Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Vercel Discloses Breach Impacting Internal Systems and Limited Customers
Vercel announced that unauthorized actors accessed its internal systems, affecting a limited subset of customers. The company has engaged incident‑response experts and law enforcement while urging customers to review logs and rotate secrets. The breach raises fresh concerns about supply‑chain security for DevOps teams that rely on Vercel’s CI/CD platform.
Proof‑based Protocols and Diversity Essential for Long‑term Security
This is the kind of attack that many people in blockchain security had long expected. This is why proof based protocols, multiple, operator diversity etc matter. The challenge with security is that it’s a super long game and it’s hard to convince...
One Login: GDS to Create ‘Easily Digestible Version’ of Privacy Impact Report
The UK Government Digital Service (GDS) announced it will publish an "easily digestible" version of the Data Protection Impact Assessment (DPIA) for the GOV.UK One Login by the end of 2026, though the full unedited report is unlikely to be...
Physicist Warns Quantum Breakthrough Could Threaten Bitcoin by 2029
Chris Tam, director of BTQ Technologies, warned that recent quantum computing progress could make Bitcoin's cryptography vulnerable by 2029, far earlier than earlier estimates. The warning has reignited a split in the crypto world between those urging immediate upgrades and...
RSAC 2026 Puts AI, Identity and Resilience at the Forefront of Enterprise Security
RSAC 2026 attracted more than 43,500 security professionals, with AI occupying roughly 40% of the conference agenda. Identity and resilience emerged as the next‑generation security pillars, signaling a shift away from perimeter‑based defenses and pure prevention models.
South Africa ‘Isn’t Ready’ for AI-Accelerated Cyberattacks
Anthropic unveiled Claude Mythos Preview, an AI model that can pinpoint software vulnerabilities within minutes, raising unprecedented cybersecurity concerns. A mis‑configuration leak revealed the model’s existence, underscoring the speed gap: 77% of organizations globally need over a week to patch,...
Network ‘Background Noise’ May Predict the Next Big Edge-Device Vulnerability
GreyNoise’s 103‑day study of network background noise identified 104 distinct traffic surges targeting 18 edge‑device vendors. The research found that roughly half of these spikes were followed by a public vulnerability disclosure within three weeks, with a median lead time...
Half of the 6 Million Internet-Facing FTP Servers Lack Encryption
A Censys study found roughly 6 million internet‑facing FTP servers, with 2.45 million (about 41%) offering no encryption. While the total number of FTP hosts fell 40% since 2024, the protocol still represents 2.72% of all visible internet services. Pure‑FTPd powers the...
NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience
The UK National Cyber Security Centre (NCSC) unveiled a coordinated plan to strengthen cyber resilience across the NHS, built on 18 months of government‑industry collaboration. The strategy pivots on five pillars, including the Active Cyber Defence 2.0 pilot, software‑supply‑chain hardening,...
The Hidden Cost of Healthcare Data Breaches
Health‑insurance data breaches have exposed over 400 million identities since 2021, yet plan sponsors, TPAs and carriers provide no post‑breach fraud protection. HIPAA settlements can reach $25,000 per stolen identity, while remediation averages more than $13,000 per individual, creating a lucrative...
Multi-Cloud Trust Integrity-Based Security Management Architecture for Blockchain- Enhanced Secure Network Slicing Using CKBNA and SFDA
A new multi‑cloud security framework introduces a Crystals‑Kyber Bickley‑Naylor (CKBNA) key‑establishment protocol and a Struve Function‑based Dilithium (SFDA) signature scheme to protect Secure Network Slicing (SNS). The architecture leverages an IpLUEN‑LSTM model for slice prediction, Hyperbolic Growth Gazelle Optimization for...
Phishing Attacks Concentrate on Big Tech as Identity Becomes Prime Target
Check Point Research's Q1 2026 Brand Phishing Ranking shows Microsoft remains the most impersonated brand, accounting for 22% of phishing attempts, with Apple, Google, Amazon and LinkedIn completing the top five. The four brands together represent nearly half of all phishing...
