IP Fabric has launched a new Model Context Protocol (MCP) server that removes key barriers to enterprise AIOps adoption, combining secure in-platform deployment with a built-in prompt library for network operations. While MCP servers and AI integrations are increasingly common, most fall short in enterprise environments where security, control and trusted data are non-negotiable. IP…
Category: Network Security
china, Global Security News, Network Security
UK warns of Chinese hackers using proxy networks to evade detection
The United Kingdom’s National Cyber Security Centre (NCSC-UK) and international partners warned that China-nexus hackers are increasingly using large-scale proxy networks of hijacked consumer devices to evade detection and disguise their malicious activity. […]
AI, Endpoint, Global Security News, Government & Policy, malware, Network Security, Russia
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
Leaked data from RAMP reveals Russia’s ransomware ecosystem, analyzing 1,732 threads, 7,707 users, and 340,000 IP records from the forum. RAMP was not just another dark web forum. It was one of the clearest examples of how ransomware has become an organized marketplace, with sellers, buyers, brokers, and recruiters all playing different roles in the…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Defender, tracked as CVE-2026-33825 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-33825 is a Microsoft Defender flaw that can be exploited…
AI, Global Security News, Network Security
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security incident that enabled unauthorized access to its internal systems. The company said it made the discovery after expanding its investigation to include an extra set of compromise indicators, alongside a review of requests…
AI, Global Security News, malware, Network Security
Microsoft Graph API misused by new GoGra Linux malware for hidden communication
A new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Graph API and an Outlook inbox to deliver malicious payloads stealthily. The malware is linked to the Harvester cyberespionage group, which is…
AI, Apps, Global Security News, Network Security
Scale Computing Execs on Unified Edge, Partner-First Strategy
Scale Computing, an edge-first platform company, is positioning itself as a platform that spans everything outside traditional data centers and cloud environments, from localized infrastructure to device-level deployments. Executives point to unique challenges in modern infrastructure needs Craig Theriac, VP of Product Management at Scale Computing, told Channel Insider that this spectrum introduces real-world challenges…
AI, APAC, Apps, Global Security News, Network Security, Risk Management
Oracle Builds for AI While Channel Rivals Chase Share
Oracle is reshaping its enterprise strategy around AI, multicloud infrastructure, and deeper ties with hyperscale partners such as AWS. But as the company pours billions into data centers, pushes agentic AI across its portfolio, and cuts jobs to support that transition, rivals see an opening to compete more aggressively for Oracle-adjacent workloads. That opportunity is…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management, Russia
Riddled with flaws, serial-to-Ethernet converters endanger critical infrastructure
Serial-to-Ethernet adapters used in industrial, retail, and healthcare environments to link serial devices to TCP/IP networks are riddled with vulnerabilities and outdated open-source components, researchers warn. The flaws enable various attacks scenarios, including taking full control of mission-critical equipment such as remote terminal units, programmable logic controllers, point-of-sale systems, and bedside patient monitors. In a…
AI, Apps, Endpoint, Global Security News, malware, Network Security, Risk Management
Malicious pgserve, automagik developer tools found in npm registry
Application developers are being warned that malicious versions of pgserve, an embedded PostgreSQL server for application development, and automagik, an AI coding tool, have been dropped into the npm JavaScript registry, where they could poison developers’ computers. Downloading and using these versions will lead to the theft of data, tokens, SSH keys, credentials, including those…
AI, Global Security News, Network Security
ServiceNow and Google Cloud Unite AI Agents for Autonomous Enterprise Operations
AI agents across Google Gemini’s Enterprise platform and the ServiceNow AI Platform work as one autonomous chain across 5G networking, retail, and IT systems
AI, Global Security News, Network Security
DDoS wave continues as Mastodon hit after Bluesky incident
Mastodon suffered a major DDoS attack shortly after a similar incident hit Bluesky. The outage was significant but resolved within a few hours. Mastodon was hit by a major DDoS attack just days after a similar disruption affected Bluesky. Mastodon is a free and open-source software platform for decentralized social networking with microblogging features similar…
AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Anthropic Probes Alleged Unauthorized Access to AI Security Tool Mythos
Anthropic is investigating reports that an unauthorized group gained access to its newly launched tool, Mythos, highlighting potential gaps in how early-access AI systems are distributed and secured. “Unauthorized users were able to access Anthropic’s Mythos model, reportedly by just changing a model name,” said Shane Fry, CTO at RunSafe Security in an email to…
