Attackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, an open-source emulator, to hide malicious activity inside virtual machines. By running malware in a VM, attackers avoid endpoint security controls and leave minimal traces on…
Exploits, Global Security News
Critical flaw in Protobuf library enables JavaScript code execution
Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google’s Protocol Buffers. […]
Exploits, Global Security News
ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers
Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.
Exploits, Global Security News
ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers
Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.
Global Security News
Microsoft Teams right-click paste broken by Edge update bug
Microsoft is warning that a recent Microsoft Edge browser update introduced a bug that breaks right-click paste in chats in the Microsoft Teams desktop client. […]
AI, Global Security News
NAKIVO v11.2: Ransomware Defense, Faster Replication, vSphere 9, and Proxmox VE 9.0 Support
NAKIVO Inc. announced the general availability of NAKIVO Backup & Replication v11.2, focused on fast, reliable, and proactive data protection. […]
AI, Global Security News
Justice Department Rebuffs French on X Probe, Musk Interview
The U.S. Justice Department told French authorities it wouldn’t facilitate their efforts to investigate Elon Musk’s X, after a raid on the social-media platform’s Paris office earlier this year.
AI, Global Security News
Operation PowerOFF: 75K Users of DDoS-for-Hire Services Identified and Warned
Operation PowerOFF identifies and warns 75K users of DDoS-for-hire services, nets 4 arrests, and seizes 53 domains in a Europol-led crackdown.
AI, Exploits, Global Security News, malware
Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks
A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that threat actors are exploiting vulnerabilities in TBK DVRs and end-of-life TP-Link routers to spread a Mirai variant called Nexcorium. “IoT devices are increasingly prime targets for…
AI, Global Security News
Fear and Loathing Among the Haves and Have Mores in San Francisco
The gold-rush city’s vibe has turned angry as the AI boom creates a new K-shaped economy.
AI, Funding, Global Security News, Government & Policy, Politics
Crypto Critic Maxine Waters’s New Primary Foe Got Over Two-Thirds of Money From Crypto
Rep. Maxine Waters, D-Calif., is the scourge of cryptocurrencies on Capitol Hill, burnishing her bona fides by supporting tighter oversight from her perch as ranking member of the House Financial Services Committee. If Democrats win the midterm elections, Waters is poised to become the chair of the influential committee. Crypto donors are trying to make…
AI, Exploits, Global Security News
Microsoft Defender under attack as three zero-days, two of them still unpatched, enable elevated access
Attackers exploit three Microsoft Defender zero-days, code-named BlueHammer, RedSun, and UnDefend, to gain elevated access. Attackers are exploiting three recently disclosed zero-day flaws in Microsoft Defender to gain higher privileges on compromised systems. The vulnerabilities, called BlueHammer, RedSun, and UnDefend, were revealed by a researcher known as Chaotic Eclipse after criticizing Microsoft’s handling of the…
AI, Exploits, Global Security News, Network Security
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability…
AI, Apps, Exploits, Global Security News, Risk Management
Critical sandbox bypass fixed in popular Thymeleaf Java template engine
Maintainers of Thymeleaf, a widely used template engine for Java web applications, fixed a rare critical vulnerability that allows unauthenticated attackers to execute malicious code on servers. The vulnerability, tracked as CVE-2026-40478, is rated 9.1 on the CVSS severity scale and is described as a Server-Side Template Injection (SSTI) issue. Thymeleaf has a sandbox-like protection…
AI, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management
World ID expands its ‘proof of human’ vision for the AI era
Identity management is a critical concern for any enterprise, and it’s becoming ever more complex and convoluted with the advent of AI agents. World ID is taking a unique (and to some, controversial) approach to this challenge by building a ‘digital proof of human’ ecosystem for the internet. Today, at its “Lift Off” event, the…
AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management
Flawed Cisco update threatens to stop APs from getting further patches
Cisco admins are scrambling to patch a critical flash memory overflow vulnerability in over 200 Cisco Systems IOS XE-based models of wireless access points (APs), caused by a recent flawed software update. If the issue is not corrected quickly, the AP’s memory will become so flooded that new software updates will be blocked and the…
AI, Global Security News, Risk Management, Russia
Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence
Grinex halted operations after a $13.7M hack, blaming Western intelligence. Stolen funds came from wallets of Russian users on the platform. Kyrgyz crypto exchange Grinex halted operations after a threat actor stole $13.7 million in a cyber attack that the company attributes to Western intelligence agencies. The stolen funds belonged to Russian users, as the…
Global Security News
How NIST’s Cutback of CVE Handling Impacts Cyber Teams
Industry and ad hoc coalitions appear poised to help fill the gap created by NIST’s decision to cut back on CVE data enrichment.
