Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Evolving Cyber Risk Driven by User Credentials and Human Error
Marlink’s Cyber Intelligence Report for Remote Operations 2026 reveals a decisive shift toward identity‑based cyber threats across maritime, energy, enterprise and critical‑infrastructure sectors. The study, based on continuous SOC monitoring and over 200 security assessments, finds that 69% of observed risks stem from compromised user credentials, while IT/OT integration has broadened the attack surface. Human error remains a key vector, with 20% of users clicking phishing links and ransomware incidents climbing to 7,793 in 2025. Marlink recommends an identity‑first security model, MFA, network segmentation and focused awareness programs to mitigate exposure.
Cybercriminals Now Increasingly Targeting Government Organizations, Report Reveals
Kaspersky’s 2025 threat report shows government entities accounted for 19% of high‑severity breaches, making them the top target, while industrial firms followed at 17%. The IT sector rose to third place with 15% of serious incidents, pushing finance out of...
Microsoft Adds Windows Protections for Malicious Remote Desktop Files
Microsoft rolled out new Windows defenses against RDP‑phishing attacks in the April 2026 cumulative updates for Windows 10 (KB5082200) and Windows 11 (KB5083769, KB5082052). The changes introduce a one‑time educational prompt and a persistent security dialog that disables all resource redirections by default....
TRON Launches First Post‑quantum Blockchain Upgrade
While Bitcoin debates whether to freeze vulnerable coins and Ethereum forms research committees, TRON is building. Today I'm announcing that TRON is officially launching its post-quantum upgrade initiative. TRON will be the first major public blockchain to deploy NIST-standardized post-quantum cryptographic...
Fraudulent Cryptocurrency App in Mac App Store Stole $9.5 Million From 50-Some Users
April 2026 saw a cascade of high‑profile crypto security breaches, starting with a counterfeit Ledger wallet app on Apple’s App Store that siphoned $9.5 million from roughly 50 users. Within the same month, Bitcoin Depot’s ATM network lost $3.67 million, Hyperbridge’s bridge contract...
Microsoft Ends Desktop Detour for Sensitivity Labels in Office Web Apps
Microsoft has updated Office for the web to let users apply sensitivity labels with custom permissions directly in Word, Excel and PowerPoint. The new Permissions dialog mirrors the desktop experience, enabling the assignment of Viewer, Editor or Owner roles without...
Anthropic Mythos Prompting Calls for More Security Measures
Anthropic unveiled its cybersecurity‑focused large language model, Mythos, under Project Glasswing, granting limited access to select vendors and enterprises. The model can ingest code and automatically surface exploitable vulnerabilities, prompting warnings from Federal Reserve Chair Jerome Powell and Treasury Secretary...
N-Able CEO: MSPs Must Shift To AI-Driven Cyber Resiliency As Agents Ramp Up
N‑able CEO John Pagliuca warned that managed service providers (MSPs) must adopt AI‑driven cyber‑resiliency as thousands of autonomous agents outpace human capacity. He likened resilience to health‑tracking wearables, emphasizing outcomes over jargon and urging a full‑stack, end‑to‑end experience. To enable...
Tax Season Scams 2026: How IRS Phishing, Fake Tax Messages, and AI Fraud Threaten Businesses
The 2026 tax season is seeing a surge in sophisticated scams that blend traditional IRS impersonation with AI‑generated messages, QR‑code links, and polished phishing campaigns. Microsoft reported over 29,000 users in 10,000 organizations targeted by tax‑related phishing, while a February...
Why We Chose the Harder Path: Docker Hardened Images, One Year Later
One year after launching Docker Hardened Images (DHI), Docker reports over 500,000 daily pulls and more than one million builds, with a catalog exceeding 2,000 hardened images, Helm charts, and system packages across Debian and Alpine. The DHI Community tier...
Privilege Elevation Dominates Massive Microsoft Patch Update
Microsoft’s April 2026 Patch Tuesday addressed a near‑record 165 CVEs, with elevation‑of‑privilege bugs comprising a record 57% of the fixes. Attackers are already exploiting a SharePoint spoofing zero‑day (CVE‑2026‑32201), while another high‑severity flaw (CVE‑2026‑33825) in Defender antimalware remains unexploited but...
