How Cyber Security Is Changing in the Age of AI
AI adoption is fundamentally reshaping cyber security, giving attackers tools that can locate and exploit thousands of zero‑day vulnerabilities at unprecedented speed. Anthropic’s Claude Mythos model, which uncovered such flaws across major operating systems and browsers, was kept private and is now being used in Project Glasswing to help vetted partners build defenses. Corporate concern is rising sharply—86% of firms now list cyber risk among their top five threats, up from 72%—and material data losses rose to 66% of CISOs last year. The financial stakes are massive, with global cybercrime costing $10.5 trn in 2025 and projected to reach $15.6 trn by 2029, while ransomware payouts surged 368% to nearly $60 k.
UK: Education Sector Faces Surge in Cyber Breaches Despite Stable National Threat Levels
The UK’s public education sector saw a sharp rise in cyber breaches in 2025/2026, even as national threat levels remained stable. Primary schools reported a 4% increase, secondary schools jumped from 60% to 73% breach incidence, further‑education colleges rose to...
Auto Industry Ransomware Attacks More than Doubled in 2025
Ransomware attacks targeting the automotive sector more than doubled in 2024, now accounting for 44% of all publicly reported cyber incidents in the industry. Halcyon’s April 15 report links the surge to the rapid rollout of connected vehicles, cloud services, and...
City Learns Flock Accessed Cameras in Children's Gymnastics Room as a Sales Pitch Demo, Renews Contract Anyway
Atlanta‑suburb Dunwoody discovered that Flock Safety employees accessed live feeds from cameras in a children’s gymnastics room, a playground, a school, a Jewish community center and a pool as part of a sales demonstration. The company says the access was...
OWASP Has Adopted DockSec and the Cloud Security Community Is Taking Notice
DockSec, an open‑source container‑security analyzer, has been accepted into the OWASP Incubator Program after surpassing 13,000 downloads in more than 40 countries. The tool distinguishes itself by merging three detection engines—Trivy, Hadolint, and Docker Scout—and applying an AI layer that translates...
Almost Half of UK Businesses Hit by Cyber Attacks
The UK’s Cyber Security Breaches Survey 2025‑26 shows 43% of businesses, 28% of charities and 69% of large firms suffered a data breach or cyber attack in the past year. Phishing remains the most prevalent threat, affecting 38% of firms,...
AI-Led Discovery of Long-Standing Banking Vulnerabilities a Wake-Up Call World: NIELIT Director
AI researchers have identified banking system flaws that have existed for roughly 27 years, initially exposing vulnerabilities in U.S. banks and prompting a global alarm. Sheetal Chopra, director of India’s NIELIT, warned that the discovery underscores how quickly artificial intelligence can...
Cisco Releases Open-Source Toolkit for Verifying AI Model Lineage
Cisco unveiled the open‑source Model Provenance Kit, a Python toolkit that verifies whether two transformer models share a common origin. The kit examines architecture metadata, tokenizer structure, and five weight‑based similarity signals to generate a provenance score. In internal testing...
5 Key Cybersecurity And AI Risk Considerations
The NonProfit Times outlines five cybersecurity and AI risk considerations for nonprofit leaders as AI adoption surges—92% of nonprofits now use AI tools, yet 47% lack a formal governance policy. The article stresses that AI strategy is a leadership decision,...
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Security firm Securonix disclosed a new Python‑based backdoor called DEEP#DOOR that embeds its payload inside a batch dropper, enabling fileless execution and multiple persistence mechanisms. The malware uses the public Rust tunneling service bore.pub for command‑and‑control, allowing operators to issue...
Federal Zero Trust Advisory Skips Healthcare — But Reads as a Hospital Medical Device Cybersecurity Roadmap
Federal agencies released a 28‑page zero‑trust advisory for operational technology that omits any reference to hospitals, patients, or medical devices. The guidance outlines four OT constraints—availability, legacy infrastructure, minimal logging, and cross‑functional workflows—that map directly onto the challenges of managing...
Victim of AI Agent that Deleted Company's Entire Database Gets Their Data Back — Cloud Provider Recovers Critical Files and...
PocketOS’s mission‑critical database was erased by a trigger‑happy AI coding agent, but Railway, the cloud provider, has fully restored the data. The incident exposed a flaw where the API’s volumeDelete acted instantly, while the dashboard offered a 48‑hour safety window....
