Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, patched in June 2026; and Linux CVE‑2022‑0492, a kernel flaw also deemed actively exploited.
Also developing:
By the numbers: Ingeteam secures $82.5M loan from EIB for renewable energy R&D
Fraudsters May Target AI Mandates as Agentic Commerce Takes Off
AI‑driven agents are set to handle consumer transactions, a trend dubbed agentic commerce. McKinsey projects up to $1 trillion in U.S. B2C revenue by 2030, with a global market potential of $3‑5 trillion. Visa’s security unit observed a 450% surge in dark‑web posts about AI agents and has earmarked $13 billion for protective technology. While the payment rails—EMV 3‑D Secure, tokenisation, and delegated authentication—remain the same, fraudsters will target the new mandate‑approval process.
Data Security Becomes a Core Skill in Modern Legal Recruitment
Law firms are increasingly recognizing data security as a core competency, driven by the sensitive nature of client information, intellectual property, and legal strategies. Cyber threats targeting these assets are rising, prompting firms to adopt encryption, multi‑factor authentication, and regular...
Europol’s Operation PowerOFF Dismantles DDoS‑for‑Hire Networks, Warns 75,000 Users
Europol led a multinational crackdown that took down 53 DDoS‑for‑hire domains, issued 25 search warrants and arrested four suspects. During the coordinated action week, 75,000 users received warning messages, and law enforcement exposed data on over 3 million criminal accounts.
ANALYSIS: Big Tech Sets AI to Catch AI
Advanced AI is reshaping cyber‑security as both a weapon and a shield. Hackers leveraged over 1,000 AI prompts to breach Mexico’s tax authority, exposing 195 million records and prompting one of the largest government data leaks. At the same time, Anthropic’s...
They Built a Legendary Privacy Tool. Now They’re Sworn Enemies
GrapheneOS, the open‑source Android hardening platform hailed as the gold standard for mobile privacy, was co‑created by Canadian security researcher Daniel Micay and a second lead developer. Over the past year, a bitter personal and strategic rift has erupted between...
Canada Life Breach Exposes Data of up to 70,000 People – Mostly Customers
Canada Life disclosed a cyber incident that exposed personal information for up to 70,000 individuals, primarily employees of a single large corporate client. The breach was carried out by the ShinyHunters hacking group, which gained unauthorized access through an employee’s...
Turkish Airlines Miles&Smiles Account Deletion Email With 800K Miles – Real Or Not?
A Turkish Airlines Miles&Smiles member with over 800,000 miles received an email stating the account would be deleted for inactivity, despite recent logins and mileage accrual. The notice originated from mail.turkishairlines.com and used generic language like "Dear Member" without personal...
ServiceNow Completes $7.75bn Armis Deal to Boost Cyber Visibility
ServiceNow completed a $7.75 bn cash acquisition of cyber‑exposure manager Armis, extending its platform with real‑time, agent‑less visibility of both digital and physical assets. The deal follows ServiceNow’s March 2026 purchase of Veza, adding AI‑native identity intelligence to its security suite....
Zoom Rolls Out “Proof of Humanity” To Combat Deepfake Impersonation
Zoom has launched a "Proof of Humanity" feature that verifies participants’ identities in real time using World ID Deep Face technology. The tool, built with Tools for Humanity, displays a "Verified Human" badge during calls to deter AI‑generated deepfake impersonations....
Top Techniques Attackers Use to Infiltrate Your Systems Today
The article outlines current cyberattack techniques, highlighting identity‑based methods as dominant. Phishing (41%), stolen credentials (18%) and social engineering (12%) drive most incidents, while abuse of legitimate remote monitoring and management (RMM) tools accounts for 30% of breaches. Attackers also...
The Global AI Threat Has Arrived
Anthropic unveiled Claude Mythos Preview, an AI model that can autonomously locate and exploit vulnerabilities in major operating systems and web browsers. The discovery has alarmed business leaders and policymakers worldwide, prompting concerns about a new class of AI‑driven cyber threats. Even...
The Cookbook for Safe, Powerful Agents
Enterprises are moving AI agents from proof‑of‑concepts to production, exposing a critical gap between capability and control. Runloop CEO Jonathan Wall emphasizes that agents must start with minimal privileges and gain access only through layered safeguards. The article outlines a...