How Proactive DEX Strengthens IT Compliance in Financial Services
Financial services firms are grappling with tighter regulations and increasingly complex, distributed IT environments, making traditional reactive compliance models inadequate. Proactive Digital Experience (DEX) management, exemplified by TeamViewer DEX, continuously monitors device health, performance, and user‑experience signals to anticipate issues...
What the Ransom Note Won’t Say
In March 2024 a BlackCat ransomware affiliate complained on a cybercrime forum that it never received its share of the $22 million ransom paid after the Change Healthcare breach, alleging the gang vanished with the funds and posted a fake FBI seizure...
Shadow Data Is a Hidden Risk that AI Can Reveal
Shadow data—forgotten copies of sensitive information scattered across endpoints, cloud storage, SaaS tools and generative‑AI prompts—remains invisible to most security teams. Research from Palo Alto Networks shows over 80% of sensitive data lives outside traditional controls, a problem amplified by...
Beyond IT: Cybersecurity Is a Strategic Business Risk
On November 25, 2025 the SEC censured a national securities firm and imposed a $325,000 penalty after a breach exposed the personal data of roughly 8,500 people. The regulator highlighted the firm’s weak cyber‑governance, noting missing multi‑factor authentication and absent incident‑response plans....
UAE Cyber Security Council Warns 1 in 4 Public Files Contain Sensitive Personal Data
The UAE Cyber Security Council reports that 25% of publicly accessible files contain sensitive personal data, and up to 77% of privately shared files may be exposed due to weak controls. The advisory highlights a widening gap between rapid cloud...
The Identity Layer
The post argues that despite increasingly sophisticated fraud‑scoring engines, the real weakness lies in the fragmented "identity layer" that sits before authorization. Fraudsters bypass detection by succeeding at upstream identity checks—such as KYC, merchant underwriting, and device fingerprinting—that are not...
Next.js Creator Vercel Hacked
Vercel, the creator of the Next.js framework and a leading frontend cloud platform, confirmed a breach on April 20, 2026 after a hacker group offered its stolen databases, source code, and access keys for $2 million. The intrusion stemmed from a...
AI Model Claude Opus Turns Bugs Into Exploits for Just $2,283
Anthropic's Claude Opus 4.6 model produced a functional Chrome V8 exploit after processing 2.3 billion tokens across 1,765 API calls, costing roughly $2,283. The experiment demonstrated that publicly accessible AI can turn software patches into weaponized code with modest investment. Researchers...
Ransomware’s Next Phase: From Data Encryption to Business Extortion
Ransomware has morphed from simple file‑encryption attacks into a multi‑layered business extortion threat, driven by AI‑enhanced reconnaissance and data exfiltration. BlackFog’s 2025 State of Ransomware Report shows a 49% year‑on‑year rise in disclosed incidents and a growing shadow of undisclosed...
DeFi Users Pull $10 Billion Out of the Market as $292 Million Exploit Sparks Bank-Run Optics
A $292 million exploit of KelpDAO's cross‑chain bridge drained roughly $10 billion from DeFi markets, prompting a cascade of withdrawals. The attacker siphoned 116,500 rsETH, a liquid restaking token, and moved the funds through Tornado Cash before targeting lending platforms. Aave suffered...
Base Security Lies in RPC/DNS, Not Consensus
If the stack above consensus won’t pay for trust-minimization, then base-layer security is irrelevant. Users touch RPCs and DNS, not validators and that’s the layer that’s exposed
Vercel Incident Linked to AI Tool Hack, Internal Access Gained
Vercel disclosed a security breach that stemmed from a compromised third‑party AI platform, Context.ai, which gave attackers access to an employee’s Google Workspace account and subsequently to internal systems. The intruders viewed non‑sensitive environment variables, while encrypted sensitive variables remained...
