—including Agentic TPRM Assessment, Agentic Questionnaire Response (beta), and AI Trust Center Setup—to automate third‑party risk reviews, security questionnaire handling, and trust‑center creation. The new capabilities promise to cut manual effort, accelerate procurement...