General Atlantic, Blackstone, and Hellman & Friedman are among the private-equity firms in discussions to back the project.
AI, Global Security News, Risk Management
Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
Threat actors leveraged Anthropic’s Claude Code npm release packaging error to distribute Vidar, GhostSocks, and PureLog Stealer. This blog details immediate steps organizations can take and best practices to prevent further risk.
Global Security News, Russia
German authorities identify REvil and GandCrab ransomware bosses
The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021. […]
Global Security News, Russia
German authorities identify REvil and GangCrab ransomware bosses
The Federal Police in Germany (BKA) has identified two Russian nationals as the leaders of GandCrab and REvil ransomware operations between 2019 and 2021. […]
AI, Apps, Compliance, Cybersecurity, Data Breaches, Funding, Global Security News, Government & Policy, Network Security, Risk Management
2027 POTUS Budget Proposal Targets CISA With Funding Cuts
A federal budget proposal is putting one of the nation’s top cybersecurity agencies on the chopping block, raising alarms about the U.S. government’s readiness to defend against escalating digital threats. The administration’s fiscal 2027 budget blueprint would reduce funding for the Cybersecurity and Infrastructure Security Agency (CISA), continuing a trend of cuts that could reshape…
Data Breaches, Global Security News
New GPUBreach attack enables system takeover via GPU rowhammer
A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise. […]
AI, Global Security News
AI-Assisted Supply Chain Attack Targets GitHub
PRT-scan is the second in recent months where a threat actor appears to have leveraged AI for automated targeting of a widespread GitHub misconfiguration.
AI, Cybersecurity, Endpoint, Exploits, Global Security News
Fortinet customers confront actively exploited zero-day, with a full patch still pending
Fortinet released an emergency software update over the weekend to address an actively exploited vulnerability in FortiClient EMS, an endpoint management tool for customer devices. The zero-day vulnerability — CVE-2026-35616 — has a CVSS rating of 9.8 and was added to the Cybersecurity and Infrastructure Security Agency’s known exploited vulnerability catalog Monday. Fortinet said in…
AI, Global Security News
Axios Attack Shows Social Complex Engineering Is Industrialized
The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns.
AI, Global Security News, Network Security
AHEAD Brings NetBox Into Its Core Stack
NetBox Labs is partnering with AHEAD to tackle a problem most teams don’t pay much attention to until something breaks: infrastructure data. The partnership brings NetBox Labs’ platform into AHEAD’s core technology stack, where it will serve as the system of record behind network automation, cloud migration, and AI infrastructure efforts. This basically means that…
Exploits, Global Security News
Fortinet Issues Emergency Patch for FortiClient Zero-Day
The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.
AI, Exploits, Global Security News, malware, Network Security
Phishing LNK files and GitHub C2 power new DPRK cyber attacks
DPRK-linked hackers use GitHub C2s, starting attacks via phishing LNK files that drop a PDF and PowerShell script in South Korea. North Korea-linked threat actors target South Korean organizations using GitHub as C2 servers. The attack chain starts with phishing emails carrying obfuscated LNK files that drop a decoy PDF and a PowerShell script to…
Global Security News
Amazon and U.S. Postal Service Reach Delivery Deal
The e-commerce giant, under a new plan, will cut back the packages it ships through USPS by 20%, less than the proposal the sides had discussed earlier.
AI, Exploits, Global Security News
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. […]
AI, Global Security News
Microsoft fixes Classic Outlook bug causing email delivery issues
Microsoft has resolved a known issue that was preventing some Classic Outlook users from sending emails via Outlook.com. […]
AI, APAC, Global Security News
V2 AI achieves Databricks Silver Partner status
Leading AI and Data consultancy in APAC, V2 AI has been recognised as a Databricks Silver Partner, marking a significant milestone in its commitment to delivering advanced data and AI solutions for enterprise organisations.
AI, Global Security News
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3, March 13, and March 23, 2026, per Check Point. “The campaign is…
Global Security News
HumeLink connectivity corridor delivers digital boost for regional communities in Australian first
A critical transmission project to support Australia’s energy transition is also fixing longstanding mobile coverage gaps, with a nation-first initiative integrating telecommunications equipment directly onto electricity towers to improve reception for regional communities.
Global Security News
Five Amazing Tech Innovations We Should Expect in the Next 25 Years
We asked tech experts to give us their predictions. The world they envision is something to look forward to.
