The Supply Chain Is the Breach Vector. Data Recovery Is the Power Move.
The Notepad++ supply‑chain breach demonstrates how trusted development tools can become covert attack vectors, slipping past zero‑trust defenses. With 98 % of organizations expanding open‑source usage, a single compromised component can cascade across countless systems. Experts urge continuous verification, proactive SBOM management, and immutable backups to shift from reactive forensics to active resilience. Ultimately, restoring environments to a known good state is the decisive power move against supply‑chain compromises.
Bankers Most Worried About Cybersecurity, Economy: Survey
The IntraFi Bank Executive Business Outlook Survey for Q1 2026 reveals that cybersecurity has become the top concern for community‑bank executives, cited by 29 % of respondents, while worries about an economic downturn have risen to 22 %. Geopolitical tensions, especially the U.S.–Iran...
How Can Modern Professionals Navigate Security Risks in 2026?
Yash Jain, PwC Ireland’s cybersecurity manager, argues that security must be treated as a core business function rather than a compliance checkbox. He highlights the twin challenges of aligning security strategy with business goals and the persistent talent shortage. Jain...
Government Hacking Tools Are Now in Criminals' Hands (with Lorenzo Franceschi-Bicchierai)
A former Trenchant employee covertly sold government‑grade zero‑day exploits to a Russian firm, which subsequently passed the tools to the Russian state and possibly Chinese criminal networks. The leak, detailed by TechCrunch journalist Lorenzo Franceschi‑Bicchierai on the 404 Media podcast,...
Why California's Data Broker Registry Matters More than Its Delete Button
California’s Delete Request and Opt‑Out Platform (DROP) shifts focus from consumer‑driven deletions to a public data‑broker registry that forces disclosure of sensitive data practices. Brokers must report whether they collect minors’ information, geolocation, or health‑related data, giving regulators a centralized...
⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More
A newly uncovered Lua‑based malware called fast16, dating back to 2005, predates the infamous Stuxnet worm and appears designed to subtly corrupt high‑precision calculation software. Threat groups are active: UNC6692 is impersonating Microsoft Teams help desks to deliver a Snow...
Are Tech Leaders Risking a Cyber Resourcing Crisis?
Cybersecurity is now a top priority as global cybercrime costs are projected to hit $12.2 trillion by 2031. However, a new Tech Talent & Salary Report 2026 shows that only 29% of cyber professionals received a pay rise last year, making...
Widely Used Browser Extensions Selling User Data
A LayerX Security study identified more than 80 widely used browser extensions that explicitly disclose they sell user data. The extensions span streaming, ad‑blocking and productivity categories and together have millions of installations. While 71% of Chrome Web Store extensions...
Why AI Is Forcing a Reset of the Identity Stack
Gartner warns that the rapid rise of generative AI and autonomous agents is forcing a fundamental reset of the identity and access management (IAM) stack. AI agents are being elevated to first‑class identities that are dynamic, short‑lived, and often operate...
Cyber Security Update
Rail operators face new cyber‑security mandates as Europe’s NIS2 directive and the UK’s Cyber Security and Resilience Bill come into force, imposing board‑level accountability, 24‑hour breach reporting and fines up to 2% of global turnover. At the same time, the...
Germany Suspects Russia Is Behind Signal Phishing that Targeted Top Officials
German prosecutors are probing a suspected Russian‑backed phishing campaign that compromised roughly 300 Signal accounts belonging to high‑level politicians, military officials and journalists. The attackers used a counterfeit Signal security chatbot to trick victims into entering PINs or scanning QR...
OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years
Security firm Cyera disclosed a critical OpenSSH vulnerability, CVE‑2026‑35414, that has existed for roughly 15 years. The flaw stems from mishandling commas in SSH certificate principal names, allowing a low‑privilege identity to be interpreted as root. Because the exploit bypasses...
