Tech Mahindra, a leading global provider of technology consulting and digital solutions to enterprises across industries announced the audited consolidated financial results for the quarter and year ended March 31, 2026.
AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
3 practical ways AI threat detection improves enterprise cyber resilience
Why “more alerts” isn’t the same as better security If you run security in an enterprise environment, you already know the problem. Generic detection tools generate thousands of alerts, most of them low value. Analysts spend hours chasing noise while attackers quietly move laterally using valid credentials and trusted tools. AI‑driven threat detection promises to…
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security
US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied
A state-sponsored hacking group has implanted a custom backdoor on Cisco network security devices that can survive firmware updates and standard reboots, U.S. and British cybersecurity authorities disclosed Thursday, marking a significant escalation in a campaign that has targeted government and critical infrastructure networks since at least late 2025. The Cybersecurity and Infrastructure Security Agency…
AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
The curious case of Sean Plankey’s derailed CISA nomination
Donald Trump’s nominee to lead the Cybersecurity and Infrastructure Security Agency (CISA), Sean Plankey, informed Homeland Security Secretary Markwayne Mullin and the White House that he is withdrawing his nomination after a 13-month stall, during which the well-regarded cybersecurity veteran faced mounting resistance. “After thirteen months since my initial nomination, it has become clear the…
Global Security News
Intel Sales Rise 7% as AI Agents Drive Growth
Demand from data centers for its CPUs pushed quarterly revenues to $13.6 billion.
AI, china, Cybersecurity, Exploits, Global Security News, malware, Network Security
Dragos: Despite AI use, new malware targeting water plants is ‘hype’
One day AI may be capable of creating malware that threatens critical infrastructure. But that day was not earlier this month, when reports surfaced of a new piece of malware seemingly configured to search for and sabotage Israeli water infrastructure, according to industrial cybersecurity firm Dragos. The malware, called ZionSiphon, was first identified by AI…
Global Security News
Bob Iger Returning to Joshua Kushner’s Thrive in Post-Disney Move
The former Disney CEO has dabbled in tech and media investing.
AI, Global Security News
Bitwarden CLI npm package compromised to steal developer credentials
The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects. […]
AI, china, Cybersecurity, Exploits, Global Security News, Network Security
Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities
Campaigns employing commercial surveillance vendors tracked targets by exploiting mobile phone network vulnerabilities in what researchers said Thursday was the first-ever linking of “real-world attack traffic to mobile operator signalling infrastructure.” The two unknown parties behind the campaigns mimicked the identities of mobile phone operators with customized surveillance tools, and manipulated signaling protocols and steered…
Global Security News
Chinese Satellites Over Mideast Battlefield Put U.S. on Edge
Chinese satellite imagery of the conflict zone is potentially offering battlefield guidance to Iran and other U.S. adversaries.
Global Security News
Trigona ransomware attacks use custom exfiltration tool to steal data
Recently observed Trigona ransomware attacks are using a custom, command-line tool to steal data from compromised environments faster and more efficiently. […]
AI, Global Security News
Gartner: Global IT spending to grow by 13.5% this year
Global IT spending is expected to rise this year to $6.31 trillion, according to a new forecast from Gartner, a 13.5% increase compared to 2025. According to the research firm, AI is the single most important driver behind the growth, with investments in AI infrastructure, in particular, driving the trend. The data center systems segment…
AI, Global Security News
Apple may be the only laptop vendor to grow in 2026
Chinese market research firm Sigmaintell expects Apple to be the only company to see growth in the laptop market this year. Overall, Sigmaintel predicts global notebook shipments will reach 181.1 million units this year, a decline of 8%. That drop will, in part, be caused by memory and component shortages and also by slowing market demand. That’s…
Global Security News, malware
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts. “As with many other intrusions in recent years, UNC6692 relied heavily on impersonating IT helpdesk employees, convincing their victim to accept a Microsoft Teams chat invitation from…
AI, Global Security News
Meta Will Lay Off 8,000 Employees in May: Memo
The company said the 10% workforce cut is needed to run more efficiently and offset other investments. It will also cancel plans to hire for 6,000 open roles.
Global Security News
FDA Approves First-Ever Gene Therapy to Restore Hearing
Regeneron’s drug restored hearing in 11 of 12 children in a rare, inherited condition that causes deafness.