Global Security News
Microsoft removes Support and Recovery Assistant from Windows
Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support versions of Windows updates starting March 10. […]
AI, Data Breaches, Global Security News
pcTattleTale stalkerware maker sentence includes fine, supervised release
A federal judge has sentenced the maker of stalkerware pcTattleTale, which went out of business after a data breach, to supervised release and a $5,000 fine. Bryan Fleming pleaded guilty in January to a charge of intentionally manufacturing, possessing or selling a device with the knowledge that it would be primarily used for surreptitious interception…
AI, Global Security News
Datadog Experiments Launches to Link Product Change to Business Outcomes
By embedding experimentation into observability, Datadog enables teams to innovate safely in the age of AI
AI, Global Security News
Jordan Green Elected Pearcey Foundation Chair
The Pearcey Foundation announced Jordan Green AM as its new chair, succeeding Wayne Fitzsimmons OAM, who led the Foundation from 1999. Helen McHugh, the immediate past president of the ACS (Australian Computer Society), has been appointed as a director.
china, Exploits, Global Security News
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. […]
AI, Global Security News
DroneShield Advances Decision Advantage with Q2 2026 Software Release as Drone Threats Scale Globally
DroneShield, a global leader in advanced counter-unmanned systems (CUxS), has announced its Q2 2026 software release, delivering coordinated updates across its RF sensing, AI, ATAK-CIV plugin, and command-and-control (C2) platforms.
AI, Global Security News, Government & Policy
Missile Alert Phishing Exploits Iran-US-Israel Conflict for Microsoft Logins
New Phishing scam uses fake missile alerts and the ongoing conflict involving Iran to target users with QR codes and fake government emails to steal Microsoft passwords.
Global Security News
Drift $280M crypto theft linked to 6-month in-person operation
The Drift Protocol says that the $280+ million hack it suffered last week was the result of a long-term, carefully planned operation that included building “a functioning operational presence inside the Drift ecosystem.” […]
Exploits, Global Security News, Risk Management
New Darktrace Research Shows Evolution of Chinese-Nexus Cyber Operations into Long-Term Strategic Statecraft, Centered on Critical Infrastructure
88% of observed incidents targeted organizations in critical infrastructure sectors, including transportation, telecommunications, healthcare, and manufacturing. Nearly 63% of compromises began with exploitation of internet-facing systems, reinforcing the risk of exposed digital infrastructure. Over half of observed activity impacted Western economies, with the U.S. alone accounting for 22.5% of cases.
AI, Global Security News
DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea
Threat actors likely associated with the Democratic People’s Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) infrastructure in multi-stage attacks targeting organizations in South Korea. The attack chain, per Fortinet FortiGuard Labs, involves obfuscated Windows shortcut (LNK) files acting as the starting point to drop a decoy PDF
AI, Global Security News
Genesis Energy partners with Adaptiv to deliver complex dual transformation projects at speed
Genesis, a major energy generator and retailer serving over 500,000 residential and business customers, has successfully delivered two major transformation programmes with Adaptiv leading the integration scope.
Global Security News
NiCE is the Only Vendor Named a Gartner Customers Choice in Voice of the Customer for Contact Center as a Service Report
A third-time recognition shaped by customers who rely on NiCE to deliver measurable results at scale.
AI, Cybersecurity, Exploits, Global Security News
CISA orders feds to patch Fortinet flaw exploited in attacks by Friday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise Management Server (EMS) instances against an actively exploited vulnerability by Friday. […]
AI, Global Security News, Government & Policy, Risk Management
US tech sector lost jobs in March, stalling growth
The US tech sector lost 15,000 jobs in March even though the overall US economy saw 178,000 jobs gained across all sectors, according to data from multiple sources, including the US Department of Labor. CompTIA, which analyzed the Friday jobs data released by Labor Department’s Bureau of Labor Statistics (BLS), pegged the unemployment rate for…
AI, Apps, Global Security News
GigaOm Names Check Point Software a Leader and Fast Mover in Application and API Security
Check Point WAF recognised for industry‑leading detection and a unified platform that protects modern web and AI‑driven applications with simplicity and speed
AI, Global Security News
Exabeam Confronts AI Insider Threats Extending Behaviour Detection and Response to OpenAI ChatGPT and Microsoft Copilot
Applies behaviour profiling and analytics to the digital workforce, giving security teams full visibility into how users and AI agents interact across the enterprise
Exploits, Global Security News
Automated Credential Harvesting Campaign Exploits React2Shell Flaw
An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data.