Singapore Investigates Cybersecurity Incident Involving Government Contractor
Singapore’s Land Transport Authority (LTA) has suspended a construction contractor’s access to its digital platform after the firm was implicated in a cybersecurity breach, Bloomberg reports. The incident prompted an immediate investigation by Singapore’s authorities to determine the scope of...
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side
Anthropic’s Claude Mythos AI dramatically accelerates vulnerability discovery, promising ten‑fold higher finding rates than traditional pentests. However, the article warns that most organizations lack the remediation infrastructure to handle the surge, creating a widening gap between detection and fix. It...
Operation TrustTrap Reveals 16,800 Fake Domains Exploiting User Trust
Cyble Research and Intelligence Labs uncovered Operation TrustTrap, a massive domain‑spoofing campaign that leveraged more than 16,800 fraudulent web addresses to harvest credentials and payment data. The scheme mimics U.S. government portals—especially DMV, toll and vehicle‑registration sites—using a technique called...
Jamtara Was the Trailer; the Real Story Is AI-Powered Fraud
Indian digital lenders are being hit by AI‑generated synthetic identity fraud. A mid‑size lender lost money after granting loans to 38 AI‑crafted applicants, exposing the limits of rule‑based fraud filters. RBI reports over 36,000 digital payment fraud cases in FY23‑24,...
Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files
Point Wild’s Lat61 team uncovered a revamped Vidar infostealer that hides its payload in ordinary JPEG and TXT files. The campaign uses fake CAPTCHA prompts, compromised GitHub repositories, and steganography to deliver a multi‑stage, file‑less infection chain leveraging Windows LotL...
NordVPN: Canadian Digital Financial Data Among World’s Cheapest
NordVPN, in partnership with NordStellar, released a tool that maps the street value of digital identities on the dark web, revealing that Canadian data is among the cheapest globally. A stolen Canadian credit‑card lists for about $2, a full identity...
EBay Struggles with Widespread Outage, Disrupting Transactions and API Access
eBay experienced a widespread outage beginning late Sunday, April 26, 2026, that extended into Monday, disrupting core functions such as search, listings, checkout, and its API. Downdetector recorded more than 1,300 user complaints, with reports peaking around 3:30 PM ET. Unverified claims...
AI Is Reshaping DevSecOps to Bring Security Closer to the Code
Artificial intelligence is fundamentally reshaping DevSecOps by embedding security controls directly into code‑generation tools, expanding vulnerability detection with large‑language‑model scanners, and automating remediation suggestions. AI‑assisted coding assistants now enforce policies at the point of creation, while LLMs identify logic flaws...
AI PCs, Endpoint Security and the End of Time-Based Refresh Cycles
Enterprises are moving AI workloads from the cloud to the endpoint, giving rise to the AI PC – a laptop or desktop equipped with on‑device neural processing units. Analysts project AI PCs will capture 55 % of the PC market by...
When Security Becomes the Attack Surface: Why Endpoint Protection Must Evolve
Attackers are increasingly disabling the very endpoint tools meant to stop them, turning security agents into a primary attack surface. A recent IDC survey shows 61% of organizations suffered third‑party data breaches and more than half are dissatisfied with current...
The ‘Manager of Agents’: How AI Evolves the SOC Analyst Role
AI is reshaping the Security Operations Center by turning Tier‑1 analysts from data‑gatherers into orchestrators of autonomous agents. Instead of manually investigating each alert, AI agents now query systems, correlate signals and build evidence chains in real time. Analysts shift...
Firefox Vulnerability Allows Tor User Fingerprinting
Researchers disclosed CVE‑2026‑6770, a vulnerability in Firefox’s IndexedDB API that leaks the internal ordering of database names. The flaw lets unrelated sites generate a stable identifier that survives Private Browsing sessions and links user activity across domains. Because Tor Browser...
FBI, Indonesian Authorities Team to Take Down Site Ripping Off Users for Millions
The FBI’s Atlanta Field Office partnered with Indonesian law‑enforcement to dismantle the W3LL phishing kit operation, which has facilitated roughly $20 million in attempted fraud. The kit, sold for about $500, enabled the theft of over 25,000 compromised accounts and was...
