SonicWall patches three SonicOS flaws in Gen 6, 7 and 8 firewalls. The company released firmware updates to block bypass attacks and unauthorized access. SonicWall released urgent firmware updates to fix three SonicOS vulnerabilities affecting Gen 6, Gen 7, and Gen 8 firewalls. The flaws could allow attackers to bypass security controls, access restricted services,…
Category: Global Security News
Cybersecurity, Global Security News
US ransomware negotiators get 4 years in prison over BlackCat attacks
Two former employees of cybersecurity incident response companies Sygnia and DigitalMint were sentenced to four years in prison each for targeting U.S. companies in BlackCat (ALPHV) ransomware attacks. […]
AI, Global Security News
Best Diagram Software in 2026, Why EdrawMax Works for Everyday Use
Compare top diagram software in 2026 and see why Wondershare EdrawMax can be a practical choice for fast, template rich, AI supported diagramming.
AI, Exploits, Global Security News, privacy, Risk Management
AI chatbots need ‘deception mode’
AI is getting faster. But slow-responding AI is perceived as better by users. At least that’s the conclusion reached by new research presented at CHI’26, which is the Association for Computing Machinery’s Barcelona conference on Human Factors in Computing Systems. Two researchers — Felicia Fang-Yi Tan and Professor Oded Nov at the NYU Tandon School…
AI, Apps, Global Security News, Network Security, privacy
Open-source privacy proxy masks PII before prompts reach external AI services
Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often without a sanitization layer between the application and the API. Dataiku has released Kiji Privacy Proxy, an open-source local gateway that detects and masks personally identifiable information before requests leave the network. The tool…
AI, Global Security News, Risk Management
Shadow AI risks deepen as 31% of users get no employer training
Between one-fifth and one-third of workers use AI outside the influence and governance of the IT function, according to a global survey of 6,000 full-time employees at enterprise organizations. Researchers found a widening gap between employee AI adoption and the controls organizations have in place to manage it. The Lenovo Work Reborn Research Series 2026…
Global Security News
Identity is the control plane for distributed infrastructure
Teleport CEO Ev Kontsevoy makes the case that distributed infrastructure, across cloud, Kubernetes, databases, and servers, can’t be secured by layering more tools on top of fragmented identity systems. He argues for fewer credentials, fewer entry points, and a single identity layer that gives security and engineering teams unified visibility and control. The post Identity…
AI, Endpoint, Global Security News, Network Security
AI traffic is getting bigger, louder, and less predictable
AI workflows need storage that supports repeated movement across the model lifecycle. Large datasets are ingested, transformed, exported for training, pulled back for evaluation, and refreshed as models evolve. Backblaze’s Q1 2026 Network Stats report says this creates a shift from diffuse internet-style traffic to large, high-bandwidth flows between fewer endpoints. Monthly view of all…
AI, Global Security News
New infosec products of the month: April 2026
Here’s a look at the most interesting products from the past month, featuring releases from Advenica, Aptori, Axonius, Broadcom, GlobalSign, Intruder, IP Fabric, Mallory, Secureframe, Siemens, Sitehop, and Virtue AI. Mallory brings contextual threat intelligence to security operations Mallory is launching an AI-native threat intelligence platform that monitors thousands of threat sources, contextualizes them against…
AI, Global Security News, Network Security
Are we ready to give AI agents the keys to the cloud? Cloudflare thinks so
Cloudflare is giving AI agents full autonomy to spin up new apps. Starting today, agents working on behalf of humans can create a Cloudflare account, begin a paid subscription, register a domain, and then receive an API token to let them immediately deploy code. To kick things off, human users must first accept the cloud…
Global Security News
ISC Stormcast For Friday, May 1st, 2026 https://isc.sans.edu/podcastdetail/9914, (Fri, May 1st)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AI, Exploits, Global Security News, malware, Risk Management