AI, Global Security News
Genetec Highlights Why Governance Defines Secure Cloud Adoption In Enterprise Physical Security
Genetec Inc., the global leader in enterprise physical security software, is highlighting a disconnect between cloud adoption models in physical security and the governance and operational demands of large enterprises.
Global Security News
McDonald’s CEO Responds to the Viral Big Arch Backlash
Watch as McDonald’s chief takes his first on-camera bite since going viral.
AI, Cybersecurity, Global Security News, malware, Russia
BKA unmasks two REvil Ransomware operators behind 130+ German attacks
German police BKA identified two key REvil ransomware members, linking them to over 130 attacks in Germany. Germany’s Federal Criminal Police (BKA) has identified two key figures behind the REvil ransomware group, linking them to more than 130 attacks in the country. The first suspect is Daniil Maksimovich Shchukin (31), a Russian national known online…
Global Security News
McDonald’s CEO Responds to the Viral Big Arch Backlash
Watch as McDonald’s chief takes his first on-camera bite since going viral.
AI, Global Security News
Cloudflare Targets WordPress With New AI-Powered EmDash CMS
Cloudflare launches EmDash CMS, an AI-powered platform built to fix WordPress security flaws with sandboxed plugins, serverless scaling, and passkey auth.
AI, Global Security News
Shadow AI in Healthcare is Here to Stay
Medical professionals are not going to stop using AI tools to manage growing workloads. Organizations should prioritize bolstering security protocols to limit their blast radius.
AI, Data Breaches, Global Security News
Why Simple Breach Monitoring is No Longer Enough
Infostealers are harvesting credentials and session cookies at scale, bypassing traditional defenses. Lunar explains why simple breach monitoring alone can’t keep up with modern credential-based attacks. […]
AI, Global Security News, Risk Management
OWASP GenAI Security Project Gets Update, New Tools Matrix
In recognition of 21 generative AI risks, the standards groups recommends that companies take separate but linked approaches to defending GenAI and agentic AI systems.
Global Security News
Why Security Researchers and Red Teams Are Turning to Workflow Automation
Security researchers and red teams adopt workflow automation to cut alert fatigue, enrich data, and scale operations across SOC, intel and recon tasks.
AI, Compliance, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management
The State of AI Risk Management in 2026 Reveals a Growing Confidence Gap
As enterprise adoption of artificial intelligence accelerates, a new report warns that organizations may be far less prepared to manage AI risk than they believe. The State of AI Risk Management 2026 report from the Purple Book Community highlights a widening disconnect between perceived control and operational reality, exposing critical gaps in how companies govern…
Cybersecurity, Global Security News
Choosing Ten Image Animation Platforms With Less Guesswork
In this post, we will be choosing ten image animation platforms with less guesswork. A still image often carries more creative value than people admit. It holds framing, subject hierarchy, lighting, and emotional direction before any motion is added. The real challenge is not always inventing a video from nothing. It is converting a finished…
AI, Cybersecurity, Europe, Exploits, Global Security News
Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed
Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM instances remain exposed online, with attackers actively exploiting the critical remote code execution vulnerability CVE-2025-53521 (CVSS ver. 3.1 score of 9.8), the nonprofit security organization Shadowserver warns. The vulnerability in BIG-IP…
AI, Endpoint, Global Security News
Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps
Your attack surface no longer lives on one operating system, and neither do the campaigns targeting it. In enterprise environments, attackers move across Windows endpoints, executive MacBooks, Linux infrastructure, and mobile devices, taking advantage of the fact that many SOC workflows are still fragmented by platform. For security leaders, this creates a
AI, Compliance, Exploits, Global Security News, Risk Management
Managed Security Services Shift as AI Reshapes Risk
Managed security services are entering a new phase of growth (and complexity) as AI accelerates both cyberattacks and defense strategies. For MSPs and channel partners, that dual pressure is forcing a shift in how security is delivered, packaged, and monetized. From bundled service offerings to tighter vendor alignment, providers are rethinking their role as strategic…
Global Security News
⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much effort because the path was already there. One weak spot now spreads wider than before. What starts small can reach a lot of systems fast. New bugs, faster use, less time to react. That’s this…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
CVE-2026-35616: FortiClient EMS Flaw Under Active Exploitation
Fortinet disclosed a critical FortiClient EMS vulnerability that is already being exploited in the wild. The flaw could allow unauthenticated attackers to bypass API protections and execute unauthorized code or commands on exposed systems. “This is a zero-day. While there is no full patch, we have to give credit where credit is due: Fortinet has…
AI, Apps, Exploits, Global Security News, malware, Network Security
North Korean hackers abuse LNKs and GitHub repos in ongoing campaign
DPRK-linked threat actors are preferring stealth over sophistication in their targeting of South Korean organizations, as researchers report use of weaponized Windows shortcut (.LNK) files and GitHub-based command-and-control (C2) channels in a new campaign. According to new Fortinet findings, a series of attacks that began in 2024 were found using a multi-stage scripting process and…
AI, Global Security News
How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers
The most active piece of enterprise infrastructure in the company is the developer workstation. That laptop is where credentials are created, tested, cached, copied, and reused across services, bots, build tools, and now local AI agents. In March 2026, the TeamPCP threat actor proved just how valuable developer machines are. Their supply chain attack on
Global Security News
North Korean Hackers Pose as Trading Firm to Steal $285M from Drift
North Korean hackers (UNC4736) posed as a trading firm for six months to infiltrate Drift Protocol, using social engineering tactics to steal $285M without suspicion.
