Global study shows targeted internet censorship worldwide, with Russia leading; VPNs, news, and adult content are most frequently blocked categories. The Global Internet Censorship Index 2026 offers a clear view of how governments around the world control online access. Researchers tested 74 popular websites across 53 countries using residential proxies to simulate real users. After…
Tag: with
Endpoint, Global Security News
Today’s Odd Web Requests, (Wed, Apr 29th)
Today, two different “new” requests hit our honeypots. Both appear to be recon requests and not associated with specific vulnerabilities. But as always, please let me know if you have additional information 1 – Broadcom API Gateway GET /bam/restart/if/required Host: [redacted]:8080 Connection: close This request is targeting a Broadcom API Gateway endpoint. As is, the request should…
Global Security News
What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)
Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting with green. Then someone in a leadership meeting asks: “So, are we actually safer now?” Crickets. The room goes quiet because an honest answer requires context – which is something that patch counts…
Cybersecurity, Europe, Global Security News
Microchip expands Trust Shield with PQC-ready root of trust and secure boot controllers
Microchip Technology is expanding its portfolio of Trust Shield, PQC‑ready devices with the TS1800 Platform Root of Trust controller and the TS50x secure boot controller. The devices are designed to help system architects address emerging cybersecurity mandates, including the European Cyber Resilience Act (CRA) and Commercial National Security Algorithm Suite 2.0 (CNSA 2.0), while supporting…
AI, Apps, Global Security News
AWS unveils trio of key AI strategy announcements
AWS on Tuesday announced an expansion of its partnership with OpenAI and launched a major new agentic AI push with the introduction of a new desktop app for Amazon Quick, a personal AI assistant, and an expansion of Amazon Connect from a single product into four distinct offerings. News of the enhanced partnership comes 24…
AI, Apps, Global Security News, malware, Risk Management, Russia
More fake extensions linked to GlassWorm found in Open VSX code marketplace
The threat actor seeding the Open VSX code marketplace with fraudulent extensions that download the GlassWorm malware has uploaded 73 more impersonated links, as its attempt to infect software supply chains continues. Philipp Burckhardt, head of threat intelligence at Socket, which revealed the latest activity, called it a “significant escalation” in the gang’s activity, after…
AI, Global Security News
FIDO Alliance wants to keep AI agents from going rogue on online payments
AI agents are beginning to shop, log in, and complete tasks with little direct input. That shift is pushing the security industry to rethink how trust works when actions are carried out on a user’s behalf. The FIDO Alliance has announced a set of initiatives to build shared standards for these interactions, covering how AI…
AI, Exploits, Global Security News, Risk Management
CVE-2026-3854 GitHub flaw enables remote code execution
Critical GitHub flaw CVE-2026-3854 lets attackers run code with a single git push, exploiting a command injection bug. Researchers found a critical vulnerability in GitHub, tracked as CVE-2026-3854, that allows remote code execution through a simple git push. The vulnerability affects GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, GitHub Enterprise Cloud with Enterprise…
Global Security News
Coffee with the Council Podcast: Stronger Together – The Value of Participating with PCI SSC
Hello everyone, and welcome to our podcast series, Coffee with the Council. I’m Mark Meissner, Senior Vice President for Education and Engagement at the PCI Security Standards Council. Today I’m joined by a panel of current Principal Participating Organizations, or PPOs. The Principal PO program is one of three levels of participation with the…
AI, Global Security News, malware
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating malware.
AI, Global Security News
Intel and FPT Collaborate to Advance AI-Driven Autonomous Factories with Digital Manufacturing Platforms
The collaboration brings together Intel’s advanced factory simulation and AI optimisation technologies with FPT’s digital manufacturing platforms to improve throughput, reduce bottlenecks, and accelerate the transition toward autonomous factory operations.
