‘Trivial’ Exploit Can Give Attackers Root Access to Linux Kernel
A critical Linux kernel flaw dubbed Copy Fail (CVE‑2026‑31431) enables a trivial local exploit that grants root access by writing four arbitrary bytes to any readable file. The vulnerability, discovered by South Korea’s Theori, works on all major distributions released since 2017 and can also escape Kubernetes containers. Only Arch Linux has released a patch so far, with other distros expected to follow in the next few days. Until patches arrive, CSOs must rely on monitoring, inventory, and temporary kernel parameters to mitigate risk.
Accountability without Capacity Will Not Make Public Services More Secure
The UK Cyber Security and Resilience Bill will extend mandatory cyber‑risk reporting to central government, local authorities and NHS bodies, placing cyber security squarely on board agendas. Vsevolod Shabad warns that imposing accountability before organisations have the capacity to act...
Exercise Wolverine Tests Utah Guard Cyber Response
Utah National Guard’s Exercise Wolverine staged a realistic cyberattack on the Don A. Christiansen water‑treatment plant, testing rapid response and coordination among Guard cyber teams, emergency responders, and plant operators. The drill focused on minimizing downtime, restoring safe water distribution,...
Top Zero-Trust Use Cases in the Enterprise
Enterprises are rapidly adopting zero‑trust, with 84% planning or implementing the model, according to Zscaler's 2026 VPN Risk Report. The framework emphasizes continuous authentication, microsegmentation, and contextual verification across users, devices, APIs, and AI agents. Key use cases span on‑site...
Bank Regulator Sounds Warning over Cybersecurity Threat Posed by AI Models
Australia’s prudential regulator APRA has issued a formal warning that frontier AI models such as Anthropic’s Claude Mythos could give cyber‑attackers unprecedented speed and precision against banks. The regulator’s letter highlights that existing governance treats AI as a routine technology, ignoring...
Former Incident Responders Sentenced to 4 Years in Prison for Committing Ransomware Attacks
The Justice Department sentenced former incident‑response manager Ryan Clifford Goldberg and former ransomware negotiator Kevin Tyler Martin to four years in federal prison for deploying the ALPHV/BlackCat ransomware against multiple U.S. organizations in 2023. Leveraging their insider knowledge from Sygnia...
Federal Privacy Bills Have Major Implications for K-12
Lawmakers are advancing a suite of federal privacy bills aimed at protecting K‑12 students online, including the Kids Online Safety Act (KOSA) and the Children and Teens’ Online Privacy Protection Act (COPPA 2.0). The proposals would impose a duty of care...
Amazon-Owned Woot Accused of Secretly Tracking Shoppers, Sharing Data with Meta
Amazon‑owned discount site Woot.com is facing a nationwide class‑action lawsuit alleging it secretly harvested detailed shopper activity and passed the data to Meta Platforms. The complaint says Woot deployed cookies, pixels and a Meta Pixel that captured URLs, product views,...
Private Chats, Photos of Celebs Exposed in Suspected Stalkerware Leak
Cybersecurity researcher Jeremiah Fowler discovered a massive leak of nearly 87,000 private images and chat logs belonging to a high‑profile European celebrity and several influencers. The data, stored in an unprotected online database, included screenshots from WhatsApp, Facebook, TikTok and...
Palo Alto Networks To Acquire AI Gateway Startup Portkey
Palo Alto Networks announced it will acquire Portkey, a startup that provides an AI gateway for managing and protecting autonomous agents. The deal, expected to close in the fourth fiscal quarter ending July 31, has undisclosed terms. Portkey’s platform processes trillions...
Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched
Security researcher Chaotic Eclipse released proof‑of‑concept exploits for three Microsoft Defender flaws. BlueHammer, the only patched vulnerability, leverages a malicious definition update to gain SYSTEM privileges. The remaining exploits, RedSun and UnDefend, remain unpatched and can grant full system control...
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
TeamPCP launched a “Mini Shai‑Hulud” supply‑chain attack that injected malicious pre‑install scripts into four SAP npm packages used in the Cloud Application Programming Model and MTA Build Tool. The compromised versions were published on Wednesday, quickly detected by security firms...
