On April 7 and 8, Dutch police arrested eight suspects in a nationwide operation targeting users of the VerifTools platform as part of an identity fraud investigation. The suspects, all men aged 20 to 34, are accused of identity fraud, forgery, and cybercrime-related offenses. During searches, officers seized smartphones, laptops, cash, cryptocurrency, and weapons or…
AI, Global Security News
North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. “The threat actor used…
AI, Cybersecurity, Global Security News
UK Cyber Security Council Launches Associate Cyber Security Professional Title
The UK Cyber Security Council has unveiled a new Associate Cyber Security Professional title aimed at supporting early‑career cybersecurity professionals
AI, Cybersecurity, Global Security News, Risk Management
CISOs tackle the AI visibility gap
Dale Hoak found himself asking a question that has become familiar to CISOs through the decades: What am I missing? More specifically, Hoak, CISO at software firm RegScale, was wondering what he might be missing around his company’s AI deployments. “The business was moving so fast in using AI, so initially we had some visibility…
AI, Data Breaches, Global Security News, Government & Policy, malware
Iran-linked group Handala claims to have breached three major UAE organizations
Iran-linked group Handala claims to have breached three major UAE organizations, Dubai Courts, Dubai Land Department, and Dubai Roads & Transport Authority The group Handala claimed a major cyberattack against the UAE, targeting Dubai Courts Department, Dubai Land Department, and Dubai Roads and Transport Authority. They alleged destroying 6 petabytes of data and stealing 149 TB…
AI, Apps, Exploits, Global Security News
Adobe Summit 2026: How Adobe hopes to redesign marketing and creativity with AI
Adobe Summit serves as a platform for Adobe to introduce new services, capabilities, and enhancements to its portfolio of creative and marketing software and services. The 2026 edition kicks off live in Las Vegas on April 20, with a virtual event running alongside it. The company has long been a name to watch as a…
Global Security News
Operation Atlantic Seizes $12m in Crypto Losses
UK, US and Canadian authorities have identified over 20,000 victims of approval phishing scams that trick users into handing over full crypto wallet access
AI, china, Data Breaches, Global Security News, malware, Russia
CPUID watering hole attack spreads STX RAT malware
Threat actors compromised the CPUID website and spread STX RAT through fake CPU-Z and HWMonitor downloads. Attackers breached the website CPUID and replaced download links for CPU-Z and HWMonitor with malicious files for several hours. Users who downloaded them got infected with the STX RAT, giving attackers remote access to their systems. The short attack…
AI, Cybersecurity, Global Security News, Government & Policy
TekStream CEO on Expanding Student-Staffed SOCs Nationwide
TekStream is expanding its student-staffed security operations center (SOC) program nationwide, positioning the model as a dual solution to cybersecurity talent shortages and rising demand for U.S.-based managed security services. We spoke with TekStream CEO Rob Jensen about how the provider continues to build on the program’s early success with LSU. Inside TekStream’s public-private SOC…
AI, Apps, Global Security News
AI Memory Shortage Disrupts MSP Pricing and Channel Deals
The global memory shortage is no longer just about finding chips; it’s about finding partners you can trust. What began as a straightforward supply-and-demand crunch has morphed into something messier for managed service providers and IT resellers. Vendors are rewriting the rules of engagement mid-game, eliminating long-standing partner protections and reserving the right to change…
AI, Apps, Global Security News
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps, which downloaded the malicious Axios library on March 31, but noted that no user data or internal system was compromised. “Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps,” OpenAI said in a…
Global Security News
Fixing vulnerability data quality requires fixing the architecture first
In this Help Net Security interview, Art Manion, Deputy Director at Tharros, examines why vulnerability data across repositories stays inconsistent and hard to trust. The problem starts with systems not designed to collect or manage that data well. They introduce the idea of Minimum Viable Vulnerability Enumeration (MVVE), a minimum set of assertions needed to…
AI, Global Security News
ZeroID: Open-source identity platform for autonomous AI agents
