Testing Rich Text Content
AI, Funding, Global Security News, Government & Policy, Risk Management
The Victorian Government will allocate $3.5 million – Technology Driven Safety Security Measures for Family Violence Victims and Survivors
The funding announcement comes as new data reveals an 8% increase in family and domestic violence offenders over the past financial year, reinforcing the scale and persistence of the issue across the state. Against this backdrop, the latest investment focuses on practical, immediate protections designed to reduce risk for those most vulnerable.
AI, Global Security News
How’s that? AI umpiring in grassroots cricket isn’t just about fairness — it’s a glimpse of sport’s digital future
Go Darwin. The quiet rollout of an AI-powered cricket decision review system in Darwin’s women’s division one cricket competition may look like a niche experiment. It isn’t. It’s a signal, one that speaks to how artificial intelligence is steadily reshaping not just elite sport, but its grassroots foundations.
Global Security News
Optus’ Digital Thumbprint program, now reaching more than 725,000 Australian students – recognition that connectivity requires education
.In an era where children are immersed in digital environments from primary school, the question is no longer whether they will engage online—but whether they will do so safely, critically, and respectfully.
AI, Global Security News
ACE the ping pong robot developed by engineers and researchers at THK and Sony AI is getting better and better at the game.
A new chapter in sports technology has unfolded as a table tennis robot named ACE has achieved a milestone that once seemed far beyond the reach of machines. Developed by Sony AI in partnership with Japanese robotics firm THK, ACE has demonstrated a level of skill, adaptability, and consistency that places it firmly in the…
Global Security News
Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation
Microsoft Entra Agent ID flaw allowed privilege escalation and tenant takeover via Service Principal abuse, now fully patched by Microsoft.
AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security
Critical bug in CrowdStrike LogScale let attackers access files
CrowdStrike fixed CVE-2026-40050 in LogScale self-hosted, a critical flaw allowing unauthenticated file access via path traversal. CrowdStrike recently disclosed a critical vulnerability, tracked as CVE-2026-40050, affecting its LogScale self-hosted product. The flaw enables unauthenticated path traversal, which could allow a remote attacker to read arbitrary files from the server filesystem. “CrowdStrike has released security updates…
AI, china, Global Security News
That Video on Your Phone Might Be Made-in-China AI
From Hollywood productions to short clips, creators are leaning on AI to create content that once required sprawling crews. China plays a big role.
Global Security News
Cellphone-Location Tracking Poses Privacy Test at Supreme Court
Geofence warrants give cops leads but create false positives and have spurred legal challenges.
AI, Cybersecurity, Global Security News
American utility firm Itron discloses breach of internal IT network
Itron, Inc. has disclosed, via an 8-K filing with the U.S. Securities and Exchange Commission (SEC), a cybersecurity incident in which an unauthorized third party accessed certain internal systems. […]
Global Security News
From the Telegraph to the Smartphone: How Information Technology Unified a Nation
At the birth of the country, its vast size made a lack of cohesion one of the biggest threats. These inventions made all the difference.
AI, Global Security News
Google Cloud unveils agentic defence innovations at Next 2026
At its flagship Google Cloud Next 2026 event, Google Cloud has announced a suite of new security capabilities aimed at ushering in a new era of “agentic defence” – enabling organisations to respond to cyber threats at machine speed while securing increasingly complex AI and multicloud environments.
AI, Global Security News
The Future of Data Platforms: From Pipelines to Intelligent Orchestration
GUEST OPINION: For years, organisations have invested heavily in building data pipelines — structured flows that move data from source systems into warehouses, lakes, and dashboards. These pipelines have been the backbone of reporting and analytics. But as enterprises accelerate their adoption of AI, digital platforms, and real-time decision-making, pipelines alone are no longer enough.
Global Security News
Semperis Expands Purple Knight to Strengthen Identity Security in Line with Five Eyes Guidance
Semperis, the identity-driven cyber resilience and crisis response company, today announced expanded capabilities for Purple Knight, its free, community-driven Active Directory and Entra ID security assessment tool helping organisations strengthen identity security in line with guidance from the Five Eyes Alliance, of which Australia is a key member.
AI, Global Security News
Apple’s New Boss
Plus: The staying power of internal combustion, Meta’s huge layoffs, Marc Benioff’s take on AI and software, and more.