Global Security News
Linux storage management tool Stratis 3.9.0 adds online encryption and cache-less pool startup
Stratis is a tool for configuring pools and filesystems with enhanced storage functionality within the existing Linux storage management stack. It focuses on a command-line interface, an API, and an automated approach to storage management. It builds on existing components, including device-mapper, LUKS, XFS, and Clevis. Stratis can configure encrypted or unencrypted storage pools with…
AI, Global Security News
No Metrics Are Better Than Bad Metrics in the SOC, Says NCSC
The National Cyber Security Centre has warned against measuring SOCs with ticket-based metrics
AI, APAC, Data Breaches, Global Security News, privacy
Weekly Update 501
This is so “peak 2026” – writing an equality policy to ensure people treat our AI bot with the same respect as they do their human counterparts. It’s intentionally a bit tongue-in-cheek, but it’s there for a purpose: we simply don’t have the capacity to deal with every request we get, and we need Bruce…
AI, Global Security News
GlassWorm malware attacks return via 73 OpenVSX “sleeper” extensions
A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 “sleeper” extensions that turn malicious after an update. […]
Global Security News
Careful what you wish for
The problem with advertising is not that you waste half your money but that you don’t know which half.
Global Security News
Directed Technologies Expands Global Connected Vehicle Platform into Africa through Strategic Partnership with 3Gen Products
Directed Technologies has announced a strategic partnership with 3Gen Products to extend its global, OEM-aligned connected vehicle platform into Africa, unlocking a scalable, standardised approach to connected transport across one of the world’s fastest-growing mobility markets.
Global Security News
Webinar: Spotting cyberattacks before they begin
On Thursday, April 30 at 2:00 PM ET, BleepingComputer will host a live webinar with threat intelligence company Flare and threat intelligence researcher Tammy Harper, exploring how security teams can identify early warning signs of attacks before they escalate into incidents. […]
AI, Global Security News, Network Security
BlackFile actively extorting data-theft victims in retail and hospitality sector
Researchers warn that BlackFile, an extortion group likely associated with The Com, continues to impersonate IT support in voice-phishing and social engineering attacks that have impacted organizations in multiple industries, including healthcare, technology, transportation, logistics, wholesale and retail. Attackers have been actively targeting organizations in the retail and hospitality industry since February, according to Unit…
Data Breaches, Exploits, Global Security News, malware, Network Security
UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware
UNC6692 hackers exploit Microsoft Teams with fake IT alerts to deploy SNOW malware, steal credentials, and breach corporate networks in advanced attacks.
AI, Global Security News, malware, Network Security
Fast16: Pre-Stuxnet malware that targeted precision engineering software
Fast16 is a pre-Stuxnet malware that tampered with precision software and spread itself. Evidence suggests links to U.S. operations during early cyber tensions. SentinelOne uncovered Fast16, a sabotage malware used in 2005, years before Stuxnet. The malicious code is written in Lua and targeted high-precision calculation software, altering results and spreading across systems. The malware…
AI, APAC, Global Security News
Aptori expands its platform with autonomous offensive testing to reduce security bottlenecks
Aptori has expanded its Runtime-Driven Validation Platform with autonomous offensive testing capabilities to address the growing gap between code output and security team capacity. By moving beyond passive scanning to active validation, the platform helps organizations identify, validate, and fix vulnerabilities at the pace of development. As AI-assisted coding increases development velocity, traditional point-in-time security…
AI, Global Security News
The AI criminal mastermind is already hiring on gig platforms
Labor-hire platforms let anyone with a credit card post a task and pay a stranger to complete it. The RentAHuman platform extends that model to AI agents through a Model Context Protocol server, allowing an agent to post gigs directly. Listed tasks include attending in-person meetings, photographing locations, delivering items, and surveying physical sites. A…
AI, Cybersecurity, Global Security News
American utility firm Itron discloses breach of internal IT network
Itron, Inc. has disclosed, via an 8-K filing with the U.S. Securities and Exchange Commission (SEC), a cybersecurity incident in which an unauthorized third party accessed certain internal systems. […]
AI, Global Security News
Commvault expands Google Cloud alliance to embed cyber resilience into AI and multi-cloud environments
Commvault has deepened its partnership with Google Cloud, rolling out its Commvault Cloud platform natively within Google Cloud while extending Clumio’s cloud-native data protection to Google Cloud Storage, in a move that reflects the growing importance of resilience in AI-driven environments.
AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security
CISA reports persistent FIRESTARTER backdoor on Cisco ASA device in federal network
CISA said a federal Cisco Firepower ASA device was infected with the FIRESTARTER backdoor in Sept 2025, and it survived security patches. CISA revealed that a U.S. federal civilian agency’s Cisco Firepower device running ASA software was compromised in September 2025 by the FIRESTARTER backdoor. The malware reportedly persisted even after security patches were applied,…
AI, APAC, Apps, Global Security News, Network Security
Google Cloud Makes Key Agentic AI Announcements at Next ‘26
To coincide with the Google Cloud Next ‘26 conference – Google Cloud’s largest event – the cloud giant is making a number of announcements, including the new Gemini Enterprise Agent Platform, advancements to its AI Hypercomputer architecture, and introducing the Agentic Data Cloud. A single platform for agent development, orchestration, and governance Google Cloud is…
AI, Funding, Global Security News
Google Expands Anthropic Investment With $40 Billion Commitment
Racing toward a potential IPO and grappling with computing needs, AI startup has amassed up to $65 billion in new funding deals.
AI, Global Security News
Indirect prompt injection is taking hold in the wild
The open web is slowly but surely filling up with “traps” designed for LLM-powered AI agents. The technique, known as indirect prompt injection (IPI), involves hiding (more or less) covert instructions inside ordinary web pages, waiting for an AI agent to read them and carry out the author’s commands. The IPI attack kill chain (Source:…
AI, Apps, Global Security News
Microsoft Pushes Partners Deeper Into Copilot and AI Tools
Microsoft is expanding its AI channel strategy with new partner benefits, updated recognition programs, and additional tooling to accelerate enterprise adoption of Copilot, security, and agent-based offerings. The moves show how the company is trying to turn strong AI demand into a more repeatable partner-led sales and services motion. Microsoft posts strong earnings across cloud…
AI, Global Security News
Google Favors General‑Purpose Gemini Models Over Cybersecurity‑Specific AI
Google Cloud’s COO advocated for combining general-purpose frontier large language models with task-specific AI agents
Global Security News
Celonis and ProcessLab launch home mortgages manager to speed up loan approvals process
Financial institutions will be able to approve home loan mortgages faster with Celonis and ProcessLab announcing the launch of its Home Mortgages Manager.
AI, Global Security News
Level Up Your Payment Security Expertise with PCI SSC Knowledge Training
Give your team the insight and confidence to work effectively with assessors through Knowledge Training. These courses are designed to help learners speak the same language as the assessor, confidently guide their organization through assessments and any pre-planning, and effectively collaborate alongside the assessor during an assessment. When teams are aligned, assessments run more…
AI, Global Security News
Level Up Your Payment Security Expertise with PCI SSC Knowledge Training
Give your team the insight and confidence to work effectively with assessors through Knowledge Training. These courses are designed to help learners speak the same language as the assessor, confidently guide their organization through assessments and any pre-planning, and effectively collaborate alongside the assessor during an assessment. When teams are aligned, assessments run more…
AI, Global Security News
Getac redefines rugged mobility with launch of G140 Copilot+ PC, powered by AMD Technology in Australia and New Zealand
COMPANY NEWS: The new G140 tablet blends AI-powered performance with MIL-STD fully rugged protection in a lightweight, field-friendly design.
AI, Global Security News
Microsoft Needs Copilot to Get Back in the Air
With its shares in a slump, Microsoft must show its own AI efforts are paying off.