ZeroID is an open-source identity platform that implements an identity and credentialing layer specifically for autonomous agents and multi-agent systems. The attribution problem The core issue ZeroID targets is attribution in agentic workflows. When an orchestrator agent spawns sub-agents to carry out parts of a task, each sub-agent may call APIs, write files, or execute…
Cybersecurity, Global Security News
MITRE releases a shared fraud-cyber framework built from real attack data
Financial fraud losses in the United States reached $16.6 billion in 2024, up from $4.2 billion in 2020. Behind those numbers is a structural problem: the teams responsible for stopping fraud, fraud investigators and cybersecurity analysts, have historically operated separately, using different tools, different terminology, and different mental models of how attacks unfold. The MITRE…
AI, Global Security News
Why manual certificate management is running out of time
In this video, John Murray, Senior Vice President of Sales at GlobalSign, explains what’s changing in the certificate industry and what companies need to do about it. Certificate validity periods are shrinking, which means companies will need to rotate certificates far more often than before. Small and mid-sized businesses are the most exposed. Smaller teams,…
AI, Global Security News
Bringing governance and visibility to machine and AI identities
In this Help Net Security interview, Archit Lohokare, CEO of AppViewX, explains how the rise of AI marked a turning point where machine and AI agent identities began converging into a single problem. Drawing on his experience across IBM and CyberArk, he describes the shift from human-driven systems to autonomous machines. Lohokare also shares how…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security
Marimo RCE Flaw Exploited Within Hours of Disclosure
A vulnerability in the open-source Marimo Python notebook platform is already being actively exploited, underscoring how quickly attackers can turn newly disclosed flaws into real-world attacks. Less than 10 hours after public disclosure, threat actors developed a working exploit and began targeting exposed systems. “Within 9 hours and 41 minutes of the vulnerability advisory’s publication,…
Global Security News
ISC Stormcast For Monday, April 13th, 2026 https://isc.sans.edu/podcastdetail/9888, (Mon, Apr 13th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AI, Global Security News
AI Is Using So Much Energy That Computing Firepower Is Running Out
AI companies are rationing their offerings and products, rankling users—a warning sign for a boom that depends on rapid adoption.
AI, Global Security News, Risk Management
Identity Protection in the AI Era
Enterprises aiming to predict and mitigate human, machine, and AI‑agent risks at scale demand AI‑powered identity‑first security without compromise.
AI, Global Security News
The fully free Linux OS Trisquel gets a major update with version 12.0 Ecne
Trisquel GNU/Linux, a free operating system aimed at home users, small enterprises, and educational centers, released version 12.0. The release, codenamed Ecne, is declared production-ready and builds on the previous version, Aramo, with changes to packaging, the kernel, security, and available software. APT 3.0 and repository format changes Ecne ships with APT 3.0, which brings…
AI, Apps, Exploits, Global Security News, Risk Management
Adobe fixes actively exploited Acrobat Reader flaw CVE-2026-34621
Adobe addressed a critical Acrobat Reader vulnerability, tracked as CVE-2026-34621, which is actively exploited to run malicious code. Adobe released emergency updates to address a critical vulnerability, tracked as CVE-2026-34621 (CVSS score of 8.6), in Adobe Acrobat Reader, which is being actively exploited. The flaw could allow attackers to execute malicious code on affected systems,…
Global Security News
Blackpepper Delivers Instant E-Commerce Experiences Across New Zealand And Australia With Fastly
COMPANY NEWS:
AI, Global Security News, Risk Management
Australian Organisations Risk Overloading Frontline Operations as AI Meets Fragile Mobility Foundations, SOTI Research Warns
GUEST RESEARCH: As Australian organisations accelerate the adoption of AI-enabled and mobile-driven workflows, research from SOTI, suggests many frontline environments may not yet be resilient enough to support the next wave of automation without added operational risk. This comes as Australia’s labour productivity growth remains under sustained pressure, increasing reliance on technology to deliver efficiency gains…
AI, Global Security News, Risk Management
Responsible ESG AI enablement could become Australia’s next great export if we start now
GUEST OPINION: Logicalis Australia is calling for a shift in how Australia approaches artificial intelligence (AI), warning that the country risks missing a major global opportunity if it continues to focus primarily on policy and access to compute rather than infrastructure.