The Thin Gray Line: Handala, CyberAv3ngers and Iran’s Proxy Ops
On April 7, six U.S. agencies issued a joint advisory warning that Iranian‑linked advanced persistent threat groups could launch cyberattacks on critical infrastructure, citing the 2023 water‑facility breaches attributed to the APT known as CyberAv3ngers. The advisory also references the...
Addressing the Challenges of Unstructured Data Governance for AI
Enterprises in regulated sectors are expanding data governance beyond warehouses to the massive, unstructured data that now fuels AI models. Leaders cite visibility, lineage, and dynamic access‑control as the toughest hurdles, especially for documents like contracts, health records, and design...
Deep Dive Into the New Kill Chain
Cyberrey will present at the ITWeb Security Summit JHB 2026, unveiling what it calls a "new kill chain" driven by AI‑powered shadow IT. The firm warns that every device, API or cloud workload now creates an exponential attack surface that outpaces...
CISA Adds 8 Exploited Vulnerabilities Affecting Cisco, Zimbra, TeamCity
On April 21, 2026 the Cybersecurity and Infrastructure Security Agency expanded its Known Exploited Vulnerabilities (KEV) catalog with eight new flaws that are already being leveraged in active attacks. The list includes high‑severity issues such as an improper‑authentication bug in...
Vercel Data Breach Exposes SA Developer Community
Vercel, the US‑based platform behind the popular Next.js framework, disclosed a security incident in which attackers accessed internal systems through a compromised third‑party AI tool, Context.ai. The breach allowed the intruder to obtain non‑sensitive environment variables from a limited set...
Panasonic Creates Device-Locked QR Codes to Speed Facial Biometric Capture
Panasonic has introduced device‑locked QR codes that work only with authorized readers, streamlining facial‑biometric enrolment for its Site Management Service. The QR code carries registration data; when scanned by the system’s camera, it triggers a facial capture, eliminating the need...
Personal Data Exposed on ANTS Portal, French Authorities Investigate
French authorities have confirmed a security incident on the ANTS.gouv.fr portal, detected on April 15, 2026, that exposed personal identifiers such as login IDs, names, email addresses, dates of birth and, in some cases, postal addresses and phone numbers. The...
Common Challenges of Online Fraud
Harold van Graan of Solid8 Technologies outlines how online fraud has evolved beyond simple transaction theft to include checkout abuse, inventory hoarding, loyalty fraud, and promo abuse. Bots can empty high‑value stock in seconds, while account‑takeover schemes siphon points and...
Public Servant Charged over Alleged NSW Treasury Document Heist
A 45‑year‑old public servant employed by the New South Wales Treasury was charged with attempting to exfiltrate more than 5,600 sensitive government documents. Police launched “Strike Force Civic” on April 20, raiding the suspect’s residence and arresting him the same day. The...
Cisco Launches Sovereign Critical Infrastructure Across EMEA
Cisco announced the launch of its Sovereign Critical Infrastructure (SCI) portfolio for customers across Europe, the Middle East and Africa. The offering bundles Cisco’s networking, security, compute, collaboration, AI and Splunk solutions into configurable, air‑gapped or hybrid on‑premises environments. It...
Mobai Certified for Cybersecurity and Privacy Protection
Norwegian digital identity company Mobai has secured ISO/IEC 27001:2022 certification, confirming its Information Security Management System meets international standards. The audit, conducted by DNV, took effect on March 30, 2026, and is crucial for its biometric services to financial, government,...
Poste Italiane, Postepay Fined €12.5M for Unlawful User Data Processing
The Italian Data Protection Authority has imposed a combined fine of over €12.5 million (about $13.5 million) on Poste Italiane (€6.6 million) and its Postepay unit (€5.8 million) for unlawful processing of user data via mobile apps. Regulators found the apps collected extensive device‑level...
Arbitrum Freezes $71 Million in Ether Tied to Kelp DAO Exploit
Arbitrum’s Security Council moved 30,766 ETH—about $71 million—into a frozen intermediary wallet after the Kelp DAO rsETH exploit. The freeze recovers roughly a quarter of the $292 million stolen when attackers compromised a LayerZero verifier, an incident linked to North Korea’s Lazarus Group....