Samsung’s Free Android Upgrade Brings Better Security to Galaxy Phones
Samsung is preparing a free One UI 8.5 upgrade for supported Galaxy devices, adding theft protection, app‑blocking and inactivity‑restart security controls. The rollout is expected to begin in Korea with a global launch around May 4, 2026. However, recent Samsung security patches have...
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
Researchers at Xint used an AI‑assisted scan to uncover a nine‑year‑old Linux kernel flaw dubbed Copy Fail (CVE‑2026‑31431). The bug lets any local user overwrite four bytes in memory, granting deterministic root access across all Linux distributions. A ten‑line proof‑of‑concept demonstrates...
Why Recovery Speed Matters when the Homeland Is the Cyber Battlefield
The article argues that the homeland is now a continuous cyber battlefield and that the speed of cyber recovery has become a decisive factor for U.S. military strength. Lt. Gen. Jeth Rey urges a shift from pure prevention to a...
Agencies Release Joint Guide on Zero Trust Adoption in Operational Technology
The Cybersecurity and Infrastructure Security Agency, together with other federal bodies, released a joint guide to help organizations apply zero‑trust principles to operational technology (OT) systems. The guide outlines how to navigate OT’s unique constraints, tackle visibility challenges, and prioritize...
AI Sandboxing Is Having Its Kubernetes Moment
Anthropic unveiled its Mythos model, which independently discovered and exploited zero‑day vulnerabilities in major operating systems and browsers, including a 27‑year‑old kernel bug. The demonstration highlights the danger of running thousands of workloads on a shared Linux kernel in Kubernetes,...
After Dissing Anthropic for Limiting Mythos, OpenAI Restricts Access to Cyber, Too
OpenAI announced that its upcoming GPT‑5.5 Cyber tool will be released only to vetted "critical cyber defenders" after Sam Altman publicly criticized Anthropic for limiting access to its Mythos product. Prospective users must complete an online application that verifies their...
Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber
Anthropic unveiled Claude Mythos, a large‑language model that can automatically locate and exploit zero‑day vulnerabilities across major operating systems and browsers, demonstrating the find on a 27‑year‑old OpenBSD flaw. The rapid, machine‑speed discovery has alarmed the cybersecurity community, prompting fears of...
Cybersecurity Tactics for Medical IoT Devices
The Internet of Medical Things (IoMT) is projected to surge from $60 billion in 2024 to $814 billion by 2032, driven by real‑time patient monitoring and cost‑saving benefits. However, 2024 saw over 14,000 IoMT IPs exposed, with 36% stemming from unsecured medical...
Misconfigured Server Run by Hackers Leaks 345,000 Stolen Credit Cards
Researchers discovered a mis‑configured server operated by the Jerry’s Store card‑ing market, exposing 345,000 stolen credit cards after an AI‑assisted coding tool, Cursor, generated an unauthenticated web directory. The leak, uncovered on April 16, revealed over 145,000 active cards that...
AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours
FortiGuard’s 2025 Global Threat Landscape Report warns that cybercrime has become an industrial‑scale operation powered by AI and automation. New AI‑enabled tools such as WormGPT, FraudGPT, HexStrike AI, APEX AI and BruteForceAI dramatically shorten the time‑to‑exploit, now often 24‑48 hours after...
How AI Moves Businesses From Damage Control to Near-Instant Recovery After a Data Crisis
AI‑powered continuous data protection (CDP) is replacing the decades‑old nightly backup model, allowing enterprises to capture changes in near‑real time. By using intelligent prediction and tiering, AI can prioritize critical files while discarding redundant I/O, making CDP affordable at scale....
Datalink Taps Arctic Wolf for AI-Led Security Operations
Datalink Networks has teamed up with Arctic Wolf to embed the Aurora Superintelligence Platform and Aurora Agentic SOC into its managed‑service portfolio for U.S. and Canadian clients. The AI‑led security operations solution promises faster detection, investigation, response and recovery without requiring...
Enforcing Trust and Transparency: Open-Sourcing the Azure Integrated HSM
Microsoft announced that its Azure Integrated Hardware Security Module (HSM) will be open‑sourced through the Open Compute Project. The HSM, built into every new Azure server, meets FIPS 140‑3 Level 3 and provides tamper‑resistant, server‑local key protection. Firmware, drivers and software stacks...
