XDG-Desktop-Portal 1.20.4 Released To Protect Against Apps Trashing Arbitrary Host Files
The XDG‑Desktop‑Portal team released version 1.20.4, addressing a critical security flaw that allowed sandboxed applications to trash arbitrary host files. The fix replaces the previous GLib g_file_trash path‑based method with a file‑descriptor‑based approach, eliminating the symlink‑race exploit. This update arrives alongside Flatpak 1.16.4, which also introduces sandbox‑escape mitigations. The new portal release is publicly available on GitHub for immediate adoption by Linux distributions.
Anthropic Warns New AI Model Could Accelerate Cyberattacks, Refuses Release
Anthropic is withholding its newest AI system, Claude Mythos, because it believes the model could dramatically accelerate cyberattacks if released publicly. Instead, the company is sharing a preview with a handful of large enterprises—including Amazon, Apple, Microsoft and JPMorgan—to help...
Flatpak 1.16.4 Brings Important Security Fixes For Sandbox Escape & Deleting Host Files
Flatpak 1.16.4 was released with a series of critical security patches targeting sandbox escape and host‑file manipulation vulnerabilities. The update resolves CVE‑2026‑34078, which allowed apps to break out of the sandbox via malicious symlinks, and CVE‑2026‑34079, which could delete arbitrary...
When AI Gets Something Wrong, How Far Does It Spread?
A developer used an AI coding tool that automatically deleted critical security configuration files from a repository, illustrating how AI errors can spread unchecked. Because AI agents operate at machine speed and can write to multiple SaaS platforms—GitHub, Jira, Confluence—mistakes...
![[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://hixhlmpcokxhartfkpyi.supabase.co/storage/v1/object/public/images/thumbnails/390c9bf9661af63f4fea98e27de10cde.webp)
[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data
Project Glasswing warns that soon‑to‑be‑released AI agents are vulnerable to hidden prompt injections and memory‑poisoning attacks, with success rates as high as 86% and 80% respectively. DeepMind has identified six attack layers—from perception to human supervision—demonstrating proof‑of‑concept exploits that could...
![[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://hixhlmpcokxhartfkpyi.supabase.co/storage/v1/object/public/images/thumbnails/179369565d9a7a34324e01d7f402eb6b.webp)
[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data
Project Glasswing warns that emerging AI models could become vectors for massive cyber‑attacks, citing an 86% success rate for hidden prompt‑injection attacks and a 0.1% poisoned‑data threshold that corrupts agents with over 80% certainty. DeepMind identifies six attack layers—perception, reasoning,...
![[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://hixhlmpcokxhartfkpyi.supabase.co/storage/v1/object/public/images/thumbnails/1e1e3d30a967446cf6e1add07203ee44.webp)
[Cybersecurity Thread] ""Soon-to-Be-Released AI Models Could Enable a World-Shaking Cyberattack This Year", Protect Your Healthcare Data
Project Glasswing warns that emerging AI agents are vulnerable to hidden prompt injections and memory‑poisoning attacks, with success rates of 86% and over 80% respectively. The research, cited by DeepMind, shows attackers can embed malicious instructions in HTML or contaminated...
Russia Hacked Routers to Steal Microsoft Office Tokens
Russian GRU-linked group Forest Blizzard exploited vulnerabilities in over 18,000 outdated SOHO routers to hijack DNS settings and intercept Microsoft Office OAuth tokens. The campaign required no malware, instead redirecting traffic through attacker‑controlled DNS servers to perform man‑in‑the‑middle attacks on...
You Already Assess Risk for a Living. Do It for Your Own Agency
Insurance agencies are facing new cybersecurity mandates from carriers and regulators, who now require multi‑factor authentication, email threat protection, endpoint security, and a written security plan. The blog argues that agencies already perform risk assessments for clients and can apply...
Naoris - Post-Quantum Security as Infrastructure
Naoris unveiled its post‑quantum Layer 1 mainnet on April 1 2026, embedding a NIST‑approved quantum‑resistant signature algorithm from the first block. The network’s delegated Proof of Security combines block production with anomaly‑detection incentives, and a parallel security node layer monitors wallets, contracts, and...
Linux's Second-In-Command Turns To New Fuzzing Tools For Uncovering Kernel Bugs
Linux stable kernel maintainer Greg Kroah‑Hartman has introduced a new fuzzing suite called gregkh_clanker_t1000 to hunt for kernel defects. The tool was first exercised on the ksmbd/SMB code and quickly expanded to patches affecting USB, HID, F2FS, LoongArch, Wi‑Fi, LEDs and...
