Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Apple Rolls Out iOS 26.4.2 to Fix a Flaw that Allowed the FBI to Access Push Notifications
Apple released iOS 26.4.2, patching a notification‑database flaw that let law‑enforcement retrieve deleted push notifications. The update introduces “improved data redaction” to ensure notifications marked for deletion are fully removed. The vulnerability had been exploited by the FBI to pull Signal message notifications, drawing criticism from privacy advocates. The fix rolls out to iPhone 11 and later and recent iPad models.
Ripple Charts Four‑Phase Roadmap to Quantum‑Resistant XRP Ledger by 2028
Ripple Labs unveiled a four‑phase plan to transition the XRP Ledger to post‑quantum cryptography by 2028. The roadmap includes an emergency hard‑fork trigger, a comprehensive risk assessment, integration of quantum‑resistant signatures on Devnet, and a network‑wide amendment. The move seeks...
Microsoft Deploys Emergency Patches for Critical ASP.NET Core Privilege Escalation Flaw
Microsoft rolled out emergency out‑of‑band patches to close CVE‑2026‑40372, a critical ASP.NET Core Data Protection vulnerability that could let unauthenticated attackers obtain SYSTEM privileges. Senior program manager Rahul Bhandari urged all ASP.NET Core users to upgrade to package 10.0.7 immediately.
Did Apple Just Fix the iPhone Bug That Let the FBI Recover Deleted Signal Messages?
The FBI accessed incoming Signal messages from a defendant’s iPhone by pulling data from the device’s hidden notification database, exposing a flaw in iOS rather than the Signal app. Apple’s recent iOS 26.4.2 update patches a bug that allowed deleted notifications...
London Police Win Legal Challenge Against Live Facial Recognition Deployment
London’s Metropolitan Police won a High Court challenge, confirming that its live facial recognition (LFR) system does not breach human rights or privacy law. The court rejected claims by anti‑knife‑crime activist Shaun Thompson and digital‑rights group Big Brother Watch, labeling...
Faster Threat Detection with Boundary Session Recording + Auditbeat
Enterprises in regulated sectors must log privileged access to meet SOX, PCI DSS, HIPAA and similar mandates. HashiCorp Boundary provides identity‑based access control, session brokering and video recordings of every privileged session, but security teams need structured, real‑time data for...
Q&A: Pennsylvania’s CISO on Risk Reduction, Zero Trust and the Next Cybersecurity Frontier
Andy Ritter, Pennsylvania’s CISO since February 2024, is steering the Commonwealth toward a risk‑reduction agenda anchored by zero‑trust, identity and access management, and robust vulnerability management. He emphasizes a centralized security model through the Enterprise Information Security Office to deliver...
Microsoft Issues Out-of-Band Patch for Critical Security Flaw in Update to ASP.NET Core
Microsoft released an out‑of‑band update (10.0.7) to fix a critical CVSS 9.1 vulnerability (CVE‑2026‑40372) introduced in the ASP.NET Core 10.0.6 Data Protection library. The flaw miscalculates the HMAC validation tag, allowing forged authentication cookies, tokens and other protected payloads across...
Banks to Reinforce Cyber Defences as AI Changes the Threat Model
Banks are accelerating cyber‑defence programs as artificial intelligence reshapes the economics of digital attacks. AI shortens the time needed to locate vulnerabilities, craft convincing fraud attempts, and launch large‑scale intrusion campaigns, making the financial sector a prime target. Recent data...
RIAs Are in Cybercriminals’ Crosshairs – Prepare to Protect Your Data
Registered investment advisers (RIAs) are increasingly targeted by cybercriminals seeking client financial data, Social Security numbers, and direct asset access. The SEC has repeatedly highlighted cybersecurity as a top examination focus, and new Regulation S‑P rules require an Incident Response...
5 AI Models Tried to Scam Me. Some of Them Were Scary Good
A Wired senior writer recounts five recent encounters with AI‑generated scams that were sophisticated enough to fool him at first glance. The models produced phishing emails, fake invoices, and social‑media impersonations that mimicked human tone and branding with uncanny accuracy....
Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain
Cybersecurity firm Socket disclosed that threat actors compromised the official Checkmarx KICS Docker Hub repository, overwriting tags such as v2.1.20 and alpine and adding a rogue v2.1.21 image. The malicious KICS binary harvests infrastructure‑as‑code scans, encrypts the data and exfiltrates it...
Exposed Server Reveals AI-Assisted Credential Harvesting Factory
Security researchers uncovered an exposed server running the Bissa scanner, a criminal platform that leverages the critical React2Shell vulnerability (CVE‑2025‑55182) to automate mass exploitation. The operation combined AI coding assistants—Claude Code and OpenClaw—to debug, orchestrate, and refine a pipeline that...
Every Click, Stream, and Device Builds a Digital Footprint & Data Brokers Are Cashing In
ClearNym warns that cord‑cutters’ expanding use of streaming apps, smart TVs and voice assistants creates a sprawling digital footprint that data brokers harvest, especially during the spring data‑refresh season. Recent breaches—including Conduent’s 8.5 TB health‑data leak affecting over 25 million people and...
Fake Google Antigravity Installer Can Steal Accounts in Minutes
A malicious campaign is distributing a trojanized Google Antigravity installer via the look‑alike domain google‑antigravity.com. The fake package includes the legitimate app plus a hidden PowerShell step that contacts attacker servers and deploys data‑stealing malware. Once active, the malware harvests...
Self-Propagating Supply Chain Worm Hijacks Npm Packages to Steal Developer Tokens
Security researchers have uncovered a self‑propagating supply‑chain worm, dubbed CanisterSprawl, that compromises npm packages and injects malicious post‑install scripts to harvest developer credentials. The worm steals a wide range of secrets—including .npmrc files, SSH keys, cloud provider tokens, Docker and...
Client Alert: The White House Makes a Cyber and AI Policy Push
In March 2026 the White House issued a National Policy Framework for Artificial Intelligence and a Cyber Strategy, signaling a coordinated federal push to shape AI and cybersecurity policy. Both documents favor industry‑led standards and “common‑sense” regulation over new prescriptive...
Microsoft: Most Windows 11 Users Don’t Need Third-Party Antivirus
Microsoft says most Windows 11 users don’t need a third‑party antivirus because the built‑in Defender suite provides comprehensive protection. It highlights four integrated features—Defender Antivirus, SmartScreen, Smart App Control and ransomware mitigation—that share cloud‑based threat intelligence and automatic updates. Microsoft advises...
New Apple Phishing Scam Uses Fake $899 iPhone Purchase Alert
A new phishing campaign leverages Apple’s own account‑change notification system to send a fake security alert about an $899 iPhone purchase via PayPal. The email is dispatched from Apple’s infrastructure, passing SPF, DKIM and DMARC checks, which makes it appear...
Microsoft to Test Third-Party AI Models for Incorporation in Its Security Offerings
Microsoft announced it will evaluate third‑party AI models, including Anthropic's Claude Mythos, to augment its security suite. The tests will pair these models with Microsoft Defender, Security Exposure Management and the open‑source CTI‑REALM framework for continuous network vulnerability scanning. A...
Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data
Microsoft reports a rise in social‑engineering attacks that use Teams chats to impersonate IT help‑desk staff. Hackers request remote‑support sessions via Quick Assist, then leverage DLL sideloading and legitimate tools to infiltrate networks. The method bypasses traditional email‑focused defenses and...
Outside FDA, Inside the Crosshairs: Cybersecurity Risks for General Wellness and Fitness Products
The FTC’s Health Breach Notification Rule (HBNR) now reaches low‑risk general‑wellness apps that aggregate personal health data, even though the FDA’s 2026 guidance excludes them from device regulation. Developers risk being classified as personal health record (PHR) vendors when their...
Continuous Identity Exposure Monitoring Stops Credential‑Based Breaches
Most security programs are sleeping on Identity Exposure Management, and hackers are cashing in. The fastest path into an environment is almost always a leaked credential or a stolen session cookie sitting in an infostealer log. MFA doesn't help when...
Google's MCP Unifies All Cloud Services for Agents
May not seem sexy but I love love love Google going all in on MCP. Even dummies like me can create amazing apps that leverage MCP. All GCP and Workspace services are now exposed via MCP. Developers can address GKE,...
