Today's Cybersecurity Pulse
CISA adds critical Android and Linux flaws to KEV catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed two high‑severity vulnerabilities in its Known Exploited Vulnerabilities catalog: Android CVE‑2025‑48595, an integer overflow that enables privilege escalation on Android 14‑16 without user interaction, patched in June 2026; and Linux CVE‑2022‑0492, a kernel flaw also deemed actively exploited.
Also developing:
By the numbers: Ingeteam secures $82.5M loan from EIB for renewable energy R&D
FCC Proposes Tougher KYC Rules to Crack Down on Illegal Robocalls
The FCC has issued a Further Notice of Proposed Rulemaking to tighten Know‑Your‑Customer (KYC) requirements for voice service providers that originate robocalls. The agency wants carriers to collect full names, addresses, government IDs and usage details, retain records for up to four years, and verify identities when abnormal traffic appears. It also proposes a per‑call penalty of $2,500 to deter large‑scale illegal campaigns. The move follows enforcement gaps highlighted by a recent $4.5 million fine against Voxbeam Telecommunications for routing prohibited traffic.
US Officials Warn Banks over Powerful New Anthropic Model
U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an urgent meeting with CEOs of the nation’s largest banks to warn of cyber‑risk from Anthropic’s newly unveiled Mythos AI model. Anthropic says Mythos can locate and exploit...
What Vibe Hunting Gets Right About AI Threat Hunting, and Where It Breaks Down
Vibe hunting flips traditional threat hunting by letting AI scan entire data sets and surface anomalous patterns, turning the hypothesis into an implicit output. Exaforce’s Aqsa Taylor stresses that analysts must still be able to explain any investigation path, otherwise...
U.S. Treasury Rolls Out Cybersecurity Information Sharing Initiative as Crypto Attacks Rise
The U.S. Treasury’s Office of Cybersecurity and Critical Infrastructure Protection launched a digital‑asset cybersecurity initiative that provides free, high‑quality threat intelligence to eligible U.S. crypto firms. The move responds to a surge in sophisticated attacks that cost the industry over...
RBI Proposes 1-Hour Delay for UPI, IMPS Transfers Above Rs 10,000
The Reserve Bank of India has floated a discussion paper proposing a mandatory one‑hour cooling period for person‑to‑person UPI and IMPS transfers exceeding ₹10,000 (about $120). The delay targets high‑value P2P payments while merchant transactions remain instant, and a whitelisting...
Health Insurance Lead Sites Sell Personal Data Within Seconds of Form Submission
Researchers from UC Davis, Stanford and Maastricht mapped data flows on 105 health‑insurance lead sites, finding that personal and health information is harvested in real time and sold to dozens of buyers. Third‑party scripts capture keystrokes before form submission, and...
Warning: CPUID Suspected of Being a Virus; Suspicious HWMonitor Downloads Raise Alarms
On April 10 2026 users downloading CPUID’s HWMonitor 1.63 encountered an unexpected installer named HWiNFO_Monitor_Setup.exe, which triggered Windows Defender warnings and displayed Russian‑language dialogs. Community reports on Reddit confirm the mismatch between the advertised hwmonitor_1.63.exe file and the received executable, suggesting a tampered...
CyberCX Kicking Goals with Expanded Collingwood Football Club Partnership
CyberCX has elevated its relationship with Collingwood Football Club to a major partnership, building on a two‑year collaboration that already provided app integration and cyber‑safety training. The firm now delivers 24/7 security operations centre monitoring and penetration testing for the...
Mythos AI Finds 20 Zero‑days, Poised to Crack Smart Contracts
Anthropic's Mythos model is so powerful they restricted it to 12 partners and a $100M compute budget. It's already found 20 zero-days in legacy software. @kaiynne and @tayvano_ want to know when it finds the first one in a smart contract. New...
AI Boosts Productivity, but Prompt‑injection Risks Threaten Organizations
Wonder if the AI calculus becomes “12% productivity gains per employee with the tail risk of the org going under for a week if Ralph is the victim of a convincing prompt injection and inadvertently sends out internal info to...
