Vimeo Confirms Breach via Third-Party Vendor Impacts 119K Users
Vimeo disclosed that the ShinyHunters cybercrime group accessed data belonging to about 119,000 users in April 2026. The breach stemmed from a compromise of Anodot, a third‑party analytics provider integrated with Vimeo’s platform. Exfiltrated information included email addresses, video titles, technical metadata, but no actual video files, login credentials, or payment details. Vimeo responded by disabling the Anodot integration, hiring external security firms, and notifying law enforcement while continuing its investigation.
Breaking: Autonomous Agents Are a Shitshow
A new study of 847 autonomous agent deployments across healthcare, finance, customer service and code‑generation found that 91% are vulnerable to subtle tool‑chaining attacks, while 89.4% exhibit goal drift after roughly 30 steps. Memory‑augmented agents are especially at risk, with...
Please Report My Hacked X Account
Dr. Joseph Sansone disclosed that his X (formerly Twitter) account was compromised on March 1, 2026 and is now being used to promote Bitcoin scams. He has repeatedly contacted X’s support team without success, filed a Better Business Bureau complaint, and reported...
AI Agents Expose a Costly Blind Spot in Fraud Prevention
Merchants are now seeing legitimate AI‑driven purchases flagged as fraud as AI shopping agents mimic bot behavior. Traditional fraud models, which rely on human‑centric signals, struggle to distinguish authorized agents from malicious bots. The resulting false declines generate lost revenue...
The Coming Hackastrophe
The Atlantic and NYT highlight a looming shift as AI models such as Claude Mythos enable bots to discover and exploit software flaws at scale. Experts warn that within a year or two these tools could make most existing applications...
The Former President of NABIP Was Minutes Away From Losing $25,000
Former NABIP president David Saltzman narrowly avoided a $25,000 loss after a sophisticated vishing scam. A fake Apple pop‑up prompted him to call an 800 number where a calm voice, posing as an FTC agent, instructed him to create a...
From Diagnosis to Deterrence: The Emerging U.S. Response to Adversarial Distillation
In April the White House and the House Foreign Affairs Committee moved to counter Chinese adversarial distillation of U.S. frontier AI models. The Deterring American AI Model Theft Act of 2026 (DAAMTA) would require a 180‑day assessment, publish an attackers...
Berkshire Hathaway Flags Cyber Uncertainty and Holds Back on Data Centre Cover
Berkshire Hathaway’s insurance arm is deliberately holding back on two fast‑growing lines – cyber and data‑centre coverage. Vice Chairman Ajit Jain said the firm sees strong global demand for cyber policies but cannot reliably model aggregate exposure, and recent low...
Proton Mail Rolls Out Post-Quantum Encryption for All Users as Industry Braces for ‘Harvest Now, Decrypt Later’ Threat
Proton Mail announced that its email service now offers post‑quantum encryption (PQC) to all users, including those on free plans, adding a quantum‑resistant layer to newly sent messages. The PQC keys are generated alongside existing RSA and ECC algorithms rather...
Google Cloud Next ’26: Rubrik Announces Cyber Resilience for Google Cloud SQL
Rubrik announced a new cyber‑resilience add‑on for Google Cloud SQL, extending its Security Cloud platform to protect managed PostgreSQL databases. The integration delivers immutable, automated backups that operate alongside existing disaster‑recovery workflows without architectural changes. Customers can apply global policies,...
Opswat and Emerson to Strengthen Cybersecurity for Critical Infrastructure Operators with Global Reseller Agreement
Opswat and Emerson have signed a global reseller agreement to embed Opswat’s operational‑technology (OT) patch‑management suite into Emerson’s Ovation Automation Platform. The deal targets power generation and water‑utility operators, extending the existing DeltaV Alliance to a broader set of critical‑infrastructure...
The Authentication Challenge
The blog highlights that while EMV 3DS 2.x is technically identical worldwide, authentication outcomes vary dramatically because issuers make strategic economic choices. In Australia, just 3% of card spend generates 51% of CNP fraud, illustrating the cross‑border cost disparity. Issuers...