‘Trivial’ exploit can give attackers root access to Linux kernel
CSOs must ensure their Linux-based systems block unauthorized privilege escalation until distros release patches to plug a serious kernel vulnerability affecting all Linux distributions shipped since 2017. Until fixes are available for what’s been dubbed the Copy Fail logic bug (CVE-2026-31431), which lets users easily obtain root access, there isn’t much CSOs can do, says…
AI, Global Security News
Proof-of-concept exploit available for Linux ‘Copy Fail’ vulnerability (CVE-2026-31431)
Categories: Threat Research Tags: advisory, Linux, Copy Fail
AI, Cloud Security, Cybersecurity, Europe, Global Security News, Government & Policy, privacy, Risk Management
Bank regulator sounds warning over cybersecurity threat posed by AI models
Frontier AI models inspired by Anthropic’s Claude Mythos could arm attackers with advanced capabilities that the banking sector is ill equipped to cope with, Australia’s financial regulator, the Australian Prudential Regulation Authority (APRA), has warned. In a letter addressed to the country’s financial sector this week, the body lays out how the arrival of Claude…
AI, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Network Security, Risk Management
Former incident responders sentenced to 4 years in prison for committing ransomware attacks
Two former cybersecurity professionals who moonlighted as cybercriminals, committing a series of ransomware attacks in 2023, were each sentenced to four years in prison, the Justice Department said Thursday. Ryan Clifford Goldberg and Kevin Tyler Martin previously pleaded guilty to one of three charges brought against them in December and faced up to 20 years…
AI, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Russia
FCC tightens KYC rules for telecoms, closes loophole for banned foreign services
The Federal Communications Commission approved new regulations Wednesday designed to crack down on robocalling, protect telecommunications networks from cyberattacks and further vet equipment-testing labs based overseas. Commissioners unanimously passed a measure to strengthen telecom companies’ “Know Your Customer” requirements for verifying callers’ identities. Among the potential solutions being considered are requiring telecoms to verify a…
Global Security News
Private Chats, Photos of Celebs Exposed in Suspected Stalkerware Leak
Private chats and photos of celebrities and influencers were exposed after a suspected stalkerware setup left a database open, revealing sensitive messages and files.
AI, Apps, Global Security News
TeamPCP Hits SAP Packages With ‘Mini Shai-Hulud’ Attack
Several npm packages for SAP’s cloud application development ecosystem have been compromised as TeamPCP’s supply chain attacks broaden.
AI, Compliance, Global Security News, Politics, privacy
Congress kicks the can down the road on surveillance law (again)
Congress extended a controversial surveillance law for 45 days on Thursday, hours before its latest expiration following an earlier extension. The Senate passed — then the House cleared — a 45-day extension of Section 702 of the Foreign Intelligence Surveillance Act, which authorizes warrantless surveillance of foreign targets. But those targets are sometimes communicating electronically…
AI, Cybersecurity, Exploits, Global Security News, Network Security
cPanel’s authentication bypass bug is being exploited in the wild, CISA warns
A severe authentication bypass vulnerability in cPanel, one of the most widely deployed web hosting control panel platforms on the internet, is being actively exploited in the wild, according to security researchers and hosting providers. The vulnerability, tracked as CVE-2026-41940, affects all supported versions of cPanel and WebHost Manager (WHM) released after version 11.40, as…
AI, Exploits, Global Security News
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
The proof-of-concept exploit code runs only 10 lines long, but luckily, a patch is already available.
AI, china, Global Security News
Apple Sales Top $111 Billion in Second Quarter, Powered by iPhone 17
The company, which reported strong sales in China for a second quarter in a row, said iPhone revenue rose nearly 22%.
