For years, quantum risk was easy for most institutions to treat as premature: real in theory, urgent someday, but not yet an operational problem. That is no longer tenable. Related: AI spawns semantic attacks Two developments this month brought the shift into focus. Google Quantum AI published research suggesting the computing resources needed to break…
AI, Global Security News
Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
A nascent Android remote access trojan called Mirax has been observed actively targeting Spanish-speaking countries, with campaigns reaching more than 220,000 accounts on Facebook, Instagram, Messenger, and Threads through advertisements on Meta. “Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real
Global Security News
Google to penalize sites that hijack the back button
Google is broadening its spam policies to crack down on “back button hijacking,” a deceptive practice where websites interfere with browser navigation, blocking users from returning to the page they came from. Instead, users are usually redirected to pages they have not visited or are shown unsolicited recommendations or ads. “Back button hijacking interferes with…
Global Security News
Ransomware-Linked ViperTunnel Malware Hits UK and US Businesses
ViperTunnel is a Python-based backdoor linked to DragonForce ransomware that targets businesses using Windows servers across the US and the UK.
AI, china, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Network Security, Risk Management, Russia
Secretary Mullin must help finish the job: Urge the Senate to confirm Plankey
On March 23, the Senate confirmed Senator Markwayne Mullin as the next homeland security secretary, marking an important step in strengthening leadership during a critical moment for our nation’s security. But only half of the job is done. The Cybersecurity and Infrastructure Security Agency (CISA), the federal government’s main civilian cyber defense agency, still lacks…
AI, Global Security News, Risk Management
Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)
OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly 400%. The surge in AI-assisted development is creating a “velocity gap” where the density of high-impact vulnerabilities is scaling faster than
AI, Global Security News
AI Security Institute Advocates Security Best Practices After Mythos Test
The AISI has issued its judgement on Anthropic’s Mythos Preview model
AI, Global Security News
AI adoption is outpacing the safeguards around it
AI is becoming part of professional and private life, reaching mainstream adoption faster than the personal computer or the internet. These systems are tested in reasoning, safety, and real-world tasks, but the reliability of those measurements remains uncertain. The 2026 AI Index from Stanford’s Institute for Human-Centered Artificial Intelligence outlines the broader environment around this…
AI, china, Cybersecurity, Exploits, Global Security News, Risk Management
Attackers target unpatched ShowDoc servers via CVE-2025-0520
A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affecting ShowDoc is under active exploitation in the wild. ShowDoc is an online tool that helps IT teams share documents and improve collaboration…
AI, china, Cybersecurity, Exploits, Global Security News, Risk Management
Attackers target unpatched ShowDoc servers via CVE-2025-0520
A critical RCE flaw, tracked as CVE-2025-0520, in ShowDoc is being actively exploited, putting unpatched servers at serious risk. A critical remote code execution flaw, tracked as CVE-2025-0520 (CVSS score of 9.4), affecting ShowDoc is under active exploitation in the wild. ShowDoc is an online tool that helps IT teams share documents and improve collaboration…
AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
How AI is transforming threat detection
Artificial intelligence is rapidly reshaping how security teams detect and hunt cyber threats by helping analyze vast volumes of security data, uncovering subtle signs of malicious activity, and identifying potential attacks faster than traditional tools or human analysts alone. Analyst firm Gartner expects that by 2028, 50% of threat detection, investigation, and response (TDIR) platforms…
AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management
The AI inflection point: What security leaders must do now
AI is no longer a speculative topic for security leaders. It has moved from experimentation to implementation, and increasingly, to measurable production impact. Over the past year, my conversations with CISOs have shifted. The question is no longer whether AI belongs in cybersecurity; it’s about deploying it responsibly, strategically and at scale. For security leaders,…
Global Security News
FIFA World Cup 2026: More than One-Third of Official Partners Expose the Public to the Risk of Email Fraud
AI, Cybersecurity, Global Security News