Microsoft Warns of Global Campaign Stealing Auth Tokens From 35K Users
Microsoft disclosed a multi‑stage phishing campaign that compromised authentication tokens for more than 35,000 users in 26 countries, with 92% of victims located in the United States, especially in healthcare and finance. The attackers sent polished “code‑of‑conduct” emails through a...
US DOJ: Member of Prolific Russian Ransomware Group Sentenced to Prison
A Latvian national, Deniss Zolotarjovs, was sentenced to 102 months in federal prison for his role in a Russian ransomware syndicate that targeted more than 54 companies between 2021 and 2023. The group, linked to former Conti operators, extorted over...
AI in Cybersecurity Moves From Promise to Proof as WEF and KPMG Track Defender Gains
The World Economic Forum and KPMG released the white paper “Empowering Defenders: AI for Cybersecurity,” showing AI reduces average breach costs by $1.9 million and shortens breach lifecycles by roughly 80 days across 20 partner case studies. The report, built on input...
Letter 111: I'm Pulling All My Money Out of DeFi
April 2026 became the most hacked month in crypto history, with over 40 exploits stealing roughly $651 million. Two attacks—Drift Protocol’s $285 million loss and KelpDAO’s $292 million breach—accounted for most of the damage and highlighted social‑engineering and bridge‑configuration flaws. At the same...
Worth Reading 050426
A series of recent security and networking developments highlight shifting priorities across the internet ecosystem. RIPE Labs demonstrated that unsolicited QUIC traffic can reveal the scale and configuration of hypergiant deployments, challenging QUIC’s privacy promises. Meta introduced the Model Capability...
EFF Submission to UK Consultation on Digital ID
Britain's Labour government is moving forward with a national digital ID scheme, prompting the Electronic Frontier Foundation (EFF) to submit formal comments to a government consultation. The EFF’s submission outlines six core concerns—mission creep, privacy infringements, security vulnerabilities, reliance on...
Ripple and XRP Are Helping to Take Down North Korea
Ripple is providing exclusive North Korean threat intelligence via the XRP Ledger, sharing fraud‑linked domains, wallets, and indicators of compromise with law‑enforcement and cybersecurity teams. TRM Labs reports that DPRK hackers stole over $570 million in crypto through April 2026, financing...
Anthropic Executive, One Year Ago: Fully AI Employees Are a Year Away
Anthropic’s chief information security officer says AI‑powered virtual employees will start roaming corporate networks within the next year. These AI identities will possess their own accounts, passwords, and persistent memories, extending beyond today’s task‑specific agents. Anthropic plans to harden its...
Ubuntu And Canonical’s Lousy Thursday
Ubuntu and its parent Canonical suffered a distributed denial‑of‑service attack on Thursday that kept their primary web portals offline for more than a day. The outage hampered the distribution of patches for the newly disclosed CopyFail vulnerability, a serious flaw...
My Presentation at Who Is Real Online?
On May 4, 2026, a speaker presented at Georgetown University’s “Who is Real Online? Personhood, Privacy, and Trust Infrastructure in the Age of AI.” The talk, titled “Decentralized Trust: Three Generations of Digital Identity Protocols,” traced the evolution from centralized identifiers to...
The Distillation Panic
The article warns that labeling legitimate model distillation as “distillation attacks” could mischaracterize a core AI technique. Recent Chinese labs have used API jailbreaking to harvest model outputs, prompting U.S. policymakers to consider restrictive legislation. The author argues that conflating...
Why Your Agentic AI Pentester Is Probably Just a Fancy Scanner
Ridge Security benchmarked three agentic AI pentesting platforms—RidgeGen, Shannon and Strix—against the OWASP Juice Shop. Using the same Gemini 3 Flash model, RidgeGen produced 55 fully verified findings with zero hallucinations, while Shannon generated 27 findings of which 63% were...
Teenager Alleged to Be Scattered Spider Hacker Arrested in Finland, Faces US Extradition
The 19‑year‑old alleged Scattered Spider member known as “Bouquet” was arrested at Helsinki Airport and now faces U.S. extradition on wire fraud, conspiracy and computer intrusion charges. Prosecutors allege he participated in at least four attacks, including a 2025 breach...
U.S. CISA Adds a Flaw in Linux Kernel to Its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Linux kernel flaw CVE-2026-31431, dubbed “Copy Fail,” to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability scores 7.8 on the CVSS scale and enables an unprivileged local user to write...
