Nicci Rossouw has spent three years running Robotics Australia Group, the country’s peak body for everything from warehouse arms to underwater hull-scrubbers. On May 1, she hands the CEO role to Paul Mason, co-host of the Manufacturing Tech Australia podcast and a mechatronics engineer with 20-plus years across product development, manufacturing, and commercialisation.
AI, Global Security News
Ping Identity Appoints Antony Collins as Regional Vice President, APJ Channels and Alliances
COMPANY ANNOUNCEMENT: Collins to accelerate partner-led growth across Asia Pacific and Japan as organisations secure identity in the AI era
AI, Global Security News
Celonis and Oracle expand collaboration to power Enterprise AI and accelerate IT modernisation
Celonis and Oracle have expanded their long-standing collaboration opening up additional features to joint customers.
AI, Global Security News, Risk Management
Nearmap Defines the Future of Property Intelligence to Help Organisations See Truth, Assess Risk, and Act with Certainty
Nearmap unifies capture, AI analytics, and materials intelligence – bringing the full property intelligence value chain into one proprietary platform
AI, Global Security News, malware
Hackers hijacked CPUID downloads, served STX RAT to victims
If you tried to download software from CPUID’s website late last week, you might have downloaded malware instead. “Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between April 9 and April 10, causing the main website to randomly display malicious links (our…
AI, Apps, Global Security News, Risk Management
Scans for EncystPHP Webshell, (Mon, Apr 13th)
Last week, I wrote about attackers scanning for various webshells, hoping to find some that do not require authentication or others that use well-known credentials. But some attackers are paying attention and are deploying webshells with more difficult-to-guess credentials. Today, I noticed some scans for what appears to be the “EncystPHP” web shell. Fortinet wrote about…
AI, Global Security News
Solving Tech Debt Unlocks 3x Digital Revenue Boost for Australia’s AI Leaders, Finds New Research
Latest research reveals technical debt blocks AI success in Australia, but cohort of leaders is overcoming it to unlock AI and drive three times more digital revenue than peers
Global Security News
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings where the gap between a quiet shift and a…
AI, Apps, Compliance, Global Security News, malware, Network Security, privacy, Risk Management
Aura Business Debuts BYOD Security Solution for MSPs
AI-powered online safety platform Aura has introduced a new business security solution to help shrink the unmanaged device gap that exists in today’s security stacks. The new identity-centric bring your own device solution built for MSPs Aura Business for MSPs is a new identity-centric BYOD security solution designed to protect businesses and employees. It allows…
Global Security News, malware
OpenSSF Flags Malware Campaign on Slack Posing as Linux Foundation Figures
OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.
AI, Global Security News
$12 million frozen, 20,000 victims identified in crypto scam crackdown
More than $12 million has been frozen, and over 20,000 victims have been identified in an international law enforcement operation targeting cryptocurrency and investment scammers. Authorities also uncovered more than $45 million in suspected cryptocurrency fraud losses worldwide. One UK victim identified during the operation is thought to have lost more than £52,000 to the…
AI, Apps, Endpoint, Exploits, Global Security News, Network Security
Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure
A critical pre-authentication remote code execution vulnerability in Marimo, an open-source Python notebook platform owned by AI cloud company CoreWeave, was exploited in the wild less than 10 hours after its public disclosure, according to the Sysdig Threat Research Team. The vulnerability, tracked as CVE-2026-39987 with a severity score of 9.3 out of 10, affects…
AI, Global Security News
Preparing for Post-Quantum Cryptography: The Secure Firewall Roadmap
Cisco Secure Firewall’s post-quantum cryptography roadmap: what’s available today, what’s coming, and how to start planning.