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with the goal of collecting user data and enabling browser-level abuse by injecting ads and arbitrary JavaScript code into every web page visited. According to Socket, the extensions are…
AI, Apps, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2026-34621 Adobe Acrobat…
AI, Endpoint, Exploits, Global Security News, malware, Network Security
Fake Claude AI installer abuses DLL sideloading to deploy PlugX
Fake Claude website impersonates Anthropic and delivers PlugX RAT via ZIP download using DLL sideloading. A fake website impersonating Anthropic’s Claude service was found distributing the PlugX remote access trojan, according to Malwarebytes. The rogue site abuses the chatbot’s popularity to trick users into downloading a ZIP archive presented as a “pro version” installer. The…
AI, china, Global Security News
Cyber-Inspekteur: Hybride Attacken nehmen weiter zu
Deutschland ist im Visier staatlicher Hacker. Mdisk – shutterstock.com Hybride Attacken auf kritische Infrastruktur in Deutschland und Bundeswehr-Truppen im Ausland nehmen weiter zu. Spätestens seit 2022 sei ein spürbarer Zuwachs zu verzeichnen, sagte der Bundeswehr-Inspekteur Cyber- und Informationsraum, Vizeadmiral Thomas Daum, bei einem Pressetermin bei der Nato-Cyberabwehrübung «Locked Shields» im niederrheinischen Kalkar. Cyber-Angriffe gegen die Bundeswehr…
AI, APAC, Apps, Global Security News, Risk Management
Nvidia’s Stephen Jones on the toolkit powering GPUs: ‘A wild ride’
Nvidia CEO Jensen Huang often shares the story of hand-delivering an AI supercomputer to OpenAI in 2016, back before it was the hotshot company it’s become in recent years. A key ingredient in the box was Nvidia’s CUDA toolkit, which helped turn OpenAI’s experiments into a foundation for modern AI applications. Huang credits the software…
AI, Global Security News
Weekly Update 499
I’m starting to become pretty fond of Bruce. Actually, I’ve had a bit of an epiphany: an AI assistant like Bruce isn’t just about auto-responding to tickets in an entirely autonomous manner; it’s also pretty awesome at responding with just a little bit of human assistance. Charlotte and I both replied to some tickets today…
AI, Global Security News
Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready
In this Help Net Security interview, Idan Habler, AI Security Researcher at Cisco, breaks down a threat most security teams haven’t named yet: agentic memory as an attack surface. Habler walks through MemoryTrap, a disclosed and remediated method to compromise Claude Code’s memory, showing how a single poisoned memory object can spread across sessions, users,…
china, Exploits, Global Security News
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585), which carries a CVSS score of 9.4 out of 10.0. It relates to a case of unrestricted file upload that stems from improper validation of
AI, Compliance, Cybersecurity, Data Breaches, Global Security News
RapidScale Set to Announce New Partner Program
RapidScale, a managed cloud services organization, has announced its new partner program to change how it engages with the channel. The Ascend Partner Program is a tiered initiative that accelerates RapidScale’s new solutions-led go-to-market approach and partners’ role as strategic advisors. The program is designed to empower partners to capture a greater share of customer…
Cybersecurity, Exploits, Global Security News
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2026-21643 (CVSS score: 9.1) – An SQL injection vulnerability in Fortinet FortiClient EMS that could allow an unauthenticated attacker to
AI, Global Security News, Network Security
UJET Launching New Channel-Led Global Sales Motion With Google Cloud
UJET, an innovator in AI-powered contact centers, has announced it will launch a new managed service offering and a strategic sales motion with Google Cloud. The Google Cloud CCaaS by UJET offering brings Google Cloud’s enterprise-grade agentic AI, CX, and contact center solutions to the small- to medium-sized business (SMB) and mid-market sectors through AVANT’s…
AI, Global Security News
Review: The Psychology of Information Security
Security controls fail when they are designed without regard for the people who must use them. That is the central argument of Leron Zinatullin’s second edition, and it is an argument he builds methodically across 17 chapters that draw from organizational psychology, change management, and usability research. About the author Leron Zinatullin is the CISO…
AI, Global Security News
29 million leaked secrets in 2025: Why AI agents credentials are out of control
AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of external services. Every integration point requires an identity. Most organizations are handling this badly, and the evidence is in the code. GitGuardian’s State of Secrets Sprawl Report found 28,649,024 new…
AI, Endpoint, Global Security News, Network Security
Zero trust at year two: What nobody planned for
