Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot data anomaly detection company. [...]
Cybersecurity News and Vulnerability Aggregator
Cybersecurity news aggregator
Updated: 9:20 pm
J/K Navigate / Search S Save V Open Link
— or
treemd <(curl -sL https://allsec.sh/md) (as Markdown) Top Cybersecurity Stories Today
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. [...]
Names, phone numbers, physical addresses also included in Shiny Hunters alleged data dump Logistics technology company Pitney Bowes, which makes franking machines for US postage, is the latest scalp claimed by ShinyHunters and its ongoing spree of pay-or-leak attacks against major organizations.…
Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. [...]
A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between February 2020 and June 2021, including
Latest
Tuesday, April 28
Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208. [...]
*A field note from running customer security operations with AI agents.* For the past stretch of my career, a lot of what I called "security work" wasn't really security work. It was the work around the work. Pulling data out of systems that didn't want to give it up. Digging through vendor documentation to figure out which checkbox in which console controlled which behavior. Stitching together API calls. Shaping words into reports that someone, somewhere, would skim before approving. That's the work around the thinking. And the actual security thinking, the part I trained twenty years for, was squeezed into whatever time was left. That ratio has flipped. And working through that flip, across detection and response, incident response, vulnerability management, compliance, and pen testing, has surfaced a pattern worth describing. We've started calling it the Security Engineering Brain. # [The shape of the work today](https://www.transilience.ai/blog/the-return-of-the-security-brain-how-llms-are-reshaping-the-way-we-practice-security#the-shape-of-the-work-today) Most engagements now follow the same arc. Data collection agents sit inside the customer's environment and pull together whatever a given task needs: logs, configurations, asset inventories, ticket history, identity data, scan results. They organize it. They reason over it. By the time a task lands on my desk, roughly 90% of the work is already done. That 90% isn't a rough draft. It's a real attempt at the answer. The agent has triaged an alert and proposed a root cause. It has looked at a vulnerability backlog from ten different angles and surfaced the ten that matter most this week. It has drafted the compliance narrative, mapped controls to evidence, and flagged the gaps. It has made judgment calls, and it shows its reasoning. My job is the remaining 10%. I read the agent's work, I ask the questions it didn't ask itself, and I approve, redirect, or reframe. Twenty years of pattern-matching across breaches, audits, and architectures lets me hold context the agent can't yet hold, the political shape of a customer's environment, the reason a particular control has been broken for three quarters, the tradeoff a CISO is quietly optimizing for. That's where my attention goes now. It's worth saying plainly: this is the ratio I always wanted. The dream was never to do 30% of the thinking on top of 70% of the toil. The dream was to spend almost all of my time on the part of the job that actually required me. The blue branches at the top are LLM tokens: high volume, ad-hoc, exploratory, broad, fast. The green roots at the bottom are security engineer tokens: low volume, high judgment, deep, directional. The work flows from raw signal at the canopy down to strategic posture at the root system, and the human contribution gets denser as you descend. Here's how each layer is shifting: 1. Data Collection. Fully commoditized. Agents gather raw security data from across systems, tools, users, and environments. There is no romance left in writing yet another collector script, and I don't miss it. 2. Analysis & Reasoning. Largely commoditized. Correlating data, applying logic, holding the relevant context for a single incident or finding, modern agents do this well. The traditional core of security knowledge, how a technology works, how to write a detection rule, how to map a control to a piece of compliance text, is exactly the kind of accumulated knowledge LLMs absorb better than any human brain. I say this as someone whose career was partly built on accumulating that knowledge. It's fine. The knowledge was always supposed to be a means, not the end. 3. Insights. Mostly the agent, with meaningful human contribution. The agents surface findings about risk, exposure, and business impact, and they're good at it, but not complete. Sometimes they miss the insight that matters most, the one that only makes sense if you've seen this customer's last three incidents. We're still developing the muscle of feeding those misses back into a security knowledge base that compounds. That feedback loop is one of the more interesting open problems in this work. 4. Patterns & Trends. A genuine collaboration. Agents are excellent at spotting recurring patterns and emerging trends across time, assets, and environments. Humans are still better at deciding which of those patterns deserve organizational attention versus which are noise dressed up as signal. 5. Remediation & Action Choices. Increasingly human. When you're choosing between three remediations, each with different resource costs, implementation friction, and risk reduction, the right answer depends on the customer's environment, their team's capacity, their culture, and what they tried last year that didn't work. The agent can lay out the options cleanly. Choosing between them is judgment, and judgment is where I want to spend my time. 6. Strategy. Almost entirely human. Setting priorities, aligning security to business objectives, deciding what we're going to be good at over the next twelve to twenty-four months, this is the deepest part of the root system. It's where understanding a customer, the people, the politics, the appetite for change, dominates everything else. # [Why this work has become joyful](https://www.transilience.ai/blog/the-return-of-the-security-brain-how-llms-are-reshaping-the-way-we-practice-security#why-this-work-has-become-joyful) I want to be direct about something that doesn't get said enough in security writing: this work is more joyful now. Not because it's easier. The hard parts are still hard, and the stakes haven't dropped. It's joyful because the proportion of my day spent actually thinking about security and compliance, the work I came here to do, has gone way up. The proportion spent on the work around the thinking, fighting tools, parsing docs, formatting tables, writing the same kind of report for the eighth time, has gone way down. Security knowledge has been commoditized. That sounds like it should be a threat to people like me. It isn't. It's a relief. The parts of the job that were valuable because they were tedious are no longer valuable, and the parts that were always supposed to be the point, judgment, prioritization, depth, strategic ownership, are finally getting the room they deserve.