AI, Global Security News
Sage Acquires Doyen AI to Speed Finance Implementations
Sage, an accounting, financial, and HR technology provider, has acquired Doyen AI, an AI-focused company that aims to make customer onboarding and implementation faster, simpler, and more accurate for finance teams. The deal expands Sage’s AI strategy with tools designed to automate and streamline implementation workflows, helping customers reduce onboarding complexity and accelerate deployment timelines.…
AI, Global Security News
SAS Continues AI Investment, Introduces Quantum AI Lab
During the SAS Innovate 2026 conference, the data and AI company introduced new platforms to manage next-generation innovation and investments in industry accelerators, as well as an update on its digital twin technology. Managing the supply chain: AI tailored to real-world use cases Among the announcements SAS made are continued investments in industry accelerators and…
AI, APAC, Compliance, Europe, Global Security News, Risk Management
AWS, Microsoft, & Google Cloud Converge Around AI-Led Growth
The “big three” hyperscalers, Amazon Web Services (AWS), Microsoft, and Google Cloud, have been especially active over the past 12 months, operating both as suppliers of in-demand data center capacity for AI model developers and as builders of their own models, services, and tools. While each has historically leaned into distinct strengths and target markets,…
AI, Cybersecurity, Global Security News
Anthropic’s Mythos Has Landed: Here’s What Comes Next for Cyber
In this latest installment of the Reporters’ Notebook video series, we discuss how the new AI model threatens to completely upend cybersecurity, and what industry leaders are telling the press.
AI, Global Security News
Misconfigured Server Run by Hackers Leaks 345,000 Stolen Credit Cards
A misconfigured server linked to the carding marketplace Jerry’s Store exposed 345,000 stolen credit cards after an AI coding error caused a major security flaw.
AI, Global Security News
New Bluekit phishing service includes an AI assistant, 40 templates
A new phishing kit named Bluekit offers more than 40 templates targeting popular services and includes basic AI features for generating campaign drafts. […]
AI, Global Security News
Friendlier chatbots can be less reliable, study says
New research from the Oxford Internet Institute indicates that AI chatbots trained to be extra warm, friendly, and empathetic can also become less reliable, according to the BBC. The researchers analyzed more than 400,000 responses from five different AI models from Meta, Mistral AI, Alibaba, and OpenAI. The results showed that the “kinder” versions more…
Global Security News
U.S. Senators Vote to Ban Themselves From Trading on Prediction Markets
Lawmakers voted to ban themselves from trading on platforms including Kalshi and Polymarket following concerns over insider trading.
AI, Exploits, Global Security News, Network Security
Copy Fail: New Linux bug enables Root via page‑cache corruption
Linux flaw CVE‑2026‑31431, ‘Copy Fail,’ lets any local user write four bytes into page cache files, enabling easy escalation to root on major distros. Xint Code researchers warn of a serious Linux flaw, tracked as CVE-2026-31431 (CVSS score of 7.8), dubbed Copy Fail. It lets any local, unprivileged user write four controlled bytes into the…
AI, Apps, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management
SAP npm Supply Chain Attack Targets Developer Credentials
A supply chain attack targeting SAP npm packages is putting enterprise development environments at risk. Aikido researchers discovered malicious code designed to steal credentials and secrets from developer systems and CI/CD pipelines. The attack “… harvests local developer credentials, GitHub and npm tokens, GitHub Actions secrets, and cloud secrets from AWS, Azure, GCP, and Kubernetes,”…
Global Security News
Romanian leader of online swatting ring gets 4 years in prison
A Romanian national who led an online swatting ring that targeted more than 75 public officials, multiple journalists, and four religious institutions was sentenced to 4 years in federal prison. […]
AI, Apps, Global Security News, Risk Management
Gartner sees untamed growth in agentic AI
Fortune 500 enterprises will be deploying armies of AI agents by 2028 — to the tune of 150,000 digital “workers,” Gartner said in a survey released this week. That would represent a sharp jump from the average of about 15 agents deployed per company last year. And agents as actual co-working tools are likely to…
AI, Apps, Compliance, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