Global Security News
Founder Liquidity Without Compromising on Growth
Founders can access liquidity without exiting by selling shares via secondary deals, reducing financial pressure while staying focused on long-term growth.
Endpoint, Global Security News
Payouts King ransomware uses QEMU VMs to bypass endpoint security
The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on compromised systems and bypass endpoint security. […]
AI, Apps, Compliance, Endpoint, Exploits, Global Security News, Network Security, privacy, Risk Management
Microsoft’s Patch Tuesday release for April is a whopper
Windows admins are going to be busy this month, dealing with the largest Patch Tuesday cycle we can recall. The April release involves 165 updates and roughly 340 unique CVEs from Microsoft — including two zero-days, one of which is already being actively exploited in the wild. The Readiness team is recommending “Patch Now” schedules…
AI, Global Security News, malware
New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 Apps
New research from Zimperium reveals four active Android malware campaigns, RecruitRat, SaferRat, Astrinox, and Massiv, targeting over 800 banking apps globally.
AI, Global Security News, Network Security
IPv6 may briefly have accounted for more than half of internet traffic
Has IPv6 finally reached its day of glory? It’s fair to say that IPv6 has not had the level of take-up expected when the Internet Engineering Task Force (IETF) ratified it back in 1998. Take-up has been agonizingly slow, not reaching 5 percent of traffic until 2014. However, the use of IPv6 has been slowly…
Global Security News, Risk Management
The Race to Quantum-Proof the Internet Has Already Begun
The race to quantum-proof the internet is underway as experts warn of “harvest now, decrypt later” risks and slow migration to post-quantum security.
AI, Cybersecurity, Global Security News, Government & Policy, Politics, privacy, Risk Management
The surveillance law Congress can’t quit — and can’t explain
Congress is grappling with renewal of a surveillance law set to expire at the end of this month that critics say is a mystery on how much of a difference it has made for controversial government spying authorities — for better or worse. The 2024 law reauthorized so-called Section 702 powers of the Foreign Intelligence…
AI, Global Security News
Robot Zuckerberg shows how IT can free up CEOs’ time
Mark Zuckerberg, the CEO of Meta, is building an AI version of himself. The virtual CEO is being trained on Zuckerberg’s mannerisms and will be loaded with his views on corporate strategy, the Financial Times reported. The idea is that employees will find the virtual Zuckerberg more accessible than they would the flesh and blood…
AI, Europe, Funding, Global Security News, Government & Policy
UK wants to build sovereign AI — with just 0.08% of OpenAI’s market cap
The UK government has created a Sovereign AI investment fund with up to £500 million (US$675 million) to spend on turning UK startups into national AI champions. Its support could involve investments of up to £20 million per startup, or provision of up to 1 million GPU-hours of AI compute, and fast-tracking of visas to…
AI, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security
Transform security logs into OCSF format using a configuration-driven ETL solution
Security logs capture essential security-related activities, such as user sign-ins, file access, network traffic, and application usage. These logs are important for monitoring, detecting, and responding to potential security events. The Open Cybersecurity Schema Framework (OCSF) addresses this challenge by providing a standardized format to represent security events, ensuring consistent and efficient data handling across…
AI, Global Security News
A Factory That Runs on Recycled EV Batteries
Plus, Dairy Queen’s chatbot, the NYSE embraces crypto and the Bezos vs. Musk space race.
