Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Meta Contests $25,000 Falana Judgment, Citing Jurisdictional Flaws
Meta has filed an appeal against a Lagos High Court judgment that ordered the company to pay $25,000 in damages to Nigerian lawyer Femi Falana for alleged privacy violations. The appeal argues that the trial court lacked jurisdiction under Nigeria’s fundamental‑rights framework and that the evidence does not support liability for the Facebook video in question. Meta also contends the damages are excessive and that holding it responsible for user‑generated content would set a risky precedent. The outcome could affect how global tech firms manage legal risk in Nigeria and broader African markets.
Quantum Breakthrough, Not AI, Will Shatter All Privacy
While most of the charlatans are hyping a societal “singularity” event brought on by AI. The actual societal nuclear bomb is going to be when quantum computing gets figured out and there is no longer any encryption. Not just going...
Authsignal Brings Passkey Orchestration to IATA’s Travel Identity Program
Authsignal has entered IATA’s Strategic Partnership Program, adding its mobile‑first passkey orchestration layer to the One ID initiative for document‑free travel. The platform sits above existing airline identity systems, enabling passkeys, adaptive MFA, biometric step‑up and risk‑based checks without replacing...
BITTER APT Uses Signal, Google, and Zoom Lures to Spread ProSpy Spyware
Researchers from Access Now and Lookout have uncovered a BITTER APT campaign that uses spear‑phishing lures on Signal, Google, Zoom and other platforms to deliver the ProSpy Android spyware. The operation, active since at least 2022, targets journalists and opposition...
CISOs See Gaps in Their Incident Response Playbooks
A new Sygnia survey of 600 senior cybersecurity leaders reveals that more than 75% of organizations suffered a cyberattack in the past year, yet 73% of respondents doubt their ability to respond effectively to future incidents. While 99% claim to...
GTA-Maker Rockstar Games Hacked Again but Downplays Impact
Rockstar Games suffered a second breach in three years after the teenage hacking group ShinyHunters accessed limited non‑material data on a third‑party cloud platform. The company told the BBC the incident has no impact on its players or operations, contrasting...
GTA-Maker Rockstar Games Hacked Again but Downplays Impact
Rockstar Games suffered a second cyber‑breach in three years after hackers infiltrated servers hosted by a third‑party cloud provider. The group, calling itself ShinyHunters, demanded a ransom and warned they would publish the stolen material online. Rockstar told the BBC...
APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials
Chinese state‑linked group APT41 has released a new ELF‑based backdoor that silently infiltrates Linux cloud workloads to steal credentials from AWS, Azure, GCP and Alibaba Cloud. The malware communicates over SMTP port 25, a channel that bypasses typical internet‑exposure scanners and...
Aura Targets BYOD Risk with Identity-Centric Security for MSPs
Aura has launched Aura Business for Managed Service Providers, an identity‑centric solution that secures BYOD environments without full device control. By integrating with Microsoft Entra ID, the platform enforces conditional‑access policies, checks device hygiene, and detects phishing, credential theft, and...
From the Studio — Everybody’s on the Ban List: Separating Espionage From Fear in the US-China Tech War
A wave of U.S. bans targeting Chinese‑origin tech—from TP‑Link routers to DeepSeek AI—has sparked a debate over real security threats versus political overreach. While TP‑Link devices were used in state‑backed botnets, the vulnerabilities stem from firmware flaws, not intentional backdoors,...
Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat
Security researchers have uncovered a sharp increase in the abuse of Microsoft 365 mailbox rules, with Proofpoint reporting that roughly 10% of compromised accounts in Q4 2025 contained malicious rules created within seconds of initial access. These rules, often given trivial names,...
Getting Ahead of the New HIPAA Security Rule: Practical Steps You Can Take Now
On Jan 6 2025 the HHS Office for Civil Rights released a proposed amendment to the HIPAA Security Rule that would make encryption and multi‑factor authentication mandatory and tighten contingency planning. The final rule is slated for May 2026, giving covered entities roughly...
