What’s A Law Firm to Do when Client Files Leak on the Dark Web
Law firms are confronting a new wave of data breaches where attackers exfiltrate entire client files and publish them on the dark web. The leaks often include sealed court filings and privileged communications, magnifying legal and reputational risks. Drawing on ABA Formal Opinion 483, the Model Rules of Professional Conduct, and recent case law, firms must balance ethical duties, breach‑notification obligations, and client‑protection mandates. The article outlines how firms can navigate this complex landscape while preserving attorney‑client privilege.
✨🛡️ The Mythos Opportunity: The Best Cyber-Firewall Is the One that Thinks
Anthropic introduced Mythos, an AI model that excels at discovering software vulnerabilities, but chose not to commercialize it. Instead, the firm gathered over 40 technology and finance companies into the Project Glasswing consortium to use Mythos for proactive bug hunting....
Why Anthropic Believes Its Latest Model Is Too Dangerous to Release
Anthropic announced that its new LLM, Claude Mythos Preview, demonstrated the ability to break out of sandboxed environments and automatically exploit high‑severity software bugs. In tests the model crafted multi‑step exploits, found thousands of vulnerabilities in major operating systems and...
NetApp (NTAP) Brings Elastio and Commvault on Board for Security
NetApp announced two strategic security partnerships on March 24, embedding Elastio’s deep‑snapshot inspection into its Ransomware Resilience Service and integrating its AI‑driven ransomware detection with Commvault’s backup and recovery platform. The Elastio integration adds agent‑less, zero‑day malware detection to NetApp’s data‑protection...
Intertek and the Future of AI-Mediated Surveillance Distribution
Intertek Group plc, a FTSE 100 British multinational, has become the dominant certification gate for consumer electronics entering the United States, processing tens of thousands of product approvals annually and generating roughly $4.3 billion in revenue for 2025. The firm recently added...
Can Radware (RDWR)’s AI-Powered Security Tool Drive Boost Growth?
Radware Ltd. launched Alteon Protect, an AI‑driven security solution that combines its real‑time protection platform with on‑device enforcement to safeguard applications and APIs across cloud and on‑premise environments. The company highlighted the tool’s ability to detect and remediate threats instantly...
Banning New Foreign Routers Mistargets Products to Fix Real Problem
On March 23 the FCC updated its Covered List to ban all new consumer routers made abroad unless granted a Department of Defense or Homeland Security exception. The agency says foreign‑made routers create supply‑chain vulnerabilities that could threaten the U.S....
Aztec - Privacy as a Native Execution Layer
Aztec unveiled its Alpha Network on March 31, 2026, a Layer‑2 solution that embeds private execution, identity, and data directly into the contract layer using its Noir programming language. The network enables developers to label functions as public or private,...
The AI Model that Can Hack Anything, and Why You Can't Use It
Anthropic announced Claude Mythos Preview, a new AI model that can autonomously discover and exploit software vulnerabilities at unprecedented rates. In internal tests Mythos achieved over 84% successful exploit outcomes, dwarfing the 14% rate of its predecessor Opus 4.6 and finding...
Data Privacy Challenges in HR Technology
HR technology platforms are amassing employee data that persists far longer than needed, creating hidden privacy risks despite clean dashboards and compliance checklists. Integrations and metadata linking resurrect old complaints and personal details, often bypassing erasure requests. Internal access creep—managers,...
Egnyte Introduces AI Safeguards as a New Layer of AI Security for Corporate Content
Egnyte announced two major AI enhancements to its Content Cloud: AI Safeguards, a governance layer that lets IT and compliance teams control which users, groups, and files AI can access, and an AI Assistant that operates as a built‑in collaborator...
Blog 112a. AI Systems Are Being Hacked.
AI systems have moved from experimental labs to production environments, making them attractive targets for cyber attackers. The threat landscape has shifted from traditional network breaches to attacks on model behavior, such as prompt injection and autonomous‑agent manipulation. Experts argue...
Hugging Face Contributes Safetensors To PyTorch Foundation To Secure AI Model Execution
Hugging Face announced today that its Safetensors file format has been contributed to the PyTorch Foundation, the Linux Foundation‑run umbrella for AI projects. Safetensors is designed to store and load model weights without the arbitrary code execution vulnerabilities inherent in...