AI, Compliance, Endpoint, Global Security News
How to think about Apple Business
Apple Business is aimed at small businesses coalesced around Macs, iPhones, and iPads. If that’s you, and all your systems are made by Apple, the service is likely to be all you need to run a small operation of up to a few dozen seats. But Apple Business isn’t really designed to handle the advanced needs of larger…
Global Security News
Grinex exchange blames “Western intelligence” for $13.7M crypto hack
Kyrgyzstan-based cryptocurrency exchange Grinex has suspended its operations after suffering a $13.7 million hack attributed to Western intelligence agencies. […]
AI, Global Security News
Every Old Vulnerability Is Now an AI Vulnerability
AI’s danger isn’t that it’s creating new bugs, it’s that it’s amplifying old ones.
AI, Data Breaches, Exploits, Global Security News
DraftKings hacker sentenced to prison, ordered to pay $1.4 Million
A DraftKings hacker got 30 months in prison for selling stolen credentials and must pay over $1.4 million in fines and restitution. Kamerin Stokes, 23, from Memphis (aka TheMFNPlug), received a 30-month prison sentence for his role in a 2022 credential stuffing attack against DraftKings. He continued selling stolen login data online even after pleading…
Global Security News
Inside an Underground Guide: How Threat Actors Vet Stolen Credit Card Shops
In cybercrime markets, trust isn’t assumed, it’s verified. Flare reveals how underground guides teach actors to evaluate carding shops based on data quality, reputation, and survivability. […]
AI, APAC, Apps, china, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Risk Management
Critical Exploits, AI Shifts, and Major Breaches Redefine Cybersecurity This Week
Major Threats & Vulnerabilities Zero-Day and Active Exploits A critical flaw in Nginx UI is being actively exploited in the wild, allowing unauthenticated users to perform privileged actions through an unprotected endpoint. Administrators are urged to patch immediately and restrict public access to management interfaces. The EngageLab SDK vulnerability affecting over 50 million Android users…
AI, Cybersecurity, Global Security News, malware
New Mirai Variant Nexcorium Hijacks DVR Devices for DDoS Attacks
Cybersecurity researchers at Fortinet have discovered Nexcorium, a new Mirai-based malware targeting TBK DVR systems to turn them into bots for DDoS attacks.
AI, Global Security News, Network Security, Risk Management
Operation PowerOFF: 53 DDoS domains seized and 3 Million criminal accounts uncovered
Operation PowerOFF shut down 53 DDoS-for-hire domains, arrested four suspects, and exposed data on over 3 million criminal user accounts. Operation PowerOFF is an international law enforcement action that dismantled 53 domains linked to DDoS-for-hire services used by over 75,000 cybercriminals. Authorities arrested four suspects, seized infrastructure, and gained access to databases containing more than…
AI, Exploits, Global Security News
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse (
AI, Cybersecurity, Exploits, Global Security News, Risk Management
Commercial AI Models Show Rapid Gains in Vulnerability Research
AI models are making rapid gains in vulnerability research and exploit development, raising new cybersecurity risks, a Forescout study finds
AI, Global Security News
Three Reasons AI Is Now More Reliable Than Ever
By their nature, AI models hallucinate and generate inconsistent answers—so why are they suddenly useful enough to get real work done?
Global Security News
Coast Guard’s New Cybersecurity Rules Offers Lessons for CISOs
The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, and a hybrid OT-security role.
AI, Global Security News
Anthropic CEO Lands White House Meeting as Feud Thaws
The Friday meeting comes ahead of the release of Mythos, Anthropic’s latest AI model.