How Criminals Created SMS Blasters to Fake Cellphone Towers and Hack Thousands of Phones in Canada
Canadian authorities have dismantled what appears to be one of the most technically sophisticated financially motivated telecom attacks publicly documented in North America after arresting three suspects accused of operating vehicle-mounted “SMS blaster” systems that impersonated legitimate cellular towers, induced nearby mobile devices into attaching to rogue infrastructure, delivered phishing messages to those devices—likely through…
AI, Cybersecurity, Global Security News, privacy
Agent’s claims on WhatsApp access spark security concerns
A US agent claimed WhatsApp encryption is fake and Meta can access messages; the probe was abruptly shut, raising security concerns. A US agent claimed WhatsApp encryption is fake, alleging Meta accesses all unencrypted messages, but Commerce Department abruptly shut the probe, leaving leaders questioning if consumer apps are safe for sensitive business decisions. In…
Global Security News
FBI links cybercriminals to sharp surge in cargo theft attacks
The U.S. Federal Bureau of Investigation (FBI) warned the transportation and logistics industry of a sharp rise in cyber-enabled cargo theft, with estimated losses in the United States and Canada reaching nearly $725 million in 2025. […]
AI, Global Security News
PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials
In yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2.6.2 and 2.6.3, both of which were published on April 30, 2026. The campaign is…
Global Security News, malware, Russia
Three Arrested for Hacking Over 610,000 Roblox Accounts
Suspects accused of distributing malware and selling access to stolen Roblox accounts on Russian marketplaces
AI, Global Security News
Elon Musk Takes The Stand for a Third Day in Lawsuit Against Sam Altman
OpenAI President Greg Brockman and Musk’s fixer, Jared Birchall, are also expected to testify on Thursday.
Apps, Global Security News
April KB5083769 Windows 11 update causes backup software failures
The April 2026 KB5083769 security update breaks third-party backup applications from multiple vendors on systems running Windows 11 24H2 and 25H2. […]
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
AI Adoption Fuels Rise in Identity Attack Path Risk
Identity security is one of the most urgent priorities for enterprises as AI adoption expands the attack surface and introduces new complexity. The SpecterOps Trends in Identity Attack Path Management 2026 report highlights how organizations are increasing investment in identity security while struggling to turn visibility into consistent risk reduction. “As identity becomes the control…
AI, Apps, Cybersecurity, Global Security News
SHARED INTEL Q&A: PKI’s unfinished business—’digital passports’ for content, models and agents
As if keeping track of machine identities wasn’t hard enough. AI agents are now arriving by the thousands — and most enterprises are just handing them borrowed credentials and hoping for the best. Meanwhile, the cryptographic infrastructure asked to absorb these threats faces a hard regulatory countdown requiring digital certificates — the credentials securing every…
Global Security News
Deep#Door Python Backdoor Evades Detection On Windows
Deep#Door Python RAT uses tunneling and obfuscation to evade detection and steal credentials
AI, Data Breaches, Exploits, Global Security News, Network Security
Two new extortion crews are speedrunning the Scattered Spider playbook
A pair of persistent and problematic threat groups affiliated with The Com are actively targeting organizations across multiple critical infrastructure sectors for rapid data theft and extortion attacks, according to CrowdStrike. The financially-motivated attackers, which CrowdStrike tracks as Cordial Spider and Snarky Spider, have used voice-phishing and social engineering attacks to break into victims’ identity…
Global Security News
Managed vs Self-Managed Cloud Hosting: Choosing the Best Option for Your Business
As more businesses relocate their operations to the cloud, one important decision arises: should you choose managed or…
AI, APAC, Global Security News
OpenAI Growth Miss Rattles AI Chip and Cloud Stocks
A report that OpenAI missed internal growth targets was enough to shake confidence up and down the AI supply chain this week, sending chip and cloud stocks lower and raising new questions about how fast the market is actually expanding. Shares of Nvidia fell more than 3%, while AMD dropped even further before recovering slightly…