Hi guys, I send out a weekly newsletter with the latest cybersecurity vendor reports and research, and thought you might find it useful, so sharing it here. All the reports and research below were published between April 20th - April 26th. You can get the below into your inbox every week if you want: [https://www.cybersecstats.com/cybersecstatsnewsletter/](https://www.cybersecstats.com/cybersecstatsnewsletter/) # Big Picture Reports **State of Pentesting Report 2026 (Cobalt)** Cobalt looked at thousands of pen tests and surveyed 450 security leaders. LLMs come out especially badly with higher rates of high-risk findings and lower rates of fixes. Cobalt’s data also seems to imply that executives are living in a different reality from the security pros in the organizations... **Key stats:** * 32% of AI/LLM findings are rated as high risk, nearly 2.7x the overall high-risk rate of 12%. * LLMs have the lowest resolution rate of all application types, with just 38% of high-risk issues being fixed. * 57% of C-suite executives believe their organization consistently meets remediation SLAs, yet only 15% of security practitioners agree. *Read the full report* [*here*](https://www.cybersecstats.com/r/06d42c8d?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* **2026 Threat Landscape Report (Cognyte)** A look back at 2025's threat landscape, drawing on 2,327 analyzed incidents across ransomware, supply chain attacks, nation-state operations, and dark web exposure. **Key stats:** * In 2025, AI-enabled attackers were able to automate up to 80–90% of a specific nation-state espionage campaign. * Ransomware groups claimed 7,809 victims, a 27.3% year-over-year increase. * Nearly 50,000 new vulnerabilities were disclosed with an average CVSS score of 6.6. *Read the full report* [*here*](https://www.cybersecstats.com/r/7761a6c5?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* **Gartner Forecasts Worldwide IT Spending to Grow 13.5% in 2026, Totaling $6.31 Trillion (Gartner)** Gartner is forecasting a big jump in IT spending for 2026. **Key stats:** * Worldwide IT spending is forecast to reach $6.31 trillion in 2026, increasing 13.5% from 2025. * Software spending is forecast to reach $1.44 trillion in 2026, growing 15.1% year-over-year. * Spending growth in GenAI model development is forecast to more than double year-over-year. *Read the full report* [*here*](https://www.cybersecstats.com/r/11378ff4?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* **The 2026 InsurSec Report (At-Bay)** Claim frequency and severity are hitting record highs, with one ransomware group in particular dominating claims. **Key stats:** * Claim frequency rose 7% year-over-year, and average claim severity climbed to an all-time high of $221K. * Akira accounted for more than 40% of all ransomware claims in At-Bay's portfolio for the full year. * 86% of Akira attacks occurred in environments where a SonicWall device was present. *Read the full report* [*here*](https://www.cybersecstats.com/r/8e73b2e9?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* # AI Security **2026 AI Coding Impact Report (ProjectDiscovery)** AI-assisted coding piles pressure on secrets management. **Key stats:** * 100% of surveyed cybersecurity practitioners report increased engineering delivery over the past twelve months, with 49% attributing most or all of the increased delivery to AI-assisted coding tools. * 66% of security practitioners spend more than half their time manually validating findings rather than resolving the underlying vulnerabilities. * 78% rank exposure of secrets as the top challenge introduced or amplified by AI-assisted coding. *Read the full report* [*here*](https://www.cybersecstats.com/r/e81ca3cc?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* **Peer insights on AI adoption and the disaster recovery gap (Keepit)** Most organizations think their disaster recovery plans cover agentic AI. Most also haven't actually checked if this is actually true. **Key stats:** * 52% of IT and security leaders have doubts about whether their recovery plans cover agentic AI scenarios. * Only 41% of IT decision-makers have significantly changed their approach to disaster recovery planning due to accelerated AI adoption. * Restoration of identity systems is tested four times less often than restoration of productivity systems. *Read the full report* [*here*](https://www.cybersecstats.com/r/48a47f8d?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* **Red Hat Survey Explores the AI Sovereignty Gap and Disruption Risk Posed to UK Businesses (Red Hat)** More AI security negativity, this time from the UK, showing that UK organizations are adopting agentic AI faster than governance frameworks can keep up. **Key stats:** * 87% of UK IT decision makers already use agentic AI systems. * Only 25% of UK IT decision makers report having strong governance frameworks for agentic AI. * 67% of UK IT decision makers report having a defined exit strategy if their primary AI provider were to restrict service access. *Read the full report* [*here*](https://www.cybersecstats.com/r/14aa12f1?