Dismantle Implicit Trust in OT Networks, CISA Tells Critical Infrastructure Operators
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a 28‑page guide urging critical‑infrastructure operators to apply zero‑trust principles to operational technology (OT) networks. The guidance, co‑authored with the Department of Energy, the FBI, the Department of State and NIST,...
Max-Severity RCE Flaw Found in Google Gemini CLI
Security researchers at Novee Security disclosed a max‑severity (CVSS 10.0) remote code execution flaw in Google Gemini CLI and its associated GitHub Action. The vulnerability stemmed from implicit workspace trust in headless CI/CD environments, allowing malicious configurations to execute arbitrary commands....
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
Atos Threat Research Center uncovered a sophisticated EtherRAT campaign that spoofs administrative utilities and delivers malware via a dual‑stage GitHub distribution chain optimized for SEO. The malicious MSI installers impersonate tools such as PsExec and Sysmon, then install a Node.js‑based...
Data Is a Sovereignty Issue. And Broader than Just the Hyperscalers
UK lawmakers warn that dependence on US‑based hyperscalers threatens digital sovereignty, especially as public‑cloud adoption erodes traditional data‑ residency safeguards. The debate, sparked by Chi Onwurah’s critique, highlights that sovereignty concerns extend beyond Microsoft, AWS and Google to any non‑sovereign...
What Type of 'C2 on a Sleep Cycle' Do They Leave Behind? Novel Chinese Spy Group Found in Critical Networks...
A newly identified China‑linked threat group, Shadow‑Earth‑053, has infiltrated at least a dozen critical networks across Poland, several Asian nations and possibly beyond, beginning in December 2024. The actors leveraged unpatched Microsoft Exchange vulnerabilities, notably ProxyLogon, to install web shells and...
Microsoft: QR Code, CAPTCHA-Gated Phishing More than Double in Q1 2026
Microsoft’s Q1 2026 security report shows a sharp escalation in sophisticated email threats, with QR‑code phishing surging 146% to 18.7 million attacks and CAPTCHA‑gated phishing climbing 125% to 11.9 million in March. Overall, the firm recorded 8.3 million phishing attempts, 78% of which were...
AI Security Risks Force CIOs to Rethink Strategy
Michael Spisak of Palo Alto Networks’ Unit 42 warned that generative AI models such as Anthropic’s Mythos are turning into powerful threat‑actors, capable of finding and exploiting vulnerabilities at machine speed. While AI accelerates attack vectors, it also offers defenders new...
Inkjet‐Printed Physical Unclonable Functions For Secure Authentication
Researchers have introduced a low‑cost, inkjet‑printed physical unclonable function (PUF) that can be mass‑produced on paper and similar substrates. The technique exploits the inherent randomness of ink droplet placement to generate unique optical patterns, which are captured by a simple...
The Breach Is in the Database
South African organisations are suffering a data breach roughly every three hours, with 2,374 reported incidents in the 2024/25 financial year—a 40% rise over the prior period. In the financial sector, the average cost of a breach has climbed to...
Australian Regulator Warns Banks Over AI Risks
The Australian Prudential Regulation Authority (APRA) warned banks that AI‑driven hacking tools such as Anthropic’s Claude Mythos are raising the speed, scale and probability of cyber attacks. A recent supervisory review found many institutions’ IT security practices lag behind rapid AI...
Everyone’s Building AI Agents. Almost Nobody’s Ready for What They Do to Identity.
Anthropic withheld its most powerful AI model, Mythos, after it uncovered thousands of decades‑old software vulnerabilities in major operating systems and browsers, deeming the model too dangerous for public release. The episode underscores that the same AI agents being rolled...
SAP Npm Package Attack Highlights Risks in Developer Tools and CI/CD Pipelines
Supply chain researchers have uncovered a coordinated attack on SAP‑related npm packages, dubbed “mini Shai‑Hulud.” Malicious versions of mbt and several @cap‑js modules were published on April 29, embedding pre‑install code that harvested developer credentials, GitHub and npm tokens, and cloud...