Digital Hopes, Real Power: How the Arab Spring Fueled a Global Surveillance Boom
The Arab Spring’s 2011 uprisings sparked a rapid expansion of state surveillance across the MENA region, turning smartphones and social media into tools for authoritarian control. Governments layered legacy informant networks with deep‑packet inspection, commercial spyware such as Pegasus, and...
The April–May Compliance Crunch: A Practitioner’s Calendar for eDiscovery and Information Governance
In the next 31 days, four major compliance milestones converge: the EU’s NIS2 Directive verification deadline in Belgium on April 18 (with fines up to $11 million), the FTC’s revised COPPA rule effective April 22 requiring biometric consent and a children‑data retention policy,...
Integration: Post-Closing Cyber Risks
A new FTI Consulting report reveals that cyber‑attacks frequently strike companies after M&A closings, with more than two‑thirds of affected deals reporting negative consequences. Nearly half of those incidents led to reduced deal value, and 20% caused delays or pauses....
Axios Compromised: The Supply Chain Attack Shows How Thin the Line Between Everyday Packages and Malicious Code Has Become
On March 31 2026 the widely used JavaScript HTTP client Axios was compromised in the npm ecosystem. Google’s Threat Intelligence linked the attack to UNC1069, a North‑Korean financially motivated group, which injected a malicious dependency called plain‑crypto‑js into versions 1.14.1 and 0.30.4. The compromised...
XDG-Desktop-Portal 1.20.4 Released To Protect Against Apps Trashing Arbitrary Host Files
The XDG‑Desktop‑Portal team released version 1.20.4, addressing a critical security flaw that allowed sandboxed applications to trash arbitrary host files. The fix replaces the previous GLib g_file_trash path‑based method with a file‑descriptor‑based approach, eliminating the symlink‑race exploit. This update arrives alongside...
Anthropic Warns New AI Model Could Accelerate Cyberattacks, Refuses Release
Anthropic is withholding its newest AI system, Claude Mythos, because it believes the model could dramatically accelerate cyberattacks if released publicly. Instead, the company is sharing a preview with a handful of large enterprises—including Amazon, Apple, Microsoft and JPMorgan—to help...
Flatpak 1.16.4 Brings Important Security Fixes For Sandbox Escape & Deleting Host Files
Flatpak 1.16.4 was released with a series of critical security patches targeting sandbox escape and host‑file manipulation vulnerabilities. The update resolves CVE‑2026‑34078, which allowed apps to break out of the sandbox via malicious symlinks, and CVE‑2026‑34079, which could delete arbitrary...
When AI Gets Something Wrong, How Far Does It Spread?
A developer used an AI coding tool that automatically deleted critical security configuration files from a repository, illustrating how AI errors can spread unchecked. Because AI agents operate at machine speed and can write to multiple SaaS platforms—GitHub, Jira, Confluence—mistakes...
![[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data](https://hixhlmpcokxhartfkpyi.supabase.co/storage/v1/object/public/images/thumbnails/390c9bf9661af63f4fea98e27de10cde.webp)
[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data
Project Glasswing warns that soon‑to‑be‑released AI agents are vulnerable to hidden prompt injections and memory‑poisoning attacks, with success rates as high as 86% and 80% respectively. DeepMind has identified six attack layers—from perception to human supervision—demonstrating proof‑of‑concept exploits that could...
![[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data](https://hixhlmpcokxhartfkpyi.supabase.co/storage/v1/object/public/images/thumbnails/179369565d9a7a34324e01d7f402eb6b.webp)
[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data
Project Glasswing warns that emerging AI models could become vectors for massive cyber‑attacks, citing an 86% success rate for hidden prompt‑injection attacks and a 0.1% poisoned‑data threshold that corrupts agents with over 80% certainty. DeepMind identifies six attack layers—perception, reasoning,...
![[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data](https://hixhlmpcokxhartfkpyi.supabase.co/storage/v1/object/public/images/thumbnails/1e1e3d30a967446cf6e1add07203ee44.webp)
[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data
Project Glasswing warns that emerging AI agents are vulnerable to hidden prompt injections and memory‑poisoning attacks, with success rates of 86% and over 80% respectively. The research, cited by DeepMind, shows attackers can embed malicious instructions in HTML or contaminated...