Cisco Patches Critical ISE Vulnerabilities Allowing Remote Code Execution Attacks
Cisco released emergency patches for its Identity Services Engine (ISE) and Webex Services after uncovering multiple critical vulnerabilities. Three ISE flaws (CVE‑2026‑20147, CVE‑2026‑20180, CVE‑2026‑20186) score 9.9 CVSS and enable remote code execution, privilege escalation, and potential denial‑of‑service. A separate Webex...
Are Smarter AI Models Fueling Recent DeFi Hacks?
Is there any reason to believe recent DeFi hacks are directly a result of smarter models?
Sophisticated Attack Exploits KelpDAO Laxity on LayerZero
The attack was way more sophisticated than I expected and aimed at LayerZero infrastructure taking advantage of KelpDAO laziness.
Analysis of 200 Education Dept-Endorsed School Apps Finds Most Are Selling BS when It Comes to the Privacy of Children’s...
Researchers at UNSW audited nearly 200 Android educational apps recommended by Australian schools and found pervasive privacy violations. Most apps begin transmitting device identifiers and location data within seconds of launch, and 80% embed hard‑coded API secrets accessible to anyone...
Global Financial Watchdog to Share Insights on Anthropic’s Mythos
The Financial Stability Board (FSB) is collecting data from its members on the potential systemic risks posed by Anthropic’s Mythos AI model, aiming to disseminate findings to regulators and central bankers worldwide. Bank of Canada Governor Tiff Macklem highlighted the urgency...
Single-Validator Bridge Breach Highlights Need for Decentralization
tldr KelpDAO made the decision to use a 1 of 1 validator for the entire bridge and their 1 got breached. How could this have been avoided?
Project Glasswing: When AI Becomes the Ultimate Hacker—And Defender
The episode dives into Anthropic's secretive Project Glasswing, built around the unreleased Claude Mythos model that can autonomously discover zero‑day vulnerabilities and chain exploits. Hosts Kevin Tackett and Scott Wright debate the hype versus reality, arguing that while the AI...
Top 3 Cyber Insurance Incident Claims
Cowbell’s 2026 Claims Report shows data breaches (33.5%), cybercrime (31.8%) and extortion (18.3%) dominate cyber‑insurance claims. Meanwhile, AM Best notes U.S. cyber premiums slipped to $9.14 B while claim frequency jumped 40%, signaling a loss‑heavy environment despite lower premium volume. Industry experts...
India’s AI Moment Isn’t About Speed, It Is About Control
India’s enterprises have moved AI from pilot projects to production, with nearly half running multiple AI use cases at scale. The conversation is shifting from deployment speed to maintaining control over these models, as behavioral failures can slip past traditional...
Australia’s Privacy Commissioner Tried, in Vain, to Sound the Alarm on Data Protection During the U16s Social Media Ban Trials
Australia’s Office of the Australian Information Commissioner (OAIC) warned that the Age Assurance Technology Trial (AATT), commissioned to test tech for the teen social‑media ban, overstated its privacy safeguards. The regulator flagged terms such as “privacy‑preserving” and “privacy by design”...
Zero-Trust Implementation: Understanding NSA’s Phase One and Phase Two Guidance
The National Security Agency released detailed Zero‑Trust Implementation Guidelines (ZIG) that split adoption into Phase One and Phase Two. Phase One requires 36 activities and 30 capabilities to build a foundational trust architecture, while Phase Two adds 41 activities and 34 capabilities for expanded...
Urgent Request: Need Figment Contact for Phishing Victim
Hey can someone connect me to someone at @Figment_io ? An emergency about a friends wallet that got phished
Wyoming Digital Government Summit 2026 to Spotlight State CIO Strategies for Digital Transformation
The Wyoming Digital Government Summit, scheduled for 2026, will convene state and local CIOs to share strategies on AI, cybersecurity, data governance and business continuity. Chief Information Officer Jeff Clines of Wyoming will speak about the value of peer collaboration...