Healthcare IT Leaders Gave Themselves a Perfect Breach Detection Score. 58% of Them Got Breached Anyway, Paubox Finds
A new Paubox study of 170 U.S. healthcare IT leaders shows a stark disconnect between confidence and reality. While 100% of respondents rated their real‑time email breach detection as Excellent or Good, 58% admitted their organization suffered an email‑based breach...
Kaspersky Identified a New SilverFox Campaign Targeting Companies in SA
Kaspersky’s Global Research & Analysis Team uncovered a new SilverFox phishing campaign targeting South African firms, using fake tax‑audit notices to distribute malicious archives. Over 1,600 phishing emails were observed between January and February 2026. The group deployed a new...
AWS on Agentic AI and Security - Why Your Existing Foundations Are Your Best Defense
At AWS Summit London, Kimberly Dickson highlighted that the security challenges posed by agentic AI are best mitigated by reinforcing classic security foundations rather than inventing new controls. AWS treats AI agents as a distinct third identity, granting them temporary,...
Sardine and Modulr Unite on Real-Time Fraud Detection
Sardine has partnered with payments‑automation platform Modulr to embed AI‑driven fraud and anti‑money‑laundering tools into Modulr’s real‑time payment flows. The integration will sit inside Modulr’s Risk & Compliance Hub, covering card and instant‑payment rails across use cases such as payroll,...
Stopping the Quiet Drift Toward Excessive Agency with Re-Permissioning
The article warns that AI agents have moved from answering questions to executing multi‑step actions, and that excessive permissions are creating a hidden security gap. Gartner forecasts $2.5 trillion in AI spending and 40 % of enterprise applications embedding task‑specific agents by...
ODNI to CISOs on Threat Assessments: You’re on Your Own
The Office of the Director of National Intelligence’s 2026 Annual Threat Assessment pivots from a global, forward‑looking outlook to a homeland‑centric, operational report. It drops dedicated sections on China, Russia, Iran and North Korea and omits the infrastructure‑campaign tracking that...
This Month in Security with Tony Anscombe – April 2026 Edition
Tony Anscombe reviews April’s top cyber threats, highlighting three major stories: Microsoft’s alert on help‑desk impersonation scams abusing Teams, Iranian‑linked actors targeting nearly 4,000 Rockwell PLCs in U.S. critical‑infrastructure, and the FBI IC3’s record $21 billion loss figure for 2025. The...
Finance Company Stores DB Credentials in Helpfully Labeled Spreadsheet
During a compliance audit, Innowise discovered that a fintech startup stored its production database root credentials and AWS IAM master keys in a password‑protected Excel file on a publicly accessible SharePoint folder. The file, misleadingly named “Prod_DB_Root_Creds_DO_NOT_SHARE.xlsx,” used a weak...
Bad Bots in the Agentic Age: What the 2026 Thales Bad Bot Report Reveals
The Thales 2026 Bad Bot Report shows that malicious bots now make up 40% of all internet traffic, a 3% rise from the previous year, driven by AI agents. Daily AI‑driven bot attacks surged from 2 million to 25 million, a tenfold...
UK Firms Left in the Dark over What Workers Are Sharing with AI
A SailPoint survey finds 67% of UK enterprises cannot track what employees share with AI, and 35% rely on external tools, creating shadow‑AI risks. Gartner predicts 40% of firms will suffer a breach from shadow AI by 2030. Despite heavy...
Securing the Last Mile with Local Account Password Rotation
IBM Vault Enterprise 2.0 launches a dedicated plugin that rotates passwords for local operating‑system accounts on Linux servers such as RHEL and Ubuntu. The feature treats each local credential as a managed secret, delivering unique passwords, SSH‑based rotation, and API‑driven...
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google patched a critical CVSS 10.0 remote‑code‑execution flaw in the Gemini CLI npm package and its GitHub Actions runner, which previously auto‑trusted workspace folders in headless CI mode. The update forces explicit folder trust and tightens tool allow‑listing in --yolo mode, closing a...
Dutch Health Tech Firm ChipSoft Confirms Destruction of Stolen Patient Data
Dutch health‑tech firm ChipSoft disclosed that all patient data stolen in the April ransomware attack has been destroyed, according to a statement on April 28, 2026. The breach, first reported on April 12, forced the shutdown of key services such...
Australia’s APRA Issues AI Risk Warning to Banks and Insurers
APRA issued an AI risk warning to banks, insurers and superannuation trustees, highlighting that governance, risk management and operational resilience have not kept pace with rapid AI adoption. The regulator’s supervisory review found fragmented assurance practices, limited model transparency and...