AI, Exploits, Global Security News, malware, Network Security, Risk Management
Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers
Mirai botnet is targeting old D-Link routers using CVE-2025-29635, a command injection flaw exploitable via crafted POST requests after public PoC disclosure. A Mirai botnet is actively exploiting a command injection vulnerability, tracked as CVE-2025-29635, in discontinued D-Link routers, Akamai reports. The flaw allows attackers to inject commands because an attacker-controlled value is copied without…
AI, Cloud Security, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
A technical walkthrough of multicloud full-stack security using AWS Security Hub Extended
Building on our recent announcement of AWS Security Hub Extended —our full-stack enterprise security offering — we want to show you how we’re simplifying security procurement and operations for your multicloud environments. Whether you’re a security architect evaluating solutions or a CISO looking to streamline vendor management, this post walks through the streamlined experience that…
AI, Cybersecurity, Global Security News, Network Security, privacy
5 Best Free VPNs You Can Trust in 2026 (And the Premium Trials Worth Trying)
This guide is for everyday users, remote workers, and privacy-conscious professionals who want to stay secure online without paying upfront, and it highlights the best free VPNs in 2026 you can trust along with premium trials worth testing before committing. Free Wi-Fi at the airport. A coffee shop hotspot. Even your home network. Every time…
AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Over 1,300 SharePoint Servers Still Exposed to Actively Exploited Spoofing Flaw
More than 1,300 internet-exposed Microsoft SharePoint servers remain unpatched against a spoofing flaw previously exploited as a zero-day. “Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network,” said Microsoft in its advisory. SharePoint Servers Still Exposed The vulnerability, tracked as CVE-2026-32201, affects SharePoint Enterprise Server 2016, SharePoint…
AI, Global Security News, malware, Network Security
Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of attacks likely targeting entities in South Asia. “The malware uses the legitimate Microsoft Graph API and Outlook mailboxes as a covert command-and-control (C2) channel, allowing it to bypass traditional perimeter network defenses,” the…
AI, Global Security News, Network Security
OpenAI Taps Former Google Cloud Lead for Partnerships Role
Former Google Cloud channel executive Colleen Kapase has joined OpenAI as VP of strategic global partnerships and ecosystems, bringing a seasoned partner leader to the AI vendor as it expands its enterprise go-to-market efforts. Kapase disclosed the move Tuesday after leaving Google Cloud in March, where she led channel partnerships during a broader revamp of…
AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
News alert: BreachLock’s integrated attack validation platform debuts in Gartner AEV category
NEW YORK, Apr. 21, 2026, CyberNewswire—BreachLock, a global leader in offensive security, today announced it has been named a representative vendor in the 2026 Gartner Market Guide for Adversarial Exposure Validation. This recognition marks the first time BreachLock has been identified in the Adversarial Exposure Validation (AEV) category since launching its agentic AI-powered Adversarial Exposure Validation platform in 2025. Not only has the company gained recognition in the AEV market quickly, but BreachLock has also emerged as the only vendor offering adversarial exposure validation, Penetration Testing…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-40372: Microsoft Patches ASP.NET Core Privilege Escalation Vulnerability
Microsoft has released an out-of-band update to fix an ASP.NET Core vulnerability that could allow attackers to take full control of affected systems. The flaw enables unauthenticated privilege escalation, increasing risk for enterprises running .NET workloads. “Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network,” said…
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
Microsoft out-of-band updates fixed critical ASP.NET Core privilege escalation flaw
Microsoft fixed critical ASP.NET Core vulnerability, tracked as CVE-2026-40372 (CVSS score of 9.1), that lets attackers escalate privileges. Microsoft released out-of-band updates to address a serious ASP.NET Core vulnerability tracked as CVE-2026-40372 (CVSS score of 9.1). Microsoft fixed the flaw in ASP.NET Core version 10.0.7. An attacker could exploit the flaw to gain SYSTEM-level privileges, access…
AI, Global Security News, Network Security
Gigamon Showcases Momentum in the Network Observability Market, as AI and Hybrid Cloud Drive Demand for Deep Observability
GUEST RESEARCH: Network observability market growth projected to be 6.5 percent to $4.39 billion by 2029, with AI-, cloud-, and security-driven segments poised to double or triple that pace
AI, Exploits, Global Security News, Network Security, Risk Management
Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters
22 BRIDGE:BREAK flaws hit Lantronix and Silex Technology converters, exposing approximately 20,000 devices to hijacking and data tampering. Researchers at Forescout Research Vedere Labs found 22 BRIDGE:BREAK flaws in serial-to-IP devices from Lantronix and Silex Technology. Serial-to-IP converters, also known as serial device servers, connect legacy serial equipment to modern IP networks for remote monitoring…
Global Security News, Network Security
