Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, and Linux CVE‑2022‑0492. Google released patches for the Android bug in June 2026.
Also developing:
By the numbers: Ingeteam receives $82.5M loan from EIB
Connected Cars: Privacy Compliance Guidance
Cooley special counsel Claire Gibbs warned that original equipment manufacturers (OEMs) face mounting privacy and compliance hurdles as connected cars continuously capture sensitive driver data. She emphasized that OEMs must provide clear, timely notice and secure meaningful consent before any data processing occurs. The guidance highlights the risk of regulatory action under frameworks such as GDPR, CCPA, and emerging auto‑data statutes. Ultimately, manufacturers need robust data‑governance structures to stay compliant and maintain consumer trust.
Seeking Real-World Feedback on SAFE GRC Platform
Do you use the SAFE GRC platform? Had a chance to see it at RSAC and was impressed but don't hear from many folks using it. Would love to hear real-world feedback from current users.
Robust Patch Management Needed Before AI Vulnerability Crisis
The technical debt repo man is coming, especially for those that don’t have robust patch creation & management — & it’s clear we can’t keep cranking out bugs in the 1st place. Stay hydrated, ops teams, & tip your doordashers...
Why Legacy Networks Are a Growing Liability
Legacy networking infrastructures built on outdated hardware and operating systems are still common, but they create management complexity, performance bottlenecks, and security gaps. Organizations cling to these networks because engineers rely on familiar skill sets, budgets are tight, and executives...
Top Secret Clearance Holder Charged With Leaking Classified National Defense Information
The FBI arrested Courtney Williams, a former Special Military Unit member with a Top Secret/Sensitive Compartmented Information clearance, and charged her with leaking classified national‑defense information. Prosecutors allege that between 2022 and 2025 she provided secret data to a journalist via 10 hours...
GraphAlgo Scam: Lazarus Hackers Register Real US LLCs to Spread Malware
Cybersecurity firm ReversingLabs uncovered that North Korea‑linked Lazarus Group launched the GraphAlgo campaign by registering a bona‑fide Florida LLC, Blocmerce, to lend credibility to fake job offers targeting blockchain developers. The group now embeds malicious Remote Access Trojans in GitHub...
OneDigital Warns Clients of Alleged Salesforce Data Breach
OneDigital Investment Advisors disclosed that a breach of its Salesforce CRM exposed up to 28,414 client records, including names and Social Security numbers. The intrusion stemmed from the Drift chat‑agent integration rather than Salesforce’s core platform, and OneDigital’s internal network...
Marimo Notebook Exploited Within Nine Hours of Critical Flaw Disclosure
Within nine hours of disclosing CVE‑2026‑39987, a critical remote‑code‑execution flaw in the open‑source Marimo notebook, threat actors built and deployed a functional exploit. Sysdig observed the attack chain from reconnaissance to credential theft in under three minutes, underscoring the speed...
U.S. Treasury Unveils Cybersecurity Info‑Sharing Program for Digital‑Asset Firms
The U.S. Treasury’s Office of Cybersecurity and Critical Infrastructure Protection launched a cybersecurity information‑sharing program that will deliver actionable threat intelligence to eligible digital‑asset firms and industry groups, fulfilling a key recommendation from the President’s Working Group on Digital Asset...
NSA and FBI Urge Router Reboot After Russian GRU Hijacks Thousands of Devices
The National Security Agency and the FBI are urging U.S. residents to reboot and harden their home internet routers after a Russian military‑intelligence unit hijacked thousands of devices nationwide. The advisory follows a court‑authorized operation that removed malicious DNS settings...
The Phishing-as-a-Service Pipeline: How a Scalable Fraud Ecosystem Is Driving Global Attacks
Flashpoint’s latest research shows phishing has morphed into a full‑service ecosystem, offering subscription‑based platforms that bundle kit development, hosting, delivery and real‑time dashboards. Low‑skill actors can now launch campaigns for as little as $10, while advanced services employ reverse‑proxy (AiTM)...
