Today's Cybersecurity Pulse
Google sues Chinese cybercrime network for AI‑driven scam texting
Google filed a civil lawsuit against the Chinese cybercrime group Outsider Enterprise, accusing it of leveraging its Gemini AI model to mass‑produce phishing websites and send 2.5 million scam text messages. The operation deployed roughly 9,000 fake sites and a million fraudulent domains, scamming hundreds of thousands of victims and causing multi‑million‑dollar losses.
Also developing:
AI-Written Software Creates Hassles for Wary Security Teams
A ProjectDiscovery report finds AI‑generated code is overwhelming security teams. Only 38% of practitioners feel they can keep up, while 60% say the workload is getting harder. Main concerns are corporate secret leakage, supply‑chain risk, and business‑logic vulnerabilities. Security teams demand audit trails and access controls before adopting AI coding tools.
Handling Subject Access Requests with Confidence Under New Data Act
The Data (Use and Access) Act 2025 gives UK HR teams new, legally backed tools to handle the expected flood of subject access requests (DSARs) that will follow the Employment Rights Act 2025’s reduction of the unfair‑dismissal qualifying period to...
Operationally Ineffective: Putting CVEs in a Chokehold with Privilege Disruption
The Mythos Preview leverages AI to accelerate vulnerability discovery, turning roughly 33,000 privilege‑path dependent CVEs from dormant assets into cheap, weaponizable exploits—estimated at about $2,000 per attack. These CVEs, which account for 70% of confirmed weaponized flaws, undermine traditional patch‑and‑remediate...
Navigating Federal Cloud Adoption
Federal health leaders are accelerating hybrid cloud adoption to boost scalability, security, and mission delivery. Former HHS CISO La Monte Yarborough and CMS infrastructure director Wade Zarriello highlighted how cloud strategies have evolved and outlined the next steps for agencies....
Your Passwords Are Officially Obsolete, According to Britain's Top Intelligence Agency
Britain’s National Cyber Security Centre announced at CYBERUK that passwords are now obsolete and recommends passkeys as the primary authentication method. The agency cites passkeys’ speed—up to eight times faster than traditional login—and their resistance to phishing. Around 50% of...
Rubrik Introduces Cyber Resilience Protection for Google Cloud SQL
Rubrik announced a new integration that brings its Security Cloud cyber‑resilience capabilities to Google Cloud SQL, protecting managed PostgreSQL databases with immutable, automated backups. The solution adds air‑gapped backup copies, cross‑region recovery and unlimited retention without changing existing database architectures....
Vercel Says some of Its Customers’ Data Was Stolen Prior to Its Recent Hack
Vercel disclosed that hackers accessed a small number of customer accounts before its widely reported April breach, indicating a longer‑running intrusion. The company traced the initial entry to a Context AI app that infected an employee’s workstation with infostealer malware,...
JPMorgan Says Persistent Security Flaws Curb DeFi’s Institutional Appeal
JPMorgan’s latest report warns that persistent security flaws are curbing DeFi’s appeal to institutional investors, highlighted by a roughly $20 billion loss from the KelpDAO exploit. Bridge and cross‑chain vulnerabilities remain the dominant source of hacks, with this year’s losses matching...
Bad Memories Still Haunt AI Agents
Researchers have identified AI memory files as a critical security weakness after Cisco demonstrated a persistent compromise of Anthropic’s Claude Code. By injecting malicious secrets into the model’s memory.md, attackers can influence code generation, select insecure packages, and propagate changes...
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Socket Research uncovered a coordinated supply‑chain campaign affecting multiple development ecosystems. Malicious artifacts were found in the official Checkmarx KICS Docker repository, while Namastex.ai npm packages were infected with a CanisterWorm‑style payload. In parallel, 108 Chrome extensions were linked to...
Cosmetics Giant Rituals Discloses Data Breach Affecting Customers
Rituals, the Dutch cosmetics giant, disclosed a data breach that accessed personal information—including names, email addresses, phone numbers, dates of birth, gender and home addresses—of members of its My Rituals loyalty program. The breach, discovered in early April, did not...