AI, APAC, Apps, Global Security News, Network Security, Risk Management
Oracle Builds for AI While Channel Rivals Chase Share
Oracle is reshaping its enterprise strategy around AI, multicloud infrastructure, and deeper ties with hyperscale partners such as AWS. But as the company pours billions into data centers, pushes agentic AI across its portfolio, and cuts jobs to support that transition, rivals see an opening to compete more aggressively for Oracle-adjacent workloads. That opportunity is…
AI, Global Security News
Workers Sue $10 Billion AI Startup for Collecting and Exposing Personal Data
Mercor, which has worked with OpenAI, Anthropic and Meta, says it disputes the allegations.
AI, Global Security News
NVIDIA and Google Cloud Collaborate to Advance Agentic and Physical AI
Companies can build AI factories with NVIDIA Vera Rubin-powered A5X instances scaling up to nearly 1 million Rubin GPUs, Gemini on Google Distributed Cloud, confidential NVIDIA Blackwell GPUs and agentic AI built on Gemini Enterprise Agent Platform with NVIDIA Nemotron and NeMo.
Global Security News
‘The Gentlemen’ Rapidly Rises to Ransomware Prominence
Not nearly as polite as the name suggests, the ransomware gang has impressed researchers with its speed in scaling up operations — and its sophistication.
AI, Global Security News
Exabeam Extends Agent Behaviour Analytics to the Google Cloud Agent Ecosystem
COMPANY NEWS: Comprehensive visibility and anomaly detection now available for agents built with Google Cloud’s Agent Development Kit and multi-agent workflows via the upcoming Google Agent Gateway
AI, Global Security News
Manhattan Associates Announces Latest Enhancements for Retailers
Manhattan Associates (NASDAQ: MANH), the global leader in supply chain commerce with unmatched AI capabilities, today announced major enhancements to Manhattan Active® Omni. These innovations are designed to help retailers maximise in-store and online sales while delivering best-in-class customer experiences across all touchpoints. New capabilities include embedded agentic AI for store associates and customer service…
AI, Global Security News
Manhattan Associates Announces Latest Enhancements for Retailers
Manhattan Associates (NASDAQ: MANH), the global leader in supply chain commerce with unmatched AI capabilities, today announced major enhancements to Manhattan Active® Omni. These innovations are designed to help retailers maximise in-store and online sales while delivering best-in-class customer experiences across all touchpoints. New capabilities include embedded agentic AI for store associates and customer service…
AI, Global Security News
Inside Caller-as-a-Service Fraud: The Scam Economy Has a Hiring Process
Fraud operations now operate like call centers, complete with hiring, training, and performance tracking. Flare reveals how cybercriminals manage “Caller-as-a-Service” operations like a professional sales team. […]
AI, Global Security News
Rubrik Secures and Accelerates AI Agents on Google Cloud
New Rubrik Agent Cloud Integration with Gemini Enterprise Agent Platform provides a unified control layer for AI agent operations
AI, Global Security News
Surge in Silent Subject Phishing Attacks Targets VIP Users
Null subject phishing campaigns bypass filters and target VIPs with QR code and RMM abuse
Global Security News
Microsoft Teams to get efficiency mode on PCs with limited resources
Microsoft is preparing to roll out a new Efficiency Mode for Microsoft Teams for systems with limited CPU and memory resources to improve app responsiveness. […]
Global Security News
Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang
A former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCat
AI, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management, Venture
The AI era demands a different kind of CISO
Many security leaders are still operating with frameworks built for a different era. For years, success was measured by fixed checkpoints, such as passing audits, closing vulnerabilities, and maintaining compliance. Those markers still have value, but they were designed for a threat landscape that moved in predictable, linear ways. Today, that landscape is shifting in…
AI, Global Security News
What a New Apple CEO Will Mean for You and Your Devices
With incoming chief John Ternus, Apple is doubling down on hardware in the age of AI.