Linux Bug “Copy Fail”: Short Python Script Gives Root on… Everything?
A newly disclosed Linux kernel vulnerability, dubbed “Copy Fail,” allows a short Python script to gain root privileges on any distribution. The exploit was crafted after Xint Code fed a large language model the kernel source for roughly an hour,...
OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts
OpenAI announced an optional Advanced Account Security tier for ChatGPT and Codex users deemed at risk of phishing attacks. The new mode eliminates passwords, requiring two physical security keys or passkeys, and removes email/SMS recovery in favor of recovery keys....
Taylor Swift And Rihanna TikTok Scams Are Surging
AI‑generated deepfake videos of celebrities such as Taylor Swift and Rihanna are flooding TikTok, prompting users to click fraudulent "TikTok Pay" or rewards links that harvest personal data. Copyleaks reports a sharp rise in these synthetic scams, noting that many clips...
Anthropic’s Claude Security Emerges From Closed Preview to Scan Your Codebases for Vulnerabilities
Anthropic has taken Claude Security out of closed preview, launching a beta version for Claude Enterprise customers while extending access to Team and Max plans soon. The AI‑driven tool scans entire codebases with parallel agents, validates findings to curb false...
Keeping Customer Data More Secure with AI
Customer data breaches have surged 40% worldwide, with weekly attack volumes up 70% since 2023. Companies are turning to artificial intelligence to monitor signals, detect anomalies, and enforce policies in real time, according to CIO Sean Hauver of Alorica. Experts...
What NIST’s CVE Shift Means for ERP Security Teams
The National Institute of Standards and Technology announced a shift to a prioritized CVE enrichment model, limiting detailed analysis to high‑impact and federal‑critical vulnerabilities. As a result, many CVE entries in the National Vulnerability Database will no longer include full...
FBI Links Cybercriminals to Sharp Surge in Cargo Theft Attacks
The FBI warned that cyber‑enabled cargo theft surged to an estimated $725 million in losses across the United States and Canada in 2025, a 60% jump from the prior year. Confirmed incidents rose 18% while the average value per theft climbed...
PyTorch Lightning and Intercom-Client Hit in Supply Chain Attacks to Steal Credentials
Threat actors compromised the PyTorch Lightning PyPI package, publishing malicious versions 2.6.2 and 2.6.3 on April 30, 2026. The payload drops the Bun JavaScript runtime and executes an obfuscated script that harvests GitHub tokens, cloud keys, and other developer credentials....
Claude Code, Copilot and Codex All Got Hacked. Every Attacker Went for the Credential, Not the Model.
A wave of credential‑focused exploits has hit major AI coding agents—OpenAI's Codex, Anthropic's Claude Code, GitHub Copilot, and Google Vertex AI. Researchers demonstrated how unsanitized inputs such as crafted branch names, pull‑request descriptions, or command chains can exfiltrate OAuth tokens and bypass...
Cloudflare Connect San Francisco 2026
Cloudflare Connect San Francisco 2026 will run Oct. 19‑23 at Moscone West, drawing more than 2,500 security, networking and AI professionals. The five‑day conference features over 100 technical sessions, keynotes, and hands‑on labs through Cloudflare University. Attendees can explore new connectivity strategies,...
It’s a Biometric World After All: Disney Offers Facial Matching for California Park Entry
Disney has rolled out facial‑recognition entry lanes at Disneyland Resort in Anaheim, covering both Disneyland Park and Disney California Adventure. The system captures a facial template when a ticket or pass is first used, converts it to a numeric value...
SPIFFE: Securing the Identity of Agentic AI and Non-Human Actors
SPIFFE, an open standard for workload identities, is being positioned as a solution for securing autonomous AI agents. The framework issues cryptographically verifiable SPIFFE IDs, enabling zero‑trust, federated trust and dynamic credential rotation. HashiCorp’s Vault Enterprise 1.21 and 2.0 releases...
KryBit Retaliates Against 0APT with Extensive Data Leak
KryBit, a newly identified ransomware‑as‑a‑service (RaaS) operation, retaliated against rival gang 0APT by leaking the latter’s complete operational data, including access logs, system files and PHP source code. The leak shows 0APT fabricated claims of breaching more than 190 victims...