Fake Claude Site Installs Malware that Gives Attackers Access to Your Computer
Researchers uncovered a counterfeit website masquerading as Anthropic’s Claude AI, offering a “Claude‑Pro‑windows‑x64.zip” installer. The zip installs a functional Claude client while silently deploying a PlugX remote‑access trojan via a signed G DATA updater and malicious avk.dll sideloading. The dropper copies...
MediStreams Achieves Clean SOC 2 Type II Certification, Strengthening Security in Healthcare Revenue Cycle Management and Payment Automation
MediStreams announced it has received a clean SOC 2 Type II audit for the full 2025 calendar year, covering Security, Availability, and Processing Integrity. The unqualified opinion was issued by independent CPA firm Aprio LLP after a year‑long assessment of its payment‑posting...
Analysis: Anthropic Claude Mythos Won’t ‘Reshape Cybersecurity’
Anthropic unveiled Claude Mythos, a frontier AI model touted to overhaul vulnerability discovery and management. The company paired the preview with Project Glasswing, granting early access to firms like CrowdStrike and Palo Alto Networks. Investor reaction was swift, sending shares of major...
What “Lilith” Actually Is
Lilith is an open‑source C++ remote administration tool designed for hands‑on learning of RAT architecture and command‑and‑control techniques. The project requires solid C++ skills, Windows internals knowledge, and a sandboxed virtual lab to compile and run safely. By building the...
FIU Researchers Demonstrate Quantum‑Resistant Video Encryption, Boosting Security by Up to 15%
A team led by S.S. Iyengar at Florida International University announced a hybrid encryption framework that scrambles video frames with quantum‑resistant keys, delivering 10‑15% stronger protection in simulations. The method works on conventional computers, positioning it for near‑term deployment in...
Compute Fuels Attacks, Committees Lag Defense Gap
Offense scales with compute. Defense scales with committees. New piece on why the attacker-defender gap is widening faster than anything we've built to close it -- and what actually moves the needle. Link in bio or cje.io
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
FINRA announced the launch of the Financial Intelligence Fusion Center (FIFC), a secure portal that enables member brokerage firms to share real‑time cybersecurity and fraud intelligence. The platform builds on FINRA Forward initiatives and incorporates data from government and private‑sector...
Electronics Industry Says FCC's Foreign-Made Router Policy Is a Bit of a Mesh
The FCC’s new rule places foreign‑made consumer routers on a Covered List, allowing only those cleared by the DoD or DHS and committed to U.S. manufacturing to receive approval. The Global Electronics Association argues the policy is misguided, noting past...
Anthropic’s Glasswing Highlights AI’s Security Paradox
Anthropic unveiled Project Glasswing, an initiative that gives more than 40 leading tech firms early access to its Claude Mythos model for proactive vulnerability detection. The program is designed to identify, test and mitigate software flaws before they can be weaponized...
You Can't Trust macOS Privacy and Security Settings
A new macOS demo shows the Privacy & Security panel can lie about folder access. Using the free app Insent on macOS 13.5‑26, the author proves an app can retain Documents access even after the toggle is disabled, provided the user later opens...
What Anthropic’s New Nightmare Means, in Plain English
Anthropic announced that its latest model, Claude Mythos Preview, can automatically discover zero‑day vulnerabilities across all major operating systems and web browsers. Rather than releasing the model publicly, Anthropic is collaborating with a consortium that includes Apple, Google and Microsoft...
Anthropic Tries to Keep Its New AI Model Away From Cyberattackers as Enterprises Look to Tame AI Chaos
Anthropic unveiled Claude Mythos, a powerful AI model designed to spot software vulnerabilities, but will only share it with a curated group of cloud and security firms under the Project Glasswing initiative. The move reflects growing concern that advanced models could become...