AI, Global Security News, Russia
It’s a bird it’s a plane – Oh dear me.
“Excuse me… this is a bit rude.” Firstly with all the negative things happening in the world perhaps a naughty prank can tickle our fancy. Many of the major news agencies have published this story, so what the heck, I will do the same. Here is what happened. Finnish Air Force cadets are facing disciplinary action after…
AI, Global Security News
GIGABYTE Collaborates with NVIDIA® on GeForce RTX™ 50 Series and PRAGMATA™ Bundle
GIGABYTE, the world’s leading computer brand, announces the collaboration with NVIDIA for the PRAGMATA™ GeForce RTX 50 Series game bundle across eligible graphics cards, desktops, and laptops powered by NVIDIA GeForce RTX™ 5070 or above GPUs and Laptop GPUs. Powered by NVIDIA Blackwell architecture, the GeForce RTX™ 50 Series GPUs bring game-changing capabilities to gamers.…
AI, Global Security News
Billions on the line: Why SMS-based MFA is no longer fit for Crypto
Cryptocurrency was established with a clear value proposition: decentralisation, transparency and mathematical certainty. However, when it comes to user authentication, many exchanges, wallets and trading platforms still depend on one of the weakest links in digital security: SMS-based multi-factor authentication. For an industry protecting billions of dollars in digital assets, that gap is no longer…
Global Security News
Ransomware Negotiator Pleads Guilty to BlackCat Scheme
A cautionary tale illustrates why the person negotiating should never be involved with any part of the ransom payment process, experts noted.
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
$293M KelpDAO Crypto Heist Exposes Cross-Chain Weaknesses in DeFi
A $293 million cryptocurrency theft has rocked the decentralized finance (DeFi) ecosystem, with KelpDAO at the center of an attack now suspected to be linked to North Korea’s Lazarus Group. The attack highlights how quickly sophisticated attackers can exploit weaknesses in cross-chain infrastructure. “Preliminary indicators suggest attribution to a highly sophisticated state actor, likely DPRK’s…
AI, Data Breaches, Exploits, Global Security News
Former DigitalMint ransomware negotiator pleads guilty to extortion scheme
A South Florida man pleaded guilty to conspiring with multiple ransomware affiliates to commit attacks against and extort payments from the same U.S. companies he represented as a ransomware negotiator for DigitalMint in 2023, the Justice Department said Monday. Angelo John Martino III shared confidential information about victim organizations’ internal negotiating positions and insurance policy…
Global Security News, malware, Network Security
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control (C2 or C&C) server linked to SystemBC has led to the discovery of a botnet of more than 1,570 victims. “SystemBC establishes SOCKS5 network…
AI, Global Security News
The AI Spending Spree is Far from Over
Plus, Amazon goes deeper with Anthropic and bets grow on Intel’s AI resurgence
Global Security News
GapMaps Partners with Panolytica to Deliver Advanced Consumer Segmentation Data
GapMaps has announced a new strategic global partnership with UK-based data specialists Panolytica, providing businesses with access to high quality and granular consumer segmentation data across Australia, the Kingdom of Saudi Arabia (KSA), and the UK, with planned launches across Southeast Asia and the United Arab Emirates this year.
Global Security News
The Gentlemen Ransomware Expands With Rapid Affiliate Growth
Gentlemen RaaS expands quickly with multi-platform attacks and SystemBC-linked infections
Global Security News
Serial-to-IP Devices Hide Thousands of Old and New Bugs
The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say.