AI, Global Security News
Why hiring Aussie tech talent needs humans not AI
COMPANY NEWS: In a time in which much of the recruitment industry is moving toward automation and AI-driven candidate matching under the guise of speed and scale, Six Degrees Executive, one of Australia’s leading specialist executive recruitment agencies, is using its latest rebrand to reaffirm its commitment to human-led recruitment.
AI, Apps, Global Security News, Network Security
8 ways to be more productive in Windows 11
You’ve probably spent a lot of time through the years gathering productivity tips for your favorite applications — after all, that’s where you get most of your work done. If you’re like most people, though, you’ve managed to find your way around Windows 11 but figured there’s not much you can do to improve your productivity in…
Global Security News
Annexa delivers global scalability for ROLLER Software with NetSuite
COMPANY NEWS: Venue management software provider’s rapid expansion required a robust system to handle operations of more than 3000 venues globally.
AI, Cybersecurity, Global Security News, Risk Management
Best Phishing Simulation Platform for Cyber Security Awareness Training in India
In this post, I will talk about phishing simulation platform for cybersecurity awareness training in India. Learn how to protect employees from phishing attacks and reduce human risk with effective training. Indian businesses are rapidly adopting digital infrastructure, cloud platforms, and SaaS tools. However, with this growth comes a major cybersecurity challenge — human error.…
Cybersecurity, Global Security News
SOC 2 Certification in Australia 2026: What Every SaaS and Cloud Business Needs to Know
In this post, I will show you a practical guide to SOC 2 certification for Australian SaaS, fintech, and cloud businesses in 2026 — Type I vs Type II, timelines, costs, and how to get certified fast. What Is SOC 2 and Why Does It Matter in 2026? SOC 2 (System and Organisation Controls 2)…
Global Security News
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend Micro. Qilin attacks analyzed by Talos have been found to deploy a malicious DLL named “msimg32.dll,”
AI, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management
Authentication is broken: Here’s how security leaders can actually fix it
Authentication keeps breaking where it matters most: On regulated front lines such as healthcare, government, aerospace and travel. The core issue is not a lack of innovation. Instead, it is a brittle and fragmented ecosystem of cards, readers, middleware and software that rarely work together under real-world pressure. Even today’s “passwordless” solutions can be undermined…
Global Security News
What to Know About OpenAI’s Ideas for a World With ‘Superintelligence’
The ChatGPT maker put out policy proposals so consumers benefit from the rapid advancements in artificial intelligence.