Data Minimisation vs AI Context Maximisation: The Battle Defining the Future of Smart Systems
AI product teams chase higher accuracy by feeding models ever more context, but privacy regulations demand strict data minimisation. The article argues that the conflict is structural: richer data improves personalization and retrieval, yet expands exposure and governance risk. It...
NHS Staff Alarmed as Palantir Engineers Receive NHS.net Email Accounts
NHS employees have raised concerns after at least six Palantir engineers were granted NHS.net email accounts, giving them access to a directory of up to 1.5 million staff. The issue spotlights data‑security, privacy and ethical questions surrounding the £330 million Federated Data...
Meta’s New AI Asked for My Raw Health Data and Gave Me Terrible Advice
Meta’s Superintelligence Labs unveiled Muse Spark, a generative AI model that invites users to paste raw health data such as lab results or fitness‑tracker readings. The bot promises trend analysis and visualizations, but early testing showed it offering vague or incorrect...
AI‑Generated Phishing Attacks Surge, Prompting New Enterprise Defenses
IBM reports AI can draft a convincing phishing email in five minutes, a task that once took humans 16 hours. The Federal Trade Commission notes fraud losses jumped 25% to $12.5 billion in 2024, spurring CIOs to adopt new detection tools,...
Pro‑Iranian Hackers Say Ceasefire Won’t Stop U.S. Cyber Threats
Pro‑Iranian hacking group Handala announced it will pause attacks on the United States but continue targeting Israel after the Iran‑U.S.–Israel ceasefire, and may expand its cyber campaign once the truce settles. U.S. agencies warned of heightened risk to industrial control...
Elon Musk Says WhatsApp's End-to-End Encryption Can't Be Trusted, Mark Zuckerberg's Company Calls It ‘Absurd’
Elon Musk publicly questioned the reliability of WhatsApp’s end‑to‑end encryption after a class‑action lawsuit alleged Meta accessed private messages and shared them with contractors such as Accenture. In response, Musk urged users to switch to X Chat, promoting it as a...
Microsoft Says New Windows Recall Bypass Isn't a Vulnerability
Microsoft defended its Windows 11 Recall utility after researcher Alexander Hagenah released a tool that can extract decrypted screenshots and metadata by injecting a DLL into the AIXHost.exe process. The bypass works from a standard logged‑in user account and does not...
Fed and Hedge Fund Leader Warn of AI-Driven Cyber Threats
JUST IN: Scott Bessent and Jerome Powell called Wall Street execs to an urgent meeting over worries that Anthropic PBC's new AI model will ramp up cyber threats.
Microsoft’s Reauthentication Snafu Cuts Off Developers Globally
Microsoft’s Windows Hardware Program reauthentication drive, launched in October, inadvertently suspended numerous independent software vendors (ISVs) after missed or ignored verification emails. The lockouts halted developers’ access to Microsoft systems, causing downstream disruptions for their global customers. Executives on X...
Anthropic Model Scare Sparks Urgent Bessent, Powell Warning to Bank CEOs
Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an emergency meeting with senior Wall Street executives on April 10, 2026. The gathering focused on the security implications of Anthropic PBC’s new AI model, Mythos, which regulators fear...
Apiiro Launches Command-Line Interface to Bring AI-Native Security Into Software Development Workflows
Apiiro Ltd. unveiled a command‑line interface (CLI) that embeds AI‑native security directly into software development pipelines. The tool targets the surge of AI‑generated code, offering six agent‑driven skills—Scan, Risks, Fix, Guardian Agent, AI Threat Modeling, and Secure‑Prompt—to let AI assistants...
Shadow IT Evolves: From User Shortcuts to Autonomous Systems
Shadow IT used to mean people using tools without approval. Now it can act on its own.
Healthcare Remains Top Cybercrime Target: FBI
The FBI’s 2025 Internet Crime Report shows healthcare and public health faced the most cyber incidents of any critical‑infrastructure sector, with 642 events recorded. Ransomware dominated, accounting for 460 attacks, while 182 data breaches placed the industry third in breach...
New VENOM Phishing Attacks Steal Senior Executives' Microsoft Logins
Cybersecurity firm Abnormal has uncovered a new phishing‑as‑a‑service platform dubbed VENOM that specifically targets senior executives’ Microsoft accounts. The campaign, active since November, delivers highly personalized SharePoint‑style emails containing QR codes and double‑Base64‑encoded email fragments to evade detection. VENOM employs...