In this Help Net Security video, Jim Alkove, CEO of Oleria, walks through where zero trust programs typically stand one to two years in. Most organizations have made gains in endpoint security and network segmentation, but identity remains the stubborn problem. Identity sprawl, legacy system exceptions, and workforce friction each contribute to stalls that few…
AI, Apps, Cybersecurity, Global Security News
Cybersecurity jobs available right now: April 14, 2026
Cyber Security Engineer/Application Security Specialist Tecnots | India | On-site – View job details As a Cyber Security Engineer/Application Security Specialist, you will integrate security into the SDLC, perform application security reviews, and support secure APIs, authentication, and data protection. You will embed security into CI/CD pipelines using SAST and DAST, enforce secure coding practices,…
APAC, Global Security News
GoPro Announces New MISSION 1 Line of Professional 8K and 4K Open Gate, Compact Cinema Cameras
The World’s Smallest, Lightest, Most Rugged Cinema Cameras Designed for Any Mission: MISSION 1 PRO— Featuring a Cutting-Edge 50MP 1″ Sensor; Incredible Low-Light Performance; 8K60, 4K240, and 1080p960 Ultra-High Frame Rates; 8K30 and 4K120 Open Gate Video Capture; and New GP3 Processor Delivering Category-Leading Image Quality, Battery Runtime, and Thermal Performance for Extreme Use Cases…
Global Security News
ISC Stormcast For Tuesday, April 14th, 2026 https://isc.sans.edu/podcastdetail/9890, (Tue, Apr 14th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AI, Global Security News
AI Is Finding Bugs That Hackers Can Exploit. Get Ready for Bugmageddon.
The White House and industry leaders are racing to fix vulnerabilities, which AI models such as Anthropic’s Mythos can discover with frightening speed.
AI, Apps, Cloud Security, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
Anthropic’s Mythos signals a structural cybersecurity shift
Over the past week, reaction to Anthropic’s Glasswing disclosure has split along familiar lines. At one end: alarm over an AI system capable of autonomously identifying and exploiting vulnerabilities. At the other: dismissive hot takes, arguing there is nothing new here. A more grounded view comes from a new briefing by the Cloud Security Alliance…
AI, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
This Booking.com Breach Could Expose Your Travel Plans
Booking.com has disclosed a security incident involving unauthorized access to customer reservation data, prompting the company to reset reservation PINs tied to affected bookings. The activity, described as “suspicious access” to a subset of reservation records, did not expose payment card data but surfaced a category of information that, from an operational security standpoint, is…
AI, Data Breaches, Global Security News
European Gym giant Basic-Fit data breach affects 1 million members
Dutch fitness giant Basic-Fit announced that hackers breached its systems and gained access to information belonging to a million of its customers. […]
AI, Global Security News
Sam Altman Attack Suspect Had ‘Anti-AI’ Document with CEO Names, Authorities Say
A Texas man is accused of throwing an incendiary device at Altman’s home and targeting OpenAI’s San Francisco headquarters.
AI, Apps, Cloud Security, Compliance, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security
Here’s how cyber heavyweights in the US and UK are dealing with Claude Mythos
A joint report from the Cloud Security Alliance (CSA), the SANS Institute and the Open Worldwide Application Security Project (OWASP) concludes that in the near term, organizations are “likely to be overwhelmed” by threat actors using AI to find and exploit vulnerabilities faster than defenders can patch them. While those organizations can use AI tools…
AI, Cloud Security, Global Security News
CSA: CISOs Should Prepare for Post-Mythos Exploit Storm
Security experts warn of an “AI vulnerability storm” triggered by the introduction of Anthropic’s Claude Mythos in a new paper from the Cloud Security Alliance (CSA).
Exploits, Global Security News
Adobe Patches Actively Exploited Zero-Day That Lingered for Months
An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four months.
AI, Apps, Global Security News, malware
OpenAI’s Mac apps needs an update thanks to the Axios hack
OpenAI updated its security certificates and is requiring all macOS users to update to the latest versions after determining its products, along with many others, were impacted by a widespread supply-chain attack that briefly infected a popular open-source library in late March, the company said in a blog post Friday. The artificial intelligence vendor said…
AI, Global Security News
OpenAI Rotates macOS Certificates Following Axios Supply Chain Breach
OpenAI rotates macOS certificates after downloading a compromised Axios version, urging users to update apps before revoked certificates are blocked in May 2026.