AI, Data Breaches, Global Security News
Luxury cosmetics giant Rituals discloses data breach impacting member personal details
Rituals disclosed a breach where hackers accessed and downloaded some My Rituals members’ data, including names and addresses. Luxury cosmetics giant Rituals disclosed a data breach impacting My Rituals members after attackers gained unauthorized access to its systems and downloaded part of the database. The security breach occurred earlier this month, and the company is…
AI, Apps, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Checkmarx Supply Chain Attack Exploits Docker Images and CI/CD Pipelines
A supply chain attack targeting Checkmarx tooling has exposed developer environments. Attackers pushed malicious Docker images and tampered extensions capable of stealing credentials and other sensitive data. This “… continues a dangerous trend that’s accelerated over the past month: CI/CD pipelines have become the new perimeter,” said Eli Woodward, Cyber Threat Intelligence Advisor at Team…
AI, Global Security News
The Hunt for Extraterrestrial Life Enters a New Frontier
Scientists are using advanced telescopes, models and AI to help them look for signs of life beyond Earth, including in distant solar systems.
AI, Global Security News
Microsoft Offers Buyouts to 7% of Workforce
The company is also changing how it awards bonuses and stock options as it reorganizes workforce around AI efforts.
Global Security News, malware
Harvester APT Expands Spying Operations with New GoGra Linux Malware
New GoGra Linux malware linked to Harvester APT targets systems in South Asia, using fake PDFs and Microsoft APIs for covert command and control.
AI, Global Security News
Google Favors General‑Purpose Gemini Models Over Cybersecurity‑Specific AI
Google Cloud’s COO advocated for combining general-purpose frontier large language models with task-specific AI agents
Global Security News
Clear market trend for software providers to help with AI: Proofpoint CEO
AI, china, Cybersecurity, Global Security News, Government & Policy, malware, Network Security, Risk Management
A dozen allied agencies say China is building covert hacker networks out of everyday routers
U.S. and international government agencies warned Thursday about a “widespread shift” in Chinese hacker methods toward the use of large-scale covert networks that compromise common devices to carry out a variety of attacks. The advisory details how those networks work, and defensive steps organizations should take. “Over the past few years there has been a…
Global Security News
New Checkmarx supply-chain breach affects KICS analysis tool
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. […]
Global Security News
America’s Largest Landowner Is Using AI to Digitize the Forest
Weyerhaeuser is pursuing autonomous logging equipment and hopes to double its profits by 2030 independent of any increase in lumber prices.
Global Security News
Celonis and ProcessLab launch home mortgages manager to speed up loan approvals process
Financial institutions will be able to approve home loan mortgages faster with Celonis and ProcessLab announcing the launch of its Home Mortgages Manager.
AI, Global Security News
Teradata Named a Leader in Nucleus Research 2026 DSML Platform Technology Value Matrix
GUEST RESEARCH: Recognition highlights Teradata’s enterprise AI capabilities, including Enterprise AgentStack, open-source MCP Server, and in-database vector and analytics infrastructure
AI, Exploits, Global Security News, malware
With AI’s help, North Korean hackers stumbled into a near-undetectable attack
For many years, state-sponsored hacking was defined by human expertise in finding security holes, writing malware and exploits, pulling off social engineering and phishing attacks, and much more. Since the advent of LLM-powered AI assistants and tools, less skilled attackers have been able to carry out attacks and compromises that might otherwise have been out…
Global Security News
Tesla Promises Upgrade for Customers Who Bought Cars That Can’t Drive Autonomously
Elon Musk told investors that older Teslas can’t drive autonomously, despite earlier promises to buyers.
AI, APAC, Global Security News
The 2026 Edition of PepsiCo’s APAC Greenhouse Program Shifts Beyond Pilots to Fast-Track Startups into its Supply Chain
COMPANY NEWS: The IMPACT Edition introduces a more structured integration model, bringing proven alumni solutions into PepsiCo’s operations through coordinated execution, commercial pathways, and an expanded partner ecosystem. Two Australian start-ups, Adiona and X-Centric, will join three other finalists to take part in the IMPACT edition.
AI, Global Security News
Bad Memories Still Haunt AI Agents
Cisco found and fixed a significant vulnerability in the way Anthropic handles memories, but experts warn that mishandled memory files will continue threaten AI systems.