AI, Data Breaches, Exploits, Global Security News
Rockstar Games receives “pay or leak” warning after cyberattack
Rockstar Games, the developer behind titles such as Grand Theft Auto and Red Dead Redemption, has confirmed a cyberattack claimed by hacking group ShinyHunters, which says it accessed the company’s Snowflake environment and obtained data. The attackers exploited Anodot, a third-party SaaS platform used for cloud cost monitoring and analytics, as the entry point and…
AI, Apps, Endpoint, Exploits, Global Security News, Network Security
Seven IBM WebSphere Liberty flaws can be chained into full takeover
Security researchers are warning of a set of flaws affecting IBM WebSphere Liberty, a lightweight, modular Java application server, that can be chained into a full server compromise. The flaws, a total of seven, that led to the ultimate compromise of the server were initiated by a newly discovered pre-authentication issue in the platform’s SAML…
Exploits, Global Security News, Network Security
Your MTTD Looks Great. Your Post-Alert Gap Doesn’t
Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks’ Wendi Whitmorewarned that similar capabilities are weeks or months from proliferation. CrowdStrike’s 2026 Global Threat Report puts average eCrime breakout time at 29 minutes. Mandiant’s M-Trends 2026
AI, Exploits, Global Security News, privacy, Risk Management
iPhone forensics expose Signal messages after app removal in U.S. case
An FBI case in Texas shows Signal messages can still be recovered from iPhones even after app uninstall, via system artifacts, challenging privacy assumptions. The recent revelations about FBI forensic access to Signal messages on an iPhone have reignited a long-standing misunderstanding about mobile privacy: the belief that disappearing messages and encrypted apps guarantee that…
AI, Apps, Global Security News
How to build your own AI agents with Google Workspace Studio
The great hope for AI agents is that they will automate many of the repetitive tasks office workers perform, such as writing and emailing weekly project updates. These tools combine rules-based automation with generative AI models to perform a series of tasks that make up a workflow. In this vein, Google late last year announced…
Endpoint, Global Security News, Risk Management
Why Your Deprecated Endpoints Are an Attacker’s Best Friend: The Rise of Ghost APIs
Ghost APIs are deprecated endpoints left active, exposing systems to attack. Learn how they differ from shadow APIs and why they create hidden security risks
Exploits, Global Security News, Network Security
Google makes it harder to exploit Pixel 10 modem firmware
Google is working to improve the security of Pixel phones by focusing on the cellular baseband modem, a part of the device that handles communication with mobile networks and processes external data. In the Pixel 9, the company introduced measures to reduce memory-related vulnerabilities. With the Pixel 10, the approach goes further by integrating a…
AI, Global Security News
Meta Expected to Unseat Google as World’s Largest Digital-Ad Player
The owner of Instagram and Facebook has fueled growth with new advertising products and AI.
AI, Compliance, Europe, Global Security News, Government & Policy, malware, Network Security, privacy
Citizen Lab: Webloc tracked 500M devices for global law enforcement
Citizen Lab reported that law enforcement used the surveillance tool Webloc to track up to 500M devices via ad data globally. A report by Citizen Lab revealed that law enforcement agencies in the U.S., Hungary, and El Salvador used a surveillance tool called Webloc to track devices via advertising data, potentially affecting up to 500…
Global Security News
FBI Dismantles $20m Phishing Operation W3LL
The W3LL phishing kit has been associated with fraud attempts totaling $20m
AI, Global Security News
Alleged German DDoS-for-Hire Kingpin Behind Fluxstress Caught in Thailand
Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries.