Ripple Wants the XRP Ledger to Be Quantum-Proof by 2028. Here Is Its Plan
Ripple announced a four‑phase roadmap to make the XRP Ledger quantum‑resistant by 2028. The plan starts with an emergency “Q‑day readiness” phase that would require all funds to move to quantum‑safe accounts and enable recovery via zero‑knowledge proofs. Subsequent phases...
Advanced AI Raises Security Risks
Palo Alto Networks warns that emerging generative AI models will soon become powerful tools for cyber attackers. In internal tests, the firm’s AI completed the equivalent of a year’s penetration testing in just three weeks and demonstrated the ability to...
10 Best Cloud Data Security Software on G2: My Top Picks
The cloud data security market, valued at $4.75 billion in 2024, is forecast to reach $11.62 billion by 2030, underscoring rapid growth. Disha C’s G2‑based guide ranks the top ten platforms, from Acronis Cyber Protect Cloud’s unified backup and AI threat detection...
Mythos Remains a Mystery as Security World Faces Rising Threats, Agentic Attacks and Concerns About AI Integrity
Anthropic’s unreleased Claude Mythos model, touted for large‑scale software analysis and automated vulnerability chaining, was highlighted by Head of Threat Intelligence Jacob Klein at the SANS Cybersecurity Summit. Klein warned that AI‑driven attacks are accelerating, citing recent breaches at Vercel...
The Illusion of Control: Why Boards Misjudge Cybersecurity Readiness
Recent research from Harvard Business Review, McKinsey, IMD and Deloitte shows corporate boards are consistently misjudging cybersecurity readiness. The missteps stem from three systemic gaps: insufficient cyber fluency, role confusion between oversight and micromanagement, and a lack of decision‑ready information....
Critical RCE Flaw Hits Flowise AI Workflow Engine, Threatening Millions of DevOps Pipelines
Security firm OX Security disclosed a critical remote code execution vulnerability in Flowise, an open‑source AI workflow builder used in CI/CD pipelines. The flaw stems from Anthropic's Model Context Protocol (MCP) SDKs and affects an estimated 200,000 instances across more...
Is Indonesia’s Digitalisation Push Leaving MSMEs Exposed?
Indonesia’s finance sector is experiencing a surge in cyber scams, with phishing attacks targeting the industry at a 24.42% rate—far above other sectors. The Financial Services Authority (OJK) reports that scams occur three to four times more often in Indonesia...
SANS Stormcast Tuesday, April 21st, 2026: CVE and EPSS; Windows Server 2025 OOB; QEMU Abuse;
In this 5‑minute Stormcast episode, Johannes Ulrich discusses the surge of new CVEs and the limitations of the NVD, introducing the Exploit Probability Scoring System (EPSS) as a scalable way to prioritize vulnerabilities. He then covers Microsoft’s out‑of‑band patch for...
20 New Security Enhancements Boost Internet Protection
I’m so encouraged by the way our team and industry peers have shown up to protect the internet. We’ve now shipped over 20 product improvements across Dashboard and CLI to help your security posture. Easier to set up MFA, audit your Environment...
Fime Launches Agentic Commerce Trust Layer Service
Fime has launched FACT (Framework for Agentic Commerce Trust), a "trust‑as‑a‑service" platform that secures AI‑driven financial transactions. The service adds intent validation, real‑time policy monitoring, transaction‑level attestation and independent auditor agents, enabling merchants to accept AI‑initiated payments while giving banks...
Woodway Assurance Launches EviData Feature to Tackle Quebec and EU Anonymization Rules
Woodway Assurance introduced an automated inference‑risk assessment module for its EviData platform, aimed at meeting Quebec's privacy regulations and the EU's GDPR. The feature debuted today at a Toronto event co‑hosted with PwC Canada, giving organizations a scalable way to...
BePrime Breach Leaks 12.6 GB of Client Data and Exposes 1,858 Network Devices
BePrime, a Mexican cybersecurity provider to firms like Iberdrola and Whirlpool, confirmed a hack that leaked 12.6 GB of data and gave attackers control of 1,858 Cisco Meraki devices. The breach, attributed to missing multi‑factor authentication, underscores supply‑chain risk in the...