AI, Global Security News
ClickHouse Expands Strategic Collaboration With Google Cloud, Bringing Deeper Integration, Cloud Flexibility, and Next-Generation Performance
COMPANY NEWS: ClickHouse, a leader in real-time analytics, data warehousing, observability, and AI/ML, has announced a significant expansion of its strategic collaboration with Google Cloud.
Global Security News, Network Security
GapMaps Names Peter Holmes CEO to Lead Global Expansion
COMPANY ANNOUNCEMENT: GapMaps, the leading location intelligence platform powering physical network expansion, today announced the appointment of Peter Holmes as Chief Executive Officer.
Data Breaches, Global Security News
Cosmetics giant Rituals discloses data breach affecting customers
Dutch cosmetics giant Rituals disclosed a data breach after attackers stole the personal information of an undisclosed number of customers from its “My Rituals” membership database. […]
AI, APAC, Cloud Security, Cybersecurity, Europe, Exploits, Global Security News, Risk Management
The Mythos Discovery: What It Means for Vulnerability Disclosure
The Mythos Discovery: What It Means for Vulnerability Disclosure AI just broke vulnerability disclosure at scale. Earlier this month, Anthropic’s Claude Mythos Preview AI model discovered 27-year-old bugs that survived decades of human review. Now the industry’s top security leaders are calling it a watershed moment. Here’s what software vendors need to know. What Happened…
AI, Global Security News
Introducing Gemini Enterprise Agent Platform, powering the next wave of agents
In the early days of generative AI, building safe and reliable business tools took massive engineering effort and a high tolerance for trial and error. We helped solve that with Vertex AI, our trusted AI development platform. But today, we’re managing a different level of complexity, with agents interacting across multiple systems — and often without…
AI, Data Breaches, Global Security News
Hacker with a special interest in breaching sports institutions ends behind bars
French police have arrested a suspected hacker linked to a series of data breaches affecting organizations in the country. Citing authorities, Le Parisien reported that the suspect, a 20-year-old man using the alias ‘HexDex,’ was taken into custody on April 22, 2026, in the Vendée region, western France. The suspect admitted to using the alias…
Global Security News
Saviynt Appoints Tim Wedande as Field CTO for Asia Pacific and Japan
COMPANY ANNOUNEMENT: APJ appointment strengthens regional customer engagement and technical strategy leadership
AI, Apps, Exploits, Global Security News, privacy
iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix
Apple fixed an iOS flaw that kept deleted notifications on devices, allowing recovery of messages, including from apps like Signal. Apple released updates for iOS and iPadOS to address the vulnerability CVE-2026-28950, a flaw in Notification Services that stored notifications even after deletion. This logging issue could allow recovery of sensitive data, including messages from…
AI, Compliance, Exploits, Global Security News, Network Security, privacy, Risk Management
CVE-2026-28950: Apple Fixes iOS Flaw That Retained Deleted Notification Data
Apple has released security updates to address a Notification Services issue in iOS and iPadOS that could cause alerts marked for deletion to remain stored on a device. The fix was delivered in iOS 26.4.2 / iPadOS 26.4.2 and iOS 18.7.8 / iPadOS 18.7.8, where Apple says the problem was resolved through improved data redaction.…
AI, Apps, Global Security News
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from Socket. “The affected package version appears to be @bitwarden/cli@2026.4.0, and the malicious code was published in ‘bw1.js,’ a file included in the package contents,” the application security company said. “The attack appears to…
AI, Global Security News
Level Up Your Payment Security Expertise with PCI SSC Knowledge Training
Give your team the insight and confidence to work effectively with assessors through Knowledge Training. These courses are designed to help learners speak the same language as the assessor, confidently guide their organization through assessments and any pre-planning, and effectively collaborate alongside the assessor during an assessment. When teams are aligned, assessments run more…
AI, Global Security News
Level Up Your Payment Security Expertise with PCI SSC Knowledge Training
Give your team the insight and confidence to work effectively with assessors through Knowledge Training. These courses are designed to help learners speak the same language as the assessor, confidently guide their organization through assessments and any pre-planning, and effectively collaborate alongside the assessor during an assessment. When teams are aligned, assessments run more…
AI, Global Security News
Getac redefines rugged mobility with launch of G140 Copilot+ PC, powered by AMD Technology in Australia and New Zealand
COMPANY NEWS: The new G140 tablet blends AI-powered performance with MIL-STD fully rugged protection in a lightweight, field-friendly design.