At Splunk GovSummit, IHS Leaders Tie Cybersecurity Directly to Patient Care
At the 2026 Splunk GovSummit, Indian Health Service (IHS) leaders linked cybersecurity directly to patient care, emphasizing that security is a clinical enabler. Serving roughly 2.7 million patients across 37 states, IHS prioritizes resilience and real‑time visibility to keep care uninterrupted,...
GTA 6 Hackers Give Rockstar a Deadline to Pay for Stolen Data
Rockstar Games has been pressured by the ShinyHunters ransomware group to pay a ransom by April 14 2026 for data stolen in a third‑party breach. The attackers accessed authentication tokens through a compromised cloud‑cost monitoring tool, allowing them to infiltrate Rockstar’s Snowflake...
Hack at Anodot Leaves over a Dozen Breached Companies Facing Extortion
Hackers from the ShinyHunters group breached business‑monitoring platform Anodot, stealing authentication tokens that unlocked customer cloud data. The breach, which began on April 4, exposed at least a dozen client companies—including Rockstar Games—to extortion threats demanding ransom to keep the data...
Wiz: 80% of Cloud Breaches Are Caused by Basic Mistakes
Wiz’s 2024 cloud‑security report finds that eight‑in‑ten cloud breaches were caused by basic mistakes such as misconfigurations, exposed secrets, and weak credential handling. While the vulnerabilities themselves are not new, rapid AI adoption is spreading these flaws across a broader...
Shopify PCI Compliance: What the Platform Covers and What It Doesn’t
Shopify delivers a PCI‑compliant checkout and robust infrastructure security, earning its place as a default e‑commerce platform. However, its compliance certification only covers the payment page and the underlying hosting environment, not the scripts that run in a shopper’s browser....
Mirax Android Trojan Turns Devices Into Residential Proxy Nodes
A new Android banking trojan called Mirax is spreading across Europe, targeting Spanish‑speaking users through fake streaming app ads. The campaign has reached more than 200,000 accounts and operates under a restricted Malware‑as‑a‑Service model that limits access to a small...
The Silent “Storm”: New Infostealer Hijacks Sessions, Decrypts Server-Side
Storm, a new infostealer surfacing in early 2026, offloads encrypted browser data to attackers’ servers for decryption, eliminating the local decryption step that endpoint tools traditionally flag. By handling Chromium‑ and Gecko‑based browsers server‑side, it automates session‑cookie restoration using Google...
Are AI Agents Your Next Security Nightmare?
In 2026 autonomous AI agents have moved beyond chatbots to proactive systems that can plan, reason, and execute actions across corporate networks. Incidents like the OpenClaw shadow‑AI deployments expose thousands of instances without authentication, highlighting the danger of ungoverned agents....
Getting Privacy Policy Right in a Competitive Digital Economy
State and local leaders are trying to protect resident privacy while keeping their economies competitive, affordable and innovative. More than 20 states have enacted comprehensive consumer data privacy laws that focus on transparency, consumer choice and responsible data use. Research...
Anthropic Just Gave Defenders a Firehose. They’re Already Drowning.
Anthropic unveiled Project Glasswing, granting a select coalition access to its frontier AI model, Claude Mythos Preview, which has already uncovered thousands of zero‑day vulnerabilities, including a 27‑year‑old bug in OpenBSD. The initiative includes more than forty partners such as...
WebinarTV Secretly Scraped Zoom Meetings of Anonymous Recovery Programs
WebinarTV, a platform that indexes Zoom webinars, has secretly scraped and posted more than 200,000 Zoom sessions, including confidential addiction recovery, health‑support, and even nudist gatherings. The recordings expose participants' full names and faces, violating the expectation of privacy that...
OpenText Launches EU Sovereign‑cloud Services on AWS and Google Cloud via S3NS Partnership
OpenText announced today that it is extending its European sovereign‑cloud portfolio with a new hybrid trusted‑cloud service on Amazon Web Services and a separate Google Cloud‑based solution built with S3NS. The moves give French and broader EU enterprises a compliance‑ready...
NCUA Opens Fifth Deregulation Round for Credit Unions, Comments Due April 13
The National Credit Union Administration (NCUA) has opened a comment period for its fifth round of deregulation proposals, targeting rules that regulators deem redundant or overly prescriptive. Stakeholders have until 11:59 p.m. ET on April 13, 2026, to submit feedback, a move that...