Apps, Global Security News
Check Point Software Technologies Expands Australian Presence with Western Australia Check Point Workspace Security SASE Data Residency Instance
COMPANY NEWS: New Point of Presence Enhances Web application and API protection with low latency and delivers Industry-Leading Threat Prevention and Cloud-Ready Security Architecture
AI, Apps, Global Security News
Hitachi Vantara Named a Leader in 2026 GigaOm Radar for Object Storage for Strength in Storage Optimisation and Enterprise Scalability
COMPANY NEWS: Recognition highlights Virtual Storage Platform One Object’s role in helping organisations manage, protect and activate unstructured data for AI, analytics and modern applications
Global Security News, Government & Policy
Infoblox Threat Intel research links global mobile banking fraud wave to Cambodian scam compounds
GUEST RESEARCH: Android Trojan tied to forced-labour scam centres impersonates banks and governments in at least 21 countries, bypassing biometrics and SMS security.
Global Security News
Customer Science Appoints James Johnstone as Chief Operating Officer
COMPANY ANNOUNCEMENT: Inaugural Chief Operating Officer Appointment Will Support Company’s Goals for International Expansion into the UK and US Markets
Global Security News
Neara Enhances Platform Observability with ClickHouse to Support Critical Utility Operations
COMPANY NEWS: ClickHouse, a leader in real-time analytics and observability announced that Neara, the pioneer of physics-enabled digital twin modelling for critical infrastructure, has adopted ClickHouse’s managed observability offering, ClickStack, to help power its internal engineering observability stack.
AI, Global Security News
OneQode, Hitachi Vantara & Cylix Form Strategic Alliance to Launch Sovereign AI Factory Initiative
Multimillion-dollar alliance to deploy sovereign-ready AI infrastructure across key global markets, with Australia, Japan, Malaysia and Singapore among the first
AI, Global Security News
Dynatrace to Acquire Bindplane to Establish Telemetry Pipelines for AI and Cloud‑Native Observability
COMPANY ANNOUNCEMENT: Combined platform will deliver an open-standards-based telemetry pipeline for logs, metrics, and traces, providing control from the edge through analytics
Global Security News
Inventors Who Didn’t Invent What They Are Famous for Inventing
Any schoolchild knows who came up with the telephone or the sewing machine. But conventional wisdom often has it all wrong.
Global Security News
Where Does Our Free Time Go in Retirement? Too Often, It’s Social Media
We’re trying to fight our smartphone addiction. But with so much time on our hands, and no job calling us, it isn’t easy.
Global Security News, Government & Policy
Hacker Used Claude Code, GPT-4.1 to Exfiltrate Hundreds of Millions of Mexican Records
A lone hacker used Claude Code and GPT-4.1 to exfiltrate hundreds of millions of Mexican citizen records from 9 government agencies.
Global Security News
PMT Communication Systems recognised as Elite Partner by Nextivity
COMPANY NEWS: PMT Communication Systems has been recognised as an Elite Partner by Nextivity, following a recent visit to Australia by the company’s global leadership team, reinforcing PMT’s position as one of the country’s leading installers of advanced cellular coverage solutions.
AI, Global Security News
What Your AI Knows About You
Plus, WSJ readers sound off on their EVs, what happened when a man fell in love with Gemini and AI companies that “come in peace.”
Compliance, Exploits, Global Security News
Qualys TRU Research Finds Manual Remediation Can’t Keep Up As Exploitation Hits ‘Negative One Day’
GUEST RESEACH: Qualys, Inc. (NASDAQ: QLYS), a leading provider of cloud-based IT, security and compliance solutions, today released a new research report, The Broken Physics of Remediation, revealing how exploitation timelines are outpacing human-scale remediation, and why traditional patch metrics can no longer describe true business exposure.
AI, Global Security News
ServiceNow moves beyond the sidecar AI era, giving customers a complete AI-native experience across all products and packages
New Context Engine provides the enterprise context to ground every decision made by AI agents.
Exploits, Global Security News
Critical Marimo pre-auth RCE flaw now under active exploitation
A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged for credential theft. […]
AI, Global Security News
Agentic AI Goes Mainstream in the Enterprise, but 94% Raise Concern About Sprawl, OutSystems Research Finds
GUEST RESEARCH: New State of AI Development 2026 report shows how enterprises are exploring agentic AI, while navigating governance and security concerns
AI, Global Security News
Kaseya Expands AI Innovation with Silicon Valley R&D Hub to Accelerate Customer Outcomes
New investment strengthens Kaseya’s leadership in AI-driven IT operations and agentic automation
Compliance, Global Security News, Network Security
Major Real Estate and Legal Firms Partner with My Databoss Ahead of Landmark AML Reforms
As Australia edges closer to the Tranche 2 anti-money laundering and counter-terrorism financing (AML/CTF) reforms, compliance platform My Databoss has secured partnerships with several prominent industry leaders. Major real estate networks Barry Plant and Di Jones, legal firm Owen Hodge Lawyers, and commercial property specialist X-Commercial have all selected Australian-made My Databoss to prepare for…
AI, Global Security News
Argon & Co Advances AI-Enabled Business Transformation Model, Promotes Four New Partners
Argon & Co, the global management consultancy specialising in operations strategy and transformation, is evolving its delivery model to embed data, digital capability and AI into end-to-end transformation, as organisations face increasing pressure to drive productivity, resilience and operational performance.