A Week in Security (April 20 – April 26)
Malwarebytes’ weekly roundup spotlights a surge of high‑profile security incidents, from the leak of half‑a‑million UK volunteers' medical records on Alibaba to Apple’s emergency iOS patch that stops deleted notifications from being exposed. The report also covers Roblox’s tightened chat...
LABJ Stock Index: April 27
A senior executive discovered that a free AI therapist app had inadvertently captured detailed, confidential information about a family office, highlighting the hidden privacy risks of generative AI. The article warns that AI agents, especially emerging "agentic" models, can store,...
The $700 Million Question: How Cyber Risk Became a Market Cap Problem
Cyber risk has moved from an IT‑only concern to a market‑cap driver, as regulators now require near‑real‑time breach disclosures and investors treat incidents as material financial events. A 5% stock decline on a $14 billion firm translates to roughly $700 million erased...
Safe Vulnerability Disclosure for UK SMEs: A Practical Guide
UK small and medium‑size enterprises can adopt a simple safe vulnerability disclosure process that provides a clear reporting channel, structured triage, and consistent communication. The guide stresses a proportionate policy, dedicated inbox, and ownership to avoid confusion and protect trust....
Get Ready to Be Attacked - NCSC
The National Cyber Security Centre (NCSC) warned that the UK’s critical national infrastructure—from energy and transport to health and finance—is facing a rising risk of severe cyber threats that could cause extended outages, financial loss, and public‑safety hazards. The agency...
Europe Craves Its Own Superhacking AI
Europe’s cybersecurity chiefs warn that Anthropic’s new Mythos AI, capable of uncovering thousands of high‑severity vulnerabilities, could become a weapon in the hands of adversaries. The model’s limited U.S. rollout has sparked fears of a cyber‑arms race and highlighted Europe’s...
Transforming Raw Alerts Into Real Security Outcomes with Seceon
Seceon aiSIEM transforms scattered security alerts into correlated, high‑confidence intelligence, enabling faster, more accurate threat response. The platform uses AI‑driven behavioral analytics and MITRE ATT&CK mapping to detect attacks such as credential‑spraying and stealth malware. Real‑world examples show how Seceon...
Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation
Security researchers at Silverfort uncovered a critical flaw in Microsoft Entra's Agent ID framework that let the Agent ID Administrator role modify any Application Service Principal. By adding themselves as owners, attackers could inject credentials and impersonate high‑privilege accounts, including Global...
The World’s Data Lifelines Are Increasingly Exposed to Sabotage
Undersea cables transport roughly 99% of global internet and AI traffic and are increasingly used to move renewable power from offshore projects. The network is set to expand dramatically, with 119 new cables slated for deployment in 2026, up from...
Why PoP Count Isn’t the Real Measure of Application Security Performance
The article argues that counting Points of Presence (PoPs) is a misleading gauge of application security performance. While PoP density matters for content delivery networks, security platforms need deep inspection, high‑capacity nodes, and intelligent routing. Modern WAAP solutions rely on...
Concerns Raised over Childcare Surveillance Storage
Taiwan's new Childcare Services Act, passed on April 14, requires childcare centers to upload video recordings of children under two to a centralized government cloud for 30 days. Advocacy groups rallied outside the Legislative Yuan, arguing the mandate violates the...
Your ISP Has Been Watching Your Browsing This Whole Time — Here's the Windows 11 Fix
ISPs in the United States can see every website you visit because most DNS requests travel in plaintext. After the 2017 repeal of the FCC's broadband privacy rules, this data collection became routine and vulnerable to spoofing or hijacking. Windows 11...
Thai Police Arrest Indonesian Wanted for US$10mil Cyberfraud
Thai police detained a 33‑year‑old Indonesian at a Phuket resort after an FBI tip, accusing him of a $10 million cyber‑fraud scheme targeting Americans. The suspect allegedly recruited models to lure victims via video calls, dating apps, and social media, managing...