AI, Cybersecurity, Global Security News, Network Security
Siemens expands Industrial Automation DataCenter with edge AI and cybersecurity
Siemens will present the next generation of its Industrial Automation DataCenter, a custom-configured data center for IT needs in production, expanding its turnkey solution into an AI-ready platform. Structure of the Siemens Industrial Automation DataCenter and its Remote Industrial Operations Services (Source: Siemens AG) In partnership with NVIDIA and in collaboration with Palo Alto Networks,…
Apps, Exploits, Global Security News
Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)
Adobe has pushed out an emergency security update for Adobe Acrobat Reader, patching a zero-day vulnerability (CVE-2026-34621) exploited in the wild since November 2025. About CVE-2026-34621 CVE-2026-34621 is a critical prototype pollution vulnerability – a type of vulnerability that occurs in JavaScript and allows attackers to add or modify an application’s JavaScript objects and properties.…
Global Security News
Seized VerifTools servers expose 915,655 fake IDs, 8 arrested
On April 7 and 8, Dutch police arrested eight suspects in a nationwide operation targeting users of the VerifTools platform as part of an identity fraud investigation. The suspects, all men aged 20 to 34, are accused of identity fraud, forgery, and cybercrime-related offenses. During searches, officers seized smartphones, laptops, cash, cryptocurrency, and weapons or…
AI, Global Security News
North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. “The threat actor used…
AI, Cybersecurity, Global Security News
UK Cyber Security Council Launches Associate Cyber Security Professional Title
The UK Cyber Security Council has unveiled a new Associate Cyber Security Professional title aimed at supporting early‑career cybersecurity professionals
AI, Cybersecurity, Global Security News, Risk Management
CISOs tackle the AI visibility gap
Dale Hoak found himself asking a question that has become familiar to CISOs through the decades: What am I missing? More specifically, Hoak, CISO at software firm RegScale, was wondering what he might be missing around his company’s AI deployments. “The business was moving so fast in using AI, so initially we had some visibility…
AI, Data Breaches, Global Security News, Government & Policy, malware
Iran-linked group Handala claims to have breached three major UAE organizations
Iran-linked group Handala claims to have breached three major UAE organizations, Dubai Courts, Dubai Land Department, and Dubai Roads & Transport Authority The group Handala claimed a major cyberattack against the UAE, targeting Dubai Courts Department, Dubai Land Department, and Dubai Roads and Transport Authority. They alleged destroying 6 petabytes of data and stealing 149 TB…
AI, Apps, Exploits, Global Security News
Adobe Summit 2026: How Adobe hopes to redesign marketing and creativity with AI
Adobe Summit serves as a platform for Adobe to introduce new services, capabilities, and enhancements to its portfolio of creative and marketing software and services. The 2026 edition kicks off live in Las Vegas on April 20, with a virtual event running alongside it. The company has long been a name to watch as a…
Global Security News
Operation Atlantic Seizes $12m in Crypto Losses
UK, US and Canadian authorities have identified over 20,000 victims of approval phishing scams that trick users into handing over full crypto wallet access
AI, china, Data Breaches, Global Security News, malware, Russia
CPUID watering hole attack spreads STX RAT malware
Threat actors compromised the CPUID website and spread STX RAT through fake CPU-Z and HWMonitor downloads. Attackers breached the website CPUID and replaced download links for CPU-Z and HWMonitor with malicious files for several hours. Users who downloaded them got infected with the STX RAT, giving attackers remote access to their systems. The short attack…
AI, Cybersecurity, Global Security News, Government & Policy
TekStream CEO on Expanding Student-Staffed SOCs Nationwide
TekStream is expanding its student-staffed security operations center (SOC) program nationwide, positioning the model as a dual solution to cybersecurity talent shortages and rising demand for U.S.-based managed security services. We spoke with TekStream CEO Rob Jensen about how the provider continues to build on the program’s early success with LSU. Inside TekStream’s public-private SOC…
AI, Apps, Global Security News
AI Memory Shortage Disrupts MSP Pricing and Channel Deals
The global memory shortage is no longer just about finding chips; it’s about finding partners you can trust. What began as a straightforward supply-and-demand crunch has morphed into something messier for managed service providers and IT resellers. Vendors are rewriting the rules of engagement mid-game, eliminating long-standing partner protections and reserving the right to change…
AI, Apps, Global Security News
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious Axios library on March 31, but noted that no user data or internal system was compromised. “Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps,” OpenAI said in a…
Global Security News
Fixing vulnerability data quality requires fixing the architecture first
In this Help Net Security interview, Art Manion, Deputy Director at Tharros, examines why vulnerability data across repositories stays inconsistent and hard to trust. The problem starts with systems not designed to collect or manage that data well. They introduce the idea of Minimum Viable Vulnerability Enumeration (MVVE), a minimum set of assertions needed to…
AI, Global Security News
ZeroID: Open-source identity platform for autonomous AI agents
