Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
A recent threat report found that just three ransomware groups—Conti, REvil and LockBit—were responsible for roughly 40% of all ransomware incidents recorded last month. The concentration of activity drove a 15% increase in average ransom demands, reaching about $250,000 per breach. Small‑to‑midsize enterprises bore the brunt, representing 60% of the victims. In response, cyber‑insurers lifted premiums by roughly 12% as the risk profile sharpened.
Orthanc DICOM Vulnerabilities Lead to Crashes, RCE
A CERT/CC advisory disclosed nine critical vulnerabilities (CVE‑2026‑5437 to CVE‑2026‑5445) in the open‑source Orthanc DICOM server, affecting versions up to 1.12.10. The flaws include out‑of‑bounds reads, decompression‑bombs, memory‑exhaustion bugs, and heap buffer overflows that can crash servers, leak image data,...
Poisoned “Office 365” Search Results Lead to Stolen Paychecks
Microsoft researchers identified a financially motivated hacking group, Storm‑2755, that poisons Office 365 search results and runs malicious ads to lure Canadian employees to a counterfeit Microsoft 365 login page. The attackers capture credentials and proxy authentication tokens in real time, bypassing...
ImPAC Labs and Cyera Partner to Deliver Data-Aware Cloud Security
imPAC Labs announced a new integration with Cyera that blends imPAC’s cloud‑visibility and custom security controls with Cyera’s data discovery and classification engine. The partnership delivers data‑aware guardrails, allowing security teams to enforce policies based on the sensitivity of the...
Browser Extensions Are the New AI Consumption Channel That No One Is Talking About
LayerX’s new report reveals that AI-powered browser extensions are an overlooked yet high‑risk attack vector for enterprises. While 99% of corporate users run at least one extension, AI extensions are 60% more likely to contain vulnerabilities, have three times more...
UK Considers Ban on Owning Signal Jamming Devices Used by Car Thieves and Shoplifters
The UK government has launched a call for evidence on banning the possession of radio‑frequency jammers, which criminals use to disrupt security systems, GPS tracking, and emergency communications. Misuse ranges from disguising jammers as watches to block video doorbells, to...
How AI Is Transforming Cloud-Native Identity and Access Management
AI is reshaping cloud‑native identity and access management (IAM) by replacing static rule sets with adaptive, real‑time security controls. Research shows 40% of enterprises suffered identity‑related breaches in 2024, prompting a shift toward behavioral analytics, automated least‑privilege provisioning, and zero‑trust...
Why Most Zero-Trust Architectures Fail at the Traffic Layer
Zero‑trust programs often excel at identity verification but stumble when traffic reaches the network edge. In many enterprises, inconsistent enforcement of TLS, fragmented ingress points, and partial mutual‑TLS deployments let malicious traffic bypass policy controls. The article highlights that the...
The Cyber Resilience Act: What It Means for the Rail Industry
The European Union’s Cyber Resilience Act (CRA) imposes mandatory cybersecurity requirements on all digital products, including those used in rail systems. It forces manufacturers to embed secure‑by‑design principles, manage vulnerabilities throughout a product’s lifecycle, and provide detailed supply‑chain transparency. The...
Gmail’s End-to-End Encryption Comes to Mobile, No Extra Apps Required
Google has extended its Gmail client‑side end‑to‑end encryption (E2EE) to Android and iOS, letting Enterprise Plus users protect sensitive emails on mobile devices. The feature works directly inside the Gmail app, requiring no extra software and preserving the familiar compose‑and‑send...
MITRE Releases Fight Fraud Framework
MITRE Corporation unveiled the Fight Fraud Framework (MITRE F3), a free, open‑source knowledge base that maps fraudsters’ tactics, techniques and procedures using a behavior‑based model. The framework extends the ATT&CK taxonomy with two fraud‑specific tactics—positioning and monetization—covering the full lifecycle from...
US Expands Cyber Threat Information Sharing to Digital Asset Firms
The U.S. Treasury’s Office of Cybersecurity and Critical Infrastructure Protection has launched a new information‑sharing program that extends the same cyber‑threat intelligence used by traditional banks to eligible digital‑asset firms. The service is provided at no cost and delivers actionable...