Global Security News
Device codes are the new frontier for phishing as Barracuda detects 7 million attacks in four weeks
GUEST RESEARCH: Device code phishing has advantages over traditional credential phishing in stealth, persistence and evasion
AI, Global Security News
Commvault expands Google Cloud alliance to embed cyber resilience into AI and multi-cloud environments
Commvault has deepened its partnership with Google Cloud, rolling out its Commvault Cloud platform natively within Google Cloud while extending Clumio’s cloud-native data protection to Google Cloud Storage, in a move that reflects the growing importance of resilience in AI-driven environments.
AI, china, Global Security News, Government & Policy, malware
GopherWhisper: new China-linked APT targets Mongolia with Go-based malware
ESET found a new China-linked APT, tracked as GopherWhisper, targeting Mongolia using Go-based malware, loaders, and backdoors. ESET researchers uncovered a new China-aligned APT group called GopherWhisper, targeting government institutions in Mongolia. The group’s arsenal includes a range of tools mainly written in Go, such as loaders and injectors, which are used to deploy multiple…
AI, Global Security News
AI Agents, Security Culture and a Conversation at Abbey Road Studios
I recently joined a panel at the iconic Abbey Road Studios to discuss a provocative theme: Your AI agent doesn’t care about your security culture. HotTopics Studio: Abbey Road Studios Event It captures an important truth. AI will often scale the quality of the environment it is given, whether that environment is built on strong…
AI, Exploits, Global Security News, malware, Network Security, Politics
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 94
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Morpheus: A new Spyware linked to IPS Intelligence The iPhone — invincible no more: a look at DarkSword and Coruna Lotus Wiper: a new threat targeting the energy and utilities sector New NGate variant hides in…
AI, Global Security News, malware, Network Security
Trigona ransomware adopts custom tool to steal data and evade detection
Trigona ransomware now uses a custom command-line tool to steal data faster and evade detection, replacing tools like Rclone and MegaSync. Symantec researchers report that recent Trigona ransomware attacks used a custom-built data exfiltration tool instead of common utilities like Rclone or MegaSync. This shift, seen in March 2026 incidents, gives attackers more control and…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Politics, Risk Management, Russia
Security Affairs newsletter Round 574 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog Over 400,000…
AI, Data Breaches, Global Security News, malware
Week in review: Claude Mythos finds 271 Firefox flaws, Vercel breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines Boost Security has released SmokedMeat, an open-source framework that runs attack chains against CI/CD infrastructure so engineering and security teams can see what an attacker would do in their specific…
AI, Global Security News, Government & Policy
SAS at 50: the analytics powerhouse quietly shaping decisions in Australia and beyond
Next week, iTWire will be reporting from the ground at SAS Innovate in Grapevine, Texas – a milestone event marking 50 years of analytic software company SAS. It’s not a company that chases headlines. But it is one that underpins decisions in banks, governments, hospitals and retailers – including across Australia – often without end…
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
U.S. CISA adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SimpleHelp, Samsung, and D-Link flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2024-7399 Samsung MagicINFO 9 Server Path Traversal Vulnerability CVE-2024-57726 SimpleHelp Missing Authorization Vulnerability…
Global Security News
Microsoft rolls out revamped Windows Insider Program
Microsoft says it’s rolling out a revamped Windows Insider Program experience as part of the broader plans to address performance and reliability concerns affecting Windows 11. […]
AI, Global Security News
The Race to Make the World’s Most In-Demand Machine
Tech companies’ plans to spend hundreds of billions of dollars on AI infrastructure depend on a one-of-a-kind Dutch equipment maker most Americans have never heard of.
Global Security News, malware
Threat actor uses Microsoft Teams to deploy new “Snow” malware
A threat group tracked as UNC6692 uses social engineering to deploy a new “Snow” malware set that includes a browser extension, a tunneler, and a backdoor. […]
AI, Exploits, Global Security News
Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)
Attackers exploit a Breeze Cache flaw (CVE-2026-3844) to upload files without login. Wordfence researchers detected over 170 attacks. Threat actors are exploiting a critical flaw, tracked as CVE-2026-3844 (CVSS score of 9.8), in the Breeze Cache WordPress plugin, allowing them to upload files to a server without authentication. The vulnerability has already been used in…
Global Security News
Fake CAPTCHA Scam Abuses Verification Clicks to Send Costly International Texts
Research from Infoblox reveals a massive Click2SMS fraud scheme using fake CAPTCHAs and back button hijacking to trick victims into sending costly international texts.