Regular Password Resets Aren’t as Safe as You Think
Password resets cost roughly $70 each and remain a top help‑desk request, prompting many firms to adopt self‑service tools. The April 2025 breach of UK retailer Marks & Spencer, which lost about $5.1 million per day, showed how attackers can hijack a simple...
What Anthropic’s Mythos Means for the Future of Cybersecurity
Anthropic unveiled Claude Mythos Preview, an AI model that can autonomously locate and weaponize software vulnerabilities in operating systems and internet infrastructure. The company is restricting access to a handful of vetted partners, citing AI safety concerns. The announcement sparked...
Iran-Nexus Threat Groups Refine Attacks Against Critical Infrastructure
Iran‑aligned cyber groups have intensified destructive campaigns against critical infrastructure since the February war, deploying data‑wiping malware and novel threats like ZionSiphon that can tamper with water‑treatment controls. High‑profile incidents include a wiper attack on medical‑device maker Stryker and targeted...
UK Biobank Health Data Keeps Ending up on GitHub
UK Biobank has been using copyright takedown notices to remove health‑related data from GitHub, filing 110 requests since July 2025. The notices mainly target specific files such as Jupyter/R notebooks, genomic datasets, and CSV tables, rather than whole repositories. Developers...
OpenAI Releases Open-Source Model that Strips Personal Data From Text
OpenAI unveiled Privacy Filter, an open‑source model that automatically detects and redacts personal data from text. The 1.5 billion‑parameter model activates only 50 million parameters per request, allowing it to run on a laptop or directly in a browser without cloud connectivity....
Apache ActiveMQ Bug Chain Gives Pre-Auth RCE, Is Getting Exploited
Researchers have confirmed active exploitation of a two‑step vulnerability chain in Apache ActiveMQ, combining CVE‑2026‑34197 (code injection) with CVE‑2024‑32114 (unauthenticated Jolokia exposure). The chain grants pre‑authentication remote code execution, and attacks have been observed in the wild, with canary hits...
MacOS Malware Tricks Crypto Users with Fake Invites
Is now a good time to switch to Windows OS for bit? 😅 Jokes aside. Stay safe folks. There is a macOS malware targeting the crypto & fintech community: > Uses fake meeting invites to trick users into running Terminal commands...
From Ingress NGINX to Higress: Migrating 60+ Resources in 30 Minutes with AI
Following the official retirement of Ingress NGINX in March 2026, enterprises faced a compliance deadline to replace the now‑unsupported controller. An Alibaba engineer demonstrated a migration of more than 60 complex Ingress resources to Higress, an AI‑native API gateway built...
India Needs Digital Identity for Every Device and Stronger AI-Led Cyber Defence to Curb Threats: Experts
At the Cyber Security India Expo, experts urged India to assign a digital identity to every networked device and to bolster AI-driven cyber defenses. Lt General Madhavan Unnikrishnan Nair argued that device identities are crucial for accountability and protection of...
Keeping GPS Free From Interference: An Interview with Lisa Dyer
Lisa Dyer, executive director of the GPS Innovation Alliance, warned that GPS—critical to billions of users and essential for transportation, finance, and defense—is increasingly vulnerable to jamming and spoofing. With 32 medium‑Earth‑orbit satellites transmitting low‑power signals, both foreign actors and...
Why AI Governance without Guardrails Is Theater
Enterprises are grappling with a widening gap between AI governance policies and reality, as shadow AI proliferates across workstations and SaaS tools. Surveys show 45% of employees use AI without manager knowledge and more than half connect unauthorized AI services,...
Anything in a Database Can Surface on a Marketplace
Folks I don't know what to tell you if you're shocked about the UK Biobank story other than if something (anything) is on a database there is a very much more than non-zero chance that it can end up on...
FCC Bans Dozens of Foreign‑Made Wi‑Fi Routers Over National‑Security Risks
The Federal Communications Commission announced a ban on the sale of dozens of foreign‑made Wi‑Fi routers, citing unacceptable national‑security risks. The list targets Chinese manufacturers, a U.S.‑registered firm owned by a Chinese company, and Russia’s Kaspersky Lab, tightening supply‑chain controls...