Cytora and Vulncheck Partner to Embed Exploit and Vulnerability Intelligence Into Insurance Workflows
Cytora has teamed up with exploit‑intelligence specialist VulnCheck, alongside European partner Infinite Insight, to embed machine‑consumable vulnerability data directly into its digital risk processing platform. The integration lets commercial insurers automatically enrich underwriting submissions with real‑time exploit and software‑vulnerability insights...
Critical Marimo Flaw Exploited Hours After Public Disclosure
Security firm Sysdig reported that a critical‑severity RCE flaw in the open‑source Python notebook Marimo (CVE‑2026‑39987, CVSS 9.3) was exploited less than ten hours after its public disclosure. The vulnerability stems from an unauthenticated WebSocket terminal endpoint that grants a full...
Not a Signal Flaw: IPhone Notifications Became a Backdoor for Deleted Messages
A federal FBI investigation revealed that deleted Signal messages can be recovered from an iPhone because iOS stores notification previews in a hidden database, not because of a flaw in Signal’s encryption. Investigators extracted incoming message fragments from a suspect’s...
OpenAI Is Building a Cybersecurity Product for a Select Group of Companies
OpenAI is developing a cybersecurity product that will be offered only to a select group of companies through its Trusted Access for Cyber pilot. The offering, tied to the GPT‑5.3‑Codex model, provides highly capable AI tools for defensive security tasks...
Designing for Complexity: Lessons From Building a Digital Wallet Integration
The integration of digital wallets like Apple Pay forced banks to abandon traditional, siloed software projects and adopt an ecosystem‑first approach. By 2025 Apple Pay alone handled roughly $9‑9.5 trillion in transactions for over 800 million users, illustrating the massive scale and...
CMMC Compliance in the Age of AI
Cybersecurity Maturity Model Certification 2.0 (CMMC 2.0) now requires federal contractors to prove how they protect Controlled Unclassified Information, moving beyond self‑attestation to verifiable evidence. The biggest readiness gap is a lack of comprehensive data‑scope awareness, often uncovering a larger...
Recovery Scammers Hit You when You’re Down: Here’s How to Avoid a Second Strike
Recovery fraud, also called the “second strike,” preys on people who have already been scammed by promising to retrieve lost funds for an upfront fee. In the United States, 2024 recorded over 7,000 cases, netting criminals more than $102 million, and...
Iran Crisis Highlights Rising Gulf Cybersecurity Risks to Critical Infrastructure
The recent Iran‑U.S. escalation has exposed Gulf states’ critical infrastructure to heightened cyber threats. Ports, energy facilities, desalination plants and financial hubs are now seen as vulnerable to combined kinetic and digital attacks. The United Arab Emirates is integrating cyber...
Little Snitch for Linux Shows What Your Apps Are Connecting To
Objective Development released a free Linux version of its Little Snitch firewall, delivering per‑process outbound connection visibility using eBPF. The backend is written in Rust and the UI is a web application, allowing remote monitoring from any device. The kernel...
US Summons Bank Bosses over Cyber Risks From Anthropic’s Latest AI Model
The U.S. Treasury summoned CEOs of major banks, including Federal Reserve Chair Jerome Powell, to discuss the cyber risks associated with Anthropic’s newly released Claude Mythos AI model. Anthropic warns the model poses unprecedented cybersecurity threats, such as generating sophisticated phishing...
(Updated) CPUID Offline After Reports of Malware in CPU-Z and HWMonitor Downloads
CPUID, the maker of popular diagnostic utilities CPU‑Z and HWMonitor, faced a suspected supply‑chain breach when official download links began delivering malware instead of the expected installers. The compromised files, masquerading as HWMonitor 1.63 and CPU‑Z 2.19, were hosted on a Cloudflare...
Microsoft Recall Flaw Exposes Decrypted User Data, Researchers Find
Microsoft re‑launched its Recall feature with a hardened security stack that includes VBS enclaves, AES‑256‑GCM encryption, Windows Hello, and a Protected Process Light host. Researchers discovered that while the encrypted vault remains secure, the AIXHost.exe process that renders decrypted data...
Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users
Microsoft’s security researchers uncovered a critical intent‑redirection flaw in EngageLab’s EngageSDK, a messaging library embedded in over 30 million Android cryptocurrency‑wallet installations. The vulnerability lets a malicious app craft intents that bypass Android’s sandbox, exposing personal data and financial credentials. Microsoft...