AI, Global Security News, Network Security
Procure IT & NetWolves Target Enterprise IT Expense Visibility
NetWolves has partnered with Procure IT to integrate its Managed Intelligence Platform into the provider’s Site Connectivity as a Service (SCaaS) offering, aiming to give large enterprises greater visibility into IT spending across vendors, contracts, and services. Why Procure IT and NetWolves formed the partnership The goal is to give Fortune 1000 companies and large…
AI, Compliance, Global Security News, Network Security
Salesforce Creates FDE Partner Network for Agentforce
Salesforce is zeroing in on a familiar sticking point with enterprise AI. Getting something to work in a pilot is one thing; getting it to run smoothly in production, with the messiness of real systems and data, is where things tend to fall apart. The company this week introduced a Forward Deployed Engineering (FDE) Partner…
Global Security News, malware
ZionSiphon Malware Targets Water Infrastructure Systems
ZionSiphon malware targets OT water systems with sabotage and ICS scanning capabilities
AI, Global Security News
How to Remove Objects from Video: AI Tools & Pro Tips (2026)
Remove unwanted objects from video effortlessly with AI in 2026. Learn step-by-step methods, best tools, and pro tips to clean up your footage like a professional.
AI, Global Security News
Why Most AI Deployments Stall After the Demo
The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for your team. But most AI initiatives don’t fail because of bad technology. They stall because what…
AI, Global Security News, Risk Management
CyberCX to Secure AFL in Australia-First Strategic Partnership
CyberCX, part of Accenture, has announced a landmark strategic partnership with the Australian Football League (AFL) that will see Australia’s leading cyber security organisation become the Official Cyber Security Partner to the AFL and AFLW and the presenting partner to the AFL Review Centre (ARC) score review system at Marvel Stadium. In a first of…
Global Security News
Volvo launches new electric trucks – with ranges up to 700 km
Volvo Trucks keeps pushing the boundaries for electric truck transport. With the launch of its new electric trucks with improved performance, flexibility and ranges up to 700 km, this is a new benchmark for electric heavy-duty trucks.
AI, Apps, Compliance, Endpoint, Exploits, Global Security News, Network Security, privacy, Risk Management
Microsoft’s Patch Tuesday release for April is a whopper
Windows admins are going to be busy this month, dealing with the largest Patch Tuesday cycle we can recall. The April release involves 165 updates and roughly 340 unique CVEs from Microsoft — including two zero-days, one of which is already being actively exploited in the wild. The Readiness team is recommending “Patch Now” schedules…
AI, Cybersecurity, Global Security News, Government & Policy, Politics, privacy, Risk Management
The surveillance law Congress can’t quit — and can’t explain
Congress is grappling with renewal of a surveillance law set to expire at the end of this month that critics say is a mystery on how much of a difference it has made for controversial government spying authorities — for better or worse. The 2024 law reauthorized so-called Section 702 powers of the Foreign Intelligence…
AI, Europe, Funding, Global Security News, Government & Policy
UK wants to build sovereign AI — with just 0.08% of OpenAI’s market cap
The UK government has created a Sovereign AI investment fund with up to £500 million (US$675 million) to spend on turning UK startups into national AI champions. Its support could involve investments of up to £20 million per startup, or provision of up to 1 million GPU-hours of AI compute, and fast-tracking of visas to…
AI, Global Security News, Risk Management
Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery
Cyberattacks are evolving faster than many MSP and corporate defenses can keep up, with phishing driving much of today’s cybercrime. Join our upcoming webinar to learn how to combine security and recovery strategies to reduce risk and maintain business continuity. […]
AI, Global Security News, Network Security
Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery
Liongard has announced the expansion of LiongardIQ with new capabilities spanning programmatic AI integration, conversational querying, enhanced network discovery, and deeper identity mapping, extending its system of authority for asset intelligence across the full IT stack. Without a trusted foundation of asset intelligence, automation runs on assumptions, AI agents query stale data, and security gaps…
AI, Global Security News
Codex can now operate between apps. Where are the boundaries?
OpenAI is rolling out a major update to the Codex desktop app for users signed in with ChatGPT. Personalization features, including context-aware suggestions and memory, will roll out to Enterprise, Edu, and users in the EU and UK soon. Computer use is initially available on macOS and will expand to EU and UK users in…
Global Security News
Blackmagic Design Announces Blackmagic Camera for iOS 3.3 Update
New update adds camera control and monitoring with Apple Watch, support for ATEM camera control and support for Blackmagic Focus and Zoom Demands!