AI, Cybersecurity, Europe, Exploits, Global Security News, Government & Policy, Risk Management
White House moves to give federal agencies access to Anthropic’s Claude Mythos
The US government is preparing to authorize a version of Anthropic’s Claude Mythos model for use by major US federal agencies, amid concerns that the AI model could rapidly spot cybersecurity vulnerabilities and offer the ability to exploit them. Federal Chief Information Officer Gregory Barbaccia at the White House Office of Management and Budget (OMB)…
AI, Global Security News, Risk Management
Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery
Cyberattacks are evolving faster than many MSP and corporate defenses can keep up, with phishing driving much of today’s cybercrime. Join our upcoming webinar to learn how to combine security and recovery strategies to reduce risk and maintain business continuity. […]
AI, Exploits, Global Security News
Another Microsoft Defender privilege escalation bug emerges days after patch
Days after Microsoft patched a high-severity issue affecting its Windows Defender antivirus tool through April’s Patch Tuesday, researchers warn of another vulnerability that could enable SYSTEM privileges through local escalation. In a newly disclosed proof-of-concept (PoC) exploit, dubbed “RedSun,” GitHub user going by the name “Nightmare Eclipse” demonstrated how Microsoft Defender’s handling of certain cloud-tagged…
Global Security News
Singer loses life savings to fake wallet downloaded from the Apple App Store
If you hold cryptocurrency, there’s a very simple golden rule that you should always follow. Never hand over your seed phrase. Garrett Dutton, better known as G. Love – the front man of blues-hip-hop outfit G. Love & Special Sauce – has learnt that lesson the hard way. Read more in my article on the…
Global Security News
DDoS-For-Hire Services Disrupted by International Police Action in ‘Operation PowerOff’
Coordinated action by FBI, Europol and others seizes infrastructure, makes arrests – and sends warning letters to known DDoS service users
Global Security News, malware
New ZionSiphon Malware Discovered Targeting Israeli Water Systems
Researchers at Darktrace have identified ZionSiphon, a new malware targeting Israeli water treatment plants. Learn how this OT-focused…
AI, Global Security News, privacy
Google wipes out 602 million scam ads with Gemini on duty
Google claims that its security teams work around the clock using its Gemini AI models to detect and stop harmful ads. “Bad actors are using generative AI to create deceptive ads at scale, and Gemini helps us detect and block them in real time” Keerat Sharma, VP and GM, Ads Privacy and Safety, Google, said.…
AI, Cybersecurity, Global Security News, Risk Management
How Addressing Cloud Misconfigurations Disrupts the Cyber Kill Chain
In this post, I will show you how addressing cloud misconfigurations disrupts the cyber kill chain. Cloud environments offer speed and flexibility, but they introduce new risks. One common issue is misconfiguration. Small mistakes, such as overly broad access permissions or publicly exposed resources, can open the door to attackers. These gaps sometimes go unnoticed…
AI, Global Security News, privacy
Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9 million accounts in 2025. The new policy updates relate to contact and location permissions in Android, allowing third-party apps…
Exploits, Global Security News
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two more. The first, dubbed “RedSun,” is another privilege escalation flaw in the same platform. The second, “UnDefend,” allows a standard user to block Microsoft Defender from receiving signature updates or…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Europe, Exploits, Global Security News, Network Security, Risk Management
Palo Alto’s Helmut Reisinger sees a cyber sea change ahead as AI advances
In two decades, Palo Alto Networks has evolved from a next-generation niche player to one of the largest global cybersecurity giants today. Under its mantra of “platformization,” the company has catapulted its revenues over its closest competitors and boosted its stock valuation to over $130 billion. No stranger to AI use in cybersecurity, Palo Alto recently announced…
AI, Global Security News
GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics
GitLab has released GitLab 18.11, expanding agentic AI across the entire software lifecycle with security remediation, pipeline configuration, and delivery analytics. AI-generated code moves faster than the systems around it can keep up with, creating the AI paradox: faster code generation without faster delivery, security, or operations to match. As code volume grows, so does…
APAC, Exploits, Global Security News
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this month after going undetected for 13 years. […]
AI, Global Security News
The Mystery of Why You Can’t Buy a Mac Mini Right Now
The scarcity of Apple’s littlest Mac comes at a time of high interest from AI power users and a potential product refresh.
Global Security News, malware
New CGrabber and Direct-Sys Malware Spread Through GitHub ZIP Files
Hackers spread CGrabber and Direct-Sys malware through GitHub ZIP files, bypassing security tools to steal passwords, crypto wallets, and user data.