Check Point Software Ranks #1 in Miercom’s 2026 Hybrid Mesh Network Security
COMPANY NEWS: Miercom’s 2026 Hybrid Mesh Network Security Assessment Shows Check Point achieving the highest overall security effectiveness score of 99.8%, highlighting its industry-leading threat prevention
AI, Apps, Compliance, Data Breaches, Endpoint, Global Security News, Network Security, privacy
Attacking the MCP Trust Boundary
Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol (MCP), the fast-growing standard for connecting AI agents to external services, inherits that gap from the models it sits on top of. Its central…
AI, Apps, Global Security News, malware, Network Security
NFC tap-to-pay gets tapped by hackers
Cyber crooks are abusing a trojanized Android payment application to steal near field communication (NFC) data and PINs, enabling cloning of payment cards and draining victim accounts. According to ESET researchers, a new variant of the NGate malware has been infused into the HandyPay NFC-relay application to transfer NFC data to the attacker’s device and…
AI, Global Security News, Network Security
Toxic Combinations: When Cross-App Permissions Stack into Risk
On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat inside the private messages. Some of those conversations held plaintext third-party credentials, including OpenAI API…
AI, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management, Venture
The AI era demands a different kind of CISO
Many security leaders are still operating with frameworks built for a different era. For years, success was measured by fixed checkpoints, such as passing audits, closing vulnerabilities, and maintaining compliance. Those markers still have value, but they were designed for a threat landscape that moved in predictable, linear ways. Today, that landscape is shifting in…
AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security
Anthropic bets on EPSS for the coming bug surge
Anthropic’s Mythos has intensified a problem that vulnerability management programs were already struggling to contain: too many vulnerabilities and not enough clarity about which ones matter. What changes with Mythos — and the AI-based class of vulnerability discovery systems it represents — is the speed at which software flaws can be found and exploited. That…
AI, Global Security News, Government & Policy, malware, Network Security
Venezuela energy sector targeted by highly destructive Lotus wiper
Lotus Wiper hit Venezuelan energy systems, used scripts to disable defenses, then erased all data beyond recovery. Kaspersky researchers found Lotus Wiper targeting Venezuela’s energy and utilities sector amid regional tensions in 2025–2026. Attackers first used batch scripts to weaken systems, disable defenses, and prepare the environment. Then they deployed the wiper, which erased recovery…
AI, Global Security News, Network Security
The 6 Best Partner Relationship Management (PRM) Software in 2026
Partner Relationship Management (PRM) software is a type of B2B solution designed to help companies manage and optimize their partner relationships. The best PRM platforms typically include features such as partner management, lead distribution, deal registration, and incentives and rewards management to drive better outcomes. In this guide, we’ll explore the top PRM software solutions…
AI, Global Security News, Network Security
Adobe builds an ‘agentic content supply chain’ for the AI era
Generative AI is fundamentally (and quickly) shaping how information is discovered and acted on, forcing enterprises to rethink how they engage with both humans and machines. Adobe is responding to this shift, introducing new tools that keep up with evolving branding, surface campaign insights, and speed up content creation. At this week’s Adobe Summit, the…
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, privacy, Risk Management
[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)
[This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor’s Degree in Applied Cybersecurity (BACS) program [1].] Introduction A few weeks ago, my honeypot logged an incident that changed how I think about modern attacks. A threat actor broke into my system using weak SSH credentials and immediately…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
$293M KelpDAO Crypto Heist Exposes Cross-Chain Weaknesses in DeFi
A $293 million cryptocurrency theft has rocked the decentralized finance (DeFi) ecosystem, with KelpDAO at the center of an attack now suspected to be linked to North Korea’s Lazarus Group. The attack highlights how quickly sophisticated attackers can exploit weaknesses in cross-chain infrastructure. “Preliminary indicators suggest attribution to a highly sophisticated state actor, likely DPRK’s…
AI, APAC, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security
Thousands of Apache ActiveMQ instances still unpatched, weeks after an actively exploited hole discovered
Two weeks after researchers using an AI tool discovered a major hole in Apache’s ActiveMQ messaging middleware, there are still thousands of unpatched instances open to the internet, more evidence that many application developers and IT leaders aren’t paying close attention to warnings about vulnerabilities. While the remote code injection vulnerability [CVE-2026-34197] was revealed on…
AI, Global Security News, Network Security, Russia
Scottish man pleads guilty to attack spree that created Scattered Spider’s notoriety
