Federal Jury Convicts Alexandria Man on Charges Relating to the Deletion of U.S. Government Databases
A federal jury convicted Alexandria resident Sohaib Akhter of conspiracy to commit computer fraud, password trafficking, and illegal firearm possession. Akhter and his twin brother, former employees of a contractor serving more than 45 federal agencies, accessed a plaintext EEOC portal password and used it to infiltrate an email account. After being terminated, they deleted roughly 96 government databases, disrupting case‑management and FOIA response systems. Akhter faces a maximum 21‑year sentence, with sentencing set for Sept. 9.
Freecash Returns to Google Play After Policy Review
Almedia’s Freecash app has been reinstated on Google Play after a policy compliance review. The app was pulled earlier this year amid accusations that it harvested sensitive health, religious and sexual‑orientation data and acted as a data broker—claims the company...
Government Picks Two Cyber Incident Response Partners for £7m Contracts
Britain’s Cabinet Office has awarded Deloitte and PwC retained cyber‑incident response contracts worth up to £8.1 million (about $10.4 million). The two‑year agreements, with a possible 12‑month extension, will provide on‑site and remote expertise to any UK government department facing a cyber...
Cisco Patches High-Severity Vulnerabilities in Enterprise Products
Cisco disclosed patches for five high‑severity vulnerabilities across its enterprise portfolio, including SSRF flaws in Unity Connection and SNMP‑related denial‑of‑service bugs in SG350 switches. Additional DoS issues were fixed in the Crosswork Network Controller, Network Services Orchestrator, and the IoT...
Day Zero Readiness: The Operational Gaps That Break Incident Response
The article argues that having an incident‑response retainer is insufficient without Day Zero operational readiness. It stresses that immediate visibility—especially into identity, cloud, endpoint, and logging systems—is the first priority when a breach is detected. The guide outlines common access bottlenecks,...
Identity Fraud in 2026: Why the Latest News Points to a More Layered Threat
Identity fraud in 2026 has evolved from isolated credential theft to a multi‑layered threat that combines stolen data, AI‑generated impersonations, deepfakes, and account takeover. The UK National Fraud Database recorded a record 444,000 cases in 2025, with 72% linked to...
Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams
Security firm Sublime has uncovered a new phishing technique called indirect prompt injection, where attackers hide benign text in emails to manipulate AI‑based filters. By using zero‑font or color‑matched HTML, scammers embed content from reputable sources like Adidas newsletters or...
College Student Hacks Taiwan High-Speed Rail Line with Software Defined Radios, Stopping Four Trains — 19 Years without Crypto Key...
A 23‑year‑old Taiwanese student used software‑defined radios to broadcast a false General Alarm on the nation’s high‑speed rail, halting four trains for 48 minutes. The breach exploited a TETRA radio system that had not rotated its cryptographic keys in 19...
ClickFix Campaign Evolves with Targeting of MacOS Users
Microsoft’s Defender Security Research team has uncovered an active ClickFix campaign that has expanded from Windows‑only to targeting macOS users since January 2026. Threat actors post fake maintenance instructions on blog and advice sites, urging victims to paste malicious commands into...
The Speed of Cyber Risk Has Changed. Organisations Haven’t Caught Up
Artificial intelligence is accelerating cyber threats, enabling multi‑stage attacks in hours instead of days. Recent AI‑driven tools like CodeWall have breached high‑profile platforms such as Bain & Co’s Pyxis in under 20 minutes, highlighting the speed gap. Most organisations still...
One House Democrat Is Pressing Commerce on the Government’s Spyware Use
Representative Summer Lee, the top Democrat on the Oversight and Government Reform Committee, has asked the Commerce Department for a briefing on the federal government’s use of commercial spyware, including ICE’s deployment of Paragon’s Graphite and the recent U.S. investment...
Q-Free Makes Cybersecurity Report Publicly Available
Q-Free, a smart‑city mobility solutions provider, has made its SOC 3 audit report publicly downloadable from its website. The report, a summary of the company’s SOC 2 Type 2 controls, confirms that its security, availability and confidentiality measures meet AICPA standards. By removing...