Global Security News
Autodesk brings design and make intelligence to the built environment with Forma Building Design and deeper cloud connections with Revit
Autodesk introduces Forma Building Design, a new design and analysis built specifically for the schematic design phase. This is an important first step in enabling better schematic design exploration, with many exciting and powerful additions planned for Forma Building Design in the future.
AI, Compliance, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Hackers claim control over Venice San Marco anti-flood pumps
Hackers breached Venice ’s San Marco flood system, claiming control of pumps and the ability to disable defenses and flood coastal areas. The technologies that govern the physical world are the quiet infrastructure of modern life. From energy grids to water systems, from factories to flood defenses, operational technology (OT) has long had one essential…
Global Security News
Nutanix Accelerates Service Provider Growth with New Cloud Capabilities and Migration Programs
New and upcoming multitenancy offerings and service validation programs are designed to help service providers scale efficiently while modernising customer environments
AI, Global Security News
Stacked Marketing Tools Stalling Aussie Brands’ AI ambitions: Twilio Poll
GUEST RESEARCH: Australian marketing and CX leaders have said that having too many disparate technology tools is making it harder to realise productivity gains from Agentic AI. This is according to a poll conducted by Twilio (NYSE: TWLO), the customer engagement platform that drives real-time, personalised experiences for today’s leading brands.
AI, APAC, Global Security News
Australia’s architecture, engineering, and construction industry leads world on digital transformation yet faces new data control and AI governance challenges
GUEST RESEARCH: Australia’s architecture, engineering, and construction (AEC) sector is emerging as one of the most digitally advanced markets globally. New research from Revizto, the leading global integrated collaboration platform for AEC, reveals Australia is now confronting a new generation of challenges around data governance, artificial intelligence (AI), regulation, and the capacity to implement new technologies at scale.
AI, Cybersecurity, Global Security News, Government & Policy, malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 92
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2 Malicious LNK Files Distributing a Python-Based Backdoor and Changes in Distribution Techniques (Kimsuky Group) Hackers Are Attempting to Turn ComfyUI Servers Into a…
AI, Global Security News
FBI Atlanta and Indonesian National Police Take Down W3LLSTORE Phishing Marketplace
FBI Atlanta and Indonesian National Police dismantle W3LLSTORE phishing market linked to $20M fraud, seizing domains and detaining developer.
AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management, Russia
Security Affairs newsletter Round 572 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S. GlassWorm evolves with…
Exploits, Global Security News
Week in review: Windows zero-day exploit leaked, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cloudflare moves up its post-quantum deadline as researchers narrow the path to Q-Day Cloudflare announced it is targeting 2029 to complete post-quantum security across its entire product suite, including post-quantum authentication. The company is following a revised roadmap that Google…
Global Security News
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Unknown threat actors compromised CPUID (“cpuid[.]com”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with
Exploits, Global Security News
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621, carries a CVSS score of 8.6 out of 10.0. Successful exploitation of the flaw could allow an attacker to run malicious code on affected installations. It has been described…
Global Security News
Over 4,732 Messages, He Fell In Love With an AI Chatbot. Now He’s Dead.
AI, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S.