Global Security News
Microsoft: Some Teams users can’t join meetings after Edge update
Microsoft confirmed that a recent Microsoft Edge browser update introduced a bug that prevents Windows users from joining Teams meetings. […]
AI, Exploits, Global Security News
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes. The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. Attacking the systems behind apps is easier than…
AI, Cybersecurity, Global Security News, Risk Management
Offer customers passkeys by default, UK’s NCSC tells enterprises
The UK’s National Cyber Security Centre (NCSC) is recommending passkeys as the default authentication method for businesses to offer consumers, citing industry progress that now makes them a more secure and user-friendly alternative to passwords. In a blog post published this week, the agency said passkeys can now be recommended to both the public and…
AI, Cybersecurity, Global Security News, Risk Management
Offer customers passkeys by default, UK’s NCSC tells enterprises
The UK’s National Cyber Security Centre (NCSC) is recommending passkeys as the default authentication method for businesses to offer consumers, citing industry progress that now makes them a more secure and user-friendly alternative to passwords. In a blog post published this week, the agency said passkeys can now be recommended to both the public and…
AI, Cybersecurity, Global Security News, Risk Management
UK’s NCSC calls passkeys the default, says passwords are no longer fit for the purpose
The UK’s National Cyber Security Centre (NCSC) is recommending passkeys as the default authentication method for businesses to offer consumers, citing industry progress that now makes them a more secure and user-friendly alternative to passwords. In a blog post published this week, the agency said passkeys can now be recommended to both the public and…
AI, Global Security News, Network Security
IP Fabric MCP server adds governance and control to enterprise AIOps workflows
IP Fabric has launched a new Model Context Protocol (MCP) server that removes key barriers to enterprise AIOps adoption, combining secure in-platform deployment with a built-in prompt library for network operations. While MCP servers and AI integrations are increasingly common, most fall short in enterprise environments where security, control and trusted data are non-negotiable. IP…
AI, Global Security News
Apple Fixes iOS Notification Bug Exposing Deleted Messages
Apple patches iOS flaw that retained deleted notifications, exposing message data
AI, Global Security News
Elastic Collaborates with Google Cloud to Bring its Embedded Security Layer to Google Distributed Cloud Air-Gapped Environments
Google Distributed Cloud is embedding Elastic’s agentic security operations platform, providing security analytics, automation, and XDR capabilities to help customers secure sensitive data in air-gapped environments
AI, Apps, Global Security News, Risk Management
Aqua Compass MCP server enables real-time investigation and containment of runtime threats
Aqua Security has announced Aqua Compass, a Model Context Protocol (MCP) server that enables agentic investigation, containment and remediation of runtime incidents, and new runtime risk dashboards. These capabilities help security teams move beyond identifying risk and focus on containing threats in running applications. The announcement builds on Aqua’s Secure AI capabilities, extending the company’s…
china, Global Security News, Network Security
UK warns of Chinese hackers using proxy networks to evade detection
The United Kingdom’s National Cyber Security Centre (NCSC-UK) and international partners warned that China-nexus hackers are increasingly using large-scale proxy networks of hijacked consumer devices to evade detection and disguise their malicious activity. […]
AI, Cloud Security, Global Security News, Risk Management
Google gets agent-ready for the Mythos age
In response to Anthropic Mythos, instead of launching another LLM, Google unveiled a broad push toward agentic, AI-driven defense at Google Cloud Next ‘26 to help SOC analysts as they scramble to keep up with the influx of CVEs Mythos threatens. As Mythos promises more vulnerabilities, and reports of unauthorized access despite its limited preview…
AI, Global Security News, Government & Policy
New GopherWhisper APT group abuses Outlook, Slack, Discord for comms
A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate services like Microsoft 365 Outlook, Slack, and Discord in attacks against government entities. […]
AI, Exploits, Global Security News
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
Imagine a world where hackers don’t sleep, don’t take breaks, and find weak spots in your systems instantly. Well, that world is already here. Thanks to AI, attackers are now launching automated, large-scale exploits faster than ever before. The time you have to fix a vulnerability before it gets attacked is shrinking to zero. We…
AI, Global Security News
Google brings instant email verification to Android, no OTP needed
Google has introduced cryptographically verified email credentials for Android through the Credential Manager API. This API aligns with the W3C Digital Credential API standard. It provides a unified way for apps to request and retrieve user credentials for authentication and authorization. “By integrating the new verified email via the Credential Manager API, you can reduce…
AI, Global Security News
Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform
Google Cloud will attribute a unique cryptographic ID every AI agent that will be tied to “traceable and auditable” authorization policies
AI, Global Security News
Project Glasswing Proved AI Can Find the Bugs. Who’s Going to Fix Them?
Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the extraordinary step of postponing its public release. Instead, the company has given access to Apple, Microsoft, Google, Amazon, and a coalition of others to find and patch bugs before adversaries can. Mythos Preview, the model that…
AI, Cybersecurity, Exploits, Global Security News, Government & Policy
If cyber espionage via HDMI worries you, NCSC built a device to stop it
A new cybersecurity device developed by the National Cyber Security Centre (NCSC) should be a helpful solution for protecting governments and businesses from malicious activity carried through display connections. Called SilentGlass, the plug-and-play tool is designed to protect HDMI and DisplayPort links from potential cyberattacks. The NCSC warns that monitors are an attractive target for…
AI, Global Security News
Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950)
Apple has rolled out security updates for iPhones and iPads that fix CVE-2026-28950, a logging issue in Notification Services that made devices unexpectedly retain notifications marked for deletion. The vulnerability was patched following a recent report about the FBI accessing a suspect’s Signal message notification content on their iPhone, despite Signal being deleted from the…
Exploits, Global Security News
CISA orders feds to patch BlueHammer flaw exploited as zero-day
CISA has ordered U.S. federal agencies to patch a Microsoft Defender privilege escalation flaw (dubbed BlueHammer) that has been exploited in zero-day attacks. […]
AI, Apps, Exploits, Global Security News, Risk Management
CVE-2026-40372: Critical ASP.NET Core Flaw May Let Attackers Gain SYSTEM Privileges
Microsoft has released out-of-band updates for CVE-2026-40372, a high-impact ASP.NET Core privilege-escalation vulnerability tied to the platform’s Data Protection cryptographic APIs. Public reporting says the flaw carries a CVSS score of 9.1 and could allow an unauthenticated attacker to forge authentication material and ultimately obtain SYSTEM privileges on affected systems. The issue stands out not…
Global Security News
Cyber-Attacks Surge 63% Annually in Education Sector
Quorum Cyber report finds higher and further education institutions experienced 63% increase in attacks over a year
AI, Cybersecurity, Exploits, Global Security News
Hackers Use Hidden Website Instructions in New Attacks on AI Assistants
Cybersecurity researchers at Forcepoint uncover new indirect prompt injection attacks that use hidden website code to exploit AI assistants like GitHub Copilot.
AI, Apps, Exploits, Global Security News
Apple Patches Exploited Notification Flaw, (Thu, Apr 23rd)
Apple yesterday released iOS/iPadOS 26.4.2 and iOS/iPadOS 18.7.8. This update fixes a single Notification Services vulnerability, CVE-2026-28950: Impact: Notifications marked for deletion could be unexpectedly retained on the device Description: A logging issue was addressed with improved data redaction. Apple did not mark the vulnerability as exploited. However, recent news articles reported that the FBI…
AI, Endpoint, Global Security News, Government & Policy, malware, Network Security, Russia
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
Leaked data from RAMP reveals Russia’s ransomware ecosystem, analyzing 1,732 threads, 7,707 users, and 340,000 IP records from the forum. RAMP was not just another dark web forum. It was one of the clearest examples of how ransomware has become an organized marketplace, with sellers, buyers, brokers, and recruiters all playing different roles in the…
AI, Europe, Global Security News
ChatGPT Confessed to a Crime It Couldn’t Possibly Have Committed
You might spend your Saturday mornings sipping coffee, attending a kids’ soccer game, or just recovering from a tough week at work. Not Paul Heaton. He recently spent a weekend persuading ChatGPT to confess to a crime it didn’t commit. “We know a lot now about the sort of interrogation techniques that lead to false…
AI, Global Security News
‘Zealot’ Shows What AI’s Capable of in Staged Cloud Attack
The proof of concept revealed AI-based attacks unfold too fast for human defenders to respond, and that AI evinced more autonomous behavior than expected.