AI, Cybersecurity, Global Security News, malware
Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran’s nuclear program by destroying uranium enrichment centrifuges. According to a new report published by SentinelOne, the previously undocumented cyber sabotage framework dates back to 2005, primarily targeting high-precision calculation software to tamper
Cybersecurity, Exploits, Global Security News
CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is below – CVE-2024-57726 (CVSS score: 9.9) – A missing authorization vulnerability in
AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security
CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network
CISA said a federal Cisco Firepower ASA device was infected with the FIRESTARTER backdoor in Sept 2025, and it survived security patches. CISA revealed that a U.S. federal civilian agency’s Cisco Firepower device running ASA software was compromised in September 2025 by the FIRESTARTER backdoor. The malware reportedly persisted even after security patches were applied,…
AI, Data Breaches, Global Security News
ADT confirms data breach after ShinyHunters leak threat
Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. […]
AI, APAC, Apps, Global Security News, Network Security
Meta’s compute grab continues with agreement to deploy tens of millions of AWS Graviton cores
Meta is continuing its compute grab as the agentic AI race accelerates to a sprint. Today, the company announced a partnership with Amazon Web Services (AWS) that will bring “tens of millions” of AWS Graviton5 cores (one chip contains 192 cores) into its compute portfolio, with the option to expand as its AI capabilities grow.…
Global Security News, Government & Policy
Helping Romance Scam Victims Require a Proactive, Empathic Approach
People targeted by confidence schemes find getting help is a lonely road. Experts want law enforcement, financial and government institutions to work together and protect them.
AI, Global Security News, Government & Policy, privacy
Latest spy power reauthorization bill leaves critics unimpressed
The latest attempt to re-up a controversial expiring surveillance law has failed to placate vocal critics on both the left and right of the political spectrum. Two House votes failed last week to extend the spying powers under Section 702 of the Foreign Intelligence Surveillance Act (FISA) for 18 months without changes, leading to Congress…
Cybersecurity, Global Security News, malware
Firestarter malware survives Cisco firewall updates, security patches
Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or Firepower Threat Defense (FTD) software. […]
Global Security News
OpenAI CEO Apologizes for Not Flagging Mass Shooting Suspect to Police
AI, Compliance, Data Breaches, Global Security News, privacy, Risk Management
New US House privacy bills raise hard questions about enterprise data collection
US House Republicans have introduced two major privacy proposals that would reshape how US companies collect, process, and retain consumer data: the SECURE Data Act for general consumer privacy and the GUARD Financial Data Act for financial institutions. The bills would create national standards for privacy and security practices while broadly preempting many state privacy…
Global Security News
Windows Update gets new controls to reduce forced restarts
Microsoft is rolling out Windows Update improvements that give users more control over how updates are installed while reducing disruption from frequent or poorly timed restarts. […]
AI, Global Security News
New ClickFix attack Hides in Native Windows Tools to Reduce Detection Risk
Fake CAPTCHA ClickFix attack tricks users into running malicious commands, using cmdkey and regsvr32 to maintain persistence and avoid detection on Windows
AI, Exploits, Global Security News, Risk Management
12-year-old Pack2TheRoot bug lets Linux users gain root privileges
‘Pack2TheRoot’ flaw lets local Linux users gain root via PackageKit. CVE-2026-41651 (8.8) has existed for nearly 12 years. The Pack2TheRoot flaw, tracked as CVE-2026-41651, lets unprivileged users install or remove system packages without authorization, potentially gaining full root access. The vulnerability is rated high severity, CVSS score of 8.8, and has existed for nearly 12…
AI, Compliance, Endpoint, Global Security News, Network Security, Risk Management
Protecting your secrets from tomorrow’s quantum risks
As outlined in the AWS post-quantum cryptography (PQC) migration plan, addressing the risk of harvest now, decrypt later (HNDL) attack is an important part of your post-quantum plan. Upgrading the client-side of your workloads to support quantum-resistant confidentiality is an important aspect of your side of the PQC shared responsibility model. Timelines to plan and…
AI, Global Security News, Risk Management
Information security as a factor in the sustainability of IT systems
GUEST OPINION: In the current technological landscape, the term “sustainability” has moved beyond its traditional environmental roots to become a cornerstone of digital infrastructure management. For modern enterprises, particularly those operating in high-volume, high-risk sectors like iGaming, FinTech, and e-commerce, the sustainability of an IT system is defined by its ability to maintain operational integrity,…
AI, china, Europe, Global Security News
Germany’s sovereign AI hope changes hands