AI, Global Security News
An Investor Dared Him to Quit School. Now He’s Building a $1.5 Billion AI Startup.
Matan Grinberg’s Factory, which offers autonomous coding tools, is competing with the likes of Anthropic, OpenAI and Cursor.
AI, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
From clinics to government: UAC-0247 expands cyber campaign across Ukraine
CERT-UA reports UAC-0247 targeting Ukrainian clinics and government bodies with malware stealing data from Chromium browsers and WhatsApp. CERT-UA has revealed a cyber campaign by the threat actor UAC-0247 targeting Ukrainian government entities and municipal healthcare facilities, including clinics and emergency hospitals. The operation between March and April 2026, used malware designed to steal sensitive…
AI, Global Security News
Anonymizing Network Traffic: A Dive into SOCKS5 and Data Encryption
SOCKS5 protocol explained: anonymize traffic, boost security with encryption, bypass restrictions, and enable reliable data collection for business use.
Exploits, Global Security News
Critical Nginx UI auth bypass flaw now actively exploited in the wild
A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full server takeover without authentication. […]
AI, Global Security News
Windows is getting stronger RDP file protections to fight phishing attacks
Microsoft has introduced new Windows protections starting with the April 2026 security update to reduce phishing attacks that abuse Remote Desktop (.rdp) files. With these updates, the Remote Desktop Connection app displays stronger warning dialogs before a connection is established, shows details about the remote system, and requires users to review any request to share…
Global Security News
WordPress plugin suite hacked to push malware to thousands of sites
More than 30 WordPress plugins in the EssentialPlugin package have been compromised with malicious code that allows unauthorized access to websites running them. […]
AI, Cybersecurity, Exploits, Funding, Global Security News, Government & Policy, Risk Management
NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities
The federal agency tasked with analyzing security vulnerabilities is overwhelmed as it and other authorities struggle to keep pace with a flood of defects that grows every year. The National Institute of Standards and Technology announced Wednesday that it has capitulated to that deluge and narrowed the priorities for its National Vulnerability Database. NIST said…
Endpoint, Global Security News, Government & Policy
Signed software abused to deploy antivirus-killing scripts
A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on thousands of endpoints, some in the educational, utilities, government, and healthcare sectors. […]
Global Security News, privacy
Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests
Google, Meta, and Microsoft about half the time don’t comply with requests to opt out of online tracking per a California law mandate, privacy watchdog finds.
Cybersecurity, Global Security News, Network Security, Risk Management
Rolling Networks: Securing the Transportation Sector
Modern trucks are rolling networks packed with sensors, connectivity, and attack surfaces, creating new cyber risks. NMFTA’s Cybersecurity Conference brings industry leaders together to tackle emerging threats in transportation. […]
AI, Funding, Global Security News
Capsule Security debuts with $7 million funding to secure AI agent behavior
Capsule Security has launched from stealth with a $7 million seed round led by Lama Partners and Forgepoint Capital International. It prevents AI agents from being manipulated, misbehaving, or silently exfiltrating data when handling sensitive information and executing workflows. Capsule is advised by security juggernauts who have put their trust in the company’s innovative approach,…
Exploits, Global Security News
Critical Nginx-ui MCP Flaw Actively Exploited in the Wild
Critical nginx-ui MCP authentication bypass CVE-2026-33032 actively exploited with CVSS 9.8
AI, Global Security News
Axonius updates Asset Cloud with AI, exposure management, and asset trust standard
Axonius has expanded its Asset Cloud with AI-powered remediation in Axonius Exposures, added support for IoT and OT environments via Axonius Cyber-Physical Assets, and introduced a new data trust standard with Axonius Verified Assets. “Security environments have grown more distributed, more dynamic, and more complex, and when teams can’t fully understand their environment, they simply…
Global Security News
Electric vehicles the key to more efficient home energy use
A new Australian study has found that electric vehicles (EVs) equipped with vehicle to home (V2H) technology can significantly reduce household electricity costs and lessen the need for large, costly home battery systems.