A core leader of the hacker subset of The Com responsible for a series of high-profile phishing attacks and cryptocurrency thefts from September 2021 to April 2023 pleaded guilty to federal charges, the Justice Department said Friday. Tyler Robert Buchanan of Dundee, Scotland, pleaded guilty to conspiracy to commit wire fraud and aggravated identity theft.…
Global Security News, malware, Network Security
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control (C2 or C&C) server linked to SystemBC has led to the discovery of a botnet of more than 1,570 victims. “SystemBC establishes SOCKS5 network…
AI, Global Security News, Network Security
VirtualBox 7.2.8 is out with Linux kernel 7.0 support and crash fixes
Oracle shipped VirtualBox 7.2.8 on April 21, 2026, as a maintenance release covering crashes, networking problems, clipboard issues, and extended Linux kernel compatibility. The update touches the VMM layer, NAT networking, graphics, UEFI, and both Linux and Windows guest support. VMM and core stability A Guru Meditation error carrying the code VERR_IEM_IPE_4 is fixed in…
AI, Data Breaches, Global Security News, malware, Network Security, Risk Management
130K Users Compromised by StealTok Campaign That Uses Fake TikTok Downloaders
A widespread browser extension campaign is quietly compromising users by disguising data-stealing tools as TikTok video downloaders. “While many people see browser extensions as harmless little widgets, oftentimes they have no idea who is actually behind these extensions, and what capabilities they contain within their source code,” said Natalie Zargarov, security researcher at LayerX in…
AI, Apps, Global Security News, Network Security
COO Mark Cree Outlines Scale Computing’s Edge Platform Push
Scale Computing used its Platform//2026 Summit to position its expanded edge computing platform alongside new partner growth opportunities as it looks to move beyond its roots in virtualization. In an interview at the event, President and COO Mark Cree outlined how the company is evolving into a full-stack edge provider spanning compute, networking, security, and…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Funding, Global Security News, Network Security, Risk Management, Venture
AI is one of the two monumental shifts in cyber today
It’s 2026, when nobody can confidently say what the future of security is going to look like. Everyone is trying (what else can we do), but judging by all the progress around AI in recent months, we are all going to be wrong. The biggest mistake we all make is assuming that the future is…
AI, APAC, Data Breaches, Global Security News, Network Security
‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty
A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology…
AI, Global Security News, Network Security
Extreme Platform ONE Reduces Network Costs by 32%, Enterprise Adoption Gains Momentum
GUEST RESEARCH: Asiana Airlines, City of Prescott in Arizona, and SK Biosciences among many customers choosing Extreme Platform ONE to accelerate automation at scale
Global Security News, Network Security
Stopping Fraud at Each Stage of the Customer Journey Without Adding Friction
Fraud prevention and user experience don’t have to be a tradeoff. IPQS shows how combining identity, device, and network signals stops fraud without adding friction. […]
AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security
Azure SRE Agent flaw let outsiders silently eavesdrop on enterprise cloud operations
A high-severity authentication flaw in Microsoft’s Azure SRE Agent exposed sensitive agent data to unauthorized network access, according to a confirmed vulnerability disclosure. The issue was identified by Enclave AI researcher Yanir Tsarimi, who detailed the findings in a blog post describing how agent interactions could be accessed without proper authentication controls. The vulnerability has…
AI, Exploits, Global Security News, Network Security
Prompt injection turned Google’s Antigravity file search into RCE
Security researchers have revealed a prompt injection flaw in Google’s Antigravity IDE that could be weaponized to bypass its sandbox protections and achieve remote code execution (RCE). The issue came from Antigravity’s ability to allow AI agents to invoke native functions, like searching files, on behalf of the user. Designed to kill complexity, the feature…
AI, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Network Security, Risk Management
The US NSA is using Anthropic’s Claude Mythos despite supply chain risk
Axios reports the National Security Agency uses Anthropic Mythos model despite Department of Defense concerns, blurring AI risk vs defense lines. The reported use of Anthropic’s Mythos model by the U.S. National Security Agency is a reminder that the line between AI as a defensive tool and AI as a security risk is getting harder…
AI, Apps, Global Security News, Network Security, privacy, Risk Management
Why identity is the driving force behind digital transformation
Identity centric technologies have undergone a significant transformation in recent times. Gone are the days when it was all about logging in and out of any given system. Today, identity has become the backbone of all digital enterprises. It’s the ‘invisible engine’ that powers everything. From security to how modern-day products are sold. Today’s Identity…
AI, Data Breaches, Global Security News, Network Security
Grinex crypto exchange shuts down, blames Western agencies for $13.7M breach
Grinex exchange collapses after $13.7M breach, blames Western spies as Chainalysis flags possible exit scam and sanctions evasion network links claims.