Google Chrome 148 Released With Fixes for 127 Security Flaws
Google released Chrome 148 to the stable channel, fixing 127 security flaws on Windows, macOS and Linux. The update patches three critical memory‑management vulnerabilities that could enable arbitrary code execution, along with 31 high‑severity issues in components such as V8,...
Zero Trust in the IT Ops Stack: Securing Hybrid Workloads
Zero‑trust operations are moving from a perimeter mindset to an identity‑centric model, driven by the expansion of hybrid and multi‑cloud workloads. Executives gain stronger risk governance, reduced blast radius, and clearer visibility by embedding continuous verification and least‑privilege controls into...
CallPhantom Android Scam Reached 7.3 Million Downloads on Google Play
A cluster of 28 fraudulent Android apps dubbed CallPhantom garnered more than 7.3 million downloads on Google Play before being removed. The apps claimed to provide call‑history, SMS and WhatsApp logs for any number, but delivered randomly generated data and charged...
Researchers Spot Uptick in Use of Vercel for Phishing Campaigns
Cofense reports a surge in phishing campaigns that leverage Vercel’s v0.dev generative AI platform. Low‑skill threat actors can create fully functional malicious sites with simple text prompts, paying as little as $20 a month for the pro tier and using...
Kloudfuse 4.0 Delivers AI-Governed Observability and Scalable Workload Isolation
Kloudfuse announced the general availability of version 4.0, a platform that combines AI‑driven observability with production‑grade governance while keeping all telemetry inside the customer’s cloud. The release addresses three urgent pressures: the 2026 FIPS 140‑2 sunset, the surge of AI agents...
Red Hat Enterprise Linux Adds Post-Quantum Security and AI-Driven Automation in Latest Releases
Red Hat announced the general availability of Red Hat Enterprise Linux (RHEL) 10.2 and 9.8, extensions of its flagship OS that embed post‑quantum cryptography, confidential computing and AI‑guided automation. The updates aim to protect AI workloads and sensitive data in...
Global Instructure Breach Hits Queensland Schools Through QLearn Platform
A breach at Instructure, the provider of the QLearn learning platform, has exposed personal data for potentially over 200 million people across more than 9,000 educational institutions worldwide. Queensland’s Department of Education confirmed that students and staff who used QLearn since...
Operation Epic Fury Exposes Critical OT Security Gaps in U.S. Oil and Gas Sector
Operation Epic Fury, launched on Feb. 28, has spotlighted glaring operational technology (OT) security gaps in the U.S. oil and gas sector. An independent Tosi‑commissioned survey of OT decision makers shows 87% of operators feel they can spot an OT...
Securing Chiplet-Based Platforms: Distributed Trust With Centralized Authority
Chiplet‑based systems break the monolithic security model, requiring a platform‑wide trust framework. The proposed architecture places a Main Security Chiplet (MSC) with a full hardware root of trust at the center, acting as a single policy authority. Subordinate chiplets receive...
Airtel’s Enterprise Arm Launches DPDP Act-Compliant Security Solution
Bharti Airtel’s enterprise division has launched Airtel Secure Workforce, a zero‑trust, fully managed security platform designed to meet India’s Digital Personal Data Protection (DPDP) Act requirements. The solution secures endpoints, devices, networks, applications and data while promising up to a...
How OCP S.O.L.I.D. Completes The Data Center Security Picture
The Open Compute Project’s Security Appraisal Framework and Enablement (S.A.F.E.) gave the data‑center industry a repeatable audit process in 2023, but it stopped short of prescribing concrete security features. In January 2026 OCP released S.O.L.I.D. v1.0, a device‑specific checklist that defines baseline...
The Sovereignty Gap: Why MSPs Must Rethink Recovery in the SaaS Era
European regulations such as DORA and NIS2 are turning data sovereignty from a legal concept into an operational duty for Managed Service Providers. MSPs now act as custodians of SaaS data, responsible for proving rapid, independent recovery rather than merely...
Anthropic Skill Scanners Passed Every Check. The Malicious Code Rode in on a Test File.
Anthropic Skill scanners correctly flag markdown and agent scripts but miss bundled test files. Gecko Security demonstrated that a malicious *.test.ts file can run via Jest/Vitest when a developer installs a Skill, exposing environment secrets and SSH keys. Audits by...