AI, Data Breaches, Global Security News, malware, Network Security
Anti-DDoS Firm Heaped Attacks on Brazilian ISPs
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work…
Global Security News
What Happens in the First 24 Hours After a New Asset Goes Live
When a new asset goes live, attackers start scanning within minutes. Sprocket Security shows how automated attacks move from discovery to compromise in under 24 hours. […]
AI, Global Security News
CISA and Partners Publish Zero Trust Guidance For OT Security
A new CISA‑led guide explains how zero‑trust security can be applied to operational technology, balancing cyber defence with safety and system availability
Global Security News
ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories
The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online. Security is always a moving target.…
AI, Exploits, Global Security News
New Linux ‘Copy Fail’ flaw gives hackers root on major distros
An exploit has been published for a local privilege escalation vulnerability dubbed “Copy Fail” that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. […]
AI, Apps, Compliance, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Cisco Introduces Model Provenance Kit to Strengthen AI Supply Chain Security
Organizations are rapidly adopting AI models, but many still lack visibility into where those models come from or how they’ve been modified along the way. Cisco is aiming to close that gap with the release of its open-source Model Provenance Kit, a tool designed to verify the origins of AI models and improve trust across…
Global Security News
Oracle Red Bull Racing Team Revs Up Automation to Boost Security
While drivers race to shave off seconds on the track, the team’s IT and engineering staff are speeding up how they deliver security.
AI, Global Security News
Apple reportedly abandons Vision Pro
It was only this month that incoming Apple CEO John Ternus said of the Vision Pro, “I think we’re still very much in the early innings of spatial computing. We’re super excited about it.” Now, we’re hearing Apple has stopped working on the headset following lackluster sales of the only slightly upgraded M5 chip-powered model introduced in October, which retained…
AI, Exploits, Global Security News
cPanel zero-day exploited for months before patch release (CVE-2026-41940)
A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, a popular web-based control panel for managing web hosting accounts, is being exploited by attackers in the wild. What’s more, attackers didn’t have to wait for watchTowr security researchers to release technical details about the vulnerability – they have been spotted exploiting CVE-2026-41940 since February 23, and…
Data Breaches, Global Security News
UK: Education Sector Faces Surge in Cyber Breaches Despite Stable National Threat Levels
The British public education sector has faced the nation’s most dramatic increase in cyber breach prevalence over the past year
AI, Global Security News, Risk Management
Cisco releases open-source toolkit for verifying AI model lineage
Enterprises pulling models from Hugging Face and other open repositories rarely keep records of how those models are altered after download, leaving organizations with little ability to confirm what they are running in production. The State of AI Security 2026 from Cisco places this level of access inside a growing pattern of AI-driven operations that…
AI, Apps, Exploits, Global Security News, malware, Risk Management
CVE-2026-41940: Critical cPanel & WHM Authentication Bypass Exposes Hosting Servers to Admin Takeover
A newly disclosed CVE-2026-41940 vulnerability in cPanel & WHM has put internet-facing hosting infrastructure under urgent scrutiny. The flaw carries a CVSS score of 9.8 and can let an unauthenticated remote attacker bypass authentication and gain administrative access, while cPanel’s advisory says the issue affects cPanel software, including DNSOnly, across all versions after 11.40. For…
AI, Cybersecurity, Global Security News
New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. “The intrusion chain begins with execution of a batch script (‘install_obf.bat’) that disables Windows security controls, dynamically extracts an
Global Security News
Sports Streamer DAZN Makes $100 Million Bet on Technology Company ViewLift
DAZN hopes the deal will build on its presence in the U.S. sports market.
Global Security News
AI Has Made Memory Chips One of the World’s Most Profitable Products
Samsung is expected to outearn Apple, Microsoft and Alphabet, while two other memory giants are projected to enter top-10 profit list this year.