Cisco Talos Uncovers LucidRook Malware Campaign Targeting Taiwanese NGOs and Universities
Cisco Talos has identified a new malware family, LucidRook, used in a targeted intrusion campaign against Taiwanese non‑governmental organizations and suspected universities. The campaign, first observed in October 2025, leverages modular Lua‑based stagers, spear‑phishing, and custom delivery chains to evade...
Strengthening Enterprise Governance for Rising Edge AI Workloads
Google’s release of Gemma 4, an open‑weight model designed for on‑device execution, is upending traditional enterprise AI security. The model lets engineers run sophisticated autonomous agents directly on laptops and edge hardware, sidestepping cloud firewalls and API gateways. This creates a...
OpenSSF Flags Malware Campaign on Slack Posing as Linux Foundation Figures
The Open Source Security Foundation (OpenSSF) has issued an advisory about a new Slack‑based phishing campaign that pretends to be Linux Foundation leaders. The attackers promote a bogus AI tool, directing developers to a counterfeit Google Workspace page that installs...
Los Angeles Data Breach Exposes LAPD Personnel and Litigation Records
In late March, ransomware group WorldLeaks claimed to have exfiltrated roughly 7.7 TB of data from the Los Angeles City Attorney’s office, including 340,000 files of LAPD personnel, internal affairs, litigation, and medical records. The data was stored on an unsecured...
Zimbabwe Boosts Cybersecurity as AI-Driven Cyber Fraud Surges
Zimbabwe is ramping up its cybersecurity defenses as AI‑driven fraud spikes, with deepfake voice cloning and automated phishing tools targeting mobile money users and public services. The government reports cyber‑related losses exceeding $30 million a year and a 40% rise in...
$12 Million Frozen, 20,000 Victims Identified in Crypto Scam Crackdown
International law‑enforcement operation Operation Atlantic froze more than $12 million and identified over 20,000 victims of cryptocurrency scams. The crackdown also uncovered $45 million in suspected fraud losses, while FBI data shows $11.3 billion in crypto‑related fraud last year, with $7.2 billion tied to...
How to Run a GDPR-Compliant Remote Hiring Process
Remote hiring in the Netherlands now spans Europe, forcing companies to move candidate data across borders under the GDPR. Recruiters must first establish a lawful basis—typically legitimate interest or pre‑contractual steps—before collecting any personal information. The article outlines a step‑by‑step...
OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack
OpenAI disclosed that a GitHub Actions workflow used for macOS app signing inadvertently downloaded a malicious version of the popular Axios JavaScript library, version 1.14.1, as part of a supply‑chain attack linked to North Korean group UNC1069. The compromised workflow...
Whoops: Russia’s Attempt To Block VPNs Causes Major Banking Failure
Russia's latest attempt to curb VPN usage backfired, triggering a nationwide outage of online banking services. The government's filtering system mistakenly targeted IP ranges belonging to major banks such as Sberbank, VTB and T‑Bank, overwhelming the network and disabling mobile...
How the Explosion in Machine Identities Is Changing Cyber Defense
Machine identities—API keys, service accounts, certificates—now outnumber human accounts by over 100 to 1, with some sectors hitting 500 to 1, according to Obsidian Security. Fifty percent of enterprises reported breaches linked to compromised machine credentials in the past year, while only 12 % have...
FBI Classifies Suspected Chinese Breach of Wiretap Surveillance System as ‘Major Incident’
The FBI announced that a suspected Chinese state‑sponsored intrusion compromised its Digital Collection System Network (DCSNet), the internal platform that manages pen‑register and trap‑and‑trace wiretap data. The breach, achieved through a commercial ISP vendor, was classified as a “major incident”...
AWS Security Digest #256 - TY Mythos
AWS inadvertently pushed a test IAM managed policy into production, a slip caught by IAM Trail. The incident coincides with the first Mythos‑reported vulnerability appearing in AWS security bulletin 2026‑015, highlighting AI‑driven code‑scanning efforts under Project Glasswing. Research disclosed critical flaws in...