April 2026 Patch Tuesday Forecast: Spring-Cleaning of a Preview
The April 2026 Patch Tuesday preview highlights AI’s growing role in security, but stresses the need for human oversight. Microsoft pulled the faulty Windows 11 24H2/25H2 preview (KB5079391) and re‑issued a clean out‑of‑band update (KB5086672), while also fixing Outlook Classic conflicts with...
FCC Proposes Tougher KYC Rules to Crack Down on Illegal Robocalls
The FCC has issued a Further Notice of Proposed Rulemaking to tighten Know‑Your‑Customer (KYC) requirements for voice service providers that originate robocalls. The agency wants carriers to collect full names, addresses, government IDs and usage details, retain records for up...
GitLab Security Update Fixes High-Severity CVE-2026-5173, 11 Other Flaws
GitLab released a critical security update on April 8, 2026 that patches twelve vulnerabilities across its Community and Enterprise editions, including the high‑severity CVE‑2026‑5173. The update bundles three point releases—18.10.3, 18.9.5 and 18.8.9—covering self‑managed installations from version 16.9.6 onward. GitLab.com and Dedicated cloud...
US Officials Warn Banks over Powerful New Anthropic Model
U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an urgent meeting with CEOs of the nation’s largest banks to warn of cyber‑risk from Anthropic’s newly unveiled Mythos AI model. Anthropic says Mythos can locate and exploit...
What Vibe Hunting Gets Right About AI Threat Hunting, and Where It Breaks Down
Vibe hunting flips traditional threat hunting by letting AI scan entire data sets and surface anomalous patterns, turning the hypothesis into an implicit output. Exaforce’s Aqsa Taylor stresses that analysts must still be able to explain any investigation path, otherwise...
U.S. Treasury Rolls Out Cybersecurity Information Sharing Initiative as Crypto Attacks Rise
The U.S. Treasury’s Office of Cybersecurity and Critical Infrastructure Protection launched a digital‑asset cybersecurity initiative that provides free, high‑quality threat intelligence to eligible U.S. crypto firms. The move responds to a surge in sophisticated attacks that cost the industry over...
RBI Proposes 1-Hour Delay for UPI, IMPS Transfers Above Rs 10,000
The Reserve Bank of India has floated a discussion paper proposing a mandatory one‑hour cooling period for person‑to‑person UPI and IMPS transfers exceeding ₹10,000 (about $120). The delay targets high‑value P2P payments while merchant transactions remain instant, and a whitelisting...
Health Insurance Lead Sites Sell Personal Data Within Seconds of Form Submission
Researchers from UC Davis, Stanford and Maastricht mapped data flows on 105 health‑insurance lead sites, finding that personal and health information is harvested in real time and sold to dozens of buyers. Third‑party scripts capture keystrokes before form submission, and...
CyberCX Kicking Goals with Expanded Collingwood Football Club Partnership
CyberCX has elevated its relationship with Collingwood Football Club to a major partnership, building on a two‑year collaboration that already provided app integration and cyber‑safety training. The firm now delivers 24/7 security operations centre monitoring and penetration testing for the...
Data Minimisation vs AI Context Maximisation: The Battle Defining the Future of Smart Systems
AI product teams chase higher accuracy by feeding models ever more context, but privacy regulations demand strict data minimisation. The article argues that the conflict is structural: richer data improves personalization and retrieval, yet expands exposure and governance risk. It...
Elon Musk Says WhatsApp's End-to-End Encryption Can't Be Trusted, Mark Zuckerberg's Company Calls It ‘Absurd’
Elon Musk publicly questioned the reliability of WhatsApp’s end‑to‑end encryption after a class‑action lawsuit alleged Meta accessed private messages and shared them with contractors such as Accenture. In response, Musk urged users to switch to X Chat, promoting it as a...
Microsoft Says New Windows Recall Bypass Isn't a Vulnerability
Microsoft defended its Windows 11 Recall utility after researcher Alexander Hagenah released a tool that can extract decrypted screenshots and metadata by injecting a DLL into the AIXHost.exe process. The bypass works from a standard logged‑in user account and does not...