AI, Global Security News, Network Security
Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery
Liongard has announced the expansion of LiongardIQ with new capabilities spanning programmatic AI integration, conversational querying, enhanced network discovery, and deeper identity mapping, extending its system of authority for asset intelligence across the full IT stack. Without a trusted foundation of asset intelligence, automation runs on assumptions, AI agents query stale data, and security gaps…
AI, Global Security News, malware, Network Security
Inside ZionSiphon: politically driven malware aims at Israeli water systems
New ZionSiphon malware targets water systems, and allows attackers to alter pressure and chlorine levels. A flaw makes it ineffective for now. Darktrace analyzed ZionSiphon, a new malware designed to target water treatment and desalination systems, which aims to disrupt operations by altering hydraulic pressure and increasing chlorine levels to unsafe levels. The malware combines…
AI, Apps, Global Security News
Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control
For organizations that want to keep company data within their own systems and have more control over how AI is deployed, Mozilla is offering an alternative to externally hosted AI services with Thunderbolt, an open-source AI client designed for self-hosted use. Thunderbolt is available through a waitlist, with native applications for web, macOS, Windows, Linux,…
Data Breaches, Global Security News, Risk Management
That data breach alert might be a trap
Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse. Stop reacting on autopilot.
AI, Global Security News
Codex can now operate between apps. Where are the boundaries?
OpenAI is rolling out a major update to the Codex desktop app for users signed in with ChatGPT. Personalization features, including context-aware suggestions and memory, will roll out to Enterprise, Edu, and users in the EU and UK soon. Computer use is initially available on macOS and will expand to EU and UK users in…
AI, Global Security News
Microsoft: Some Windows servers enter reboot loops after April patches
Microsoft warns that some Windows domain controllers are entering restart loops after installing the April 2026 security updates. […]
AI, APAC, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Apache ActiveMQ, tracked as CVE-2026-34197 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-34197 is a critical flaw in Apache ActiveMQ caused by…
AI, Cybersecurity, Global Security News
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions. “CVEs that do not meet those criteria will still be…
Global Security News
Man gets 30 months for selling thousands of hacked DraftKings accounts
23-year-old Kamerin Stokes of Memphis, Tennessee, was sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts. […]
AI, Apps, Global Security News
AI is finally delivering productivity — for remote employees
The productivity gains from AI are so great, companies can lay off thousands of employees and still get the same amount of work done — right? Or maybe it’s the opposite: despite all the hype, any supposed AI productivity boom is a mirage, causing employees, even developers, to experience heavier workloads. At the moment, the…
AI, Exploits, Global Security News
Recently leaked Windows zero-days now exploited in attacks
Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions. […]
AI, Global Security News
Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits
Google shipped Android 17 Beta 4 on April 16, marking the last scheduled beta in the Android 17 release cycle. The build targets app compatibility testing and platform stability ahead of the final release, and it carries several behavior changes that developers need to account for before the stable version ships. Supported Pixel devices can…
AI, Global Security News
Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000 cybercriminals. The ongoing effort, dubbed Operation PowerOFF, disrupted access to the DDoS-for-hire services, took down the technical infrastructure supporting them, and obtained access to
AI, Global Security News, Network Security
Apple AirTag tracking can be misled by replayed Bluetooth signals
Apple’s AirTag is designed to help users track lost items by relying on a vast network of nearby Apple devices. New research shows that this same system can be manipulated to display locations where an AirTag has never been. Relaying an AirTag’s BLE advertisments over the Internet injects false location reports into the Find My…
AI, Cybersecurity, Global Security News, Government & Policy, privacy, Risk Management
Social media bans might steer kids into riskier corners of the internet
Governments are moving to block children under 16 from social media in the name of safety. But once these measures move from policy to practice, they raise a harder question: what happens when protecting kids requires collecting more data than ever before and may put them at greater risk? Age checks spark debate over privacy…
AI, Global Security News
Workplace stress in 2026 is still worse than before the pandemic
Roughly 40% of employees worldwide said they experienced a lot of stress during the previous day, according to Gallup’s State of the Global Workplace 2026 report, a figure that has remained above pre-pandemic levels for several years. Daily anger stood at 22% globally, sadness at 23%, and loneliness at 22%. Together, these numbers point to…
AI, Global Security News