AI, Global Security News
Microsoft Needs Copilot to Get Back in the Air
With its shares in a slump, Microsoft must show its own AI efforts are paying off.
AI, Global Security News
Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents
Forcepoint has found 10 new indirect prompt injection attacks targeting AI agents
AI, APAC, Cybersecurity, Exploits, Global Security News, Risk Management
Microsoft taps Anthropic’s Mythos to strengthen secure software development
Microsoft plans to integrate Anthropic’s Mythos AI model into its Security Development Lifecycle, a move that suggests advanced generative AI is beginning to play a direct role in how major software vendors identify vulnerabilities and harden code against attack. The company said it will use Mythos Preview, along with other advanced models, as part of…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Microsoft Defender to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Microsoft Defender, tracked as CVE-2026-33825 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-33825 is a Microsoft Defender flaw that can be exploited…
AI, china, Cybersecurity, Global Security News, Government & Policy
China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
Mongolian governmental institutions have emerged as the target of a previously undocumented China-aligned advanced persistent threat (APT) group tracked as GopherWhisper. “The group wields a wide array of tools mostly written in Go, using injectors and loaders to deploy and execute various backdoors in its arsenal,” Slovakian cybersecurity company ESET said in a report shared…
china, Global Security News, Government & Policy
GopherWhisper APT group hides command and control traffic in Slack and Discord
Attackers continue to lean on everyday collaboration platforms to hide command and control traffic inside normal enterprise noise. A newly identified China-aligned APT group pushes that trend further, running its operations through Slack workspaces, Discord servers, Outlook drafts, and the file.io sharing service. GopherWhisper toolset overview ESET researchers have named the group GopherWhisper and tied…
china, Global Security News, Government & Policy
GopherWhisper: A burrow full of malware
ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian governmental institutions
Global Security News
NCSC Backs Passkeys, Hailing a New Era of Sign-in
The UK’s NCSC has fully backed passkeys as consumers’ first choice for login, citing progress with FIDO and successful use across the NHS
AI, APAC, Global Security News, privacy
OpenAI tackles a bad habit people have when interacting with AI
Since people tend to paste personal data into AI tools such as ChatGPT, OpenAI has released Privacy Filter, an open-weight model designed to detect and redact personally identifiable information (PII) in text. The model is available under the Apache 2.0 license on Hugging Face and GitHub. “This release is part of our broader effort to…
AI, Global Security News, Network Security
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security incident that enabled unauthorized access to its internal systems. The company said it made the discovery after expanding its investigation to include an extra set of compromise indicators, alongside a review of requests…
AI, Global Security News
Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case
Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device. The vulnerability, tracked as CVE-2026-28950 (CVSS score: N/A), has been described as a logging issue that has been addressed with improved data redaction. “Notifications marked for deletion could be…
AI, Cybersecurity, Global Security News
How Companies Can Use AI Cybersecurity Tools to Audit Their Defenses
In this post, I will talk about how companies can use AI cybersecurity tools to audit their defenses. Cybersecurity audits used to be slow, expensive, and often reactive. Teams would comb through logs, check configurations, and hope they hadn’t missed anything critical. That approach no longer holds. The scale of modern attacks, and the speed…
AI, Global Security News, malware, Network Security
Microsoft Graph API misused by new GoGra Linux malware for hidden communication
A new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Graph API and an Outlook inbox to deliver malicious payloads stealthily. The malware is linked to the Harvester cyberespionage group, which is…
AI, Global Security News
Shares of Apple Supplier STMicroelectronics Jump After Strong Quarter
It posted strong first-quarter sales and said revenue growth from artificial intelligence should accelerate in coming months.
Global Security News
Your old phone is worth more than you think, and a $262 billion market knows it
Somewhere between your last phone upgrade and the drawer where your old one now sits, a quarter-trillion-dollar market is humming along. The circular tech economy, the business of refurbishing, reselling and redistributing pre-owned devices, has quietly grown into one of the most consequential shifts in global electronics.