Load Shedding and Request Prioritization: Keeping Critical Flows Alive During Outages
A sudden bot flood of 50,000 requests per second can cripple a payment processing service, inflating response times from 50 ms to eight seconds and exhausting CPU and database connections. Load shedding counters this by proactively rejecting low‑priority requests once system...
GPUBreach Exploit Uses GPU Memory Bit-Flips to Achieve Full System Takeover
Researchers unveiled GPUBreach, a novel GPU Rowhammer attack that flips bits in GDDR6 memory to corrupt GPU page tables and achieve full system compromise. By chaining arbitrary GPU memory reads/writes with driver‑level bugs, an unprivileged CUDA kernel can elevate privileges...
FIRESIDE CHAT: Geopolitical Turmoil, Rising AI Risk Add a New Layer to Enterprise Cyber Defense
At RSAC 2026, enterprise security leaders highlighted a dual crisis: a surge of unsanctioned AI tools and growing geopolitical distrust of U.S.-controlled cloud services. Skyhigh Security’s Sanjay Castelino reported that European firms are reassessing reliance on American cloud infrastructure, demanding...
Family Firms More Exposed To Cybersecurity Risks
Family businesses are increasingly exposed to the same cyber threats as large corporations, yet many still treat security as a technical afterthought. High trust, legacy technology, and informal governance create unique vulnerabilities that can lead to insider breaches and ransomware...
Hong Kong Police Can Force You to Reveal Your Encryption Keys
Hong Kong police have gained the legal authority to compel individuals to disclose encryption keys for computers, phones, hard drives and other devices under a revised National Security Law framework. The power extends to anyone transiting the city’s airport, and...
U.S. CISA Adds a Flaw in Fortinet FortiClient EMS to Its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Fortinet FortiClient EMS vulnerability CVE-2026-35616 to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, rated 9.1 on the CVSS scale, enables unauthenticated attackers to bypass authentication via an API and...
I2P Vs. Tor: Defeating Global Adversary Deanonymization of Your Bitcoin Node.
The post argues that routing Bitcoin node traffic solely through Tor no longer guarantees anonymity against modern Global Passive Adversaries (GPAs). It explains how state‑level actors can use timing and traffic‑correlation attacks to link transactions to a user’s physical IP....
Windows 11 Is Phasing Out Old Kernel Drivers: Microsoft Will Permanently End Cross-Signing in April
Microsoft announced that, starting with the April 2026 security update, Windows 11 will permanently stop trusting kernel drivers signed under the old Cross‑Signed Program. The change applies to Windows 11 24H2, 25H2, 26H1 and Windows Server 2025, allowing only drivers vetted through the Windows...
Claude Code Leak: Researchers Find First Vulnerability
Anthropic unintentionally published a source map that revealed roughly 512,000 lines of Claude Code's TypeScript source. Researchers used the leak to uncover a critical flaw allowing command‑chain bypass of the tool's deny‑rule system after 50 subcommands. The vulnerability could let...
New Mexico’s Meta Ruling and Encryption
A New Mexico judge ruled that Meta’s 2023 addition of end‑to‑end encryption to Facebook Messenger created liability because predators could use the shielded platform to groom minors. The state is seeking court‑mandated changes that could force Meta to weaken or...
How to Combat Cyber-Enabled Cargo Theft: Insights From NMFTA
At its Spring Meeting in Savannah, the NMFTA highlighted the growing threat of cyber‑enabled cargo theft. A panel with Werner Enterprises, Johanson Transportation Service and NMFTA’s cybersecurity director stressed that any cargo theft should trigger immediate involvement of a company’s...
Project 0 Saved a User's $3M Portfolio From a Live Wallet Hack
Project 0 (P0) rescued a DeFi user whose $3 million portfolio was nearly emptied after a phishing attack on a Raydium link. Thanks to its evolved account architecture, the attacker’s drain function was blocked, leaving the funds intact. The P0 team...
Spilling the Neural Tea: A Journey Down the Side-Channel
Recent research highlights the growing use of side‑channel attacks to reverse‑engineer deep neural networks, revealing model architectures and, in limited cases, weight information. Physical side channels on edge devices and micro‑architectural channels in cloud environments have demonstrated success in extracting...
Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed
Shadowserver reports that more than 14,000 F5 BIG‑IP Access Policy Manager (APM) instances remain publicly reachable, and attackers are actively exploiting the newly‑re‑classified critical remote code execution flaw CVE‑2025‑53521. The vulnerability, now scored 9.8 on the CVSS v3.1 scale, allows...