New infosec products of the week: April 17, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Axonius, Broadcom, Siemens, and Sitehop. Axonius updates Asset Cloud with AI, exposure management, and asset trust standard Axonius has expanded its Asset Cloud with AI-powered remediation in Axonius Exposures, added support for IoT and OT environments via Axonius Cyber-Physical Assets,…
APAC, Cybersecurity, Exploits, Global Security News
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To that end, the agency has added the vulnerability, tracked as CVE-2026-34197 (CVSS score: 8.8), to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian
AI, Cybersecurity, Global Security News, Risk Management
Anthropic’s latest model is deliberately less powerful than Mythos (and that’s the point)
Anthropic has today released a new, improved Claude model, Opus 4.7, but has deliberately built it to be less capable than the highly-anticipated Claude Mythos. Anthropic calls Opus 4.7 a “notable improvement” over Opus 4.6, offering advanced software engineering capabilities and improved visioning, memory, instruction-following, and financial analysis. However, the yet-to-be-released (and inadvertently leaked) Mythos…
Global Security News
ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AI, Europe, Funding, Global Security News, privacy, Risk Management
Google should share search data to break its monopoly, European Commission suggests
The European Commission this week requested, but did not order Google to allow third party search engines in Europe access to its search data as a means to comply with the Digital Markets Act (DMA), legislation the Commission describes as a law designed to “make the markets in the digital sector fairer and more contestable.” Google…
AI, Global Security News
Sam Altman’s Side Hustles Blur the Line Between OpenAI’s Interests and His Own
Ahead of a planned IPO, Altman’s personal investments remain opaque, making it hard to spot any conflicts.
AI, Global Security News, malware
Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)
Introduction This diary provides indicators from a Lumma Stealer infection that was followed by Sectop RAT (ArechClient2). I searched for cracked versions of popular copyright-protected software, and I downloaded the initial malware after following the results of one such search. This is a common distribution technique for various families of malware, and I often find…
Global Security News
Microsoft addresses 163 CVEs, 88 advisories for April Patch Tuesday
Following a long-established pattern, the fourth month of the year is one of the cruelest Categories: X-ops, Threat Research Tags: Patch Tuesday
AI, Apps, Data Breaches, Endpoint, Global Security News, malware, privacy, Risk Management
Here’s What Agentic AI Can Do With Have I Been Pwned’s APIs
I love cutting-edge tech, but I hate hyperbole, so I find AI to be a real paradox. Somewhere in that whole mess of overnight influencers, disinformation and ludicrous claims is some real “gold” – AI stuff that’s genuinely useful and makes a meaningful difference. This blog post cuts straight to the good stuff, specifically how…
AI, Exploits, Global Security News, Network Security, Risk Management
US nationals sentenced for aiding North Korea’s tech worker scheme
Two New Jersey men were sentenced Wednesday for facilitating North Korea’s long-running scheme to plant operatives inside U.S. businesses as employees, generating more than $5 million in illicit revenue for the regime, the Justice Department said. The U.S. nationals — Kejia Wang, also known as Tony Wang, and Zhenxing Wang, also known as Danny Wang…
AI, Apps, Cybersecurity, Exploits, Global Security News, Risk Management
Cisco Systems issues three advisories for critical vulnerabilities in Webex, ISE
Admins who use Cisco Webex Services configured to use trust anchors within the SSO integration with Control Hub must install a new identity provider certificate to close a critical vulnerability, or risk losing access control. Cisco said in an advisory this week that admins must upload a new identity provider (IdP) SAML certificate to Webex…
AI, Apps, Cybersecurity, Exploits, Global Security News, Risk Management
Cisco Systems issues three advisories for critical vulnerabilities in Webex, ISE
Admins who use Cisco Webex Services configured to use trust anchors within the SSO integration with Control Hub must install a new identity provider certificate to close a critical vulnerability, or risk losing access control. Cisco said in an advisory this week that admins must upload a new identity provider (IdP) SAML certificate to Webex…
Global Security News
Operation PowerOFF identifies 75k DDoS users, takes down 53 domains
The latest wave of “Operation PowerOFF,” on April 13, 2026, targeted the distributed denial-of-service (DDoS) ecosystem and its users across 21 countries. […]
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
RCE by design: MCP architectural choice haunts AI agent ecosystem
AI agent building tools enable users to configure Model Context Protocol (MCP) servers may be exposing systems to remote code execution due to an architectural decision in Anthropic’s reference implementation. At issue are unsafe defaults in how MCP configuration works over the STDIO interface, with broad implications for the agent ecosystem, according to a new…
Global Security News
Chicken Jockey in Minecraft: Why This Tiny Mob Feels So Annoying
GUEST OPINION: So, here’s the thing — the chicken jockey minecraft mob looks like a joke at first. A baby zombie riding a chicken doesn’t sound like something you should worry about. But once you run into it in-game, the feeling changes pretty fast.