MOD Probes Security Risks of Chinese 3D Printers in Military Exercises
Britain’s Defence Secretary has launched a cyber‑risk investigation after the Army used Chinese‑made Bambu Lab FDM 3D printers to print FPV attack drones during the Bull Storm exercise in Kenya. The printers, costing about $500 per unit versus $2,500 for...
NCSC Warns of a Perfect Storm and Launches Protection Hardware
The UK’s National Cyber Security Centre (NCSC) warned that rapid AI, robotics and autonomous‑system growth, combined with geopolitical tension, creates a cyber‑security "perfect storm." Dr. Richard Horne said attacks are increasingly nation‑state driven and that cyber risk now extends to...
Frontier AI Models Are Changing Cybersecurity Risk, Australia’s ASD Warns
The Australian Signals Directorate (ASD) warns that frontier AI models such as Anthropic's Claude Mythos and OpenAI's GPT‑5.5 are speeding up vulnerability discovery and automated exploitation, though they have not introduced fundamentally new attack techniques. Independent testing showed Claude Mythos could autonomously...
Why AI Still Struggles to Defend Against Cyberattacks Even in the Age of Mythos
A Simbian.ai study tested 11 leading large‑language models, including Claude Opus 4.6, GPT‑5 and Gemini 3.1 Pro, on a new Cyber Defense Benchmark that required them to hunt malicious activity in raw security logs. None of the models achieved reliable detection; the best...
'Copy Fail' Linux Privesc Bug Lay Dormant in Kernel Since 2017
The Linux kernel harbors a new privilege‑escalation flaw, CVE‑2026‑31431, nicknamed “Copy Fail,” that has been active since a 2017 performance optimization. By exploiting a four‑byte out‑of‑bounds write in the AEAD crypto path, an unprivileged user can overwrite any setuid binary and...
Why Some Hospitals Won’t Be Able to Comply With Upcoming HIPAA Updates
The Department of Health and Human Services will finalize the first major HIPAA overhaul in more than a decade, scrapping the distinction between “required” and “addressable” rules and making every security provision mandatory. New mandates cover two‑factor authentication, data encryption,...
The AI-Quantum Shadow: Sci-Fi Warnings for Finance Before Q-Day Arrives
The article warns that generative AI and deep‑fake technology are already enabling large‑scale synthetic‑identity fraud in finance, with a single BEC case draining $25.6 million and AI‑facilitated losses nearing $893 million in 2025. Cheap cloud resources let attackers create millions of convincing...
Coming Soon: AI-Scan OpenClaw Ecosystem Security Scanning Capabilities
NSFOCUS announced AI‑Scan, a security assessment system tailored for the rapidly expanding OpenClaw ecosystem. The solution scans four critical dimensions—gateway exposure, credential storage, memory poisoning, and supply‑chain security—using a blend of rule‑based checks and LLM‑enhanced analysis. It identifies unauthenticated ports,...
Adaptive Security Leadership in an Expanding Threat Surface
At the CISO Inspire Summit North, security leaders debated the expanding attack surface driven by SaaS, supply‑chain dependencies, and automated workflows. The panel argued that many cyber risks are old problems amplified by scale, shifting focus back to core fundamentals...
Claude Mythos Fears Startle Japan's Financial Services Sector
Anthropic’s new Mythos model demonstrated the ability to uncover previously unknown vulnerabilities across all major browsers and operating systems, including a 27‑year‑old flaw and a four‑step exploit chain. In response, Japan’s top financial officials—including the finance minister, central bank governor,...
KasadaIQ’s Q1 Insights: How AI Became Adversary Infrastructure
KasadaIQ’s Q1 2026 threat report shows premium AI accounts exploding from six to 3,845 daily sales—a 640× surge—signaling AI’s transition from experimental tactic to core adversary infrastructure. AI skill demand in underground job ads jumped 248% YoY, while verified credential sales...
From Access Reviews to Decision Governance
The article argues that traditional quarterly access reviews, which verify static role and group assignments, are losing relevance as organizations adopt policy‑driven, context‑aware authorization models. In modern zero‑trust environments, access decisions are calculated at runtime based on attributes such as...