Crypto-Miners Are Quietly Colonising Computers
Crypto criminals are covertly installing mining software on unsuspecting organizations’ computers to siphon processing power and electricity. By placing hidden miners in crawlspaces, storage rooms or through compromised VPNs, they turn idle hardware into low‑cost hash power. The practice inflates...
New Firefox Update Patches a Whopping 271 Bugs, Thanks to Claude Mythos
Mozilla released Firefox 150, adding split‑view, enhanced tab sharing, real‑time translations, and a built‑in PDF editor. The update also patches a record 271 security vulnerabilities, many uncovered by Anthropic’s Claude Mythos AI model. Mozilla has been using frontier AI since February, accelerating...
Opinion | Open Source Isn’t a Security Boon
The author contends that open‑source software, while valuable for early‑stage innovation, becomes a security liability when deployed in critical systems. He challenges the notion that openness automatically improves safety, warning that publicly available code enables attackers—including AI‑driven tools—to locate and...
MacOS Native Tools Enable Stealthy Enterprise Attacks
Cisco Talos research reveals that attackers are repurposing native macOS utilities—such as Remote Application Scripting, AppleScript, and Spotlight metadata—to execute code, move laterally, and hide payloads. The study notes that more than 45% of enterprises now run macOS, making the...
Ubuntu Rust Coreutils Audit Revealed 113 Issues, Ubuntu 26.10 Aims For "100% Rust Coreutils"
Canonical announced an independent security audit of Ubuntu's Rust Coreutils, uncovering 70 CVEs and 73 additional issues for a total of 113 findings. Most of the vulnerabilities have been patched, and Ubuntu 26.04 LTS ships with Rust Coreutils 0.8 containing those...
Discord Group Hacks Anthropic Model by Guessing URL
Bloomberg reports a certain group got access to Mythos by guessing the URL for the new model. Guessing? Really? From Google: The unauthorized group is a private Discord channel of AI enthusiasts who specialize in tracking and testing unreleased large language models...
Auto-Protect: 24/7 Security Engineer for Your Apps
Sometime apps you made that are secure might suddenly become vulnerable when there is an exploit in one of its dependencies. Typically you need engineers on payroll to monitor and handle this. We just automated that with Auto-Protect. It’s like your security...
Vodafone Business and Google Cloud Deploy AI Concierge and MDR Services for SMBs
Vodafone Business and Google Cloud announced two new SMB solutions—a managed detection and response security service and an AI Concierge powered by Gemini—marking the latest rollout in their $1 billion, ten‑year partnership. The offerings launch first in Germany, with AI Concierge...
ChatGPT Image 2.0 Empowers Low‑Skill Scammers
Criminals who aren't good at photoshop and want to scam quickly are rejoicing everywhere thanks to ChatGPT Image 2.0.
Telegram Accounts Vulnerable Despite Two-Step Verification
In this thread (https://t.co/YYT4uVq3ZR) you can see step by step how I took over a Telegram account, even though it had an added “Two-Step Verification” password, using only 1. Knowing its phone number, and 2. Being able to read its...
Why Anthropic’s Mythos Is Sparking Global Alarm
Anthropic announced Mythos, an AI model that can automatically locate software and system vulnerabilities, and said it is too powerful for unrestricted public release. The company will initially share Mythos only with a handful of vetted partners for testing. Within...
Security Must Accelerate to Match AI Pace
.@wiz_io co-founder Yinon Costica takes stage at #GoogleCloudNext 2026 to explain different layers of security. AI has changed the game he implied. Security needs to move at the speed of AI, he added. https://t.co/z7uIwJbngP
Real Hacker Reveals AI's Threats and Countermeasures
Talking with a real hacker will freak you out. Thanks @theonejvo for freaking me out about how AI could be used to attack everything in our modern society. And what we can do about it. https://t.co/0znpRiZ0tz
The $292 Million Kelp DAO Exploit Shows Why Crypto Bridges Are Still One of the Industry's Weakest Links
A cross‑chain bridge exploit involving KelpDAO and LayerZero resulted in the loss of about $292 million. The attack manipulated false messages fed to the bridge’s validator network, allowing attackers to mint unbacked tokens on a destination chain. Experts say the flaw...