Global Security News, Network Security
A single platform powers SIM farm proxy networks across 17 countries
Racks of phones and 4G modems, connected to carrier networks and rented out as commercial mobile proxy services, are operating across at least 94 locations in 17 countries. An investigation by infrastructure intelligence firm Infrawatch traced a large portion of those deployments to a shared software platform called ProxySmart, built and operated out of Minsk,…
AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known…
AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Top techniques attackers use to infiltrate your systems today
Much of the talk around cybersecurity these days revolves around AI and the threat it poses to corporate systems when used by nefarious actors. But the reality on the ground remains a little more mundane than polymorphic AI malware and criminal masterminds putting machine learning and generative AI to work at scale. Still, keeping on…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Russia, Venture
The thin gray line: Handala, CyberAv3ngers and Iran’s proxy ops
On April 7, six US government agencies issued a critical advisory warning domestic private sector organizations of potential infrastructural cyberattacks conducted by Iranian-affiliated Advanced Persistent Threat (APT) actors. The advisory stops short of attributing these threats to a single group but makes reference to 2023 attacks on US water and wastewater facilities linked to the…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
New Lazarus APT Campaign: “Mach-O Man” macOS Malware Kit Hits Businesses
Editor’s note: The research is authored by Mauro Eldritch, offensive security expert and a founder of BCA LTD, a company dedicated to threat intelligence and hunting. You can find Mauro on X. The recent wave of ClickFix attacks has introduced several new ways to compromise users, establishing itself as a technique that is likely here to stay. We have observed Lazarus Group using…
AI, Data Breaches, Global Security News, Government & Policy, Network Security
Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility
Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its services for about 24 hours, starting on April 15. Bluesky is a decentralized, open-source microblogging social media platform similar to X (formerly Twitter). It allows users to post…
AI, Cybersecurity, Exploits, Global Security News, Network Security
Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution
As organizations consider agentic AI for their business and IT stacks, researchers continue to find bugs and vulnerabilities in major, commercial models that can significantly expand their attack surface. This week, researchers at Pillar Security disclosed a vulnerability in Antigravity, an AI-powered developer tool for filesystem operations made by Google. The bug, since patched, combined…
AI, Apps, Europe, Exploits, Global Security News, malware, Network Security, Risk Management
Cyberattack That Could Have Poisoned a City’s Water Supply by Manipulating Chlorine Levels
In mid-April 2026, researchers at Darktrace published a detailed breakdown of a malware sample that occupies a narrow but alarming niche in the threat landscape: a Windows-based OT weapon apparently designed from the ground up to sabotage Israeli water treatment and desalination infrastructure. The malware identifies itself internally as ZionSiphon — the name appears in a core…
AI, Global Security News, Network Security
Panasonic Connect introduces TOUGHBOOK 56 for Mobile Professionals
Panasonic Connect North America has launched the TOUGHBOOK 56, a modular rugged laptop designed to support mobile workers across a range of industries. The new device delivers high-performance computing, faster connectivity options, improved thermal management, and advanced security features for professionals in public safety, utilities, enterprise, and federal operations. Offering purpose-built machine to frontline professionals…
Cybersecurity, Global Security News, Network Security
The Top VPNs Chosen By Gamers
In this post, I will talk about the top VPNs chosen by gamers. As seen in the news in 2026, online criminals are sometimes getting away with it. However, they despise virtual private networks. Also known as VPNs, these handy tools are becoming necessities for gamers, especially those who want to combat cybercrime and add…
AI, Global Security News, Network Security
Procure IT & NetWolves Target Enterprise IT Expense Visibility
NetWolves has partnered with Procure IT to integrate its Managed Intelligence Platform into the provider’s Site Connectivity as a Service (SCaaS) offering, aiming to give large enterprises greater visibility into IT spending across vendors, contracts, and services. Why Procure IT and NetWolves formed the partnership The goal is to give Fortune 1000 companies and large…
AI, Data Breaches, Global Security News, malware, Network Security
Scattered Spider member Tyler Buchanan pleads guilty to major crypto theft
Tyler Buchanan, linked to Scattered Spider, pleaded guilty in the US to hacking companies and stealing millions in cryptocurrency. Tyler Buchanan, a 24-year-old from Scotland linked to the Scattered Spider group, admitted in a US court that he hacked dozens of companies, committed fraud, and stole millions in cryptocurrency. Spanish police arrested the British national…