Censys researchers found 5,219 exposed Rockwell PLCs online, mostly in the U.S., urging defenders to secure or disconnect them. On April 7, 2026, U.S. agencies, including FBI, CISA, and NSA, warned of Iran-linked APTs exploiting internet-exposed Rockwell Automation PLCs. Threat actors are carrying out cyberattacks targeting internet-connected operational technology (OT) across multiple critical infrastructure sectors.…
AI, Global Security News, malware, Russia
GlassWorm evolves with Zig dropper to infect multiple developer tools
The GlassWorm campaign uses a Zig-based dropper hidden in a fake IDE extension to infect developer tools and compromise systems. The GlassWorm campaign, active since 2025, has evolved from malicious npm packages to large-scale supply chain attacks across GitHub, npm, and VS Code, even deploying RATs via fake browser extensions. In its latest iteration, threat…
Global Security News
FBI Recovers Deleted Signal Messages Through iPhone Notifications
Signal messages may persist in iPhone notification data, enabling FBI access even after deletion, a court case reveals.
AI, Global Security News
How to Switch AI Chatbots—and Why You Might Want To
Your chatbot has a file on you. Here’s how to access, edit and migrate your AI’s memories.
Global Security News
Over 20,000 crypto fraud victims identified in international crackdown
An international law enforcement action led by the U.K.’s National Crime Agency (NCA) has identified over 20,000 victims of cryptocurrency fraud across Canada, the United Kingdom, and the United States. […]
Global Security News
Google Chrome Update Disrupts Infostealer Cookie Theft
Google adds Device Bound Session Credentials (DBSC) to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows.
AI, Endpoint, Exploits, Global Security News, malware
CVE-2026-39987: Marimo RCE exploited in hours after disclosure
A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure. A critical flaw in Marimo, tracked as CVE-2026-39987 (CVSS score of 9.3) was exploited just 10 hours after disclosure (On April 8, 2026). Sysdig Threat Research Team observed exploitation of the Marimo flaw within 9…
Cybersecurity, Global Security News
Key Difference Between an App Developer vs Web Developer
In this post, I will talk about the key difference between an app developer vs web developer. App development is the process where app developers are hired to carry forward the idea and proceed with the development of the mobile apps. Whereas, LA app developers are known for implementing complex APIs and building versatile mobile…
Global Security News
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies and is now sold by its successor Penlink after the two firms merged in July 2023
AI, Global Security News
ChatGPT rolls out new $100 Pro subscription to challenge Claude
OpenAI has rolled out a new Pro subscription that costs $100 and is in line with Claude’s pricing, which also has a $100 subscription, in addition to the $200 Max monthly plan. […]
AI, Data Breaches, Global Security News
ShinyHunters Claims Rockstar Games Snowflake Breach via Anodot
ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met.
AI, Global Security News
White House Races to Head Off Threats From Powerful AI Tools
Group led by National Cyber Director Sean Cairncross aims to identify security vulnerabilities before models from Anthropic, OpenAI are released.
AI, Compliance, Europe, Global Security News, privacy, Risk Management
Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises
Google has made a big step forward by extending end-to-end encryption to Android and iOS devices for Gmail client-side encryption (CSE) users, says an expert. “All in all, this is a welcome update, especially in light of recent concerns surrounding WhatsApp’s encryption methods,” said Gartner analyst Avivah Litan. “Google’s approach offers verifiable customer-managed keys and…
AI, Compliance, Europe, Global Security News, privacy, Risk Management
Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises
Google has made a big step forward by extending end-to-end encryption to Android and iOS devices for Gmail client-side encryption (CSE) users, says an expert. “All in all, this is a welcome update, especially in light of recent concerns surrounding WhatsApp’s encryption methods,” said Gartner analyst Avivah Litan. “Google’s approach offers verifiable customer-managed keys and…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Anthropic’s Project Glasswing Signals Potential AI-Driven Shift in Cybersecurity
Anthropic’s Project Glasswing highlights how advanced AI models may rival top human experts in finding and exploiting software vulnerabilities. Early claims from the company suggest these models, like Claude Mythos Preview, can operate at large scale and find vulnerabilities faster. However, security leaders share mixed views on the claims. “Mythos appears to materially change the…
Global Security News
Android Banking Trojan Linked to Cambodia Scam Compounds Hits 21 Countries
Android banking trojan linked to Cambodia scam compounds uses forced labour to target users in 21 countries, bypassing security to steal funds.
Data Breaches, Global Security News
Hims Breach Exposes the Most Sensitive Kinds of PHI
Threat actors breached the telehealth brand, and now they may know who’s bald, overweight, and impotent. What could they do with that information?