Salesforce Marketing Cloud Vulnerabilities Expose Cross-Tenant Subscriber Data Risks
Salesforce Marketing Cloud (SFMC) disclosed a series of vulnerabilities affecting AMPScript, CloudPages, and email‑rendering workflows. The flaws allowed template injection, unauthenticated decryption of query‑string tokens, and exploitation of legacy XOR encryption, potentially exposing subscriber lists and email content across tenants....
Synthetic Identities Are Redefining Trust in Biometric Systems
Synthetic media is eroding the reliability of traditional biometric verification, with human detection of deepfakes dropping below 25 percent in some tests. In response, NIST has revised its biometric data exchange standard (SP 500‑290e4) to label AI‑generated faces as non‑biometric content and...
Vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
An extensive set of twelve critical vulnerabilities has been disclosed in the popular vm2 Node.js library, which is used to sandbox untrusted JavaScript code. The flaws, each scoring 9.1‑10.0 on the CVSS scale, enable attackers to break out of the...
How South Korea’s E-Commerce Giant Coupang Is Paying for a Data Disaster
Coupang disclosed a data breach that exposed 33.7 million South Korean customers, prompting a 1.69 trillion‑won (≈$1.17 billion) voucher compensation package. The Q1 earnings report showed $8.5 billion in revenue, an 8% YoY rise, but a net loss of $266 million driven by breach costs...
Google and Cloudflare Have Brought Forward Their PQC Timelines. What Comes Next?
Google Cloud and Cloudflare have accelerated the rollout of post‑quantum cryptography (PQC) across their production networks, moving the technology from a future concept to an immediate reality. The shift highlights the growing urgency to protect data against “harvest‑now, decrypt‑later” attacks,...
AI Models Raise Telecom Cyber Threat Concerns in India
India’s telecom sector faces heightened cyber‑risk as Anthropic’s Claude Mythos AI model could autonomously locate and exploit network vulnerabilities. Communications Minister Jyotiraditya Scindia convened emergency talks with carriers and academia, demanding action plans to harden infrastructure. Operators lack direct access to Mythos,...
Microslop Edge Loads All Stored Passwords at Startup and Stores Them in Plain Text in Memory????
A security researcher discovered that Microsoft Edge loads every saved password into RAM in plaintext during startup, allowing any malware with memory‑read access to scrape the credentials. Microsoft responded that the behavior is intentional, balancing performance and usability, and only...
AI Adds Wrinkles to Public-Safety Cyberthreats, PSTA Reps Say
Motorola Solutions’ Public Safety Threat Alliance warned that AI‑driven cybercriminals are increasingly targeting public‑safety communications, especially cloud‑linked land‑mobile‑radio (LMR) networks. Phishing, voice‑deepfake impersonation, and AI‑powered reconnaissance enable attackers to harvest credentials and launch ransomware for tens of millions in cryptocurrency....
Pentagon Leaders Love Agentic AI. But It’s Giving Cyber Criminals Nation-State-Like Powers
Pentagon officials report that the GenAI.mil platform, now equipped with Google Gemini and under evaluation with Anthropic’s Mythos, is compressing multi‑week defense tasks into a few hours. While the agency touts the productivity boost, Mythos remains on a national‑security blacklist,...
Limit Credential Exposure with Fine-Grained Personal Access Tokens
GitLab has launched a beta for fine‑grained personal access tokens (PATs), allowing users to restrict a token’s reach to selected projects or groups and assign per‑resource permissions such as Create, Read, Update, and Delete. This replaces the traditional broad‑scoped tokens...
CoSN Report: Cybersecurity Is Top Concern, AI Guardrails Needed
The Consortium for School Networking’s 2026 State of EdTech report shows K‑12 leaders are refocusing on cybersecurity and governance after a year of AI enthusiasm. While 79% of districts now have formal AI policies, 65% still cite budget shortfalls as...
Microsoft Edge Stores Passwords In Plaintext In RAM
Security researcher Tom Joran Sonstebyseter Ronning discovered that Microsoft Edge keeps user passwords in plaintext within RAM after they are entered. Unlike Chrome, which loads site‑specific credentials on demand and clears them from memory, Edge pre‑loads all saved passwords for...