Gmail Finally Offers End-to-End Encryption for Email on Android and iPhone
Google has added end‑to‑end encryption (E2EE) to the Gmail mobile app for Android and iPhone, extending the feature that debuted on desktop in 2022. The capability is restricted to Google Workspace Enterprise Plus customers who have the Assured Controls or Assured...
Cisco to Acquire Galileo for AI Observability
Cisco announced it will acquire Galileo Technologies, an AI observability specialist that monitors multi‑agent systems. Galileo’s platform adds real‑time guardrails, bias detection, and cost tracking to Cisco’s Splunk observability suite. The deal, slated to close in Q4 FY2026, builds on...
Russia's 'Fancy Bear' APT Continues Its Global Onslaught
Trend Micro’s latest research reveals that Russia’s Fancy Bear (APT28) continues to run sophisticated espionage and sabotage campaigns worldwide. The group deployed the Prismex malware suite against Ukraine’s defense supply chain and used NTLMv2 hash‑relay attacks via a patched Outlook vulnerability...
Cybercriminals Use Emojis to Evade Detection, Flashpoint Warns
Flashpoint’s latest threat‑intelligence report reveals cybercriminals are swapping traditional fraud‑related keywords with emojis to slip past security filters. By mapping emojis to concepts such as credit cards, banks, credentials, and malware, threat actors make automated monitoring far less effective. The...
StarkWare Researcher Publishes Quantum-Safe Bitcoin Transaction Scheme
StarkWare researcher Avihu Levy released Quantum Safe Bitcoin (QSB), an open‑source transaction format that makes Bitcoin payments resistant to quantum attacks without requiring a softfork or protocol upgrade. The scheme operates within existing Bitcoin script limits and leverages a hash‑puzzle...
Hack-for-Hire Group Targets MENA Journalists and Officials
A hack‑for‑hire group has been uncovered running a multi‑year espionage campaign against journalists, activists and government officials across the Middle East and North Africa. The attackers used phishing to steal Apple ID credentials and access iCloud backups, while deploying Android spyware...
'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
A researcher using the alias Chaotic Eclipse publicly released exploit code for a Windows zero‑day flaw dubbed “BlueHammer,” which targets a race condition in Windows Defender’s signature update system. The PoC, posted on GitHub on April 2, claims the vulnerability remains...
New DeFi Security Premium Ratio Prices Protocol Risk
DeFi has lost between $730M and $3.1B to exploits every single year since 2021. TVL has swung from $175B peak to $45B trough and back above $100B. The loss rate as a % of TVL is 1–3% / year depending on the...
Mythos Cuts Cyber Attack Surface, Makes Exploits Scarcer
Concur. Mythos shrinks the total cyber attack surface area. There will be fewer exploits remaining, and those likely harder to find. And because model capabilities scale sub-linearly with both compute and training data, it likely takes a very large $$...
GAO Warns DOD’s CMMC Fix Could Become the Program’s Biggest Threat
The Government Accountability Office issued a report warning that the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program is vulnerable to external risks, notably an over‑reliance on waivers and a shortage of qualified assessors. GAO also highlighted DOD’s lack...
DoD Switches Allies as Anthropic Unveils Dangerous AI Weapon
DoD: Friendship ended with Anthropic. Now OpenAI is my best friend. [one month later] Anthropic: We’re pleased to announce the most powerful hacker capability ever created, able to discover and exploit thousands of critical 0days. Friends only release.
AI Cybersecurity Closes Gaps, Giving Defenders the Edge
Yes. We're closing vulnerabilities that could have been (and may have been) exploited by bad actors already. AI cyber-security may well favor defenders in the large majority of cases.
ConnectWise CISO: MSP Cybersecurity Readiness Isn’t About ‘Chasing The Latest Zero-Day Anymore’
ConnectWise’s 2026 MSP Threat Report shows attackers are abandoning zero‑day exploits in favor of identity abuse, using stolen credentials, session tokens and trusted service accounts to infiltrate managed service providers. Ransomware groups now prioritize speed, targeting backups and bypassing MFA...