AI, Global Security News
Met Police face criticism for using AI to spy on their own officers
London police officers have been warned by the Metropolitan Police Federation to watch their backs after the force deployed controversial AI software to investigate misconduct. The staff association, representing more than 30,000 officers in London, reported it had not been informed of plans to use Palantir’s AI to analyze officers’ movements. The Federation notified all…
AI, Apps, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Dismantle implicit trust in OT networks, CISA tells critical infrastructure operators
The US Cybersecurity and Infrastructure Security Agency (CISA) has asked owners and operators of operational technology to stop assuming their networks are safe, and has released joint guidance to adapt zero trust principles for industrial systems that support US power, water, transportation, building automation, and weapons-support infrastructure. OT owners should design controls on the assumption…
Global Security News
Security Insights: A Threat-First View for the Platform That Enforces Access
Secure Access adds Security Insights to speed up SOC Ops. Now, an analyst uses a three-click workflow, reducing investigation time from minutes to seconds.
Global Security News
From Strategy to Architecture: How Cisco is Building a Quantum-Safe Future
Dive into the architecture behind Cisco’s holistic, mutilayered PQC strategy to understand how Cisco is operationalizing the secure communications and secure products across the communication planes, inside the chipset, and down to the firmware that loads before your operating system even boots.
AI, APAC, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
Release Notes: Expanded Threat Intelligence Access, AI Assisted Search 1,770 New Detections and More
April brought several updates across ANY.RUN’s Threat Intelligence and detection coverage. The biggest change is expanded access to Threat Intelligence: Free plan users now get 20 premium requests in TI Lookup and YARA Search. This gives security teams a practical way to check suspicious indicators, explore related sandbox sessions, and validate malware or phishing activity using real attack…
AI, Exploits, Global Security News
Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)
Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed “Copy Fail”, has affected virtually every major Linux distribution shipped since 2017, and a working proof-of-concept (PoC) exploit is publicly available. About CVE-2026-31431 According to Theori researchers, CVE-2026-31431 originates from the interaction of three…
Exploits, Global Security News
Critical cPanel and WHM bug exploited as a zero-day, PoC now available
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. […]
AI, Exploits, Global Security News
Max-severity RCE flaw found in Google Gemini CLI
Security researchers are warning about a max severity vulnerability in Google Gemini CLI that could allow remote code execution (RCE) in environments where the tool processes untrusted inputs. The issue was disclosed by Novee Security researchers and affects the @google/gemini-cli package and its associated GitHub Action, widely used in CI/CD workflows. “Gemini CLI (@google/gemini-cli) and…
AI, Global Security News
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations. By integrating Search Engine Order (SEO)
Global Security News
Police dismantles 9 crypto scam centers, arrests 276 suspects
A joint international operation involving U.S. and Chinese authorities arrested at least 276 suspects and shut down nine cryptocurrency investment fraud centers. […]
AI, Funding, Global Security News, Venture
AI venture funding to shoot up this year as bubble looms
Venture funding of AI companies in 2026 will easily smash funding records set in 2025, with some heavy deals already consummated in the first quarter, according to market researchers. Data from Crunchbase shows that $300 billion poured into 6,000 startups worldwide during the first quarter of 2026. That’s a quarterly record for venture funding in…
Europe, Global Security News
Europol Busts Albanian Scam Call Centers in Major Online Fraud Case
European police arrested 10 suspects after dismantling Albanian scam call centers linked to a €50m ($58m) online investment fraud operation
AI, Compliance, Exploits, Global Security News
Everyone’s building AI agents. Almost nobody’s ready for what they do to identity.