AI, Apps, china, Cybersecurity, Global Security News, Government & Policy, Network Security, Russia
Commerce setting up new AI export regime to push adoption of ‘American AI’ abroad
The Department of Commerce is putting together a catalog of AI tools that will be given special export status by the federal government to be sold abroad. The department issued a call for proposals to participating companies in the Federal Register, looking to create a “menu of priority AI export packages that the U.S. Government…
Cybersecurity, Global Security News
Your Next Breach Will Look Like Business as Usual
These are the fundamental detection model shifts cybersecurity teams need to make to keep up with the rising number of credential-based attacks.
AI, Endpoint, Exploits, Global Security News, Network Security
Old Docker authorization bypass pops up despite previous patch
Researchers warn about a new vulnerability that allows attackers to bypass authorization plug-ins in Docker Engine and gain root-level access to host systems. The flaw has the same root cause as another authorization bypass vulnerability patched in 2024, but the underlying problem has been known since 2016. Tracked as CVE-2026-34040, the new vulnerability is rated…
AI, Global Security News
Sam Altman’s Home Attacked With Molotov Cocktail, Suspect Taken Into Custody
The individual allegedly made threats at OpenAI’s San Francisco headquarters, company says.
AI, Apps, Compliance, Europe, Global Security News
Survey: Governance Gaps Threaten MSP AI Revenue Opportunity
For managed service providers, AI represents a $276 billion opportunity. The problem? More than half of them can’t get their customers ready for it. That’s the headline finding from new research published this week by AvePoint and analyst firm Omdia, which surveyed 333 MSPs across North America, Europe, and Asia-Pacific on what’s actually blocking AI…
AI, Global Security News, malware
GraphAlgo Scam: Lazarus Hackers Register Real US LLCs to Spread Malware
ReversingLabs has discovered a fresh wave of the graphalgo campaign in which North Korean Lazarus hackers are using fake Florida LLCs, mimicking SWFT Blockchain, and using GitHub typo-squatting to target developers with malware.
Global Security News
A Fiery Re-Entry Awaits the Artemis Astronauts
Plus, experts offer innovation predictions and drone fleets are coming to schools.
AI, Global Security News, Network Security
Nearly 4,000 US industrial devices exposed to Iranian cyberattacks
The attack surface targeted by Iranian-linked hackers in cyberattacks against U.S. critical infrastructure networks includes thousands of Internet-exposed programmable logic controllers (PLCs) manufactured by Rockwell Automation. […]
Global Security News
FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats
AI, APAC, Global Security News, privacy
Apple unveiled a new high-end market opportunity this week
Though I reviewed Apple’s recently-introduced MacBook Neo, M5 MacBook Air, and M5 Max MacBook Pro, I didn’t look at Apple’s new displays. But it is noteworthy that even these products open up new opportunities for the company. That’s because Apple this week gained FDA clearance for the Medical Imaging Calibration feature introduced in the Studio Display XDR. Just as the affordable MacBook Neo opens…
AI, Global Security News
AI and cryptocurrency scams are costing Americans billions, FBI reports
The fraud landscape has been changed by AI and cryptocurrency in a way that should concern organisations and individuals alike. Read more in my article on the Fortra blog.