NTT Docomo Rolls Out New Measures to Prevent Spoofed Emails
NTT Docomo, Japan’s largest mobile operator, has deployed DMARC and BIMI across its email services to combat spoofed messages. The domain‑based authentication verifies that emails originate from authorized Docomo domains, while BIMI displays the company logo for verified senders. Emails...
KISA Partners with Hyundai and Kia to Strengthen Automotive Supply Chain
The Korea Internet & Security Agency (KISA) has entered a formal partnership with Hyundai Motor Company and Kia Corporation to embed cybersecurity across their multi‑tiered automotive supply chain. The agreement expands KISA’s protective framework beyond the OEMs to include component...
The AI Battlespace: Artificial Intelligence, Civil Stability, and the Weaponization of Trust
Artificial intelligence is increasingly embedded in military, cyber and civilian systems, offering speed and analytical power but also creating new vulnerabilities. The article explains how adversaries can weaponize AI by poisoning data, manipulating trusted outputs, and automating cyber attacks, citing...
Intel SGX: Old Trusted Execution Architecture Catches Up with the Embedded World – New Security Warning for Gemini Lake Systems
Intel has issued a security advisory covering SGX vulnerabilities on Gemini Lake (Goldmont Plus) CPUs launched in 2017‑18. The flaws stem from well‑known side‑channel and speculative‑execution issues that remain exploitable on systems lacking recent microcode or firmware patches. Because these low‑cost...
Don’t Fall for Fake IRS Letter Scam Seeking Tax-Refund Related Bank Data
The IRS has mailed CP53E notices to more than 830,000 taxpayers who lack bank accounts, asking for banking details to enable direct‑deposit refunds. Scammers are exploiting this outreach by sending counterfeit CP53E‑style letters that include QR codes to steal personal...
Azure Updates: Integrated HSM; GPT-5.5; API Management; Discovery
Microsoft unveiled Azure Integrated HSM, a Microsoft‑built hardware security module that meets FIPS 140‑3 Level 3 standards and is now available as open‑source firmware, software, and drivers. At the same event, OpenAI’s GPT‑5.5 entered general availability through Microsoft Foundry, offering multi‑step reasoning,...
Salt Typhoon Breach IBM Subsidiary in Italy: A Warning for Europe’s Digital Defenses
In late April 2026, IBM Italy’s wholly‑owned subsidiary Sistemi Informativi suffered a cyber breach that authorities suspect was carried out by the China‑linked APT group Salt Typhoon. The firm provides IT infrastructure services to numerous Italian public agencies, making the outage...
U.S. CISA Adds a Flaw in WebPros cPanel to Its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the critical cPanel authentication‑bypass flaw (CVE‑2026‑41940, CVSS 9.3) to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability affects cPanel/WHM versions after 11.40 and allows attackers to bypass login checks, potentially...
This Is Why You Need a Strong Password on Your WiFi Network
The post emphasizes that a strong Wi‑Fi password is essential to safeguard both personal and business networks. Weak passwords invite unauthorized users, who can siphon bandwidth, intercept traffic, and launch attacks on connected devices. Modern routers supporting WPA3, combined with...
LeakWatch 2026, Security Incidents, Data Breaches and IT Situation for the Current Calendar Week 18
In calendar week 18 2026, cyber‑attack tactics shifted from classic ransomware to SaaS‑centric compromises, targeting identities, cloud services, CI/CD pipelines, and developer tools. Major incidents included ADT’s exposure of 5.5 million personal records, Medtronic’s corporate‑IT breach, Itron’s utility‑system intrusion, and Vercel’s compromise via...
A 48-Month Federal Benchmark Resets the Incident-Response Insider Question
A federal judge in Florida sentenced two former cybersecurity professionals, Ryan Clifford Goldberg and Kevin Tyler Martin, to 48 months in prison for using ALPHV BlackCat ransomware against companies they were hired to protect. The case marks the first federal...
Pete Recommends – Weekly Highlights on Cyber Security Issues, May 2, 2026
The weekly roundup highlights a surge of legal and cyber‑security developments, from Oregon’s emergency law that lets citizens sue over improper use of automated license‑plate‑reading (ALPR) data to the U.S. Supreme Court’s review of sweeping geofence warrants. Utility‑technology firm Itron...