AI, Apps, Global Security News, privacy
Tim Cook’s legacy: a successful CEO who stumbled over AI
Apple’s Tim Cook was viewed as a worthy successor to Steve Jobs when he took over as CEO in August 2011, two months before Jobs’ death. Apple products became successful (and profitable) in many ways due to his success as COO, where he whipped company operations and supply chains into shape. Cook expanded the company’s…
AI, Apps, Global Security News, Network Security
Scale Computing Execs on Unified Edge, Partner-First Strategy
Scale Computing, an edge-first platform company, is positioning itself as a platform that spans everything outside traditional data centers and cloud environments, from localized infrastructure to device-level deployments. Executives point to unique challenges in modern infrastructure needs Craig Theriac, VP of Product Management at Scale Computing, told Channel Insider that this spectrum introduces real-world challenges…
AI, APAC, Apps, Global Security News, Network Security, Risk Management
Oracle Builds for AI While Channel Rivals Chase Share
Oracle is reshaping its enterprise strategy around AI, multicloud infrastructure, and deeper ties with hyperscale partners such as AWS. But as the company pours billions into data centers, pushes agentic AI across its portfolio, and cuts jobs to support that transition, rivals see an opening to compete more aggressively for Oracle-adjacent workloads. That opportunity is…
AI, Global Security News
A year in, Zoom’s CISO reflects on balancing security and business
In this Help Net Security interview, Sandra McLeod, CISO at Zoom, reflects on her first year in the role. She talks about moving from reactive firefighting to business strategy, and what she heard from engineers, the board, and customers during her early months. McLeod discusses how she prepared for incident management, the dual job of…
AI, Apps, Global Security News
Scenario: Open-source framework for automated AI app red-teaming
Enterprises running customer service bots, data analytics agents, and other AI-driven applications in production handle sensitive records and connect to core business systems every day. LangWatch has released Scenario, an open-source framework that runs automated red-team exercises against AI agents using multi-turn attack techniques that mirror how adversaries operate in the wild. Multi-turn attacks replace…
AI, Compliance, Europe, Global Security News, privacy
GDPR works, but only where someone enforces it
A new measurement study of web tracking across ten countries offers a reality check for anyone working on privacy compliance. Researchers crawled the same set of globally popular websites from virtual machines located in Australia, Brazil, Canada, Germany, India, Singapore, South Africa, South Korea, Spain, and California. The results show that European privacy law does…
AI, Global Security News
Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks
The 2026 InsurSec Report from At-Bay, covering more than 100,000 policy years of claims data, documents a 7% year-over-year rise in overall claim frequency and an all-time high average severity of $221,000. Ransomware severity reached $508,000, up 16% from the prior year, making it the costliest incident type by a wide margin. Remote access weaknesses…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management, Russia
Riddled with flaws, serial-to-Ethernet converters endanger critical infrastructure
Serial-to-Ethernet adapters used in industrial, retail, and healthcare environments to link serial devices to TCP/IP networks are riddled with vulnerabilities and outdated open-source components, researchers warn. The flaws enable various attacks scenarios, including taking full control of mission-critical equipment such as remote terminal units, programmable logic controllers, point-of-sale systems, and bedside patient monitors. In a…
Global Security News, Venture
DJI Launches Beginner-Friendly Camera Drone Series with Lito X1 and Lito 1
DJI, the global leader in civilian drones and creative camera technology, today launches the Lito series. Designed for aspiring creators exploring aerial photography for the first time, this new lineup of entry-level aerial camera drones makes high-altitude aerial photography accessible and beginner-friendly from day one. With its affordable price point and well-rounded features, the Lito…
Global Security News
ISC Stormcast For Thursday, April 23rd, 2026 https://isc.sans.edu/podcastdetail/9904, (Thu, Apr 23rd)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AI, Cybersecurity, Exploits, Global Security News, privacy
Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox
The Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this month, has discovered 271 vulnerabilities in version 148 of the browser. All have been fixed in this week’s release…
AI, Cybersecurity, Exploits, Global Security News, privacy
Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox
The Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this month, has discovered 271 vulnerabilities in version 148 of the browser. All have been fixed in this week’s release…
AI, Cybersecurity, Exploits, Global Security News, privacy
Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox
The Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this month, has discovered 271 vulnerabilities in version 148 of the browser. All have been fixed in this week’s release…
AI, Apps, Endpoint, Global Security News, malware, Network Security, Risk Management
Malicious pgserve, automagik developer tools found in npm registry
Application developers are being warned that malicious versions of pgserve, an embedded PostgreSQL server for application development, and automagik, an AI coding tool, have been dropped into the npm JavaScript registry, where they could poison developers’ computers. Downloading and using these versions will lead to the theft of data, tokens, SSH keys, credentials, including those…