ZeroID is an open-source identity platform that implements an identity and credentialing layer specifically for autonomous agents and multi-agent systems. The attribution problem The core issue ZeroID targets is attribution in agentic workflows. When an orchestrator agent spawns sub-agents to carry out parts of a task, each sub-agent may call APIs, write files, or execute…
Cybersecurity, Global Security News
MITRE releases a shared fraud-cyber framework built from real attack data
Financial fraud losses in the United States reached $16.6 billion in 2024, up from $4.2 billion in 2020. Behind those numbers is a structural problem: the teams responsible for stopping fraud, fraud investigators and cybersecurity analysts, have historically operated separately, using different tools, different terminology, and different mental models of how attacks unfold. The MITRE…
AI, Global Security News
Why manual certificate management is running out of time
In this video, John Murray, Senior Vice President of Sales at GlobalSign, explains what’s changing in the certificate industry and what companies need to do about it. Certificate validity periods are shrinking, which means companies will need to rotate certificates far more often than before. Small and mid-sized businesses are the most exposed. Smaller teams,…
AI, Global Security News
Bringing governance and visibility to machine and AI identities
In this Help Net Security interview, Archit Lohokare, CEO of AppViewX, explains how the rise of AI marked a turning point where machine and AI agent identities began converging into a single problem. Drawing on his experience across IBM and CyberArk, he describes the shift from human-driven systems to autonomous machines. Lohokare also shares how…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security
Marimo RCE Flaw Exploited Within Hours of Disclosure
A vulnerability in the open-source Marimo Python notebook platform is already being actively exploited, underscoring how quickly attackers can turn newly disclosed flaws into real-world attacks. Less than 10 hours after public disclosure, threat actors developed a working exploit and began targeting exposed systems. “Within 9 hours and 41 minutes of the vulnerability advisory’s publication,…
Global Security News
ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AI, Global Security News
AI Is Using So Much Energy That Computing Firepower Is Running Out
AI companies are rationing their offerings and products, rankling users—a warning sign for a boom that depends on rapid adoption.
AI, Global Security News, Risk Management
Identity Protection in the AI Era
Enterprises aiming to predict and mitigate human, machine, and AI‑agent risks at scale demand AI‑powered identity‑first security without compromise.
AI, Global Security News
The fully free Linux OS Trisquel gets a major update with version 12.0 Ecne
Trisquel GNU/Linux, a free operating system aimed at home users, small enterprises, and educational centers, released version 12.0. The release, codenamed Ecne, is declared production-ready and builds on the previous version, Aramo, with changes to packaging, the kernel, security, and available software. APT 3.0 and repository format changes Ecne ships with APT 3.0, which brings…
AI, Apps, Exploits, Global Security News, Risk Management
Adobe fixes actively exploited Acrobat Reader flaw CVE-2026-34621
Adobe addressed a critical Acrobat Reader vulnerability, tracked as CVE-2026-34621, which is actively exploited to run malicious code. Adobe released emergency updates to address a critical vulnerability, tracked as CVE-2026-34621 (CVSS score of 8.6), in Adobe Acrobat Reader, which is being actively exploited. The flaw could allow attackers to execute malicious code on affected systems,…
Global Security News
Blackpepper Delivers Instant E-Commerce Experiences Across New Zealand And Australia With Fastly
COMPANY NEWS:
AI, Global Security News, Risk Management
Australian Organisations Risk Overloading Frontline Operations as AI Meets Fragile Mobility Foundations, SOTI Research Warns
GUEST RESEARCH: As Australian organisations accelerate the adoption of AI-enabled and mobile-driven workflows, research from SOTI, suggests many frontline environments may not yet be resilient enough to support the next wave of automation without added operational risk. This comes as Australia’s labour productivity growth remains under sustained pressure, increasing reliance on technology to deliver efficiency gains…
AI, Global Security News, Risk Management
Responsible ESG AI enablement could become Australia’s next great export if we start now
GUEST OPINION: Logicalis Australia is calling for a shift in how Australia approaches artificial intelligence (AI), warning that the country risks missing a major global opportunity if it continues to focus primarily on policy and access to compute rather than infrastructure.
Apps, Global Security News
Check Point Software Technologies Expands Australian Presence with Western Australia Check Point Workspace Security SASE Data Residency Instance
COMPANY NEWS: New Point of Presence Enhances Web application and API protection with low latency and delivers Industry-Leading Threat Prevention and Cloud-Ready Security Architecture
AI, Apps, Global Security News
Hitachi Vantara Named a Leader in 2026 GigaOm Radar for Object Storage for Strength in Storage Optimisation and Enterprise Scalability
COMPANY NEWS: Recognition highlights Virtual Storage Platform One Object’s role in helping organisations manage, protect and activate unstructured data for AI, analytics and modern applications
Global Security News, Government & Policy
Infoblox Threat Intel research links global mobile banking fraud wave to Cambodian scam compounds
GUEST RESEARCH: Android Trojan tied to forced-labour scam centres impersonates banks and governments in at least 21 countries, bypassing biometrics and SMS security.