Nordic Banks Turn to CaaS to Fight Rising Fraud
Nordic banks are grappling with a surge in digital fraud as cashless payments dominate the region. Norwegian banks blocked roughly NOK 2.3 bn (about $250 m) and Danish banks prevented DKK 500 m (around $70 m) in attempted fraud in 2025. At the same time, compliance...
What To Know When Evaluating Sensitive Data Discovery And Classification Solutions
The Forrester Wave™ Q2 2026 evaluates the leading sensitive data discovery and classification solutions, emphasizing accuracy, scalability, and breadth of data‑source coverage. Vendors now claim 95%‑plus detection rates and support cloud, on‑prem, and in‑motion scanning, but buyers must validate performance in...
AHA Names Its Preferred Cybersecurity Provider
The American Hospital Association (AHA) has appointed Rubrik as its Preferred Cybersecurity Provider, giving roughly 5,000 member hospitals access to Rubrik’s cyber‑resilience tools and a breach‑recovery playbook. The designation is part of the AHA’s Preferred Cybersecurity & Risk Provider Program...
AI Journaling Demands Privacy as Core, Not Feature
The most personal data you will ever generate deserves more than a terms of service. When you journal with AI, you are sharing things that, for a lot of people, nobody else hears outside of a therapist. That level of trust...
Pentesting: Human Insight Over Automated Scanners
🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖🤖 Pentesting is not a scanner or a fuzzer - whether SAST, DAST, AI, deterministic or non-deterministic. Pentesting is a human * using those tools * to see if they can find a security problem that your teams and tools may...
Stryker Warns of Earnings Fallout From March Cyberattack
Stryker disclosed that a March 11 wiper attack linked to the Iran‑backed Handala group disrupted its manufacturing, ordering and shipping systems, denting first‑quarter earnings. The breach wiped data from thousands of devices via the company’s Microsoft Intune environment and forced the...
Ultra-Powerful Vulnerability Model Reserved for Intelligence Agencies
We’ve created a model that we think could find and fix all the vulnerabilities in your application. You can’t have it. A model this powerful should only be used by the CIA and NSA to exploit your services.
Thousands of Gov Officials' Emails and Passwords Exposed Online
The emails and plaintext passwords of thousands of government representatives have been found online. https://t.co/WaJd3bjpd5
CryptoNext Security First in EU With Full NIST Quantum-Safe Certification
CryptoNext Security became the first European Union company to achieve full NIST quantum‑safe certification, confirming its implementation of the three standardized post‑quantum algorithms—CRYSTALS‑Kyber, CRYSTALS‑Dilithium and Falcon—within ProvenRun’s ProvenHSM hardware security module. The NIST CAVP validation extends beyond software, proving hardware‑level...
Legacy SDK Flaw Lets Attackers Steal Private Data
An outdated SDK carries a dangerous flaw that allows threat actors to steal private data. https://t.co/GKds3Ok79H
Aave Achieves SOC 2 Compliance, Raising DeFi Standards
Aave products and endpoints are now SOC 2 compliant, ensuring strong operational and security compliance, setting a new standard for DeFi application layer.
In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack
The weekly SecurityWeek roundup highlighted several high‑profile cyber incidents, including a March 2026 attack on medical‑device maker Stryker that will shave earnings from its first‑quarter results, and a newly disclosed Windows zero‑day dubbed BlueHammer that gives attackers full SYSTEM privileges....
Chrome's Device‑Bound Session Credentials Coming to macOS
New Device Bound Session Credentials feature for Google Chrome is also coming to macOS soon. https://t.co/AKyb6s77Fa
Tor Builds RAM‑only Relays to Thwart Hardware Seizures
The Tor Project is working with relay operators to develop "stateless" servers that run entirely in RAM. By forgetting all data upon reboot, these self-wiping relays will protect users and node operators from hardware seizures. https://t.co/C2MghAYpMj
Silent Ransom Group Leaked Another Big Law Firm: Orrick, Herrington & Sutcliffe
The Silent Ransom Group (SRG) breached law firm Orrick, Herrington & Sutcliffe in late January 2026 and spent a week inside its network before demanding a ransom. Negotiations stretched from early February to late February, with Orrick offering a maximum...