FBI Dismantles APT28 Router Botnet Used to Steal Microsoft 365 Credentials
The U.S. Department of Justice announced that the FBI’s Operation Masquerade has neutralized a global network of more than 18,000 compromised routers operated by Russian GRU unit APT28. The botnet was used to hijack DNS, present fake Microsoft 365 login pages and...
Cybersecurity Becomes Critical for Decentralized Energy Systems
Managing cyber risks in the era of decentralized energy #energysky -- via pv magazine global: https://t.co/DN7O7RH2jq
Vercel Teams with NanoCo to Add AI Agent Approval Dialogs in 15 Messaging Apps
Vercel, the cloud‑front platform, announced a partnership with NanoCo (formerly NanoClaw) and OneCLI to embed policy‑setting approval dialogs for autonomous AI agents in 15 messaging apps. The integration uses Vercel’s Chat SDK and OneCLI’s credentials vault to shift security from...
Early Warning Services Launches Certos Platform to Curb Fraud and Boost Banking Access
Early Warning Services introduced Certos, a new real‑time risk‑intelligence platform that screened more than $11 trillion in payments and halted $3.7 billion of fraud in 2025. The service, built on a collaborative “give‑to‑get” data model, is designed to reduce friction for non‑traditional...
Nava Secures $8.3M Seed Round to Verify AI Agents in DeFi
Nava announced an $8.3 million seed round led by Polychain Capital and Archetype, with participation from Coinbase Ventures and others, to build a blockchain‑based verification layer for AI‑driven financial agents. The funding targets a market where unauthorized AI transactions cost $2.1 billion...
Europol Finds 75,000 Users Linked to DDoS‑for‑Hire Services in Global ‘PowerOFF’ Sweep
Europol disclosed that more than 75,000 individuals are linked to DDoS‑for‑hire platforms after a coordinated raid on April 13, 2026 involving 21 countries. The operation seized databases covering 3 million accounts and moved into a preventive phase, removing links and warning users.
Prepare Your Pipeline for AI-Discovered Zero-Days
Anthropic's Mythos preview model uncovered thousands of zero‑day vulnerabilities, including a 27‑year‑old OpenBSD bug, and chained four flaws into a functional browser exploit. The company warns that comparable AI‑driven attack tools could appear in the hands of adversaries within six...
Integrating Red Hat Lightspeed with CrowdStrike for Enhanced Malware Detection Coverage
Red Hat announced that its Lightspeed security service now integrates CrowdStrike’s malware intelligence, adding more than 2,400 CrowdStrike YARA signatures to the existing IBM X‑Force library for Red Hat Enterprise Linux (RHEL) customers. The joint offering lets users scan RHEL 9 and 10 systems...
GitHub Copilot's New Policy for AI Training Is a Governance Wake-Up Call
GitHub announced that, beginning April 24, 2026, interaction data from Copilot Free, Pro and Pro+ users—including prompts, code snippets and context—will be used to train its AI models by default, unless users opt out. Business and Enterprise customers are exempt...
AI-Driven Attacks Will Cripple Complex Systems Soon
Vercel today, someone else tomorrow... Complex systems will be hit hard by sophisticated attacks - augmented by AI systems.
Avoid Vote Links in DMs—They're Likely Scams
PSA: don't click those vote links in the direct messages (looks like a bunch of compromised accounts are DM-ing people asking them to vote for podcasts)
Mythos AI Exposes Legacy Systems—Act Now
JUST IN: Anthropic's Mythos model gives hackers access to long-secured systems, and Nic Nguyen details the cybersecurity steps you must take immediately.
OAuth's Pitfalls Push Teams Toward Password-Only Integrations
Oauth is great until it’s not. I have a strong feeling that this incident will see a few security playbooks adjusted to “user/password only for external services.”