Global Security News
Customer Science Appoints James Johnstone as Chief Operating Officer
COMPANY ANNOUNCEMENT: Inaugural Chief Operating Officer Appointment Will Support Company’s Goals for International Expansion into the UK and US Markets
Global Security News
Neara Enhances Platform Observability with ClickHouse to Support Critical Utility Operations
COMPANY NEWS: ClickHouse, a leader in real-time analytics and observability announced that Neara, the pioneer of physics-enabled digital twin modelling for critical infrastructure, has adopted ClickHouse’s managed observability offering, ClickStack, to help power its internal engineering observability stack.
AI, Global Security News
OneQode, Hitachi Vantara & Cylix Form Strategic Alliance to Launch Sovereign AI Factory Initiative
Multimillion-dollar alliance to deploy sovereign-ready AI infrastructure across key global markets, with Australia, Japan, Malaysia and Singapore among the first
AI, Global Security News
Dynatrace to Acquire Bindplane to Establish Telemetry Pipelines for AI and Cloud‑Native Observability
COMPANY ANNOUNCEMENT: Combined platform will deliver an open-standards-based telemetry pipeline for logs, metrics, and traces, providing control from the edge through analytics
Global Security News
Inventors Who Didn’t Invent What They Are Famous for Inventing
Any schoolchild knows who came up with the telephone or the sewing machine. But conventional wisdom often has it all wrong.
Global Security News
Where Does Our Free Time Go in Retirement? Too Often, It’s Social Media
We’re trying to fight our smartphone addiction. But with so much time on our hands, and no job calling us, it isn’t easy.
Global Security News, Government & Policy
Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records
A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies.
Global Security News
PMT Communication Systems recognised as Elite Partner by Nextivity
COMPANY NEWS: PMT Communication Systems has been recognised as an Elite Partner by Nextivity, following a recent visit to Australia by the company’s global leadership team, reinforcing PMT’s position as one of the country’s leading installers of advanced cellular coverage solutions.
AI, Global Security News
What Your AI Knows About You
Plus, WSJ readers sound off on their EVs, what happened when a man fell in love with Gemini and AI companies that “come in peace.”
Compliance, Exploits, Global Security News
Qualys TRU Research Finds Manual Remediation Can’t Keep Up As Exploitation Hits ‘Negative One Day’
GUEST RESEACH: Qualys, Inc. (NASDAQ: QLYS), a leading provider of cloud-based IT, security and compliance solutions, today released a new research report, The Broken Physics of Remediation, revealing how exploitation timelines are outpacing human-scale remediation, and why traditional patch metrics can no longer describe true business exposure.
AI, Global Security News
ServiceNow moves beyond the sidecar AI era, giving customers a complete AI-native experience across all products and packages
New Context Engine provides the enterprise context to ground every decision made by AI agents.
Exploits, Global Security News
Critical Marimo pre-auth RCE flaw now under active exploitation
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged for credential theft. […]
AI, Global Security News
Agentic AI Goes Mainstream in the Enterprise, but 94% Raise Concern About Sprawl, OutSystems Research Finds
GUEST RESEARCH: New State of AI Development 2026 report shows how enterprises are exploring agentic AI, while navigating governance and security concerns
AI, Global Security News
Kaseya Expands AI Innovation with Silicon Valley R&D Hub to Accelerate Customer Outcomes
New investment strengthens Kaseya’s leadership in AI-driven IT operations and agentic automation
Compliance, Global Security News, Network Security
Major Real Estate and Legal Firms Partner with My Databoss Ahead of Landmark AML Reforms
As Australia edges closer to the Tranche 2 anti-money laundering and counter-terrorism financing (AML/CTF) reforms, compliance platform My Databoss has secured partnerships with several prominent industry leaders. Major real estate networks Barry Plant and Di Jones, legal firm Owen Hodge Lawyers, and commercial property specialist X-Commercial have all selected Australian-made My Databoss to prepare for…
AI, Global Security News
Argon & Co Advances AI-Enabled Business Transformation Model, Promotes Four New Partners
Argon & Co, the global management consultancy specialising in operations strategy and transformation, is evolving its delivery model to embed data, digital capability and AI into end-to-end transformation, as organisations face increasing pressure to drive productivity, resilience and operational performance.