Scammers Pose as Kickstarter on Publishing Platforms—Stay Vigilant
Now publishing scammers are posing as people at Kickstarter? What is next. It came from an obvious fake Gmail address. Writer friends, please be careful.
Anthropic AI Guides Rapid AI Vulnerability Prep for All
Great advice from @AnthropicAI on prep for accelerated AI vulnerability discovery, including what to do if you don’t have a dedicated security team, if you’re reporting bugs you found, or are an open source maintainer. /ht @_decius_ for sending the link ...
Adobe Finally Patches PDF Pest After Months of Abuse
Adobe released a patch on April 11 for CVE‑2026‑34621, a critical zero‑day in Acrobat and Reader that allowed arbitrary code execution on Windows and macOS. The flaw was actively exploited for months, using heavily obfuscated JavaScript to profile victims and deliver...
Anthropic Joins Rivals to Safeguard AI Against Hacking
Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything | WIRED https://t.co/n4C6wCCT5h
Anthropic Selects CrowdStrike as Founding AI Security Partner
Why Anthropic chose CrowdStrike as a Founding Member for AI Cybersecurity Protection: Industry Analyst Jeff Kagan https://t.co/RniG3fCreq via @Street_Insider @AnthropicAI @CrowdStrike @nvidia @jeffkagan #jeffkagan #industryanalyst #ictindustryanalyst #ai #aianalyst #aiindustryanalyst #analyst #analystrelations #wirelessanalyst #telecomanalyst #tech #technology #techanalyst #technologyanalyst #pr #publicrelations #pressrelease...
‘Grand Theft Auto’ Publisher Rockstar Hit by Hackers Again
Rockstar Games suffered a second breach when the ShinyHunters gang used stolen authentication tokens to masquerade as a legitimate user of the AI analytics platform Anodot and infiltrate the company’s Snowflake data warehouse. The attackers accessed a limited set of...
Prioritize Rapid Misconfiguration Detection Over Apocalypse Predictions
Dino’s take here is spot on. I’m less concerned of the vulnerability apocalypse that’s being predicted and more concerned on identifying misconfigurations at a much more rapid rate.
ClipBanker Trojan Masquerades as Proxifier GitHub Wrapper
A trojan with a very long infection chain: ClipBanker is being distributed under the guise of a GitHub project containing the legitimate Proxifier software in a malicious wrapper. Details: https://t.co/mhSwdoFEvI https://t.co/L9fwjL55h8
Seven IBM WebSphere Liberty Flaws Can Be Chained Into Full Takeover
Security researchers disclosed seven interrelated flaws in IBM WebSphere Liberty, a modular Java application server, that can be chained to achieve full server takeover. The chain begins with a pre‑authentication remote code execution (RCE) vulnerability in the SAML Web SSO...
Your MTTD Looks Great. Your Post-Alert Gap Doesn't
The security industry has narrowed mean‑time‑to‑detect (MTTD) but still suffers a lengthy post‑alert gap, where analysts spend 20‑40 minutes investigating alerts. Recent AI‑driven exploits, such as Anthropic’s Mythos model, demonstrate that attackers can move in seconds, making human‑speed investigations untenable....
New Industry Resource Announced by DSA: Best Practice Guidelines for ID Documents
The Document Security Alliance, together with INTERGRAF and the Secure Identity Alliance, released the Minimum Security Standards for Identity Documents, a best‑practice guide for state issuers. The guidelines address integration of physical security features with embedded digital elements and aim...
Why DHS No Longer Has a Compliance Mindset for Cybersecurity
In this episode of Ask the CIO, former DHS Chief Information Security Officer Hemant Badewin discusses his 15‑year federal career, why he chose to leave at this pivotal moment, and his new role as Executive CISO at Knox Systems. He...
Managing Cyber Risks in the Era of Decentralized Energy
The U.S. electric grid is rapidly integrating distributed energy resources (DERs) such as rooftop solar, storage and vehicle‑to‑grid systems, creating a more resilient but digitally complex network. This shift has expanded the attack surface, with utility cyber‑attacks up 75% from...