How the FBI Extracted Deleted Signal Messages From a Defendant's iPhone
The FBI recovered deleted Signal messages from a defendant’s iPhone by extracting data from the device’s push‑notification database, not the app itself. The suspect had removed Signal, yet incoming messages persisted in lock‑screen previews stored by iOS. This method revealed...
Kamino Introduces Contract-Level Security Controls for Lending Vaults
Kamino, Solana's largest lending protocol, launched Whitelisted Reserves, a contract‑level security feature that restricts vault allocations to protocol‑approved reserves. The mechanism blocks compromised curator keys from moving depositor funds into unvetted markets, a risk highlighted by the recent $270 million Drift...
Is Anthropic Limiting the Release of Mythos to Protect the Internet — or Anthropic?
Anthropic is holding back its newest large language model, Mythos, limiting access to a handful of major enterprises such as Amazon Web Services and JPMorgan Chase. The company says the model’s advanced ability to locate software vulnerabilities could be weaponized...
Google Chrome Adds Infostealer Protection Against Session Cookie Theft
Google Chrome 146 introduces Device Bound Session Credentials (DBSC) for Windows, a hardware‑linked protection that stops infostealer malware from abusing harvested session cookies. The feature cryptographically binds each session to the device’s TPM, making stolen cookies unusable without the private...
Mythos Autonomously Exploited Vulnerabilities that Survived 27 Years of Human Review. Security Teams Need a New Detection Playbook
Anthropic’s Claude Mythos Preview autonomously uncovered a 27‑year‑old OpenBSD TCP stack bug and dozens of other zero‑day flaws across operating systems, browsers, and crypto libraries, costing roughly $20,000 per discovery campaign. The model demonstrated a 90‑fold improvement over Claude Opus...
Do Ceasefires Slow Cyberattacks? History Suggests Not
A fragile US‑Iran cease‑fire was announced, prompting Iran‑aligned hacktivist group Handala to claim a temporary pause in its cyber operations against the United States. Experts, however, warn that historical evidence shows cease‑fires rarely translate into a digital stand‑down; cyber activity...
Alamo Heights ISD Declines to Say Whether It Paid Ransom
Alamo Heights Independent School District (AHISD) suffered a ransomware attack in late March that knocked out internet access for nearly a week. The district restored its systems with external forensic investigators but refused to confirm whether it paid a ransom,...
$3.6 Million Crypto Heist Targets Bitcoin Depot
Bitcoin Depot, which runs more than 25,000 crypto ATMs worldwide, disclosed a breach that allowed attackers to transfer roughly 50.9 Bitcoin—about $3.66 million—out of company‑controlled wallets. The intrusion was detected on March 23, prompting an incident response that involved external cybersecurity firms...
EU Publishes Implementing Act for Remote EUDI Wallet Onboarding
On Tuesday, the European Commission released an Implementing Act that sets reference standards for remote onboarding of European Digital Identity (EUDI) wallets. The act mandates a high assurance level, combining electronic identification with additional procedures, and aligns with ETSI TS 119 461...
Tesla Hits FSD Hackers with Surprise Move
Tesla has begun remotely disabling Full Self‑Driving (FSD) on vehicles fitted with third‑party CAN‑bus hacks that unlock the feature in markets where it is not approved. The crackdown, announced in early April, targets owners in Europe, China, Japan, South Korea...
AI Security Starts with Awareness and Governance, CISO Says
Healthcare AI promises efficiency and clinical gains, but introduces fresh security risks. Akron Children's Hospital’s CISO Deepesh Randeri outlines a structured governance model that forces every AI initiative through committees, due‑diligence vetting, and continuous oversight. The hospital mandates centralized IT...
Claude Mythos Is Everyone’s Problem
Anthropic announced Claude Mythos Preview, an AI model that can autonomously locate thousands of software vulnerabilities, including long‑standing OS flaws. The tool is being shared only with a consortium of major tech firms such as Apple, Microsoft, Google and Nvidia...
EP271 Can AI-Native MDR Actually Fix Your Broken SOC Workflows or Just Automate the Mess?
In this live Cloud Security Podcast episode, host Tim Peacock and co‑host Anton Chewbacca interview Eric Foster and Bashar Abu Abusido, CEOs of 10X, about AI‑native Managed Detection and Response (MDR) and its impact on SOC modernization. They discuss why...