Protecting Michigan’s Patients: The State’s Healthcare CISOs
Michigan’s healthcare ecosystem, spanning long‑term care, integrated health systems, academic centers, and statewide associations, is highlighted through a profile of its top CISOs. The feature showcases leaders from Ciena Healthcare, McLaren Health Care, the Michigan Health and Hospital Association, Corewell...
American Utility Firm Itron Discloses Breach of Internal IT Network
Itron, a public utility‑technology provider, disclosed that an unauthorized third party accessed its internal IT network on April 13, 2026. The company activated its cybersecurity response plan, engaged external advisors, and notified law enforcement, successfully blocking further activity. Itron reported...
Chernobyl Virus Turned 27 Today, and It Could Brick Your PC in Ways Modern Malware Can't by Overwriting BIOS Firmware
The CIH "Chernobyl" virus, first released in 1998, turned 27 on April 26, 2026. It infected an estimated 60 million Windows 9x PCs, wiping hard drives and attempting to flash garbage data to BIOS chips, which could permanently brick a machine. The payload...
Healthcare’s Identity Crisis: Why A Single Prescription Requires Multiple Logins
Healthcare providers are hampered by fragmented identity systems that force patients, clinicians, insurers and other stakeholders to juggle multiple logins for routine tasks like prescription refills. The article highlights that the average 2025 data breach in the sector costs $7.42 million,...
Drones and Data Centers: The AI Boom Is Outpacing Security Protocol
The AI surge is driving a $7 trillion data‑center build‑out by 2030, but the rapid proliferation of over one million U.S. drones is exposing a critical security gap. Existing physical‑security models lack airspace protection, and FAA/FCC rules prevent kinetic countermeasures, leaving...
How to Audit What ChatGPT Knows About You - and Reclaim Your Data Privacy
OpenAI provides multiple consumer‑focused controls to limit the personal data ChatGPT retains. Users can opt out of model training, delete chat histories, employ temporary chats, manage or disable memories, and even delete their entire account via the privacy portal. Deleted...
Backup Under Attack
Ransomware groups are now targeting backup repositories, forcing organizations to reassess their data‑protection strategies. Many firms rely on immutable storage, but the protection often depends on policy settings that can be overridden by privileged users. Andy French of Object First explains...
Windows Defender Leaving the Door WIDE OPEN
Security researchers have uncovered two active Windows Defender zero‑day exploits, RedSun and UnDefend, that have been used in the wild since April 16. Both bypass all Microsoft patches for Windows 10, Windows 11 and Server 2019+, allowing an attacker to write a malicious binary...
How Anthropic’s Mythos Model Is Forcing the Crypto Industry to Rethink Everything About Security
Anthropic’s Mythos AI model is prompting DeFi firms to broaden security beyond smart‑contract code to the underlying infrastructure such as key‑management, bridges and oracle networks. By simulating adversarial behavior and chaining minor flaws, Mythos can expose systemic, cascading failures across...
Supplier Assurance for UK SMEs: A Practical Guide to Checking Third Parties without Overcomplicating It
Clear Path Security outlines a practical supplier‑assurance framework for UK SMEs, emphasizing a proportionate, repeatable process rather than a heavyweight procurement function. The guide introduces a three‑tier risk model—high, medium, low—to focus effort on suppliers that access data, connect to...
Best of the Worst: Five Attacks That Looked Broken (and Worked)
The latest Threat Intelligence roundup highlights five phishing attacks that were riddled with sloppy errors—unfilled template variables, typo‑squatted domains, malformed URLs, and broken character encoding—yet still landed in users’ inboxes. Microsoft’s Exchange Online and other commercial gateways delivered the messages...
Fake CAPTCHA Scam Abuses Verification Clicks to Send Costly International Texts
Infoblox has uncovered a long‑running International Revenue Share Fraud scheme that disguises itself as a CAPTCHA verification. The fraud begins with typosquatted telecom domains that redirect users through a traffic distribution system to a fake CAPTCHA page. Each click on...