As Europe seeks to assert its technological independence from the US vendors Aleph Alpha, once seen as Germany’s sovereign AI hope, is the target of a transatlantic takeover. Aleph Alpha is set to merge with Canada’s Cohere in a deal that will bring together Cohere’s global AI clout and Aleph Alpha’s background in research. The…
AI, Global Security News
Scattered Spider co-conspirator pleads guilty
Another member of the notorious Scattered Spider gang of cyber criminals has pleaded guilty in a US court, and will be sentenced later this year. Tyler Buchanan pleaded guilty in a Florida court to conspiring with others to hack into companies’ computer systems with the intent of stealing at least $8 million in virtual currency.…
AI, Global Security News
New BlackFile extortion group linked to surge of vishing attacks
A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality organizations since February 2026. […]
AI, Cybersecurity, Exploits, Global Security News, Government & Policy
CISA last in line for access to Anthropic Mythos
The US Cybersecurity and Infrastructure Security Agency (CISA) does not yet have access to Anthropic’s bug-hunting AI model, Claude Mythos, even though other government agencies do, Axios reported earlier this week. As if that weren’t a big enough slap in the face for the national cyber-defense agency, the list of those who do have access…
Global Security News
Microsoft to roll out Entra passkeys on Windows in late April
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late April. […]
AI, Apps, Global Security News
Agent Mode is now available in Microsoft Word, Excel, and PowerPoint
Microsoft has beefed up Copilot’s capabilities in Word, Excel and PowerPoint, claiming its Agent Mode will help speed up workers’ output. The new features, announced last year, mean that Copilot can work more efficiently with Office applications, for example, understanding the richness of a pivot table in Excel or the use of animations in PowerPoint. In…
Global Security News
Is AI Smarter Than Humans? It’s Complicated
As a neuroscientist, I conducted research into artificial versus human intelligence. The results surprised me—and suggest we’ve been worrying over the wrong things.
AI, Compliance, Global Security News, Risk Management, Venture
Sage Expands Intacct Advisory and Debuts Sage HCM Solution
Accounting, finance, and HR technology provider Sage has announced two updates ahead of its annual Sage Future conference: the expansion of its Sage Intacct Advisory program and the launch of its Sage HCM solution. Both moves are positioned to streamline workflows, introduce more industry-specific capabilities, and help organizations better leverage AI across their operations. Scaling…
AI, APAC, Apps, Global Security News, Network Security
Google Cloud Makes Key Agentic AI Announcements at Next ‘26
To coincide with the Google Cloud Next ‘26 conference – Google Cloud’s largest event – the cloud giant is making a number of announcements, including the new Gemini Enterprise Agent Platform, advancements to its AI Hypercomputer architecture, and introducing the Agentic Data Cloud. A single platform for agent development, orchestration, and governance Google Cloud is…
AI, Cybersecurity, Exploits, Global Security News, Government & Policy
CISA last in line for access to Anthropic Mythos
The US Cybersecurity and Infrastructure Security Agency (CISA) does not yet have access to Anthropic’s bug-hunting AI model, Claude Mythos, even though other government agencies do, Axios reported earlier this week. As if that weren’t a big enough slap in the face for the national cyber-defense agency, the list of those who do have access…
AI, Funding, Global Security News
Google Cloud Funds Partner Push for Enterprise AI Agents
Google Cloud is putting new financial weight behind its partner ecosystem as it pushes deeper into enterprise AI, announcing a $750 million fund at Next ’26 to accelerate partner-led development and deployment of “agentic” AI systems. New fund promises to support prototyping, AI training, and more across partner ecosystem The investment, which Google says will…
AI, Compliance, Global Security News, Risk Management
Microsoft Urges Partners to Operationalize Copilot, Agents
Microsoft’s tone around AI is starting to change. The emphasis now is on getting systems into production and keeping them running in a way businesses can manage. Microsoft pushes partners and customers toward the next frontier This sentiment is expanded upon in a recent blog from chief partner officer Nicole Dezen, who frames Microsoft’s next…
AI, Exploits, Global Security News
New ‘Pack2TheRoot’ flaw gives hackers root Linux access
A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or remove system packages and gain root permissions. […]
AI, china, Global Security News
Former OpenAI research scientist launches new AI model for Tencent
Tencent has updated its Hunyuan AI model, its first major release since it recruited Yao Shunyu, a leading AI scientist from OpenAI. Tencent’s Hy3 model, currently available in preview, offers improvements in areas from complex reasoning to coding. The Chinese technology conglomerate is playing catch-up with other Chinese AI developers including ByteDance, Alibaba and DeepSeek.…
AI, Funding, Global Security News
Google Expands Anthropic Investment With $40 Billion Commitment
Racing toward a potential IPO and grappling with computing needs, AI startup has amassed up to $65 billion in new funding deals.