Data Breaches, Global Security News
Stolen Rockstar Games analytics data leaked by extortion gang
Rockstar Games has suffered a data breach linked to a recent security incident at Anodot, with the ShinyHunters extortion gang now leaking the stolen data on its data leak site. […]
AI, Europe, Global Security News, Government & Policy, Network Security
The French government eyes alternatives to Windows
The French government has decided to reduce its dependence on US technology companies in light of the growing divide between the US and the EU. The Direction interministérielle du numérique (DINUM), an agency responsible for digitalization issues, has announced that it will soon replace Windows with a Linux-based operating system. Previously, the French government had…
Global Security News
Critical flaw in wolfSSL library enables forged certificate use
A critical vulnerability in the wolfSSL SSL/TLS library can weaken security via improper verification of the hash algorithm or its size when checking Elliptic Curve Digital Signature Algorithm (ECDSA) signatures. […]
AI, Data Breaches, Global Security News
Hackers access Booking.com user data, company secures systems
Hackers accessed some Booking.com user data, including names, emails, phone numbers, and booking details. The issue is now contained. Booking.com warned that hackers may have accessed customer data linked to travel reservations. Exposed details could include names, email addresses, phone numbers, and information shared with accommodations. Booking.com is one of the world’s leading online travel agencies…
Global Security News
Empty Attestations: OT Lacks the Tools for Cryptographic Readiness
OT asset owners are being asked by regulators to attest to their post-quantum cryptographic readiness without the appropriate tooling, resulting in paperwork dressed up to look like genuine security.
Global Security News
FBI takedown of W3LL phishing service leads to developer arrest
The FBI Atlanta Field Office and Indonesian authorities have dismantled the “W3LL” global phishing platform, seizing infrastructure and arresting the alleged developer in what is described as the first coordinated enforcement action between the United States and Indonesia targeting a phishing kit developer. […]
AI, Global Security News
Your Employees Aren’t Ready For AI — And It’s A Problem
Forrester’s AIQ Reveals Severe Gaps In Employee Readiness For AI
AI, Global Security News
Project Glasswing Shows That AI Will Break The Vulnerability Management Playbook
Anthropic, along with 11 other companies, recently announced Project Glasswing — an initiative that aims to secure software in the wake of advances in AI capabilities, most notably Anthropic’s Claude Mythos Preview frontier model.
AI, Global Security News
OpenAI rotates macOS certs after Axios attack hit code-signing workflow
OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious Axios package during a recent supply chain attack. […]
AI, Global Security News
Amazon Leo introduces gigabit-speed antenna for commercial aviation
The Amazon Leo Aviation Antenna will deliver reliable internet connectivity to airline passengers and crew with up to 1 Gbps download and 400 Mbps upload speeds.
Global Security News
New Booking.com data breach forces reservation PIN resets
Booking.com has confirmed via a statement to BleepingComputer that it has detected unauthorized access to its systems that has exposed sensitive reservation and user data. […]
AI, Global Security News
Commvault Introduces Innovations to Advance Secure, Controlled Agentic Transformation in the Enterprise
Next-generation AI capabilities will leverage Commvault Cloud to safely activate AI and build agentic workflows with trusted data, governance, and recovery.
Global Security News, malware
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to be the target of a malware family called JanelaRAT. A modified version of BX RAT, JanelaRAT is known to steal financial and cryptocurrency data associated with specific financial entities, as well as track mouse inputs, log keystrokes, take screenshots, and…
AI, Apps, Global Security News, Network Security, Risk Management
Cisco Targets AI Trust with Galileo Deal
If the original Galileo spent his time figuring out how things move and fall, Cisco is now tackling a version of that problem in AI, trying to understand how these systems behave once set loose. The company announced plans to acquire Galileo Technologies, an AI observability startup focused on helping enterprises monitor and evaluate how…
Cybersecurity, Global Security News, Risk Management
Quantum Threats Move from Theory to Reality as ‘Harvest Now, Decrypt Later’ Attacks Rise
Cybersecurity leaders are being urged to rethink long-held assumptions about encryption as the industry marks World Quantum Day, with experts warning that the risks posed by quantum computing are no longer a distant concern.
Global Security News
Meta and Alphabet show interest in Australian tech company Ion
COMPANY ANNOUNCEMENT: Australian technology company Ion Video (ASX IOV) is in discussions with two of the world’s largest tech companies – Meta and Alphabet – about its ground-breaking video technology.