Microsoft Discloses ‘Monstrous’ Number Of Bugs As AI Discoveries Surge: Researcher
Microsoft’s April Patch Tuesday released 163 CVEs, the second‑largest monthly batch in its history. TrendAI researcher Dustin Childs attributes the surge to AI‑driven vulnerability discovery, noting that AI‑generated submissions have roughly tripled. The release follows Anthropic’s claim that its upcoming...
ZeroTier Named Cyber Security Solution of the Year 2026
ZeroTier was named Cyber Security Solution of the Year 2026 by The Cyber Security Review. The award highlights its software‑defined networking platform that secures AI‑driven traffic and meets NIST/NSA CNSA 2.0 post‑quantum standards. CEO Andrew Gault said the honor validates ZeroTier’s...
Claude Mythos: Prepare for Your Board’s Cybersecurity Questions About the Latest AI Model From Anthropic
Anthropic unveiled Claude Mythos Preview, its most powerful frontier AI model, capable of autonomously discovering software vulnerabilities that have evaded human researchers. The Federal Reserve’s upcoming meeting with bank CEOs highlights growing board-level concern over AI‑driven cyber risk. Organizations are...
Invicti Launches DAST-to-SAST Correlation
Invicti announced a new DAST-to-SAST correlation feature that links runtime vulnerability scans with static code analysis. The capability maps verified DAST findings to exact source‑code lines, developer ownership, and remediation steps within a single workflow. By overlaying results on a...
FDA Tightens Its Medical Device Cybersecurity Guidance for Manufacturers
The FDA has issued updated cybersecurity guidance for medical devices through Section 524B, imposing stricter lifecycle security requirements. Manufacturers must now provide a software bill of materials, manage component risks, and adopt secure development processes. The guidance forces hospitals, federal agencies...
Are US Businesses Ready for Privacy Fragmentation? Why E-Commerce and Marketing Teams Are Now on the Front Line
U.S. privacy regulation is fragmenting as new state laws in Indiana, Kentucky and Rhode Island join existing statutes, forcing businesses to embed compliance into front‑end digital experiences. E‑commerce and marketing teams now execute consent, targeting and analytics rules that vary...
Review: Box Facilitates Secure Collaboration Across Campus
Box’s cloud‑based content management platform now offers a full suite of collaboration tools, workflow automation, e‑signatures and AI‑driven features for universities. The service integrates with more than 1,500 SaaS applications, allowing seamless file sharing across Microsoft 365, Google Workspace and...
Microsoft Drops Its Second-Largest Monthly Batch of Defects on Record
Microsoft’s April Patch Tuesday addressed 165 vulnerabilities, the second‑largest monthly release in the company’s history. The update includes an actively exploited zero‑day in Office SharePoint (CVE‑2026‑32201) and a high‑severity Defender flaw (CVE‑2026‑33825) with public exploit code. Trend Micro’s Dustin Childs...
Electrosoft Wins $500M CISA Digital Transformation BPA to Modernize Federal IT
Electrosoft Services, LLC was awarded a $500 million, five‑year blanket purchase agreement by the Cybersecurity and Infrastructure Security Agency (CISA). The contract positions Electrosoft as one of four firms to provide digital transformation, cybersecurity and AI services to federal agencies, accelerating...
Cloudflare Unveils Mesh Private Networking to Replace VPNs for Agents and Workers
Cloudflare announced the launch of Cloudflare Mesh, a private networking service that integrates with its Cloudflare One platform to give developers, AI agents and serverless workers secure, zero‑trust access to internal resources. The solution promises minutes‑long setup, automatic policy enforcement...
4 Questions to Ask Before Outsourcing MDR
Security teams face relentless alerts, staffing gaps and rising expectations for uptime, making Managed Detection and Response (MDR) a strategic necessity rather than a luxury. Outsourcing MDR provides round‑the‑clock monitoring across endpoints, identities and cloud workloads, ensuring threats are spotted...
EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses
The ecosystem of EDR‑killer tools that exploit bring‑your‑own‑vulnerable‑driver (BYOVD) techniques has expanded dramatically, with researchers cataloguing nearly 90 distinct killers. Although only about 35 vulnerable Windows drivers are actively abused, each can be re‑hashed thousands of times, complicating blocklist defenses....
State Department Cyber Leader: AI Must Serve Mission Outcomes, Not Drive Them
At the Splunk GovSummit 2026, State Department Security Operations Center chief Manuel Medrano warned that artificial intelligence must serve mission outcomes, not become the objective. He outlined how AI is already sharpening cyber monitoring and incident response across the department’s...