AI, Compliance, Global Security News, Network Security
Salesforce Creates FDE Partner Network for Agentforce
Salesforce is zeroing in on a familiar sticking point with enterprise AI. Getting something to work in a pilot is one thing; getting it to run smoothly in production, with the messiness of real systems and data, is where things tend to fall apart. The company this week introduced a Forward Deployed Engineering (FDE) Partner…
AI, Cybersecurity, Global Security News, Network Security
Fireside Chat: PKI has carried digital trust through every tech advance—now comes the hardest one
Public key infrastructure — the authentication and encryption framework that has held digital commerce together through every chaotic leap forward in technology — is facing a double whammy. Related: Achieveing AI security won’t be easy Autonomous AI agents are flooding enterprise networks, most without verified identities or any meaningful governance. What’s more, quantum computers are…
AI, china, Cloud Security, Compliance, Endpoint, Europe, Global Security News, Network Security, Risk Management
How to clone an AWS CloudHSM cluster across Regions
Important: As of January 1, 2025, Client SDK 3 tools (CMU and KMU) are no longer supported. This guide has been updated to use Client SDK 5 commands exclusively. Ensure you’re using the latest Client SDK 5 version (5.17 or later) for the most recent features and security improvements. You can use AWS CloudHSM to…
Global Security News, Network Security
Microsoft: Teams increasingly abused in helpdesk impersonation attacks
Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movement on enterprise networks. […]
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
NIST Scales Back Vulnerability Scoring in 2026 as CVE Volume Surges
The National Institute of Standards and Technology (NIST) is narrowing how it analyzes and scores software vulnerabilities, citing a sharp increase in submissions that has made it difficult to keep pace. “For years, security teams relied on NVD for vulnerability context to support prioritization decisions. But that model is under real strain,” said Ian Gray,…
AI, Apps, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
CVE-2023-33538 under attack for a year, but exploitation still unsuccessful
Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw, tracked as CVE-2023-33538 (CVSS score of 8.8), in outdated TP-Link routers, but so far without success. The vulnerability is a command…
AI, Apps, Data Breaches, Global Security News, Network Security, Risk Management
Vercel Confirms Security Incident as Threat Actor Claims Stolen Data for Sale
Cloud development platform Vercel has confirmed a security incident involving unauthorized access to internal systems, after a threat actor claimed to be selling stolen company data online. “We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems,” said the company in its advisory. Threat Actor Claims Access to Vercel Systems Vercel…
AI, Exploits, Global Security News, Network Security
Network ‘background noise’ may predict the next big edge-device vulnerability
Attackers rarely exploit an edge-device vulnerability indiscriminately. Typically, they first test how widely the flaw can be used and how much access it can provide, then move on to steal data or disrupt operations. Pre-attack surveillance and planning leaves a lot of noise in its wake. These signals — particularly spikes in traffic that are…
AI, Global Security News, Network Security
Sophos Firewall v22 MR1 is now available
Check out the full release notes for more details and a list of fixes. Categories: Products & Services Tags: Firewall, network, v22
Global Security News, Network Security
Barracuda SOC Data Shows a Rise in Brute-force Authentication Attacks Targeting Network Devices
Brute-force activity, fast-moving ransomware and new phishing techniques identified in latest Managed XDR analysis
AI, Exploits, Global Security News, Government & Policy, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 93
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape CPU-Z / HWMonitor watering hole infection – a copy-pasted attack Fake Claude site installs malware that gives attackers access to your computer Malware Analysis Static SKILL for Codex JanelaRAT: a financial threat targeting users in Latin…
AI, APAC, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia
Security Affairs newsletter Round 573 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware Nexcorium Mirai variant…
AI, Endpoint, Exploits, Global Security News, malware, Network Security
Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware
Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, an open-source emulator, to hide malicious activity inside virtual machines. By running malware in a VM, attackers avoid endpoint security controls and leave minimal traces on…
AI, Exploits, Global Security News, Network Security
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability…
AI, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
World ID expands its ‘proof of human’ vision for the AI era
Identity management is a critical concern for any enterprise, and it’s becoming ever more complex and convoluted with the advent of AI agents. World ID is taking a unique (and to some, controversial) approach to this challenge by building a ‘digital proof of human’ ecosystem for the internet. Today, at its “Lift Off” event, the…
AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management
Flawed Cisco update threatens to stop APs from getting further patches
Cisco admins are scrambling to patch a critical flash memory overflow vulnerability in over 200 Cisco Systems IOS XE-based models of wireless access points (APs), caused by a recent flawed software update. If the issue is not corrected quickly, the AP’s memory will become so flooded that new software updates will be blocked and the…
AI, Apps, Compliance, Endpoint, Exploits, Global Security News, Network Security, privacy, Risk Management
Microsoft’s Patch Tuesday release for April is a whopper
Windows admins are going to be busy this month, dealing with the largest Patch Tuesday cycle we can recall. The April release involves 165 updates and roughly 340 unique CVEs from Microsoft — including two zero-days, one of which is already being actively exploited in the wild. The Readiness team is recommending “Patch Now” schedules…
AI, Global Security News, Network Security
IPv6 may briefly have accounted for more than half of internet traffic
Has IPv6 finally reached its day of glory? It’s fair to say that IPv6 has not had the level of take-up expected when the Internet Engineering Task Force (IETF) ratified it back in 1998. Take-up has been agonizingly slow, not reaching 5 percent of traffic until 2014. However, the use of IPv6 has been slowly…
AI, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security
Transform security logs into OCSF format using a configuration-driven ETL solution
Security logs capture essential security-related activities, such as user sign-ins, file access, network traffic, and application usage. These logs are important for monitoring, detecting, and responding to potential security events. The Open Cybersecurity Schema Framework (OCSF) addresses this challenge by providing a standardized format to represent security events, ensuring consistent and efficient data handling across…
AI, Global Security News, Network Security, Risk Management
Operation PowerOFF: 53 DDoS domains seized and 3 Million criminal accounts uncovered
Operation PowerOFF shut down 53 DDoS-for-hire domains, arrested four suspects, and exposed data on over 3 million criminal user accounts. Operation PowerOFF is an international law enforcement action that dismantled 53 domains linked to DDoS-for-hire services used by over 75,000 cybercriminals. Authorities arrested four suspects, seized infrastructure, and gained access to databases containing more than…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Europe, Exploits, Global Security News, Network Security, Risk Management
Palo Alto’s Helmut Reisinger sees a cyber sea change ahead as AI advances
In two decades, Palo Alto Networks has evolved from a next-generation niche player to one of the largest global cybersecurity giants today. Under its mantra of “platformization,” the company has catapulted its revenues over its closest competitors and boosted its stock valuation to over $130 billion. No stranger to AI use in cybersecurity, Palo Alto recently announced…
AI, Global Security News, Network Security
Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery
Liongard has announced the expansion of LiongardIQ with new capabilities spanning programmatic AI integration, conversational querying, enhanced network discovery, and deeper identity mapping, extending its system of authority for asset intelligence across the full IT stack. Without a trusted foundation of asset intelligence, automation runs on assumptions, AI agents query stale data, and security gaps…
AI, Global Security News, malware, Network Security
Inside ZionSiphon: politically driven malware aims at Israeli water systems
New ZionSiphon malware targets water systems, and allows attackers to alter pressure and chlorine levels. A flaw makes it ineffective for now. Darktrace analyzed ZionSiphon, a new malware designed to target water treatment and desalination systems, which aims to disrupt operations by altering hydraulic pressure and increasing chlorine levels to unsafe levels. The malware combines…
AI, APAC, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-34197 is a critical flaw in Apache ActiveMQ caused by…
AI, Global Security News, Network Security
Apple AirTag tracking can be misled by replayed Bluetooth signals
Apple’s AirTag is designed to help users track lost items by relying on a vast network of nearby Apple devices. New research shows that this same system can be manipulated to display locations where an AirTag has never been. Relaying an AirTag’s BLE advertisments over the Internet injects false location reports into the Find My…
AI, Exploits, Global Security News, Network Security, Risk Management
US nationals sentenced for aiding North Korea’s tech worker scheme
Two New Jersey men were sentenced Wednesday for facilitating North Korea’s long-running scheme to plant operatives inside U.S. businesses as employees, generating more than $5 million in illicit revenue for the regime, the Justice Department said. The U.S. nationals — Kejia Wang, also known as Tony Wang, and Zhenxing Wang, also known as Danny Wang…
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
RCE by design: MCP architectural choice haunts AI agent ecosystem