Global Security News, Network Security
Australia’s EV surge: JOLT signs up record EV drivers for urban charging network
As Australia reaches EV sales records, new data shows drivers are switching for good – and the EV cost savings are real
AI, Global Security News
77% of global enterprises shift AI strategies from efficiency to growth
GUEST RESEARCH: Nearly half of business leaders expect more than 15% revenue uplift from AI within 10 years Agentic AI is emerging as a priority with 35% of organisations calling it a top focus
AI, Global Security News
Humanforce Launches Humanforce Connect, the First Operating System for Frontline and Flexible Work
Humanforce, a leading global provider of intelligent, AI-driven human capital management (HCM) solutions for frontline workforces, today announced the launch of Humanforce Connect, the first frontline and flexible workforce management operating system.
Exploits, Global Security News
Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw
Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that has been exploited in zero-day attacks since at least December. […]
AI, Global Security News, Government & Policy, privacy
Apple preps for the face race
As growth in the smartphone market slows, Apple, Meta, and others see a new product opportunity in smart glasses — and Apple is reportedly preparing to enter the face race. It’s important to set expectations for new products. The smart glasses Apple is working on now won’t be augmented reality glasses in the same sense as…
Global Security News
BITTER APT Uses Signal, Google, and Zoom Lures to Spread ProSpy Spyware
BITTER APT spreads ProSpy and ToSpy via Signal, Google, and Zoom lures, targeting journalists through LinkedIn and iMessage spearphishing.
china, Global Security News
APT41 Delivers ‘Zero-Detection’ Backdoor to Harvest Cloud Credentials
The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication.
AI, Global Security News
Mailbox Rule Abuse Emerges as Stealthy Post-Compromise Threat
Attackers are abusing Microsoft 365 mailbox rules to hide activity, exfiltrate data and retain access after account compromise, researchers warn
AI, Global Security News
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an off-the-shelf toolkit called W3LL to steal thousands of victims’ account credentials and attempt more than $20 million in fraud. In tandem, authorities detained the alleged developer, who has&
Europe, Global Security News
Mirax Android Trojan Turns Devices Into Residential Proxy Nodes
Security researchers warn of Mirax, an emerging Android banking trojan using MaaS, remote access and residential proxies to target European users
Global Security News
Identity Management Day 2026
The sixth Identity Management Day highlights the evolving nature of identity is dedicated to informing people and organizations about the dangers of casually or improperly managing and securing digital identities.
Global Security News
iTWire TV: After three years steering Australia’s robotics peak body, Nicci Rossouw hands over the controls with a packed expo, a gala night, and one clear message: buy Australian
Nicci Rossouw has spent three years running Robotics Australia Group, the country’s peak body for everything from warehouse arms to underwater hull-scrubbers. On May 1, she hands the CEO role to Paul Mason, co-host of the Manufacturing Tech Australia podcast and a mechatronics engineer with 20-plus years across product development, manufacturing, and commercialisation.
Global Security News
Fastly and LALIGA Team Up in Joint Innovation to Combat Piracy
COMPANY NEWS: Companies Collaborate to Detect and Eliminate Pirated Streams to Help Prevent Lost Revenue
Global Security News
5 key take aways for CIOs from Celonis’ 2026 Process Optimisation Report
GUEST RESEARCH: To modernise, or not to modernise. That is no longer the question. The question now is: how do I transform my enterprise thoughtfully while disrupting as minimally as possible?
Global Security News
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
New “Storm” infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA. […]
Global Security News
After three years steering Australia’s robotics peak body, Nicci Rossouw hands over the controls with a packed expo, a gala night, and one clear message: buy Australian
Nicci Rossouw has spent three years running Robotics Australia Group, the country’s peak body for everything from warehouse arms to underwater hull-scrubbers. On May 1, she hands the CEO role to Paul Mason, co-host of the Manufacturing Tech Australia podcast and a mechatronics engineer with 20-plus years across product development, manufacturing, and commercialisation.