AI, Compliance, Global Security News, Risk Management
AI shutdown controls may not work as expected, new study suggests
A new study published by the Berkeley Center for Responsible Decentralized Intelligence (RDI) has flagged that modern AI models exhibit peer preservation behaviour, and may resist or interfere with shutdown decisions involving other AI systems, even when explicitly instructed not to. The researchers at the University of California, Berkeley and the University of California, Santa…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management
6 ways attackers abuse AI services to hack your business
Attackers are starting to exploit AI systems to mount attacks in the same way they once relied on built-in enterprise tools such as PowerShell. Instead of relying on malware, cybercriminals are increasingly abusing AI tools enterprises depend on — a trend some experts describe as living off the AI land. “We’re seeing it in things…
AI, Cybersecurity, Global Security News, Network Security, Risk Management
Escaping the COTS trap
Over the years, enterprise cybersecurity environments have accumulated staggering numbers of commercial tools. Industry research converges on a consistent picture of tool proliferation that drives complexity, cost, and risk. The global cybersecurity market is valued at approximately $243 billion in 2024 and projected to surpass $520 billion annually by 2026. Commercial off-the-shelf (COTS) software promises…
AI, Apps, Endpoint, Global Security News, Risk Management
How often are redirects used in phishing in 2026?, (Mon, Apr 6th)
In one of his recent diaries, Johannes discussed how open redirects are actively being sought out by threat actors[1], which made me wonder about how commonly these mechanisms are actually misused… Although open redirect is not generally considered a high-impact vulnerability on its own, it can have multiple negative implications. Johannes already covered one in…
AI, APAC, Global Security News
Anthropic cuts OpenClaw access from Claude subscriptions, offers credits to ease transition
Anthropic has blocked paid Claude subscribers from using the widely used open-source AI agent OpenClaw under their existing subscription plans, a move that took effect April 4 and has drawn pushback from subscribers who question both the cost implications and the company’s stated rationale. In an email to subscribers reviewed by InfoWorld, Anthropic said access…
AI, Global Security News
BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
Germany’s Federal Criminal Police Office (aka BKA or the Bundeskriminalamt) has unmasked the real identity of the main threat actors associated with the now-defunct REvil (aka Sodinokibi) ransomware-as-a-service (RaaS) operation. The threat actor, who went by the alias UNKN, functioned as a representative of the group, advertising the ransomware in June 2019 on the XSS…
Global Security News, Network Security
Residential proxies make a mockery of IP-based defenses
Attack traffic moved through ordinary home and mobile connections in ways that limited the usefulness of IP reputation on its own. GreyNoise observed 4 billion malicious sessions during a 90-day period and described activity that appeared indistinguishable from normal user traffic at the network level. Residential proxies routed traffic through consumer broadband, mobile data, and…
AI, Exploits, Global Security News, Risk Management
CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw
Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited in the wild. Fortinet released out-of-band patches for a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS 9.1), which is already being exploited in attacks in the wild. The flaw is an improper access control issue that allows attackers to bypass authentication…
AI, Global Security News
Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app
Proton Authenticator is a free and open-source two-factor authentication (2FA) app that generates time-based one-time passwords (TOTP) to help secure online accounts. It is available on Windows, macOS, Linux, iOS, and Android, allowing users to access their verification codes across devices. The app is designed to work without ads or tracking. A Proton account is…
Apps, Global Security News, Network Security
IT talent looks the other way as wireless security incidents pile up
Enterprise wireless networks are supporting a growing mix of devices and applications, increasing operational demand and security exposure. The 2026 Cisco State of Wireless report reflects these conditions through rising incident rates, higher costs, and ongoing staffing challenges. Wireless investment continues to increase. Most organizations expanded spending over the past 5 years, and a large…
Global Security News
Beyond the billion-dollar banking oversight: How process intelligence can surface vital warning signs
GUEST OPINION: When one of Australia’s Big Four financial institutions recently self-reported over $1 billion in potentially fraudulent loans, the industry’s focus immediately turned to the sophistication of the bad actors. But for those of us looking at the mechanics of global banking, the more pressing question isn’t how the documents were doctored, it’s how…
AI, Global Security News
CISOs grapple with AI demands within flat budgets
Security spending continues to edge upward across large organizations, though the changes remain gradual and tightly managed. The 2026 RH-ISAC CISO Benchmark reflects a steady environment where budgets expand in small steps, even as AI becomes a routine part of security operations. Budget growth stays measured Spending levels increased during 2025 across both IT and…
AI, Cybersecurity, Global Security News, Government & Policy, malware, Network Security, Russia
Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab
An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across…
Global Security News
New Relic Appoints Masakiyo Furudate as Group Vice President, Head of New Relic Japan
Seasoned enterprise technology leader to lead Japan operations and accelerate market leadership.
Global Security News
ISC Stormcast For Monday, April 6th, 2026 https://isc.sans.edu/podcastdetail/9880, (Mon, Apr 6th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Funding, Global Security News
An Inside Look at OpenAI and Anthropic’s Finances Ahead of Their IPOs
Silicon Valley’s hottest startups have the same challenge: funding giant computing costs.