Anthropic recently announced that it would not release Mythos, its most powerful AI model, to the public. The model discovered thousands of previously unknown software vulnerabilities — flaws that had sat undetected in major operating systems and web browsers for as long as nearly three decades. Anthropic said the model was too dangerous to deploy…
AI, Apps, Cybersecurity, Global Security News, malware, Risk Management
SAP npm package attack highlights risks in developer tools and CI/CD pipelines
A supply chain attack on SAP-related npm packages has put fresh scrutiny on the developer tools and build workflows that enterprises rely on to produce software. The campaign, referred to as “mini Shai-Hulud,” affected packages used in SAP’s JavaScript and cloud application development ecosystem. The malicious versions added installation-time code that could steal developer credentials,…
Global Security News
The Clock Is Ticking for Big Tech to Make AI Pay
Depreciation charges are eating into earnings at Microsoft, Alphabet, Meta and Amazon.
Global Security News
How Silicon Valley’s Brightest Parents Broke Their Own School
Tech executives built the ‘it’ school for their gifted kids. Lawsuits, internal feuding and a breakaway followed.
Global Security News, Network Security
Researchers develop tool to expose GPS signal spoofing in transit networks
The Oak Ridge National Laboratory (ORNL) has developed a portable detector that identifies GPS spoofing in real time, including during motion, to help protect transportation systems. Spoofing involves transmitting counterfeit signals that imitate authentic GPS transmissions and produce false information about location, time, or both. GPS jamming, another form of interference, overwhelms receivers with noise…
AI, Cybersecurity, Global Security News
New Linux ‘Copy Fail’ Vulnerability Enables Root Access on Major Distributions
Cybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as CVE-2026-31431 (CVSS score: 7.8) has been codenamed Copy Fail by Xint.io and Theori. “An unprivileged local user can write four controlled bytes into the page cache of…
AI, Global Security News
Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs
Proxmox Backup Server 4.2 is a maintenance and feature update built on Debian 13.4 “Trixie” that adds S3-compatible object storage as a supported backend and introduces parallel processing for sync jobs. The server ships the new version with Linux kernel 7.0 as the stable default and ZFS 2.4 for storage operations. Updated packages, broader hardware…
AI, Global Security News, Russia
Hackers arrested for stealing and reselling 600,000 Roblox accounts
Ukrainian police detained three suspects accused of hacking into Roblox accounts and reselling the data on Russian websites, with payments made in cryptocurrency. Police raid (Source: The Prosecutor General’s Office of Ukraine) “Prosecutors of the Lviv region, together with the cyber police and the Security Service of Ukraine, have stopped the activities of a group…
AI, Compliance, Data Breaches, Europe, Exploits, Global Security News, privacy, Risk Management
Meta accused of violating DSA by failing to safeguard minors
The European Commission accuses Meta of failing to protect children, allowing users under 13 on Instagram and Facebook, in breach of the DSA rules. The European Commission has accused Meta of violating child safety rules. Instagram and Facebook allegedly failed to prevent children under 13 from accessing their platforms. According to the Commission, Meta did…
AI, Global Security News, Risk Management
Cyber is the Number One Global “People Risk,” Says Marsh
Marsh’s 2026 People Risks survey finds cyber‑related challenges dominate, as cyber‑threat literacy tops risks and cyber and AI skills shortages rise
AI, Apps, Cybersecurity, Global Security News, Network Security, Risk Management
Stopping the quiet drift toward excessive agency with re-permissioning
In their infancy, LLM models were not difficult to contain. You gave a prompt; they responded, and if something was wrong it was usually “just text.” This could take the form of a summary that missed the best bits, a tone-deaf line or a wordy sentence. But then, agents were co-opted as the core reasoning…
Global Security News
This month in security with Tony Anscombe – April 2026 edition
Warnings about helpdesk impersonation scams and Iran-linked hackers targeting critical sectors in the US, plus the most damaging scams of 2025 – here’s some of what made the headlines this month
Global Security News
Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats
US Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes. Read more in my article on the Hot for Security blog.
AI, Global Security News
9-Year-Old Linux Kernel Vulnerability “Copy Fail” Enables Full Root Access
Linux Kernel Vulnerability “Copy Fail” lets attackers gain root access via memory flaw. Patch now or disable algif_aead to stay secure.