Cybersecurity, Global Security News, malware
FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency’s Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September 2025 with malware called FIRESTARTER. FIRESTARTER, per CISA and the U.K.’s National Cyber Security Centre (NCSC), is assessed to be a backdoor designed for remote access…
AI, Global Security News
US Busts Myanmar Ring Targeting US Citizens in Financial Fraud
Some 29 people were charged, including a Cambodian senator, and authorities seized more than 500 Web domains tied to fake investment sites.
AI, Apps, Global Security News, Risk Management
Adobe bets on AI agents to stay at the center of marketing workflows
Adobe is rolling out autonomous agents to orchestrate work across its applications, a move that will reinforce its position at the core of content and marketing workflows as AI disrupts the software landscape, analysts say. “We’re living at true inflection point; a moment where creativity and marketing are being reshaped by AI, unlocking incredible new…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management
ShinyHunters Claims Udemy Data Breach of 1.4M Users
A notorious threat actor group has targeted Udemy, one of the world’s largest online learning platforms. ShinyHunters claims it has stolen more than 1.4 million user records and is threatening to leak the data within days. “Over 1.4M records containing PII and other internal corporate data have been compromised. Pay or Leak,” the threat actors…
Global Security News
The Most Impactful U.S. Inventions
We asked readers which U.S. technologies, including the cotton gin, the microchip and even the dishwasher, have mattered most.
Global Security News
A Push to Digitize the Forest
Plus, a Chinese robot beat the human half-marathon record and the hunt for extraterrestrial life gets an update.
AI, Global Security News
Glasswing Secured the Code. The Rest of Your Stack Is Still on You
Forgotten integrations, shadow IT, SaaS, and now shadow AI and agents are everywhere, and attackers don’t need sophisticated AI models to take advantage.
AI, Apps, Global Security News, Government & Policy, Network Security, Politics, privacy, Risk Management
Palantir Is Helping Trump’s IRS Conduct “Massive-Scale” Data Mining
military contractor Palantir is helping the IRS analyze dozens of different data sets on Americans to investigate a broad range of financial crimes, according to records shared with The Intercept. Since 2018, the Internal Revenue Service’s Criminal Investigation division has used Palantir’s Lead and Case Analytics platform to aggregate and analyze a sprawling list of…
Cybersecurity, Global Security News
Can Brivo Access Control Work for Multi-Site Businesses?
Brivo multi-site access control lets you manage every door across every location from one dashboard. Learn how it works, what it costs, and why it fits growing businesses. Running a business across many locations gets messy fast. You hand out key cards at one office. Someone leaves, and you forget to turn theirs off. Then…
AI, Global Security News, Government & Policy
NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software
The Office of Inspector General (OIG) of the U.S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities, universities, and private companies, in violation of export control…
Data Breaches, Global Security News
DORA and operational resilience: Credential management as a financial risk control
Article 9 of DORA makes authentication and access control a legal obligation for EU financial entities. Here is what the regulation requires, and what a breach looks like when those controls are missing. […]
AI, APAC, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management
Data Breaches, AI Expansion, and Cloud Security Define This Week’s Cyber Landscape in April 2026
Major Threats & Vulnerabilities Vulnerability Scoring and Exploitation Trends The NIST Adjusts Scoring Amid CVE Spike report highlights a 260%+ increase in CVE submissions since 2020. To manage the surge, NIST will prioritize high-impact vulnerabilities, potentially leaving many without full scoring data. Security teams must adapt to inconsistent vulnerability data and prepare for potential blind…
AI, Global Security News
TeamPCP Hijacks Bitwarden CLI, Uses Dependabot to Deploy Shai-Hulud Malware
GitGuardian uncovers TeamPCP attack on Bitwarden CLI, abusing GitHub Dependabot to spread Shai-Hulud and poison AI coding tools.