Microsoft’s Reauthentication Snafu Cuts Off Developers Globally
Microsoft’s Windows Hardware Program reauthentication drive, launched in October, inadvertently suspended numerous independent software vendors (ISVs) after missed or ignored verification emails. The lockouts halted developers’ access to Microsoft systems, causing downstream disruptions for their global customers. Executives on X...
Anthropic Model Scare Sparks Urgent Bessent, Powell Warning to Bank CEOs
Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an emergency meeting with senior Wall Street executives on April 10, 2026. The gathering focused on the security implications of Anthropic PBC’s new AI model, Mythos, which regulators fear...
Apiiro Launches Command-Line Interface to Bring AI-Native Security Into Software Development Workflows
Apiiro Ltd. unveiled a command‑line interface (CLI) that embeds AI‑native security directly into software development pipelines. The tool targets the surge of AI‑generated code, offering six agent‑driven skills—Scan, Risks, Fix, Guardian Agent, AI Threat Modeling, and Secure‑Prompt—to let AI assistants...
Healthcare Remains Top Cybercrime Target: FBI
The FBI’s 2025 Internet Crime Report shows healthcare and public health faced the most cyber incidents of any critical‑infrastructure sector, with 642 events recorded. Ransomware dominated, accounting for 460 attacks, while 182 data breaches placed the industry third in breach...
New VENOM Phishing Attacks Steal Senior Executives' Microsoft Logins
Cybersecurity firm Abnormal has uncovered a new phishing‑as‑a‑service platform dubbed VENOM that specifically targets senior executives’ Microsoft accounts. The campaign, active since November, delivers highly personalized SharePoint‑style emails containing QR codes and double‑Base64‑encoded email fragments to evade detection. VENOM employs...
Gmail Finally Offers End-to-End Encryption for Email on Android and iPhone
Google has added end‑to‑end encryption (E2EE) to the Gmail mobile app for Android and iPhone, extending the feature that debuted on desktop in 2022. The capability is restricted to Google Workspace Enterprise Plus customers who have the Assured Controls or Assured...
Cisco to Acquire Galileo for AI Observability
Cisco announced it will acquire Galileo Technologies, an AI observability specialist that monitors multi‑agent systems. Galileo’s platform adds real‑time guardrails, bias detection, and cost tracking to Cisco’s Splunk observability suite. The deal, slated to close in Q4 FY2026, builds on...
Russia's 'Fancy Bear' APT Continues Its Global Onslaught
Trend Micro’s latest research reveals that Russia’s Fancy Bear (APT28) continues to run sophisticated espionage and sabotage campaigns worldwide. The group deployed the Prismex malware suite against Ukraine’s defense supply chain and used NTLMv2 hash‑relay attacks via a patched Outlook vulnerability...
Cybercriminals Use Emojis to Evade Detection, Flashpoint Warns
Flashpoint’s latest threat‑intelligence report reveals cybercriminals are swapping traditional fraud‑related keywords with emojis to slip past security filters. By mapping emojis to concepts such as credit cards, banks, credentials, and malware, threat actors make automated monitoring far less effective. The...
StarkWare Researcher Publishes Quantum-Safe Bitcoin Transaction Scheme
StarkWare researcher Avihu Levy released Quantum Safe Bitcoin (QSB), an open‑source transaction format that makes Bitcoin payments resistant to quantum attacks without requiring a softfork or protocol upgrade. The scheme operates within existing Bitcoin script limits and leverages a hash‑puzzle...
Hack-for-Hire Group Targets MENA Journalists and Officials
A hack‑for‑hire group has been uncovered running a multi‑year espionage campaign against journalists, activists and government officials across the Middle East and North Africa. The attackers used phishing to steal Apple ID credentials and access iCloud backups, while deploying Android spyware...
'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues
A researcher using the alias Chaotic Eclipse publicly released exploit code for a Windows zero‑day flaw dubbed “BlueHammer,” which targets a race condition in Windows Defender’s signature update system. The PoC, posted on GitHub on April 2, claims the vulnerability remains...
GAO Warns DOD’s CMMC Fix Could Become the Program’s Biggest Threat
The Government Accountability Office issued a report warning that the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program is vulnerable to external risks, notably an over‑reliance on waivers and a shortage of qualified assessors. GAO also highlighted DOD’s lack...