Relativity’s Algebra Hides Century‑Old Positive Cosmological Constant
What's cooler than finding a 27-year-old bug in OpenBSD? Finding a positive cosmological constant hiding for over a century in the algebra of relativity🌌 No new physics or math needed🧮 Possibly the most elegant novel result we'll see, but even more interesting ones...
Paramount+ $80 Million Film Leak Highlights Hollywood’s Cybersecurity Gaps
A full version of Paramount+’s $80 million animated film “Legend of Aang: The Last Airbender” appeared on a hacker forum, confirming Red Sift’s finding that 71% of Hollywood studios still lack enforced email‑impersonation safeguards. The breach revives concerns that the entertainment...
5 Email Security Steps to Reduce Healthcare Risk
Healthcare organizations face a surge in email‑based phishing and ransomware attacks that exploit trusted clinical communications. A five‑step framework—enhanced inbound filtering, targeted staff training, attachment and link controls, strict access management with MFA, and a ready incident‑response playbook—offers a layered...
Anthropic Withholds Mythos Model, Citing Safety, Igniting US‑China AI Security Clash
Anthropic unveiled Claude Mythos Preview on April 7 but limited its use to a U.S. consortium of Cisco, JPMorgan Chase and Nvidia, citing safety risks. The move has heightened U.S.–China AI rivalry, with regulators and industry watching how the powerful model...
AI Tools Are Helping Mediocre North Korean Hackers Steal Millions
Cybersecurity firm Expel uncovered a North Korean state‑sponsored group, dubbed HexagonalRodent, that used commercial generative AI tools to write malware, build phishing sites and automate credential theft, stealing roughly $12 million in crypto from over 2,000 victims in three months. The...
Terraform Adds Pre-Written Sentinel Policies for ISO 27001
Terraform announced a new library of pre‑written Sentinel policies that map to ISO/IEC 27001 Annex A controls. The policies are co‑created by HashiCorp and AWS and are now published in the Terraform Registry. By providing ready‑made compliance rules, the offering...
BT Seeks Fire-by-Fire AI Security Approach
BT Group executive Gabriela Styf Sjoman warned that AI now powers roughly 80% of phishing attacks, turning the technology into both a powerful tool and a growing cyber‑threat. She called for more open dialogue on AI security, noting that most...
Microsoft SharePoint Vulnerability Widely Exposed Across Multiple Countries
A medium‑severity input‑validation flaw in Microsoft SharePoint (CVE‑2026‑32201) has been identified across roughly 1,370 IP addresses worldwide, down from 1,745 a week earlier. The vulnerability enables network‑level spoofing and has been added to the Cybersecurity and Infrastructure Security Agency’s Known...
Over 1,300 SharePoint Servers Still Exposed to Actively Exploited Spoofing Flaw
More than 1,300 internet‑exposed Microsoft SharePoint servers are still unpatched for CVE‑2026‑32201, a spoofing flaw that was exploited as a zero‑day before Microsoft released patches in April 2026. The vulnerability affects SharePoint Enterprise Server 2016, 2019 and the Subscription Edition,...
Reversing Enterprise Security Costs with AI Vulnerability Discovery
Anthropic’s Claude Mythos Preview helped Mozilla’s Firefox team uncover 271 vulnerabilities for version 150, building on an earlier effort that yielded 22 fixes in version 148. The AI‑driven scans dramatically outpace traditional manual reviews, allowing enterprises to remediate bugs faster and at...
Navigating the New NERC Requirements for Vendor Remote Access
Effective April 1 2026, NERC’s CIP‑003‑9 forces renewable operators to replace informal vendor management with a documented, evidence‑based cybersecurity program for low‑impact Bulk Electric System (BES) cyber assets. The rule targets electronic remote access used for configuration, troubleshooting and system interaction, requiring...
AI-Powered Attacks Foreshadow Automated, Scalable Cyber Threats
Early AI-driven cyberattacks show systems can find vulnerabilities with little human input. Still rare, but signaling more automated, scalable threats. As AI advances, organizations must prioritize speed, visibility & resilience. https://t.co/rCsmckczrM