Russia Hacked Routers to Steal Microsoft Office Tokens
Russian GRU-linked group Forest Blizzard exploited vulnerabilities in over 18,000 outdated SOHO routers to hijack DNS settings and intercept Microsoft Office OAuth tokens. The campaign required no malware, instead redirecting traffic through attacker‑controlled DNS servers to perform man‑in‑the‑middle attacks on...
You Already Assess Risk for a Living. Do It for Your Own Agency
Insurance agencies are facing new cybersecurity mandates from carriers and regulators, who now require multi‑factor authentication, email threat protection, endpoint security, and a written security plan. The blog argues that agencies already perform risk assessments for clients and can apply...
Naoris - Post-Quantum Security as Infrastructure
Naoris unveiled its post‑quantum Layer 1 mainnet on April 1 2026, embedding a NIST‑approved quantum‑resistant signature algorithm from the first block. The network’s delegated Proof of Security combines block production with anomaly‑detection incentives, and a parallel security node layer monitors wallets, contracts, and...
Linux's Second-In-Command Turns To New Fuzzing Tools For Uncovering Kernel Bugs
Linux stable kernel maintainer Greg Kroah‑Hartman has introduced a new fuzzing suite called gregkh_clanker_t1000 to hunt for kernel defects. The tool was first exercised on the ksmbd/SMB code and quickly expanded to patches affecting USB, HID, F2FS, LoongArch, Wi‑Fi, LEDs and...
Load Shedding and Request Prioritization: Keeping Critical Flows Alive During Outages
A sudden bot flood of 50,000 requests per second can cripple a payment processing service, inflating response times from 50 ms to eight seconds and exhausting CPU and database connections. Load shedding counters this by proactively rejecting low‑priority requests once system...
GPUBreach Exploit Uses GPU Memory Bit-Flips to Achieve Full System Takeover
Researchers unveiled GPUBreach, a novel GPU Rowhammer attack that flips bits in GDDR6 memory to corrupt GPU page tables and achieve full system compromise. By chaining arbitrary GPU memory reads/writes with driver‑level bugs, an unprivileged CUDA kernel can elevate privileges...
FIRESIDE CHAT: Geopolitical Turmoil, Rising AI Risk Add a New Layer to Enterprise Cyber Defense
At RSAC 2026, enterprise security leaders highlighted a dual crisis: a surge of unsanctioned AI tools and growing geopolitical distrust of U.S.-controlled cloud services. Skyhigh Security’s Sanjay Castelino reported that European firms are reassessing reliance on American cloud infrastructure, demanding...
Family Firms More Exposed To Cybersecurity Risks
Family businesses are increasingly exposed to the same cyber threats as large corporations, yet many still treat security as a technical afterthought. High trust, legacy technology, and informal governance create unique vulnerabilities that can lead to insider breaches and ransomware...
Hong Kong Police Can Force You to Reveal Your Encryption Keys
Hong Kong police have gained the legal authority to compel individuals to disclose encryption keys for computers, phones, hard drives and other devices under a revised National Security Law framework. The power extends to anyone transiting the city’s airport, and...
U.S. CISA Adds a Flaw in Fortinet FortiClient EMS to Its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Fortinet FortiClient EMS vulnerability CVE-2026-35616 to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, rated 9.1 on the CVSS scale, enables unauthenticated attackers to bypass authentication via an API and...
I2P Vs. Tor: Defeating Global Adversary Deanonymization of Your Bitcoin Node.
The post argues that routing Bitcoin node traffic solely through Tor no longer guarantees anonymity against modern Global Passive Adversaries (GPAs). It explains how state‑level actors can use timing and traffic‑correlation attacks to link transactions to a user’s physical IP....
Windows 11 Is Phasing Out Old Kernel Drivers: Microsoft Will Permanently End Cross-Signing in April
Microsoft announced that, starting with the April 2026 security update, Windows 11 will permanently stop trusting kernel drivers signed under the old Cross‑Signed Program. The change applies to Windows 11 24H2, 25H2, 26H1 and Windows Server 2025, allowing only drivers vetted through the Windows...
Claude Code Leak: Researchers Find First Vulnerability
Anthropic unintentionally published a source map that revealed roughly 512,000 lines of Claude Code's TypeScript source. Researchers used the leak to uncover a critical flaw allowing command‑chain bypass of the tool's deny‑rule system after 50 subcommands. The vulnerability could let...