AI, Cybersecurity, Endpoint, Europe, Exploits, Global Security News, Government & Policy, Risk Management, Russia
Signal phishing campaign targets Germany’s Bundestag President Julia Klöckner
Germany’s Bundestag President Klöckner was targeted in a Signal phishing attack via a fake CDU group chat. Germany’s Bundestag President Julia Klöckner has reportedly become the latest European political figure targeted through a Signal-based phishing attack, reported Der Spiegel. The incident is another reminder that even trusted messaging apps can become entry points when attackers…
Exploits, Global Security News
Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks
Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw. […]
AI, Global Security News
AI Phishing Is No. 1 With a Bullet for Cyberattackers
In the last six months, companies have seen a significant influx of AI-powered phishing, as cyberattackers progress from small campaigns to 1-to-1 personalized attacks.
Data Breaches, Global Security News, Government & Policy
UK Biobank Data Breach: Health Data of 500,000 Listed for Sale in China
UK government Minister confirms that breached health records of UK Biobank volunteers were up for sale on Chinese ecommerce platforms before being removed
AI, Global Security News
North Korea’s Lazarus Targets macOS Users via ClickFix
Lazarus continues leveraging ClickFix for initial access and data theft, in this case, against Mac-centric organizations and their high-value leaders.
AI, Cybersecurity, Data Breaches, Global Security News
Users advised to drop passwords and make room for passkeys
In a decisive move that could reshape how users log in online, the National Cyber Security Centre (NCSC) is urging consumers to abandon passwords in favour of passkeys, positioning them as the future of authentication. “Passkeys should become consumers’ first choice for logging into digital services,” NCSC said. Overhauling decades of security guidance, the agency…
AI, Global Security News
Indirect prompt injection is taking hold in the wild
The open web is slowly but surely filling up with “traps” designed for LLM-powered AI agents. The technique, known as indirect prompt injection (IPI), involves hiding (more or less) covert instructions inside ordinary web pages, waiting for an AI agent to read them and carry out the author’s commands. The IPI attack kill chain (Source:…
AI, APAC, Global Security News, Risk Management
Microsoft to offer voluntary retirement buyouts to about 7% of the US workforce
Microsoft will offer voluntary retirement buyouts to about 7% of its US workforce, or roughly 8,750 employees, in the first such program in the company’s 51-year history, as the technology industry restructures under the cost pressure of AI investment. The program, available to US-based employees at the senior director level and below, comes as large…
AI, Global Security News
AI Rush is Reviving Old Cybersecurity Mistakes, Mandiant VP Warns
AI tools are not just creating new vulnerabilities, they are reviving old security failures, warned Jurgen Kutscher, VP of Mandiant Consulting
AI, Global Security News
AI Startups From Canada, Germany Join Forces in Challenge to Silicon Valley
A deal between Cohere and Aleph Alpha aims to tap growing demand for technology that isn’t dependent on U.S. tech giants.