OpenAI Makes Frontier Model Available to Critical Cyber Defenders
OpenAI is rolling out its new cybersecurity‑focused model, GPT‑5.5‑Cyber, to the U.S. federal government and a vetted pool of critical cyber defenders. The launch is paired with a Cybersecurity Action Plan that outlines shared‑defense pillars and coordination between public and...
Novel Minecraft-Targeting Stealer Tapped by Reemergent LofyGang
Brazilian threat group LofyGang resurfaced after a three‑year lull, deploying the LofyStealer (GrabBot) malware against Minecraft players. The attack begins with the “Slinky” hack, which mimics the official game icon and runs a JavaScript loader to inject the stealer. LofyStealer...
US-Backed $2.4B Airport Biometrics Proposal Faces Scrutiny in Pakistan
The U.S. government is backing Securiport’s $2.4 billion, 25‑year proposal to install biometric e‑gates and advanced passenger‑screening systems at Pakistan’s airports. The offer includes API and PNR capabilities, full data custody for Pakistan, and a passenger‑security surcharge to recoup costs while...
Wasabi Loses $5M+ in Latest DeFi Exploit
Wasabi Protocol suffered a multi‑chain exploit that siphoned more than $5 million from contracts on Ethereum, Base, Berachain and Blast. The breach appears to stem from a compromised admin key and the use of a single external owned account without multisig...
April KB5083769 Windows 11 Update Causes Backup Software Failures
Microsoft’s April 2026 security patch KB5083769 has triggered failures in third‑party backup solutions that rely on Volume Shadow Copy Service (VSS) on Windows 11 24H2 and 25H2. Vendors such as Acronis, Macrium, NinjaOne and UrBackup report snapshot‑creation timeouts that abort backup jobs....
AI Adoption Fuels Rise in Identity Attack Path Risk
Enterprises are confronting a widening identity attack surface as AI adoption introduces a surge of non‑human identities such as service accounts and bots. SpecterOps’ 2026 report shows 43% of organizations now rank attack‑path visibility as a top priority, and adoption...
How Can Organisations Ensure Cyber Resilience in Tense Times?
Geopolitical instability is driving a surge in state‑aligned, criminal and hacktivist cyber activity, with April alone seeing breaches at Dublin’s Healthdaq, OpenAI’s macOS certification process, and unauthorized access to Anthropic’s Mythos AI model. Matthew Lloyd Davies of Pluralsight warns that shared...
New Research: AI-Driven Cybercrime Led to a 389% Increase in Ransomware Victims
FortiGuard Labs' 2026 Global Threat Landscape Report reveals AI‑driven cybercrime has propelled ransomware victims up 389% year‑over‑year. While brute‑force attempts fell 22% due to more precise targeting, exploitation attempts rose 25.5%, indicating attackers are leveraging AI tools such as FraudGPT,...
Two New Extortion Crews Are Speedrunning the Scattered Spider Playbook
CrowdStrike has identified two new extortion groups, Cordial Spider and Snarky Spider, linked to the broader The Com cybercrime ecosystem. Since October 2025 they have been exploiting voice‑phishing and social engineering to hijack identity platforms across U.S. critical‑infrastructure sectors. The...
ActiveState Curated Catalog Secures AI-Generated Code Across Any Development Environment
ActiveState unveiled expanded support for AI‑assisted development through its Curated Catalog, a tool‑agnostic security layer that governs dependency ingestion across any AI coding assistant. The catalog draws from a library of more than 79 million open‑source components built from source in...
PwC Partners with Google Cloud to Take on the Managed Security Market
PwC has unveiled an AI‑driven managed security service built on Google Cloud’s Security Operations platform. The offering leverages agentic AI agents for threat detection, triage and mitigation, while retaining human checkpoints for oversight. Targeting mid‑size and smaller enterprises, the service...
France Probes Teenage Suspect in Massive ID Data Breach
Paris prosecutors opened an investigation into a 15‑year‑old suspected of hacking France’s ANTS identity agency and putting 12‑18 million lines of personal data on the dark web. The teenager, known online as “breach3d,” was detained on April 25 after authorities detected unusual...