Stop Trying to Remember Your Passwords (And Use a Password Manager Instead.)
The article argues that relying on memory for passwords is insecure and advocates using a password manager to generate, store, and sync strong, unique credentials. It explains how password reuse fuels credential‑stuffing attacks and how weak, memorable passwords are easily...
Google Wants to Transition to Post-Quantum Cryptography by 2029
Google announced its goal to migrate all its services to post‑quantum cryptographic algorithms by 2029, aiming to replace current RSA and elliptic‑curve systems with NIST‑selected quantum‑resistant standards. The move is presented as a proactive security upgrade, though internal critics argue...
“Data Embassies” And Safeguarding Digital Assets During Wartime
Drone strikes on Amazon Web Services facilities in the Persian Gulf and Iran’s declaration of major AI firms as legitimate targets have highlighted the vulnerability of AI‑driven data centers in conflict zones. The attacks underscore the strategic risk of housing...
![Using A VPN Could Subject You To Government Surveillance, Senators Warn [Roundup]](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://hixhlmpcokxhartfkpyi.supabase.co/storage/v1/object/public/images/thumbnails/39247618a8a8ee27b3202d48d0cd6919.webp)
Using A VPN Could Subject You To Government Surveillance, Senators Warn [Roundup]
U.S. senators have cautioned that using commercial VPNs, many of which are foreign‑owned, could inadvertently waive privacy protections and expose Americans to government surveillance. The Department of Homeland Security notes billions are spent each year on such services, highlighting potential...
Anthropic’s Claude Code Leak: Why the Instinct to Fire Someone Is the Lazy Response
Anthropic unintentionally released nearly 2,000 Claude Code source files, which were quickly copied and viewed 29 million times online. The company framed the incident as a human‑error packaging issue and confirmed no employee was dismissed. CEO Boris Cherny emphasized that the...
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91
The Security Affairs Malware Newsletter Round 91 aggregates the latest high‑impact malware research, spotlighting a new macOS infostealer called Infiniti that leverages ClickFix and Python/Nuitka, and a WebSocket‑based pivoting implant named RoadK1ll. It also details a series of supply‑chain compromises of...
Brit Flight Attendant Locked Up in Dubai After Sharing Photo of Airport Drone Attack in Group Chatt
A 25‑year‑old British flight attendant with FlyDubai was arrested and placed in Al Barsha pre‑trial detention for posting a photo of the March 7 Iranian drone strike on Dubai International Airport in a WhatsApp group. He is charged under Dubai’s 2021 cybercrime...
Hid-Omg-Detect: Linux Driver In Development To Detect Malicious HID Devices
Zubeyr Almaho is spearheading a new Linux kernel driver called hid‑omg‑detect, designed to passively monitor and flag potentially malicious HID peripherals such as compromised keyboards and mice. The driver evaluates low‑level signals like keystroke‑timing entropy, immediate post‑enumeration typing, and suspicious...
ESP32-S3 Gets Post-Quantum Encryption with Aethyr Edge Node Open-Source Firmware
Aethyr Research has released open‑source firmware for ESP32‑S3 that adds post‑quantum encryption using ML‑KEM‑768, BLAKE3, and XChaCha20‑Poly1305. The firmware boots in 2.1 seconds and completes a full PQC handshake in 35 ms, with an 833 KB flash footprint and 157 KB free SRAM. It...
Android 17 Upgrades the Boot Chain for the Quantum Age: Google Is Embedding Post-Quantum Cryptography Deep Within the System
Google announced that Android 17 will embed post‑quantum cryptography (PQC) across its core security stack, including Verified Boot, Remote Attestation, and the Android Keystore. The implementation relies on NIST‑approved lattice‑based algorithms such as ML‑DSA‑65 and ML‑DSA‑87, with testing slated for the...
Pete Recommends – Weekly Highlights on Cyber Security Issues, April 6, 2026
April 2026 saw a wave of cyber‑security concerns spanning covert AI‑driven content harvesting, regulatory crackdowns, and evolving threat vectors. WebinarTV was exposed for secretly recording Zoom webinars and turning them into AI podcasts, while the FCC announced a ban on...
Introduction to Risk Management: A Complete Guide for Security Professionals
Dr. Erdal Ozkaya’s free guide delivers a complete, step‑by‑step introduction to cyber risk management, covering definitions, the seven core concepts, quantitative formulas, and the NIST Risk Management Framework. It shifts security teams from reactive alert firefighting to strategic decision‑making by...