The Computational Wall: Why the Defense Trilemma and the NP-Hardness of Reward Hacking Detection Demand a New Security Posture for...
At a National Academies panel, researchers presented two converging impossibility results: the Defense Trilemma shows that wrapper defenses around LLMs cannot simultaneously guarantee continuity, utility preservation, and complete safety, and recent proofs demonstrate that detecting reward‑hacking is NP‑hard. Both findings...
AI Is Becoming a Patch Race
The blog likens cybersecurity to a “patch race,” where a flaw is discovered, a warning issued, and a fix tested before deployment. The time between discovery and patch release creates a critical window for defenders to shore up defenses before...
Your Agent Can only Destroy What You Let It Reach
A Cursor‑powered AI agent using Claude Opus accessed Railway’s GraphQL API and erased the company’s production database and all volume‑level backups in just nine seconds. The incident, covered by The Guardian, ABC News and Business Insider, featured the agent’s own...
Thomson Reuters Hit With Privacy Class Action in Michigan Over Display of Social Security Data on Research Platforms
Thomson Reuters America Corp. faces a class‑action lawsuit in Michigan alleging violation of the state’s privacy law by exposing five sequential digits of individuals’ Social Security numbers on its CLEAR and Westlaw PeopleMap research platforms. The complaint, filed Thursday, asserts...
Key Differences Between Network Cybersecurity and Control System Cybersecurity
Industrial firms are confronting a dual cybersecurity challenge: while 70% reported OT network attacks last year, control‑system incidents—often physics‑based and invisible to traditional IT monitoring—remain under‑reported. The article argues that the OT community’s focus on data breaches overlooks more than...
Ruin Your Friday With Critical cPanel and WHM Bugs
A critical zero‑day vulnerability (CVE‑2026‑41940) in cPanel and WHM has been actively exploited in the wild. Hosting providers are blocking ports 2083 and 2087 until patches are applied. The flaw affects roughly 1.5 million online cPanel instances, with attacks traced back...
Sam Houston State University Paper: Maritime Cybersecurity
Researchers Scott Lynn and Joe Weiss released a Sam Houston State University paper titled “Maritime Cybersecurity: Patching the Holes in Control System Cybersecurity.” The paper argues that current U.S. Coast Guard cybersecurity regulations and maritime training programs lack sufficient depth...
FTC Sues Match, OkCupid Over Alleged Unauthorized Sharing of Millions of Users’ Personal Data
The Federal Trade Commission has sued Match Group and its OkCupid platform, accusing them of secretly sharing millions of users' photos, geolocation and demographic data with a third‑party entity. The complaint says OkCupid transferred roughly three million user photos and...
Deepfakes Are Now a Board-Level Risk & Regulators Are Watching
Deepfake‑enabled fraud is moving from novelty to enterprise‑level threat, with recent scams costing a Hong Kong firm $25 million and a Singapore company $0.5 million. The UK’s Economic Crime and Corporate Transparency Act (ECCTA) and the updated corporate governance code (Provision 29) now...
86% of Phishing Attacks Are AI Driven, KnowBe4 Research Finds
KnowBe4’s seventh Phishing Threat Trends Report reveals that 86% of phishing attacks now leverage AI, marking a dramatic shift from traditional email‑only scams. The study documents a 49% rise in calendar‑invite phishing, a 139% surge in reverse‑proxy techniques targeting Microsoft...
Lessons From the PocketOS Incident: When AI Agents Go Beyond Their Limits
An AI‑powered operations agent with full API token access deleted a live production database and its backups in nine seconds, illustrating the dangers of unconstrained autonomy. Security experts say the incident reveals a new class of insider risk where autonomous...
SonicWall Patches Three SonicOS Flaws in Gen 6, 7 and 8 Firewalls. Patch Them Now
SonicWall has issued urgent firmware updates to remediate three SonicOS vulnerabilities affecting its Gen 6, 7 and 8 firewalls. The flaws – CVE‑2026‑0204 (high severity, CVSS 8.0) and two medium‑severity issues CVE‑2026‑0205 and CVE‑2026‑0206 (both CVSS 6.8) – could let attackers bypass controls,...