AI, Global Security News, Russia
Large-scale Roblox hacking operation shut down by Ukrainian authorities
Ukrainian police arrested three hackers who hijacked 610,000 Roblox accounts and sold them for $225,000 in profit. Police in Ukraine arrested three suspects accused of hacking over 610,000 Roblox accounts and selling them for about $225,000. Officers carried out multiple searches in Lviv, seizing cash, phones, computers, laptops, tablets, and USB drives. The operation disrupted…
AI, Cybersecurity, Global Security News
From Robotic to Remarkable: How to Use a Free AI Detector and Bypasser to Level Up Your Writing
In this post, I will show you how to use a free AI detector and bypasser to level up your writing. Let’s be honest: AI has changed the game for anyone who writes. Whether you’re a college student racing against a midnight deadline or a professional drafting a high-stakes report, tools like ChatGPT have become…
Global Security News
Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution
Google has addressed a maximum severity security flaw in Gemini CLI — the “@google/gemini-cli” npm package and the “google-github-actions/run-gemini-cli” GitHub Actions workflow — that could have allowed attackers to execute arbitrary commands on host systems. “The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration,”
AI, Compliance, Europe, Funding, Global Security News, Venture
Scaling up a tech startup in Europe is hard — ‘EU Inc.’ aims to help
Europe produces a large number of new tech startups each year – 28 crossed the $1 billion valuation mark in 2025 alone – yet few become global technology leaders. Many that do succeed look elsewhere to scale, particularly in the US. Founders point to multiple barriers to growing their business in the European Union (EU),…
Global Security News
Anti-Ransomware Awareness Day (12 May): Why Australian businesses must shift from prevention to cyber resilience
Anti-Ransomware Awareness Day (12 May): Why Australian businesses must shift from prevention to cyber resilience. Opinion & Analysis coverage from iTWire.
AI, Global Security News
Automated LLM red teaming gets a learning layer
Automated red teaming of large language models has settled into a familiar pattern over the past two years. An attacker model generates jailbreak attempts against a target model, an evaluator scores the results, and the cycle repeats. Two approaches dominate. One asks the attacker to invent strategies through trial and error, which tends to produce…
AI, Global Security News
Bad bots make up 40% of internet traffic
The normalization of AI and automation within internet infrastructure is changing how organizations interpret traffic. Activity that once appeared anomalous is now treated as expected behavior. AI agents have emerged as a third category of automated traffic alongside good and bad bots, according to the Thales 2026 Bad Bot Report: Bad Bots in the Agentic…
AI, Global Security News
Warp open sources its AI terminal client
Warp, the AI-centric terminal used by close to a million developers, has released the source code for its client on GitHub under the AGPL license, with OpenAI signed on as the founding sponsor of the repository. An agent-first contribution model Warp is steering contributions through Oz, its cloud agent orchestration platform. Agents handle the bulk…
Funding, Global Security News
ReadySteadyPlug receives $1.51 million ARENA funding to accelerate national rollout of affordable EV chargers in apartments
ReadySteadyPlug receives $1.51 million ARENA funding to accelerate national rollout of affordable EV chargers in apartments. Energy coverage from iTWire.
Global Security News
ISC Stormcast For Thursday, April 30th, 2026 https://isc.sans.edu/podcastdetail/9912, (Thu, Apr 30th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Global Security News
Lotto New Zealand successfully rolls out a once-in-a-generation gaming system replacement
Lotto New Zealand successfully rolls out a once-in-a-generation gaming system replacement. Enterprise Solutions coverage from iTWire.
Global Security News
Azure SQL vs SQL Server: Which One Should You Choose for Your Next Project?
Company News: Microsoft offers two paths for running enterprise databases: SQL Server, which you install and manage yourself, and Azure SQL, which Microsoft runs for you as a managed service.