New Mexico’s Meta Ruling and Encryption
A New Mexico judge ruled that Meta’s 2023 addition of end‑to‑end encryption to Facebook Messenger created liability because predators could use the shielded platform to groom minors. The state is seeking court‑mandated changes that could force Meta to weaken or...
How to Combat Cyber-Enabled Cargo Theft: Insights From NMFTA
At its Spring Meeting in Savannah, the NMFTA highlighted the growing threat of cyber‑enabled cargo theft. A panel with Werner Enterprises, Johanson Transportation Service and NMFTA’s cybersecurity director stressed that any cargo theft should trigger immediate involvement of a company’s...
Project 0 Saved a User's $3M Portfolio From a Live Wallet Hack
Project 0 (P0) rescued a DeFi user whose $3 million portfolio was nearly emptied after a phishing attack on a Raydium link. Thanks to its evolved account architecture, the attacker’s drain function was blocked, leaving the funds intact. The P0 team...
Spilling the Neural Tea: A Journey Down the Side-Channel
Recent research highlights the growing use of side‑channel attacks to reverse‑engineer deep neural networks, revealing model architectures and, in limited cases, weight information. Physical side channels on edge devices and micro‑architectural channels in cloud environments have demonstrated success in extracting...
Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed
Shadowserver reports that more than 14,000 F5 BIG‑IP Access Policy Manager (APM) instances remain publicly reachable, and attackers are actively exploiting the newly‑re‑classified critical remote code execution flaw CVE‑2025‑53521. The vulnerability, now scored 9.8 on the CVSS v3.1 scale, allows...
Stop Trying to Remember Your Passwords (And Use a Password Manager Instead.)
The article argues that relying on memory for passwords is insecure and advocates using a password manager to generate, store, and sync strong, unique credentials. It explains how password reuse fuels credential‑stuffing attacks and how weak, memorable passwords are easily...
Google Wants to Transition to Post-Quantum Cryptography by 2029
Google announced its goal to migrate all its services to post‑quantum cryptographic algorithms by 2029, aiming to replace current RSA and elliptic‑curve systems with NIST‑selected quantum‑resistant standards. The move is presented as a proactive security upgrade, though internal critics argue...
“Data Embassies” And Safeguarding Digital Assets During Wartime
Drone strikes on Amazon Web Services facilities in the Persian Gulf and Iran’s declaration of major AI firms as legitimate targets have highlighted the vulnerability of AI‑driven data centers in conflict zones. The attacks underscore the strategic risk of housing...
![Using A VPN Could Subject You To Government Surveillance, Senators Warn [Roundup]](https://hixhlmpcokxhartfkpyi.supabase.co/storage/v1/object/public/images/thumbnails/39247618a8a8ee27b3202d48d0cd6919.webp)
Using A VPN Could Subject You To Government Surveillance, Senators Warn [Roundup]
U.S. senators have cautioned that using commercial VPNs, many of which are foreign‑owned, could inadvertently waive privacy protections and expose Americans to government surveillance. The Department of Homeland Security notes billions are spent each year on such services, highlighting potential...
Anthropic’s Claude Code Leak: Why the Instinct to Fire Someone Is the Lazy Response
Anthropic unintentionally released nearly 2,000 Claude Code source files, which were quickly copied and viewed 29 million times online. The company framed the incident as a human‑error packaging issue and confirmed no employee was dismissed. CEO Boris Cherny emphasized that the...
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91
The Security Affairs Malware Newsletter Round 91 aggregates the latest high‑impact malware research, spotlighting a new macOS infostealer called Infiniti that leverages ClickFix and Python/Nuitka, and a WebSocket‑based pivoting implant named RoadK1ll. It also details a series of supply‑chain compromises of...
Brit Flight Attendant Locked Up in Dubai After Sharing Photo of Airport Drone Attack in Group Chatt
A 25‑year‑old British flight attendant with FlyDubai was arrested and placed in Al Barsha pre‑trial detention for posting a photo of the March 7 Iranian drone strike on Dubai International Airport in a WhatsApp group. He is charged under Dubai’s 2021 cybercrime...
Hid-Omg-Detect: Linux Driver In Development To Detect Malicious HID Devices
Zubeyr Almaho is spearheading a new Linux kernel driver called hid‑omg‑detect, designed to passively monitor and flag potentially malicious HID peripherals such as compromised keyboards and mice. The driver evaluates low‑level signals like keystroke‑timing entropy, immediate post‑enumeration typing, and suspicious...