Booking.com Breach Exposes Guest Names, Emails and Reservation Details
Booking.com disclosed that unauthorized parties accessed guest names, email addresses, phone numbers and reservation details. The company said financial data and home addresses were untouched, but warned travelers of targeted phishing scams, raising alarm across the hotel industry.
Offer Customers Passkeys by Default, UK’s NCSC Tells Enterprises
The UK National Cyber Security Centre (NCSC) is urging enterprises to make passkeys the default authentication method for consumer-facing services. Passkeys, built on FIDO2 standards, offer phishing‑resistant, password‑less login by leveraging device‑bound cryptographic keys. The guidance highlights that while passkeys...
GCHQ Urges UK to Ditch Passwords in Favor of Passkeys, Warning of Rising Cyber Threats
The UK’s cyber security agency, GCHQ, has issued a fresh advisory urging citizens and organisations to stop using passwords and adopt passkey technology, which it says can eliminate entire categories of attacks. The move reflects growing concerns over credential‑stuffing and...
Copperhelm Dives Deep Into Automation to Build Enterprise Cloud Defenses
Copperhelm Inc., a startup focused on agentic AI for cloud cybersecurity, announced its launch with a $7 million seed round led by TLV Partners, joined by ToDay Ventures, ICON and SaaS Ventures Israel. The company’s platform uses a "Context Lake" decision...
As Fraud and Agentic Risks Mount, Data Provides Continuity
In this episode of the Payments Journal, host Rima Katz and guests Dermit Thoma (Head of Fraud & Data Science at AdData), senior sales director Brand (AdData), and senior fraud analyst Jennifer Pitt (Javelin Strategy & Research) discuss how fraud...
Mile Bluff Medical Center Says Security Incident that Involved Data Encryption Disrupted Phone, Computer Systems
Mile Bluff Medical Center in Mauston, Wisconsin, reported a security incident that encrypted data and disrupted phone and computer systems. Clinical teams immediately shifted to downtime procedures to keep patient care flowing while the hospital activated its security protocols. An...
Chinese Cybersecurity Firm’s AI Hacking Claims Draw Comparisons to Claude Mythos
Chinese cybersecurity firm 360 Digital Security announced an AI‑driven Multi‑Agent Collaborative Vulnerability Discovery System that reportedly uncovered roughly 1,000 bugs, including more than 50 high‑severity flaws, during the revived Tianfu Cup hacking contest. The firm claims its AI identified a...
A ‘Perfect Storm’: NCSC Chief Issues Warning over Quantum Threats, Nation-State Hackers, and the Dangers of Global ‘Hacktivism’
NCSC chief Richard Horne warned at CyberUK that nation‑state actors—China, Iran, Russia—now drive most UK nationally significant cyber incidents, averaging four per week. He highlighted a "perfect storm" where ransomware, AI‑enabled exploits, hacktivism and an approaching quantum "Q‑Day" converge to...
Hybrid Clouds Have Two Attack Surfaces and You’re Not Paying Enough Attention to Either
Researchers at Black Hat Asia uncovered four critical CVEs in Microsoft’s Windows Admin Center (WAC), exposing a two‑way attack surface for hybrid cloud environments. The flaws allow malicious actors to drop payloads on on‑premises WAC installations and forge proof‑of‑possession tokens...
America’s Cyber Strategy Has a Budget Problem
The Trump administration’s FY2027 budget proposes a $707 million cut to the Cybersecurity and Infrastructure Security Agency (CISA), shrinking its budget to just over $2 billion—well below the $2.6 billion Congress had earmarked. The proposal also trims the Office of the National Cyber...
Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet
A new campaign is using a command‑injection flaw in digital video recorders (DVRs) to spread a Mirai‑derived botnet. Attackers combine the vulnerability with default credentials and cross‑platform payloads, achieving persistence through scheduled tasks and firmware tweaks. Compromised DVRs join a...