5 Trends Defining the Future of AI-Powered Cybersecurity
The N‑able and Futurum report outlines how AI is reshaping cybersecurity, turning generative models into both attack tools and defensive assets. Attackers now automate phishing, vulnerability scanning and exploit delivery at machine speed, forcing security teams to abandon static, perimeter‑based...
Edelson Lechtzin LLP Launches Class‑Action Probe Into Kloeckner Metals Data Breach
Edelson Lechtzin LLP announced it is investigating a potential class action over the Kloeckner Metals Corporation data breach that exposed personal information for thousands of individuals. The breach, discovered on Feb. 23, 2026, involved unauthorized access between Feb. 17‑23, prompting privacy claims...
Google Finds 1,200 Logical Qubits Could Break ECC, Driving Quantum‑Resistant Authentication Push
Google researchers announced that a quantum computer with as few as 1,200 logical qubits could break elliptic curve cryptography, the backbone of modern authentication. The finding has accelerated enterprise efforts to adopt post‑quantum authentication methods ahead of NIST’s 2030 deprecation...
AI‑Driven Deepfake Scams Prompt Crypto Industry to Adopt Cryptographic Proof Systems
AI‑generated deepfakes are fueling a 500% year‑over‑year surge in crypto scams, costing an estimated $30 billion in 2025. To counter the threat, blockchain pioneer Scott Stornetta is championing cryptographic proof systems that sign video content with decentralized identifiers, a move that...
0APT Threatens Rival Krybit with Doxxing and Extortion, Escalating Ransomware Turf War
Ransomware group 0APT announced it will publish personal details of Krybit affiliates unless a payment is made, marking a rare direct confrontation between rival cyber‑crime outfits. The threat includes leaked data samples and a warning that victim organizations can contact...
Malware Campaign Lures Users with Fake Windows Update Website
Malwarebytes uncovered a new campaign that lures French‑speaking Windows users to a counterfeit Windows Update page. The site offers a fake Windows 11 24H2 update packaged as a Windows Installer (MSI) built with the legitimate WiX Toolset. When run, the MSI installs...
Space Force Official Touts AI’s Impact on Cyber Compliance
Space Force acting cyber chief Seth Whitworth says large language models are reshaping how the service reviews cyber risk and achieves compliance. He highlighted that AI can automatically patch minor misconfigurations that often serve as entry points for state‑sponsored actors....
Evolution Equity Partners Hosts 4th Presidents Forum for Cyber Leaders
Evolution Equity Partners hosted its fourth Presidents Forum on March 24, 2026 in San Francisco during RSA Conference week, drawing more than 300 CISOs, cybersecurity founders and investors. The event featured a keynote by former California governor Arnold Schwarzenegger, who...
New ‘JanaWare’ Ransomware Targeting Turkish Citizens as Cybercriminal Ecosystem Fragments
Acronis has identified a new ransomware strain called JanaWare that exclusively targets computers in Turkey by checking system locale and IP geolocation. The malware, delivered mainly through phishing emails with malicious Java archives, demands low ransoms of roughly $200 to...
Diana: Enterprise AI Assistants Securely Integrated Into Slack
Engineers from Google, MIT, Amazon, and Carnegie Mellon just built what every enterprise has been waiting for. An AI agent platform that gives every employee their own assistant in Slack, with sandboxed execution, credential isolation, and a Governor AI that blocks...
April Patches for Azure DevOps Server
Microsoft released Azure DevOps Server Patch 3, the latest update for its self‑hosted DevOps platform. The patch addresses a null‑reference exception that could abort pull‑request completions, tightens sign‑out validation to block malicious redirects, and resolves a failure when creating personal access...
In the Blogs: HIPAA HIPAA Hooray
The U.S. Department of Health and Human Services has issued a December 2024 proposal that represents the most significant update to the HIPAA Security Rule since 2013, aiming to close long‑standing cybersecurity gaps in healthcare. The IRS released IR‑2026‑46, expanding Business...
AI-Driven Tools Heighten Exchange Cyber Risk; Boost Defenses
Anthropic's Mythos and similar AI raise cyber risk for exchanges; firms accelerate defenses as automated vulnerability discovery scales. Trade: reduce exchange custody exposure. — Viktor Kopylov, PhD, CFA More insights: t.me/si14Kopylov
NYC Cyber Leaders: Join Roundtable on Secure AI
If you are a cybersecurity leader in NYC, I'll be hosting a roundtable this Thursday on secure AI adoption. Small group, strong peer set, and candid discussion about what is actually working and what is not. Free food, drinks, and great...