AI, Global Security News
How to create your own custom Android air gesture
Psst: Come close. I’ve got something to share with you, and I don’t want everyone around here to hear it. Oh — hi! Sorry, I didn’t realize you were here. I was actually talking out loud to my phone just now, as one does, thanks to a nifty new air gesture I set up that…
AI, Global Security News, malware
Active HanGhost Loader Campaign Targets Enterprise Payment and Logistics Workflows
Active HanGhost Loader campaign targets enterprise payment and logistics workflows with fileless attacks, multi-stage execution, and stealthy malware delivery.
AI, APAC, Global Security News
GNM Advances to 1.6T per Wavelength on CIENA – Powered Backbone
GNM has upgraded its CIENA-powered backbone infrastructure from 800G to 1.6T per wavelength on high-capacity routes with growing traffic demand – increasing available capacity without deploying additional fiber.
AI, Apps, Compliance, Endpoint, Global Security News, Network Security, Risk Management
Secure AI agent access patterns to AWS resources using Model Context Protocol
AI agents and coding assistants interact with AWS resources through the Model Context Protocol (MCP). Unlike traditional applications with deterministic code paths, agents reason dynamically, choosing different tools or accessing different data depending on context. You must assume an agent can do anything within its granted entitlements, whether OAuth scopes, API keys, or AWS Identity…
Global Security News
GIGABYTE Collaborates with CAPCOM for Resident Evil™ Requiem Bundle in Australia and New Zealand
GIGABYTE, the world’s leading computer brand, today announced a collaboration with CAPCOM for the Resident Evil™ Requiem game bundle in Australia and New Zealand. The promotion applies to select GIGABYTE OLED gaming monitors and high-performance gaming desktops, giving eligible gamers access to a Resident Evil™ Requiem Standard Edition game code with purchase.
Global Security News
Privilege Elevation Dominates Massive Microsoft Patch Update
Elevation-of-privilege bugs accounted for more than half of the 165 vulnerabilities patched, with two zero-days in that mix.
AI, Cybersecurity, Global Security News
GIGABYTE Announces Exclusive ANZ Bundle: 12 Months of Surfshark One with Select Gaming Laptops
GIGABYTE, the world’s leading computer brand, today announced a strategic partnership with Surfshark, a global pioneer in cybersecurity. Starting today, customers in Australia and New Zealand (aged 18+) who purchase select GIGABYTE AERO X16 or GIGABYTE GAMING A16 gaming laptops from authorized resellers can redeem a free 12-month Surfshark One subscription (valued at over $170 AUD). This partnership delivers…
Global Security News
Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
Today is Microsoft’s April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities. […]
AI, Global Security News
Adactin Launches Spark Graduate Program to Strengthen Australia’s Digital Workforce
COMPANY ANNOUNCEMENT: Adactin, a leading Australian technology services provider with deep expertise in cloud, AI, and quality engineering services, today announced the launch of the Adactin Spark Graduate Program, a digital skills uplift program designed to support IT students transitioning from academic study to real-world industry experience.
AI, Global Security News
29 million leaked secrets in 2025: Why AI agents credentials are out of control
AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of external services. Every integration point requires an identity. Most organizations are handling this badly, and the evidence is in the code. GitGuardian’s State of Secrets Sprawl Report found 28,649,024 new…
AI, Global Security News
Project Glasswing Shows That AI Will Break The Vulnerability Management Playbook
Anthropic, along with 11 other companies, recently announced Project Glasswing — an initiative that aims to secure software in the wake of advances in AI capabilities, most notably Anthropic’s Claude Mythos Preview frontier model.