Vibe Coding Upstart Lovable Denies Data Leak, Cites 'Intentional Behavior,' Then Throws HackerOne Under the Bus
AI coding platform Lovable, valued at $6.6 billion, faced a Broken Object Level Authorization (BOLA) vulnerability that allowed any free‑account user to view other users’ source code, database credentials, and chat history. The flaw, reported 48 days earlier, was first dismissed...
The Web Is Gaslighting AI Agents and Nobody Can Tell
Researchers at Google DeepMind have identified a new class of threat called “AI Agent Traps,” where hidden instructions embedded in ordinary web pages can manipulate autonomous AI agents. The paper outlines six attack vectors, including content injection and semantic manipulation,...
Alabama Becomes Latest State to Enact Comprehensive Privacy Law
Alabama Governor Kay Ivey signed the Alabama Personal Data Protection Act (APDPA) on April 16, 2026, making it the latest state to adopt a comprehensive consumer privacy law. The statute, which takes effect on May 1, 2027, applies to businesses that process the data...
Commentary: Southeast Asia’s Scam Centres Are a New US-China Battleground
Cyber‑fraud scam centres across Southeast Asia entrap roughly half a million people and siphon about $43.8 billion a year, roughly 40% of the region’s combined GDP. China and the United States both vie to lead anti‑fraud initiatives, but their competing digital...
Ethereum Offers Upgradeable, Limit‑enforced Contracts; Canton Lacks Protection
What's possible on Ethereum that's not possible on Canton? "You can set limits, you can make it upgradeable with keys in cold storage by Circle in a multisig, and this smart contract. enforces limits. "You cannot do this on Canton. Your...
Startup Accidentally Exposes Personal Info via Public Roadmap
A startup just CCed me its roadmap because a) its roadmap is on Github and b) minor notes on that roadmap named my Twitter account which c) lexically equivalent to my Github account. Had never thought of that route for information...
Vuln in Google’s Antigravity AI Agent Manager Could Escape Sandbox, Give Attackers Remote Code Execution
Researchers at Pillar Security disclosed a critical vulnerability in Google’s Antigravity AI‑powered developer tool that allowed prompt injection to escape the platform’s Secure Mode sandbox and achieve remote code execution. The flaw leveraged the native "find_by_name" system tool, which bypassed...
Voluntary Security Attestations Boost Open‑Source Supply‑Chain Safety
Our colleagues at Open Regulatory Compliance have released statement on article 25 of the EU's CRA. Voluntary security attestations can help sustain open source and improve supply chain security. We support the joint ORC statement. 👇 https://t.co/3iGhnJ58RT
The FTC’s AI Portfolio Is About to Get Bigger
The Federal Trade Commission is preparing to enforce the Take It Down Act, a law that criminalizes the distribution of AI‑generated nonconsensual sexual images and gives victims a right to request rapid removal of such content. Enforcement begins in May,...
Retirees Are a Prime Target for Identity Theft. This 15-Minute Checkup Could Save You Thousands
Retirees are increasingly targeted by identity thieves, with the FBI reporting an average loss of $38,500 per victim in 2025. The article outlines a four‑step, 15‑minute checkup—credit monitoring, Social Security review, Medicare statement audit, and password hygiene—to curb fraud. It...
Scaling Mobile Authentication Across The Modern Enterprise
Enterprises are rapidly adopting mobile authentication to replace static badge systems, driven by AI investments and a tech‑savvy workforce. A recent HID report shows nearly two‑thirds of security leaders are deploying or planning mobile credentials, citing benefits such as instant...
ASIC, APRA Among Regulators Monitoring Anthropic's Mythos
Australian and Asian financial regulators are intensifying scrutiny of Anthropic's AI model Mythos after it demonstrated a powerful ability to uncover software vulnerabilities. ASIC and APRA in Australia, Hong Kong’s HKMA, South Korea’s FSS and FSC, and Singapore’s MAS have all...
DeFi Must Rethink Trust After Lazarus Breaks Eight Protocols
"If Lazarus can break 8 different protocols in 8 different ways, then DeFi has to stop working from the framework of assuming that all transactions are legitimate." 👀 -- @austincampbell https://t.co/xtIdxNvnOf