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
Bringing Rust to the Pixel Baseband
Posted by Jiacheng Lu, Software Engineer, Google Pixel Team Google is continuously advancing the security of Pixel devices. We have been focusing on hardening the cellular baseband modem against exploitation. Recognizing the risks associated within the complex modem firmware, Pixel 9 shipped with mitigations against a range of memory-safety vulnerabilities. For Pixel 10, Google is…
Global Security News
Orange Business Reimagines Enterprise Voice Communications With Trust and AI
AI, Compliance, Cybersecurity, Global Security News, Network Security, Risk Management
How AI Is Reshaping Cybersecurity Careers — Not Replacing Them
Artificial intelligence (AI) is rapidly transforming cybersecurity roles, but not in the way many expected. Rather than just eliminating jobs, AI is redefining how cybersecurity professionals work, shifting the focus from manual task execution to higher-level decision-making and analysis. The work of security professionals “becomes less about processing and more about applying strong judgment, logic,…
AI, Exploits, Global Security News, Russia
Hacker Unknown now known, named on Europol’s most-wanted list
German police have pinned a name to one of the world’s most notorious hackers. Danii Shchukin operated under the names of UNKN or Unknown and GandCrab and was, according to German police, the leader of one of the largest globally active ransomware groups, known as GandCrab/Revi. Shchukin is known to have been operating since 2019.…
AI, Europe, Exploits, Global Security News
Ransomware attack on ChipSoft knocks EHR services offline across hospitals in the Netherlands and Belgium
Dutch healthcare IT firm ChipSoft suffered a ransomware attack, forcing services and its HiX platform offline, impacting hospitals and patients. ChipSoft, a major Dutch provider of EHR systems, was hit by a ransomware attack that forced it to take its website and digital services offline, disrupting access for hospitals, healthcare providers, and patients. EHR (Electronic…
Exploits, Global Security News
Analysis of one billion CISA KEV remediation records exposes limits of human-scale security
Analysis of 1 billion CISA KEV remediation records reveal a breaking point for human-scale security. Qualys shows most critical flaws are exploited before defenders can patch them. […]
AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, privacy, Risk Management
Zero-Days, Data Breaches, and AI Risks Define This Week’s Cybersecurity Landscape in 2026
Major Threats & Vulnerabilities Zero-Day and Critical Exploits A new zero-day vulnerability in Adobe Acrobat Reader is being actively exploited through malicious PDFs. Attackers can steal data and compromise systems, with no patch currently available. Security teams are urged to block untrusted PDFs, disable JavaScript, and use sandboxing with outbound traffic monitoring. The Fortinet EMS…
Global Security News, Government & Policy
Industrial Controllers Still Vulnerable As Conflicts Move to Cyber
The US government warns programmable logic controllers are being targeted, and research turns up 179 vulnerable operational technology (OT) devices.
AI, Global Security News, malware
ClickFix campaign delivers Mac malware via fake Apple page
Security researchers at Jamf have uncovered a new ClickFix-style attack targeting Mac users via a fake Apple-themed webpage offering instructions on how to “reclaim disk space on your Mac”. The malicious page (Source: Jamf) ClickFix for everybody ClickFix is a social engineering technique that cons victims into running malicious commands on their own machine, usually…
AI, Cybersecurity, Global Security News
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Cybersecurity researchers have flagged yet another evolution of the ongoing GlassWorm campaign, which employs a new Zig dropper that’s designed to stealthily infect all integrated development environments (IDEs) on a developer’s machine. The technique has been discovered in an Open VSX extension named “specstudio.code-wakatime-activity-tracker,” which masquerades as WakaTime, a
AI, Data Breaches, Global Security News, Government & Policy
Hungarian government email passwords exposed ahead of election
When voters in the forthcoming Hungarian election assess the current government, its record on internet security will not be one of its proudest achievements. An analysis by open source investigation organization Bellingcat has revealed that the passwords for almost 800 Hungarian government email accounts are circulating online, many of them associated with national security. These…
AI, Data Breaches, Global Security News, Government & Policy
Hungarian government email passwords exposed ahead of election
When voters in the forthcoming Hungarian election assess the current government, its record on internet security will not be one of its proudest achievements. An analysis by open source investigation organization Bellingcat has revealed that the passwords for almost 800 Hungarian government email accounts are circulating online, many of them associated with national security. These…
AI, Global Security News
iTWire TV: Your AI agents are already inside the building, and nobody knows who they report to – but Okta does
Okta’s Ariel Kadyshevitch says visibility is the single most important thing a CISO can do right now to get non-human identities under control, and his company is building the tools to make it happen.
AI, Global Security News
Supply chain attack at CPUID pushes malware with CPU-Z/HWMonitor
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the popular CPU-Z and HWMonitor tools. […]
AI, china, Data Breaches, Global Security News, Network Security, Risk Management
Alleged 10 Petabyte Data Theft From China’s Tianjin Supercomputing Hub
Threat actors are claiming responsibility for what could be one of the largest data breaches in China’s history — allegedly stealing more than 10 petabytes of data from a key national supercomputing facility tied to scientific and defense research. “The reports that hackers with the alias of FlamingChina stole 10 petabytes of data containing Chinese…
AI, Cybersecurity, Global Security News
Structured Data: Enhancing Your Site’s SEO
In this post, I will talk about structured data for enhancing your site’s SEO. Imagine walking into a huge library looking for one specific book. You could browse every aisle and flip through dozens of covers, or you could simply look it up in the system and find it in seconds. That’s exactly what structured…