Global Security News
Autodesk brings design and make intelligence to the built environment with Forma Building Design and deeper cloud connections with Revit
Autodesk introduces Forma Building Design, a new design and analysis built specifically for the schematic design phase. This is an important first step in enabling better schematic design exploration, with many exciting and powerful additions planned for Forma Building Design in the future.
AI, Compliance, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Hackers claim control over Venice San Marco anti-flood pumps
Hackers breached Venice ’s San Marco flood system, claiming control of pumps and the ability to disable defenses and flood coastal areas. The technologies that govern the physical world are the quiet infrastructure of modern life. From energy grids to water systems, from factories to flood defenses, operational technology (OT) has long had one essential…
Global Security News
Nutanix Accelerates Service Provider Growth with New Cloud Capabilities and Migration Programs
New and upcoming multitenancy offerings and service validation programs are designed to help service providers scale efficiently while modernising customer environments
AI, Global Security News
Stacked Marketing Tools Stalling Aussie Brands’ AI ambitions: Twilio Poll
GUEST RESEARCH: Australian marketing and CX leaders have said that having too many disparate technology tools is making it harder to realise productivity gains from Agentic AI. This is according to a poll conducted by Twilio (NYSE: TWLO), the customer engagement platform that drives real-time, personalised experiences for today’s leading brands.
AI, APAC, Global Security News
Australia’s architecture, engineering, and construction industry leads world on digital transformation yet faces new data control and AI governance challenges
GUEST RESEARCH: Australia’s architecture, engineering, and construction (AEC) sector is emerging as one of the most digitally advanced markets globally. New research from Revizto, the leading global integrated collaboration platform for AEC, reveals Australia is now confronting a new generation of challenges around data governance, artificial intelligence (AI), regulation, and the capacity to implement new technologies at scale.
AI, Cybersecurity, Global Security News, Government & Policy, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 92
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2 Malicious LNK Files Distributing a Python-Based Backdoor and Changes in Distribution Techniques (Kimsuky Group) Hackers Are Attempting to Turn ComfyUI Servers Into a…
AI, Global Security News
FBI Atlanta and Indonesian National Police Take Down W3LLSTORE Phishing Marketplace
FBI Atlanta and Indonesian National Police dismantle W3LLSTORE phishing market linked to $20M fraud, seizing domains and detaining developer.
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management, Russia
Security Affairs newsletter Round 572 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S. GlassWorm evolves with…
Exploits, Global Security News
Week in review: Windows zero-day exploit leaked, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cloudflare moves up its post-quantum deadline as researchers narrow the path to Q-Day Cloudflare announced it is targeting 2029 to complete post-quantum security across its entire product suite, including post-quantum authentication. The company is following a revised roadmap that Google…
Global Security News
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Unknown threat actors compromised CPUID (“cpuid[.]com”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with
Exploits, Global Security News
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an attacker to run malicious code on affected installations. It has been described…
Global Security News
Over 4,732 Messages, He Fell In Love With an AI Chatbot. Now He’s Dead.
AI, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S.
Censys researchers found 5,219 exposed Rockwell PLCs online, mostly in the U.S., urging defenders to secure or disconnect them. On April 7, 2026, U.S. agencies, including FBI, CISA, and NSA, warned of Iran-linked APTs exploiting internet-exposed Rockwell Automation PLCs. Threat actors are carrying out cyberattacks targeting internet-connected operational technology (OT) across multiple critical infrastructure sectors.…
AI, Global Security News, malware, Russia
GlassWorm evolves with Zig dropper to infect multiple developer tools
The GlassWorm campaign uses a Zig-based dropper hidden in a fake IDE extension to infect developer tools and compromise systems. The GlassWorm campaign, active since 2025, has evolved from malicious npm packages to large-scale supply chain attacks across GitHub, npm, and VS Code, even deploying RATs via fake browser extensions. In its latest iteration, threat…
Global Security News
FBI Recovers Deleted Signal Messages Through iPhone Notifications
Signal messages may persist in iPhone notification data, enabling FBI access even after deletion, a court case reveals.