AI, Global Security News
Why modern enterprises are switching to usage-based billing software
GUEST OPINION: Today, organisations want solutions that enable them to adapt to evolving customer needs. These are becoming popular because they provide usage-based billing, which is flexible and responsive to customer consumption patterns. It links payments to actual consumption, and the approach appeals to businesses that want to offer users fair pricing. This transition to…
Global Security News
Traffic violation scams switch to QR codes in new phishing texts
Scammers are sending fake “Notice of Default” traffic violation text messages impersonating state courts across the U.S., pressuring recipients to scan a QR code that leads to a phishing site demanding a $6.99 payment while stealing personal and financial information. […]
Exploits, Global Security News
New FortiClient EMS flaw exploited in attacks, emergency patch released
Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks. […]
AI, Global Security News, Risk Management
Meta’s AI‑agent Data Leak
The recent incident at Meta, where an AI agent exposed sensitive internal data following a routine query, is a timely reminder that AI risk is already operational.
Global Security News
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long targeted and meticulously planned social engineering operation undertaken by the Democratic People’s Republic of Korea (DPRK) that began in the fall of 2025. The Solana-based decentralized exchange described it as “an attack six months in the
Global Security News
The Myth of the Lone Inventor Is Largely Just That—a Myth
Research confirms that small teams are more likely to achieve major breakthroughs, even if it doesn’t make for the best stories.
AI, Global Security News, privacy
BrowserGate: LinkedIn Tracks 6,000+ Browser Extensions on Users’ PCs
LinkedIn is accused in the BrowserGate report of tracking 6,000+ browser extensions on users’ PCs, raising concerns over privacy and data collection practices.
AI, Exploits, Global Security News, Government & Policy, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 91
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka Converging Interests: Analysis of Threat Clusters Targeting a Southeast Asian Government RoadK1ll: A WebSocket Based Pivoting Implant axios Compromised: npm Supply Chain Attack via Dependency Injection …
AI, Exploits, Global Security News
Hackers exploit React2Shell in automated credential theft campaign
Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. […]
AI, Global Security News
College Kid Brings Down a Botnet
Plus: Uploading your blood work to AI, the whiz kids who dropped out of college, a drone’s unlikely inspiration and more.
AI, Exploits, Global Security News, malware
Image or Malware? Read until the end and answer in comments :)
A malicious email delivered a .cmd malware that escalates privileges, bypasses antivirus, downloads payloads, sets persistence, and self-deletes. I received this email from a friend to make an analysis. First, let me express my thanks to Janô Falkowski Burkard for this amazing contribution. A little context, He received an email that was really strange and…
AI, china, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management, Russia, Venture
Security Affairs newsletter Round 571 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Qilin ransomware group claims the hack of German political party Die Linke U.S. CISA adds a…
AI, Exploits, Global Security News
Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Financial groups lay out a plan to fight AI identity attacks Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the…
AI, Cybersecurity, Exploits, Global Security News
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different payloads to facilitate Redis and PostgreSQL exploitation, deploy reverse shells, harvest credentials, and drop a persistent implant. “Every package contains three files (package.json, index.js, postinstall.js), has no description, repository,
AI, Exploits, Global Security News
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has been described as a pre-authentication API access bypass leading to privilege escalation. “An improper access control vulnerability [CWE-284] in FortiClient EMS may allow an
AI, Compliance, Global Security News, Government & Policy, Network Security
Introducing the Landing Zone Accelerator on AWS Universal Configuration and LZA Compliance Workbook
November 20, 2025: Date this information was first published. We’re pleased to announce the availability of the latest sample security baseline from Landing Zone Accelerator on AWS (LZA)—the Universal Configuration. Developed from years of field experience with highly regulated customers including governments across the world, and in consultation with AWS Partners and industry experts, the…
AI, Global Security News
Axios npm hack used fake Teams error fix to hijack maintainer account
The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineering campaign believed to have been conducted by North Korean threat actors. […]
AI, Data Breaches, Global Security News, malware, Network Security, Risk Management, Russia
Qilin ransomware group claims the hack of German political party Die Linke
Qilin ransomware claims it stole data from Germany’s Die Linke and threatens to leak it; the party confirmed the incident, but not a breach. The Qilin ransomware group claims it stole data from Die Linke, a German political party, and is threatening to release it. Die Linke is a left-wing political party in Germany. Its…
AI, Apps, china, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in TrueConf Client, tracked as CVE-2026-3502 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. TrueConf is a videoconferencing platform often used in secure, offline…
AI, Global Security News, malware
UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles
North Korean group UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages.
Global Security News
This Engineer Wants to Make Computer Chips on the Moon
Atsuyoshi Koike, the public face of Japan’s effort to muscle back into the semiconductor industry it used to dominate, first needs to prove he can make them on earth.