AI agent building tools enable users to configure Model Context Protocol (MCP) servers may be exposing systems to remote code execution due to an architectural decision in Anthropic’s reference implementation. At issue are unsafe defaults in how MCP configuration works over the STDIO interface, with broad implications for the agent ecosystem, according to a new…
AI, Global Security News, Network Security
ImmuniWeb brings AI upgrades, post-quantum detection and more in Q1 2026
ImmuniWeb unveiled technical updates, new features and functionalities across all products available on the ImmuniWeb AI Platform. ImmuniWeb Discovery Launch of a dedicated Cyber Threat Intelligence (CTI) dashboard Advanced detection of exposed AI-related assets, services and software Enhanced detection of phishing websites thanks to finetuning of our AI models Better and faster detection of IoC…
AI, Data Breaches, Global Security News, Network Security
Cookeville Regional Medical Center hospital data breach impacts 337,917 people
A ransomware attack on Cookeville Regional Medical Center hospital (Tennessee) exposed data of 337,000 people after hackers stole 500GB of sensitive information from its systems. A ransomware attack on Cookeville Regional Medical Center (CRMC) in Tennessee led to a major data breach affecting about 337,000 people. The attack, carried out by the Rhysida group, involved…
AI, Cybersecurity, Global Security News, Network Security
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
Cybersecurity researchers have warned of an active malicious campaign that’s targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. “PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to the C2 server, to evade the network signature detections,” Cisco Talos
AI, Apps, Global Security News, Government & Policy, Network Security, Venture
Reporter’s notebook: In Nepal and Sri Lanka, AI boom brings hope
The soap refill dispenser at a cafe in TRACE Expert City — a technology hub in Colombo, Sri Lanka — boldly declares that it was delivered by ”USAID, from the American people.” The device is a relic from the past, reflecting goodwill that once existed between the US and Sri Lanka. Now, as external aid…
AI, Global Security News, Network Security
Officials seize 53 DDoS-for-hire domains in ongoing crackdown
Authorities from 21 countries took down 53 domains and arrested four people allegedly involved in distributed denial-of-service operations used by more than 75,000 cybercriminals, Europol said Thursday. The globally coordinated effort dubbed “Operation PowerOFF” disrupted booter services and seized and dismantled infrastructure, including servers and databases, that supported the DDoS-for-hire services, officials said. Law enforcement…
Global Security News, Network Security
Exhibit at or Sponsor the 2026 Community Meetings
Don’t miss your chance to join the excitement at this year’s highly anticipated PCI SSC Community Meetings in Vancouver, BC, Canada; Edinburgh, Scotland; and Kuala Lumpur, Malaysia. Secure sponsorship or exhibitor opportunities to connect with payment security leaders, network with peers, and meet prospective customers—all while celebrating PCI SSC’s 20th anniversary with the global…
AI, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
UAC-0247 Attack Detection: AGINGFLY Malware Targets Hospitals, Local Governments, and FPV Operators in Ukraine
Phishing remains one of the most effective tactics in the cybercriminal playbook, particularly when attackers exploit urgent humanitarian themes, trusted online resources, and legitimate system tools to increase victim engagement. Europol also notes that phishing continues to serve as a primary delivery vector for data-stealing malware. This pattern is clearly reflected in the latest activity…
AI, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
BlobPhish: The Phantom Phishing Campaign Hiding in Browser Memory
ANY.RUN has observed a sustained surge in a credential-phishing campaign active since 2024. This campaign, dubbed BlobPhish, introduces a sneaky twist: instead of delivering phishing pages via traditional HTTP requests, it generates them directly inside the victim’s browser using blob objects. The result is a phishing payload that lives entirely in memory, leaving little to no trace in logs, caches,…
Global Security News, malware, Network Security
Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug
Proofpoint researchers executed a malicious payload from a threat actor known to target trucking and logistics companies in late February 2026, doing so inside a decoy environment. The environment stayed compromised for more than 30 days, long enough for researchers to watch the actor work through their tools, scripts, and decisions beyond the initial break-in.…
AI, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
From clinics to government: UAC-0247 expands cyber campaign across Ukraine
CERT-UA reports UAC-0247 targeting Ukrainian clinics and government bodies with malware stealing data from Chromium browsers and WhatsApp. CERT-UA has revealed a cyber campaign by the threat actor UAC-0247 targeting Ukrainian government entities and municipal healthcare facilities, including clinics and emergency hospitals. The operation between March and April 2026, used malware designed to steal sensitive…