AI, Global Security News
Bridging the AI Agent Authority Gap: Continuous Observability as the Decision Engine
The AI Agent Authority Gap – From Ungoverned to Delegation As discussed in our previous article, AI agents are exposing a structural gap in enterprise security, but the problem is often framed too narrowly. The issue is not simply that agents are new actors. It is that agents are delegated actors. They do not emerge…
Cybersecurity, Global Security News
26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases
Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in an attempt to steal recovery phrases and private keys since at least fall 2025. “Once launched, these apps redirect users to browser pages designed to look similar to the App Store and distribute trojanized versions…
AI, Global Security News
Microsoft now lets admins uninstall Copilot on enterprise devices
Microsoft says IT administrators can now uninstall the AI-powered Copilot digital assistant from enterprise devices using a new policy setting, which has become broadly available after the April 2026 Patch Tuesday. […]
AI, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Inside agenteV2: How Brazilian Attackers Use Fake Court Summons to Steal Banking Credentials in Real Time
A new phishing campaign targeting Brazilian users demonstrates how modern financial malware has evolved from simple credential theft into full-scale, operator-driven fraud platforms. Disguised as a judicial summons, this campaign leverages social engineering, multi-stage malware delivery, and real-time remote access capabilities to compromise victims and actively assist attackers in financial theft. For organizations, the implications extend beyond individual users. Employees accessing corporate…
AI, Global Security News, Risk Management
Google Keep cheat sheet: How to get started
Google Keep lets you create notes and to-do lists that sync across your computer and phone or tablet. It’s handy in a variety of ways: You can record voice memos, and Keep will transcribe them as text notes. You can include images in your notes, and if an image includes text, it shows up in…
Global Security News, Government & Policy
French Police Arrest HexDex Hacker Over Mass Data Theft and Leaks
French police arrest HexDex hacker, a 20-year-old suspect accused of mass data theft and leaks targeting government, sports groups, and firms.
china, Global Security News, Network Security
Compromised everyday devices power Chinese cyber espionage operations
China-linked threat actors have shifted from individually procured infrastructure to large-scale covert networks, botnets built from compromised routers and other edge devices, the National Cyber Security Centre (NCSC) warns. To help organizations address this threat, the NCSC, together with the Cyber League and partner agencies, has issued an advisory. The advisory includes guidance for organizations…
Cybersecurity, Global Security News, malware
New Cisco firewall malware can only be killed by pulling the plug
Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security Centre warned on Thusday. “The [Firestarter] malware (…) is relevant for both Cisco Firepower and Secure Firewall devices; however, CISA has only observed a successful implant of the malware in the…
AI, Data Breaches, Global Security News, malware, Risk Management
Checkmarx supply chain attack impacts Bitwarden npm distribution path
Bitwarden CLI was hit by the Checkmarx supply chain attack. Version 2026.4.0 shipped malicious code in bw1.js via a compromised GitHub Action. Bitwarden CLI has been compromised as part of the ongoing Checkmarx supply chain campaign, researchers warn. The affected version, @bitwarden/cli 2026.4.0, contained malicious code hidden in the bw1.js file. The breach likely stemmed…
Global Security News
Musk’s Chip-Making Vision With Intel Is a Distant Prospect
The Tesla chief’s ‘Terafab’ idea will take many years to materialize, if it works at all
AI, Exploits, Global Security News
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code (VS Code) tunnels for remote access. Zscaler ThreatLabz, which discovered the campaign last month, has attributed it with high confidence to…
AI, Global Security News
Meta is overhauling how you sign in, manage settings, and protect your accounts
Meta Account gives users of Meta apps and devices a simpler way to access and manage their accounts. Accounts Center will automatically be updated to a Meta Account as part of a gradual rollout over the next year. Users will be notified when the change occurs. It supports Meta technologies including Facebook, Instagram, Messenger, Threads,…
AI, Data Breaches, Global Security News
The calm before the ransom: What you see is not all there is
A breach claims the systems as well as the confidence that was, in retrospect, a major vulnerability
Global Security News
Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation
Malicious npm packages spread via worm-like propagation and steal developer credentials
AI, Global Security News
Ubuntu 26.04 LTS delivers memory-safe system tools and live patching for Arm servers
Linux distributions have spent the past few years absorbing GPU vendor toolchains, Rust-based system components, and more stringent encryption defaults. Ubuntu 26.04 LTS, codenamed Resolute Raccoon, pulls most of those threads together into a single release that will receive standard security support until April 2031. Rust moves into the system layer One of the more…
AI, Apps, Global Security News
Microsoft Pushes Partners Deeper Into Copilot and AI Tools
Microsoft is expanding its AI channel strategy with new partner benefits, updated recognition programs, and additional tooling to accelerate enterprise adoption of Copilot, security, and agent-based offerings. The moves show how the company is trying to turn strong AI demand into a more repeatable partner-led sales and services motion. Microsoft posts strong earnings across cloud…
Exploits, Global Security News
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation in the wild less than 13 hours after its public disclosure. The vulnerability, tracked as CVE-2026-33626 (CVSS score: 7.5), relates to a Server-Side Request Forgery (SSRF) vulnerability that could be exploited to access sensitive data.…