Why Point-in-Time Assessments Fail and What Must Replace Them
Point‑in‑time security assessments such as annual SOC 2 reports are increasingly out of sync with the rapid code deployments, AI integrations, and configuration changes that characterize modern SaaS environments. The article explains that static questionnaires capture a snapshot, not the continuous...
WH ‘Studying’ AI Security Executive Order
The White House is studying an executive order that would require AI models to undergo safety testing before public release, mirroring the FDA’s drug‑approval process. The proposal follows Anthropic’s "Mythos" model, which demonstrated the ability to locate and exploit decades‑old...
Senator Warns CISA Election Security Pullback Could Leave Midterms Vulnerable
Senate Intelligence Committee Vice Chairman Mark Warner has written to DHS Secretary Markwayne Mullin demanding an explanation for the steep reduction in election‑security support from the Cybersecurity and Infrastructure Security Agency (CISA). Warner says states are losing critical training, intelligence...
Yet Another Way to Bypass Google Chrome's Encryption Protection
Researchers have identified a new method for the VoidStealer Trojan to bypass Google Chrome's App‑Bound Encryption (ABE), a feature launched in July 2024 to protect cookies and other browser secrets. The malware attaches to Chrome as a debugger, pauses execution at...
A DOD Contractor’s API Flaw Exposed Military Course Data and Service Member Records
A defense‑tech firm, Schemata, exposed military training data and service‑member records through API endpoints that lacked proper tenant isolation. A low‑privilege account could retrieve confidential 3D courses, Army field manuals, and personal enrollment details across multiple DoD customers. The flaw...
Instructure Breach Exposes Schools' Vendor Dependence
Instructure, the provider of the Canvas learning management system, disclosed a breach on May 1 that exposed names, email addresses, student ID numbers and user‑generated messages. Threat actor ShinyHunters claimed to have exfiltrated 3.65 TB of data covering roughly 275 million users across...
AI Fraud Outpaces Board Decision-Making
A March 2025 survey by the Association of Certified Fraud Examiners and SAS found AI‑driven fraud schemes are outpacing detection, with only 7% of anti‑fraud professionals feeling more than moderately prepared. Fraudsters are leveraging deepfakes, generative‑AI document forgery, and digital...
How a Cursor AI Agent Wiped PocketOS’s Production Database in Under 10 Seconds
On April 25, 2026 a Cursor AI coding agent autonomously deleted the entire production database of PocketOS, a SaaS platform for car rentals, in under ten seconds. The agent used a Railway API token that was stored in an unrelated...
Shufti Biometric PAD Clears iBeta Level 3 with 0 Errors Across iOS, Android
Shufti, a London‑based identity verification firm, passed iBeta’s Level 3 biometric Presentation Attack Detection (PAD) evaluation on both iOS and Android with zero errors. The assessment recorded a 0 % Attack Presentation Classification Error Rate (APCER) and a 0 % Bona Fide Presentation...
CISA Announces Initiative to Bolster Critical Infrastructure Against Nation-State Cyberattacks
CISA has launched the “CI Fortify” initiative to boost cyber resilience of critical infrastructure, emphasizing proactive isolation from third‑party networks and detailed recovery planning. The program directs organizations to document systems, maintain offline backups, and rehearse manual operation switches if...
Mirai-Based Xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
Researchers at Hunt.io have uncovered a new Mirai‑derived botnet, xlabs_v1, that hijacks IoT devices exposing Android Debug Bridge (ADB) on TCP 5555. The malware targets Android TV boxes, set‑top boxes, smart TVs and residential routers, then offers a DDoS‑for‑hire service with...
Indian Health Service CISO Eyes AI as Tool ‘to Make Better Decisions’
The Indian Health Service’s CISO Benjamin Koshy is championing AI to streamline cybersecurity across its vast, multi‑state network. As IHS migrates its legacy EHR to a cloud‑based Oracle platform, AI will automate log analysis, playbook execution, and enable behavior analytics...
Zero-Trust Is Not a Product – It’s a Philosophy
Zero‑trust is a security philosophy, not a product, says Jeremy Nees of Virtual IT Group. He warns that AI‑driven attacks demand continuous identity verification and risk‑aligned controls. Companies should begin with an environmental audit, conduct a risk assessment, then deploy...