Cloudflare’s EmDash Tackles WordPress Plug-In Security Crisis
Cloudflare has launched EmDash, a serverless CMS positioned as a "spiritual successor" to WordPress. Built on Cloudflare Workers, Astro, and V8 isolates, EmDash promises scalable edge delivery and sandboxed plug‑ins that mitigate the plugin‑driven security flaws plaguing WordPress. The platform...
Fuzzer Generated Real Exploits at RSA 2020 without AI
There are varying levels of exploits in terms of complexity but technically my fuzzer at RSA 2020 generated exploits. Without AI. It produced a working script and performed attacks. I did review it manually. But I had/have so many more...
Simaril Delivers SOTA LLM Prompt Injection Defense for Enterprises
Simaril (YC Spring 2026) is SOTA prompt injection defense for LLMs. This is the missing link for OpenClaw for Enterprise and all agents working on mission-critical data and workflows. The cofounders were the team that stopped billions of dollars worth...
Claude Mythos Preview Completes Full Cyberattack Simulation for the First Time
Anthropic’s Claude Mythos Preview, released in early April, has become the first AI model to autonomously execute a full 32‑step corporate network takeover in a controlled simulation. In tests conducted by the UK AI Security Institute, the model completed an...
First Self‑Healing Prompt Defense Doubles Detection, Speeds Response Tenfold
Silmaril (@Silmarildev) is the first self-healing prompt injection defense. It catches 2x more attacks 10x faster than leading defenses, and retrains continuously to protect your full AI stack, including agents like Claude Code and OpenClaw. Congrats on the launch, @aumup001 and @EduardoVel36291! https://t.co/uq6sS4jG5i
Enable WhatsApp Two‑Step Verification: Better Than Nothing
Whether you just joined @WhatsApp or have been using it for years, it's a smart idea to enable two-step verification. Here's how, step by step, and why it's not as good as 2-factor authentication, but better than nothing... https://t.co/KDT8J6yjkd #whatsapp...
BoEs Bailey Sees Major Cybersecurity Risks in New Anthropic Model
Bank of England Governor Andrew Bailey warned that Anthropic’s new Mythos AI model could dramatically amplify cyber‑attack capabilities, forcing regulators to assess its threat to banking systems. He said the model may enable rapid identification of system vulnerabilities, raising cyber...
AI Agents Emerging as New Cyber Threat Vector
Great connecting wit @okta ’ #RSAC. We had a compelling conversation about the rise of #AI agents as a new threat vector 📍FULL episode https://t.co/mZvkH86uQI 📍Learn more https://t.co/A08K78GmfH #Oktapartner #AI #cybersecurity #AgenticAI https://t.co/pkBagPpVI0
Someone Planted Backdoors in Dozens of WordPress Plug-Ins Used in Thousands of Websites
A supply‑chain attack was uncovered after the Essential Plugin portfolio was sold, with a hidden backdoor inserted into dozens of WordPress plugins. The malicious code lay dormant until this month, then began delivering payloads to any site using the affected...
WolfSSL Vulnerability Hits IoT, Routers and Military Systems, Update to 5.9.1 Now
Security researcher Nicholas Carlini disclosed CVE‑2026‑5194, a critical flaw in the wolfSSL encryption library that impacts roughly 5 billion devices, including routers, IoT gadgets, and military systems. The vulnerability bypasses certificate digest size verification, allowing attackers to forge digital IDs across...
Popular DeFi Platform Warns Users to Stay Away From Its Site After Security Breach
CoW Swap, a decentralized exchange aggregator, temporarily paused its platform after a DNS hijacking attack redirected users to a fraudulent site. The breach occurred at 14:54 UTC on April 14, 2026, prompting the team to warn traders to avoid the interface while they investigate....
Philippines Launches Broad Crackdown on Deepfakes as AI Drives Identity Fraud Surge
The Philippines has launched a whole‑of‑government campaign against deepfakes and disinformation, formalized by a memorandum of agreement among the Department of Justice, the Presidential Communications Office and the Department of Information and Communications Technology. The initiative comes amid a dramatic...