AI, Global Security News
Ping Identity Appoints Antony Collins as Regional Vice President, APJ Channels and Alliances
COMPANY ANNOUNCEMENT: Collins to accelerate partner-led growth across Asia Pacific and Japan as organisations secure identity in the AI era
AI, Global Security News
Celonis and Oracle expand collaboration to power Enterprise AI and accelerate IT modernisation
Celonis and Oracle have expanded their long-standing collaboration opening up additional features to joint customers.
AI, Global Security News, Risk Management
Nearmap Defines the Future of Property Intelligence to Help Organisations See Truth, Assess Risk, and Act with Certainty
Nearmap unifies capture, AI analytics, and materials intelligence – bringing the full property intelligence value chain into one proprietary platform
AI, Global Security News, malware
Hackers hijacked CPUID downloads, served STX RAT to victims
If you tried to download software from CPUID’s website late last week, you might have downloaded malware instead. “Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between April 9 and April 10, causing the main website to randomly display malicious links (our…
AI, Apps, Global Security News, Risk Management
Scans for EncystPHP Webshell, (Mon, Apr 13th)
Last week, I wrote about attackers scanning for various webshells, hoping to find some that do not require authentication or others that use well-known credentials. But some attackers are paying attention and are deploying webshells with more difficult-to-guess credentials. Today, I noticed some scans for what appears to be the “EncystPHP” web shell. Fortinet wrote about…
AI, Global Security News
Solving Tech Debt Unlocks 3x Digital Revenue Boost for Australia’s AI Leaders, Finds New Research
Latest research reveals technical debt blocks AI success in Australia, but cohort of leaders is overcoming it to unlock AI and drive three times more digital revenue than peers
Global Security News
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Monday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings where the gap between a quiet shift and a…
AI, Apps, Compliance, Global Security News, malware, Network Security, privacy, Risk Management
Aura Business Debuts BYOD Security Solution for MSPs
AI-powered online safety platform Aura has introduced a new business security solution to help shrink the unmanaged device gap that exists in today’s security stacks. The new identity-centric bring your own device solution built for MSPs Aura Business for MSPs is a new identity-centric BYOD security solution designed to protect businesses and employees. It allows…
Global Security News, malware
OpenSSF Flags Malware Campaign on Slack Posing as Linux Foundation Figures
OpenSSF warns hackers impersonate Linux Foundation leaders on Slack, tricking developers into installing malware that can compromise entire systems.
AI, Global Security News
$12 million frozen, 20,000 victims identified in crypto scam crackdown
More than $12 million has been frozen, and over 20,000 victims have been identified in an international law enforcement operation targeting cryptocurrency and investment scammers. Authorities also uncovered more than $45 million in suspected cryptocurrency fraud losses worldwide. One UK victim identified during the operation is thought to have lost more than £52,000 to the…
AI, Apps, Endpoint, Exploits, Global Security News, Network Security
Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure
A critical pre-authentication remote code execution vulnerability in Marimo, an open-source Python notebook platform owned by AI cloud company CoreWeave, was exploited in the wild less than 10 hours after its public disclosure, according to the Sysdig Threat Research Team. The vulnerability, tracked as CVE-2026-39987 with a severity score of 9.3 out of 10, affects…
AI, Global Security News
Preparing for Post-Quantum Cryptography: The Secure Firewall Roadmap
Cisco Secure Firewall’s post-quantum cryptography roadmap: what’s available today, what’s coming, and how to start planning.