FBI Recovers "Deleted" Signal Messages Through iPhone Notifications
The FBI recovered deleted Signal messages from an iPhone by extracting push‑notification data stored by iOS. In a Texas terrorism case, agents accessed incoming messages that the defendant had set to expire and removed from the app. Apple’s operating system...
‘A Perfect Storm’: How AI Is Transforming the Global Scam Industry
A new Infoblox report reveals that AI‑driven remote‑access trojans are turning Southeast Asian scam compounds into industrial‑scale cybercrime operations. These malware tools give attackers full control of victims’ Android devices, enabling real‑time monitoring, data exfiltration and instant bank‑account draining. AI...
Anthropic’s AI Hacking Tech Triggers Concern in German Cyber Agency
Anthropic unveiled Mythos, an AI model that can locate and exploit software bugs faster than human hackers. The German Federal Office for Information Security (BSI) is in active dialogue with Anthropic after the model was shared with 12 cybersecurity firms...
Ransomware Attack on ChipSoft Knocks EHR Services Offline Across Hospitals in the Netherlands and Belgium
Dutch health‑IT firm ChipSoft confirmed a ransomware breach on April 7 that forced its flagship HiX electronic health‑record platform offline in the Netherlands and Belgium. The attack prompted the Dutch CERT (Z‑CERT) to shut down patient portals, HiX Mobile and the...
Big Tech, Big Exposure: Data From Over 3.5 Million Accounts Handed to US Authorities
Proton’s new research shows Google, Apple and Meta have handed over data from over 3.5 million user accounts to U.S. authorities in the past decade, a 770 % increase since transparency reporting began. In the first half of 2025 alone, more than...
Analysis of One Billion CISA KEV Remediation Records Exposes Limits of Human-Scale Security
Qualys analyzed over one billion CISA KEV remediation records from 10,000 organizations, revealing that critical vulnerabilities remain open longer despite a 6.5‑fold increase in ticket closures. The share of critical flaws still unpatched after seven days climbed from 56% to...
AI Expansion, Security Crises, and Workforce Upheaval Define This Week in Tech
This week’s tech headlines were dominated by AI breakthroughs, escalating security threats, and a wave of layoffs. Google unveiled a Gemini‑powered Notebooks workspace, Meta launched the multimodal Muse Spark model, and Microsoft pledged its own large‑model portfolio by 2027. At the...
XRP More Quantum-Resistant Than Bitcoin
Experts say XRP is less vulnerable to quantum threats than Bitcoin, thanks to key rotation and escrow time-locks, exposing fewer accounts. Source: Coindesk https://t.co/I2y893X172
Juniper Networks Patches Dozens of Junos OS Vulnerabilities
Juniper Networks released patches for nearly three dozen vulnerabilities affecting its Junos OS and Junos OS Evolved platforms. The most critical flaw, CVE-2026-33784 (CVSS 9.8), involves a default password in the Support Insights Virtual Lightweight Collector that could be exploited...
Enterprises Store Data Right, but Lose Key Control
Data sovereignty is not data residency. Three things have to align: where data is stored, how it is encrypted, who controls the encryption keys. Most enterprises get the first right. Almost none get the third.
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Researchers have uncovered a new GlassWorm variant that hides a Zig‑compiled native binary inside a counterfeit WakaTime VS Code extension. The binary acts as a dropper, locating every IDE that supports VS Code extensions and silently installing a malicious VSIX package. The...
Hungarian Government Email Passwords Exposed Ahead of Election
Bellingcat uncovered that passwords for nearly 800 Hungarian government email accounts are publicly available, affecting 12 of the 13 ministries, including national‑security officials. The leaks stem from simple, easily guessable passwords rather than sophisticated cyber attacks. The exposure comes weeks...