AI, Global Security News
How to Switch AI Chatbots—and Why You Might Want To
Your chatbot has a file on you. Here’s how to access, edit and migrate your AI’s memories.
Global Security News
Over 20,000 crypto fraud victims identified in international crackdown
An international law enforcement action led by the U.K.’s National Crime Agency (NCA) has identified over 20,000 victims of cryptocurrency fraud across Canada, the United Kingdom, and the United States. […]
Global Security News
Google Chrome Update Disrupts Infostealer Cookie Theft
Google adds Device Bound Session Credentials (DBSC) to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows.
AI, Endpoint, Exploits, Global Security News, malware
CVE-2026-39987: Marimo RCE exploited in hours after disclosure
A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure. A critical flaw in Marimo, tracked as CVE-2026-39987 (CVSS score of 9.3) was exploited just 10 hours after disclosure (On April 8, 2026). Sysdig Threat Research Team observed exploitation of the Marimo flaw within 9…
Cybersecurity, Global Security News
Key Difference Between an App Developer vs Web Developer
In this post, I will talk about the key difference between an app developer vs web developer. App development is the process where app developers are hired to carry forward the idea and proceed with the development of the mobile apps. Whereas, LA app developers are known for implementing complex APIs and building versatile mobile…
Global Security News
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies and is now sold by its successor Penlink after the two firms merged in July 2023
AI, Global Security News
ChatGPT rolls out new $100 Pro subscription to challenge Claude
OpenAI has rolled out a new Pro subscription that costs $100 and is in line with Claude’s pricing, which also has a $100 subscription, in addition to the $200 Max monthly plan. […]
AI, Data Breaches, Global Security News
ShinyHunters Claims Rockstar Games Snowflake Breach via Anodot
ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met.
AI, Global Security News
White House Races to Head Off Threats From Powerful AI Tools
Group led by National Cyber Director Sean Cairncross aims to identify security vulnerabilities before models from Anthropic, OpenAI are released.
AI, Compliance, Europe, Global Security News, privacy, Risk Management
Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises
Google has made a big step forward by extending end-to-end encryption to Android and iOS devices for Gmail client-side encryption (CSE) users, says an expert. “All in all, this is a welcome update, especially in light of recent concerns surrounding WhatsApp’s encryption methods,” said Gartner analyst Avivah Litan. “Google’s approach offers verifiable customer-managed keys and…
AI, Compliance, Europe, Global Security News, privacy, Risk Management
Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises
Google has made a big step forward by extending end-to-end encryption to Android and iOS devices for Gmail client-side encryption (CSE) users, says an expert. “All in all, this is a welcome update, especially in light of recent concerns surrounding WhatsApp’s encryption methods,” said Gartner analyst Avivah Litan. “Google’s approach offers verifiable customer-managed keys and…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Anthropic’s Project Glasswing Signals Potential AI-Driven Shift in Cybersecurity
Anthropic’s Project Glasswing highlights how advanced AI models may rival top human experts in finding and exploiting software vulnerabilities. Early claims from the company suggest these models, like Claude Mythos Preview, can operate at large scale and find vulnerabilities faster. However, security leaders share mixed views on the claims. “Mythos appears to materially change the…
Global Security News
Android Banking Trojan Linked to Cambodia Scam Compounds Hits 21 Countries
Android banking trojan linked to Cambodia scam compounds uses forced labour to target users in 21 countries, bypassing security to steal funds.
Data Breaches, Global Security News
Hims Breach Exposes the Most Sensitive Kinds of PHI
Threat actors breached the telehealth brand, and now they may know who’s bald, overweight, and impotent. What could they do with that information?
AI, Apps, china, Cybersecurity, Global Security News, Government & Policy, Network Security, Russia
Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
The Department of Commerce is putting together a catalog of AI tools that will be given special export status by the federal government to be sold abroad. The department issued a call for proposals to participating companies in the Federal Register, looking to create a “menu of priority AI export packages that the U.S. Government…