Surveillance Vendors Caught Abusing Access to Telcos to Track People’s Phone Locations, Researchers Say
Security researchers at the Citizen Lab disclosed two distinct spying campaigns that exploited long‑standing weaknesses in global telecom signaling protocols to locate individuals’ phones. The attackers masqueraded as legitimate carriers—using 019Mobile, Tango Networks U.K., and Airtel Jersey—to piggyback on SS7...
IAB Statement on the SECURE Data Act
The Interactive Advertising Bureau (IAB) issued a statement supporting the SECURE Data Act (H.R. 8413), praising its push toward a federal privacy standard that would harmonize disparate state laws. IAB emphasized core consumer rights—opt‑out of data sale, access, deletion, and...
AI Startup’s Data Practices Spark Legal Risk
A fast-growing AI startup is facing serious legal pressure. Mercor is being sued over alleged data collection and exposure practices, following a breach involving sensitive contractor information. It highlights a critical issue. In AI, data is the foundation, but how it is...
Hackers Seize AI Security Tools, Now Targeting Firewalls
Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall https://t.co/khjZkpWhc0
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
Anthropic’s Project Glasswing, built on the Mythos model, can autonomously discover and chain software vulnerabilities, achieving a 72.4% success rate in Firefox’s JavaScript shell and uncovering bugs that survived decades of human review. The AI identified exploits across all major...
Zero Day Clock Definitions Conflict; Which Is Accurate?
@EppSecurity For the Zero Day Clock, these definitions appear different from each other and measure different things. If so, which is the correct definition? https://t.co/b8oY85mFiO
AI‑enhanced Phishing Leads Q1 Initial‑access Attacks
Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says | Cybersecurity Dive https://t.co/nJv4RA7sVV
Thrive Launches Abacode Compliance Services to Help Organizations Build and Maintain Continuous Compliance
Thrive, a global technology outsourcing firm, has launched Abacode Compliance Services, a managed Governance, Risk and Compliance (GRC) offering built on its 2025 acquisition of Abacode. The service combines consulting, continuous monitoring, and a centralized compliance portal to help enterprises...
Massive Wave of Security Patches Hits All Devices
Brace yourself for a flood of patches in all of your tech gadgets https://t.co/xXZthlRWg1 via @FastCompany #cybersecurity
Half‑million UK Medical Records Listed for Sale After Breach
Medical data of 500,000 people in UK put up for sale after data breach - https://t.co/zBa4Kbu9u3 via @FT
The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface
Attackers are moving away from pure technical exploits toward manipulating trusted relationships and everyday workflows. An analysis of 800,000 email attacks across 4,600 firms shows phishing still dominates at 58%, while business email compromise (BEC) accounts for 11% and its...
BEREC External Workshop on Combatting Fraud
BEREC will host an external stakeholder workshop on combatting fraud on 21 May 2026, delivered online via AVC connection. Organized by the BEREC Cybersecurity and Resilience Working Group and co‑chaired by Katja Kmet Vrcko (AKOS) and Zdravko Jukic (HAKOM), the...
How the EU’s NIS2 Directive Is Changing How CIOs Think About Digital Infrastructure
The EU’s NIS2 directive reframes cybersecurity risk as an ecosystem issue, forcing CIOs to look beyond internal controls to the full supply‑chain of cloud providers, network operators and software vendors. It expands the definition of resilience to include how interconnected...
Cyber-Attacks Surge 63% Annually in Education Sector
A new Quorum Cyber report shows cyber‑attacks on schools and universities jumped 63% year‑over‑year, with recorded incidents climbing from 260 to 425 between November 2023‑October 2025. Data breaches rose 73% and hacktivist activity 75% across 67 countries, while ransomware grew 21%, led...
Systancia Hires Xavier Lefaucheux as CRO to Accelerate Global Zero‑Trust Growth
Systancia announced the appointment of Xavier Lefaucheux as chief revenue officer, tasking him with scaling the company’s Zero‑Trust identity‑access‑management platform worldwide. The veteran executive brings experience from Juniper, Stormshield and WALLIX to drive revenue growth in Europe, the Middle East...