How to Back up Your Phone, Photos and Computer without Overthinking It
The article demystifies data backup by urging readers to adopt a single, reliable copy rather than the complex 3‑2‑1 rule. It walks through practical solutions for home‑based NAS storage, photo archiving via Google Takeout or iCloud, and automated computer backups...
IBM Highlights Agentic AI Security Gaps at RSA Conference
At RSA’s 2024 cybersecurity conference, over 43,000 attendees highlighted the rise of agentic AI, yet few vendors offered end‑to‑end security solutions. IBM executives warned that AI agents change behavior at runtime, expanding attack surfaces and exposing a critical gap in...
Apple Releases iOS 18 Security Updates for iOS 26 Holdouts
Apple began rolling out iOS 18.7.7 on April 1, delivering critical security patches to every device still running iOS 18, even those capable of upgrading to iOS 26. The update addresses high‑profile exploits such as DarkSword and Coruna, allowing users...
How Hackers Faked a Zombie Apocalypse Alert on Live TV
On February 11, 2013, hackers infiltrated the Emergency Alert System (EAS) of at least five U.S. television stations and aired a fabricated warning that the dead were rising and attacking the living. The fake alert first appeared on KRTV in...
New Presidential Executive Order Targets Transnational Cybercrime
In March 2026 President Trump signed an Executive Order targeting transnational cybercrime, directing the State, Treasury, War, Homeland Security and Justice departments to produce a coordinated action plan by July. Fraud losses have surged 430% since 2020, with AI‑driven scams...
Enforcers Project Plans to Strengthen European Cybersecurity
The EU‑funded Enhanced Cooperation for Cybersecurity (Enforcers) project launched in February, bringing together manufacturers, security providers, and research institutes to build a unified platform for industrial automation protection. The system will interconnect private SOCs, trusted hardware anchors, automated mitigation playbooks,...
Tönnjes Offers New RFID Security Solutions for Vehicle Identification
Tönnjes, in partnership with Swiss chip maker EM Microelectronic, unveiled a next‑generation hybrid RFID/NFC chip for vehicle identification at Intertraffic in Amsterdam. The dual‑frequency tag combines long‑range RAIN RFID with smartphone‑compatible NFC, featuring AES‑128 encryption and expanded memory for secure,...
DataCore Launches Swarm Appliance to Address Cyber Resilience and Compliance for the Edge
DataCore Software introduced the Swarm Appliance, a turnkey object‑storage solution designed for edge and remote‑office (ROBO) environments. The appliance consolidates data protection, archiving, and long‑term retention while embedding immutability, encryption, and malware detection. It aims to simplify compliance and cyber‑resilience...
Rubrik Rolls Out Industry’s First Semantic AI Governance Engine
Rubrik unveiled its Semantic AI Governance Engine (SAGE), the first industry‑wide solution that uses a custom small language model to interpret natural‑language policies and control autonomous agents in real time. The engine replaces static rule‑sets with intent‑driven governance, enabling the...
Data Protection Reinforced with Veeam Backup and NGX Storage Partnership
Veeam announced a partnership with NGX Storage, whose solutions have earned Veeam Ready‑Repository and Ready‑Object certifications. The accreditation confirms NGX’s compatibility as a file, block, or object backup target for Veeam Backup & Replication. Together, the two firms promise faster...
CloudCasa Joins Nutanix Kubernetes Platform (NKP) Partner Catalog, Expanding Data Protection for Kubernetes Users
CloudCasa by Catalogic is now listed in the Nutanix Kubernetes Platform (NKP) Partner Catalog, delivering Kubernetes‑native backup, disaster recovery, and migration tools to NKP users. The integration lets organizations protect persistent data, cluster resources, and applications across on‑prem, edge, and...
Coralogix and Skyflow Redefine Privacy-Safe Observability for the AI Era
Coralogix and Skyflow have formed a strategic partnership to deliver privacy‑safe observability for enterprises. By replacing redaction with consistent tokenization, the solution keeps sensitive customer data out of logs while preserving full searchability and correlation. The joint offering supports AI‑driven...
Company that Secretly Records and Publishes Zoom Meetings
A new service, WebinarTV, is automating the recording of Zoom meetings and generating AI‑driven transcripts and summaries without informing participants. Unlike archival tools such as the Internet Archive, the company profits from bulk capture of live video calls. The practice...