AI, Data Breaches, Exploits, Global Security News
Rockstar Games receives “pay or leak” warning after cyberattack
Rockstar Games, the developer behind titles such as Grand Theft Auto and Red Dead Redemption, has confirmed a cyberattack claimed by hacking group ShinyHunters, which says it accessed the company’s Snowflake environment and obtained data. The attackers exploited Anodot, a third-party SaaS platform used for cloud cost monitoring and analytics, as the entry point and…
AI, Apps, Endpoint, Exploits, Global Security News, Network Security
Seven IBM WebSphere Liberty flaws can be chained into full takeover
Security researchers are warning of a set of flaws affecting IBM WebSphere Liberty, a lightweight, modular Java application server, that can be chained into a full server compromise. The flaws, a total of seven, that led to the ultimate compromise of the server were initiated by a newly discovered pre-authentication issue in the platform’s SAML…
Exploits, Global Security News, Network Security
Your MTTD Looks Great. Your Post-Alert Gap Doesn’t
Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks’ Wendi Whitmorewarned that similar capabilities are weeks or months from proliferation. CrowdStrike’s 2026 Global Threat Report puts average eCrime breakout time at 29 minutes. Mandiant’s M-Trends 2026
AI, Exploits, Global Security News, privacy, Risk Management
iPhone forensics expose Signal messages after app removal in U.S. case
An FBI case in Texas shows Signal messages can still be recovered from iPhones even after app uninstall, via system artifacts, challenging privacy assumptions. The recent revelations about FBI forensic access to Signal messages on an iPhone have reignited a long-standing misunderstanding about mobile privacy: the belief that disappearing messages and encrypted apps guarantee that…
AI, Apps, Global Security News
How to build your own AI agents with Google Workspace Studio
The great hope for AI agents is that they will automate many of the repetitive tasks office workers perform, such as writing and emailing weekly project updates. These tools combine rules-based automation with generative AI models to perform a series of tasks that make up a workflow. In this vein, Google late last year announced…
Endpoint, Global Security News, Risk Management
Why Your Deprecated Endpoints Are an Attacker’s Best Friend: The Rise of Ghost APIs
Ghost APIs are deprecated endpoints left active, exposing systems to attack. Learn how they differ from shadow APIs and why they create hidden security risks
Exploits, Global Security News, Network Security
Google makes it harder to exploit Pixel 10 modem firmware
Google is working to improve the security of Pixel phones by focusing on the cellular baseband modem, a part of the device that handles communication with mobile networks and processes external data. In the Pixel 9, the company introduced measures to reduce memory-related vulnerabilities. With the Pixel 10, the approach goes further by integrating a…
AI, Global Security News
Meta Expected to Unseat Google as World’s Largest Digital-Ad Player
The owner of Instagram and Facebook has fueled growth with new advertising products and AI.
AI, Compliance, Europe, Global Security News, Government & Policy, malware, Network Security, privacy
Citizen Lab: Webloc tracked 500M devices for global law enforcement
Citizen Lab reported that law enforcement used the surveillance tool Webloc to track up to 500M devices via ad data globally. A report by Citizen Lab revealed that law enforcement agencies in the U.S., Hungary, and El Salvador used a surveillance tool called Webloc to track devices via advertising data, potentially affecting up to 500…
Global Security News
FBI Dismantles $20m Phishing Operation W3LL
The W3LL phishing kit has been associated with fraud attempts totaling $20m
AI, Global Security News
Alleged German DDoS-for-Hire Kingpin Behind Fluxstress Caught in Thailand
Alleged German cybercrime figure behind Fluxstress and Neldowner arrested in Thailand after years running global DDoS-for-hire services across countries.
AI, Cybersecurity, Global Security News, Network Security
Siemens expands Industrial Automation DataCenter with edge AI and cybersecurity
Siemens will present the next generation of its Industrial Automation DataCenter, a custom-configured data center for IT needs in production, expanding its turnkey solution into an AI-ready platform. Structure of the Siemens Industrial Automation DataCenter and its Remote Industrial Operations Services (Source: Siemens AG) In partnership with NVIDIA and in collaboration with Palo Alto Networks,…
Apps, Exploits, Global Security News
Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)
Adobe has pushed out an emergency security update for Adobe Acrobat Reader, patching a zero-day vulnerability (CVE-2026-34621) exploited in the wild since November 2025. About CVE-2026-34621 CVE-2026-34621 is a critical prototype pollution vulnerability – a type of vulnerability that occurs in JavaScript and allows attackers to add or modify an application’s JavaScript objects and properties.…
Global Security News
Seized VerifTools servers expose 915,655 fake IDs, 8 arrested
On April 7 and 8, Dutch police arrested eight suspects in a nationwide operation targeting users of the VerifTools platform as part of an identity fraud investigation. The suspects, all men aged 20 to 34, are accused of identity fraud, forgery, and cybercrime-related offenses. During searches, officers seized smartphones, laptops, cash, cryptocurrency, and weapons or…
AI, Global Security News
North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. “The threat actor used…
AI, Cybersecurity, Global Security News
UK Cyber Security Council Launches Associate Cyber Security Professional Title
The UK Cyber Security Council has unveiled a new Associate Cyber Security Professional title aimed at supporting early‑career cybersecurity professionals