AI, Global Security News, Network Security
ImmuniWeb brings AI upgrades, post-quantum detection and more in Q1 2026
ImmuniWeb unveiled technical updates, new features and functionalities across all products available on the ImmuniWeb AI Platform. ImmuniWeb Discovery Launch of a dedicated Cyber Threat Intelligence (CTI) dashboard Advanced detection of exposed AI-related assets, services and software Enhanced detection of phishing websites thanks to finetuning of our AI models Better and faster detection of IoC…
Global Security News, malware
ZionSiphon malware designed to sabotage water treatment systems
A new malware called ZionSiphon, specifically designed for operational technology, is targeting water treatment and desalination environments to sabotage their operations. […]
AI, Cybersecurity, Exploits, Global Security News, Government & Policy
NIST cuts down CVE analysis amid vulnerability overload
Overwhelmed by an escalating volume of security flaws, the National Institute of Standards and Technology (NIST) has announced significant changes to how it handles cybersecurity vulnerabilities and exposures (CVEs). Rather than commit to providing enrichment for all entries in its National Vulnerability Database (NVD), the agency will focus on just the most critical CVEs, which…
Global Security News
NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities
The National Institute of Standards and Technology carved a new path for vulnerability remediation by changing the way it prioritizes software flaws.
Global Security News
7 Best DDoS Attack Simulation Service Providers & Testing Platforms for 2026
GUEST RESEARCH: In December 2025, a botnet unleashed a record-shattering 31.4 Tbps DDoS wave—proof that yesterday’s worst-case is today’s baseline.
Global Security News
Blackmagic Design Announces Blackmagic Camera for iOS 3.3 Update
New update adds camera control and monitoring with Apple Watch, support for ATEM camera control and support for Blackmagic Focus and Zoom Demands!
Cybersecurity, Exploits, Global Security News
New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges
A researcher known as “Chaotic Eclipse” has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed “RedSun,” in the past two weeks, protesting how the company works with cybersecurity researchers. […]
Global Security News
North Korea Uses ClickFix to Target macOS Users’ Data
Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials and sensitive data from Macs.
AI, Exploits, Global Security News, Risk Management
Cisco fixed four critical flaws in Identity Services and Webex
Cisco fixed four critical flaws in Identity Services and Webex that could allow code execution and user impersonation. Cisco has addressed four critical vulnerabilities affecting its Identity Services and Webex platforms. The flaws could allow attackers to execute arbitrary code and impersonate any user within the affected services. The issues pose serious security risks, prompting…
Global Security News
‘Harmless’ Global Adware Transforms Into an AV Killer
A benign looking update Dragon Boss pushed out in March 2025 established persistence via scheduled tasks and arranged for future payloads to be excluded from Windows Defender.
AI, Data Breaches, Global Security News, Network Security
Cookeville Regional Medical Center hospital data breach impacts 337,917 people
A ransomware attack on Cookeville Regional Medical Center hospital (Tennessee) exposed data of 337,000 people after hackers stole 500GB of sensitive information from its systems. A ransomware attack on Cookeville Regional Medical Center (CRMC) in Tennessee led to a major data breach affecting about 337,000 people. The attack, carried out by the Rhysida group, involved…
AI, Cybersecurity, Global Security News, Network Security
Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic
Cybersecurity researchers have warned of an active malicious campaign that’s targeting the workforce in the Czech Republic with a previously undocumented botnet dubbed PowMix since at least December 2025. “PowMix employs randomized command-and-control (C2) beaconing intervals, rather than persistent connection to the C2 server, to evade the network signature detections,” Cisco Talos