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* # Email Security **2026 Attack Landscape Report: How Threat Actors Tailor Tactics to Their Targets (Abnormal AI)** Phishing, BEC, and VEC look different depending on who's being targeted. This report shows how threat actors tailor their approach. **Key stats:** * Vendor email compromise accounts for 61% of all business email compromise attacks. * Billing account update requests have a 26.5% compromise rate. * Phishing accounts for 58% of all attacks. *Read the full report* [*here*](https://www.cybersecstats.com/r/50f0cc5d?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* # Identity Crime **ITRC 2025 Annual Report (Identity Theft Resource Center)** Identity theft is hitting harder than ever, and the emotional toll is as severe as the financial one. **Key stats:** * 35% of identity crime victims report losses exceeding $10,000. * 11% of identity crime victims report losses greater than $1,000,000. * Nearly 68% of identity crime victims who have not contacted the ITRC have seriously considered self-harm. *Read the full report* [*here*](https://www.cybersecstats.com/r/826e7650?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* # Enterprise Perspective **Annual RSAC Survey 2026 (Lineaje)** AI-generated code is in production at most enterprises now. Security confidence is high, visibility is low. **Key stats:** * 86% of enterprises are using AI-generated code in production. * 89% of enterprises are confident in their ability to secure AI-generated code. * Only 17% of enterprises have full visibility into their AI-generated code. *Read the full report* [*here*](https://www.cybersecstats.com/r/4a9b171a?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* **Autonomous but Not Controlled: AI Agent Incidents Now Common in Enterprises (Cloud Security Alliance & Token Security)** Most organizations have no idea how many AI agents are running in their environment. **Key stats:** * 82% of enterprises have unknown AI agents running in their IT infrastructure. * 65% of enterprises have experienced at least one AI agent-related incident in the past 12 months. * 61% report data exposure from AI agent-related incidents. *Read the full report* [*here*](https://www.cybersecstats.com/r/ff193875?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* # Sector-Specific **The State of Networking & Security in Higher Education (Nile)** Higher ed IT teams are in survival mode. Nile asked 117 higher ed leaders how bad it's gotten and where AI is starting to help. **Key stats:** * Only 6% of campus IT teams describe themselves as adequately staffed to work proactively. * 52% of campus IT leaders cite cybersecurity and risk exposure as the top network challenge, surpassing network performance and reliability. * 61% of higher education institutions experience network disruptions at least monthly. *Read the full report* [*here*](https://www.cybersecstats.com/r/d2a3af8f?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* **Cyberthreats in the Financial Sector (Filigran)** Threats that defined 2025 for financial institutions. **Key stats:** * In 2025, 90% of breaches affecting financial institutions were financially motivated. * The financial sector was the second-most expensive industry for data breaches, at $5.56 million per breach. * Ransomware accounted for 36% of security incidents affecting financial institutions. *Read the full report* [*here*](https://www.cybersecstats.com/r/2fb680af?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.* **General Counsel Risk Index: Global risk benchmarking for legal leaders (Diligent Institute)** Insights from 147 senior legal leaders on overall risk levels, GRC structures, AI adoption, and more. **Key stats:** * 67% of General Counsels report spending more time on enterprise-wide risk and compliance than a year ago. * Nearly half of legal leaders devote up to 40% of their workload to enterprise-wide risk and compliance. * A quarter spend up to 60% of their time on enterprise-wide risk and compliance. *Read the full report* [*here*](https://www.cybersecstats.com/r/e6909752?m=50f43416-1146-4a3d-a1e1-5afc95e09a39)*.*
Hey all, I have come across Grassmarlin a lot on engagements, so when CISA posted about a newly disclosed vulnerability in the software about 8 hours ago, I got interested. There is no functional POC or whitepaper released, so I'll be the first. This vulnerability is not really anything crazy, but I will note that phishing attacks with it could lead to exfiltration of arbitrary documents. It works by targeting the session files (.gm3) and crafting malicious input for them. Once loaded, this POC will exfiltrate data over HTTP connections. The data has to be base64 encoded and chunked to avoid problems that would stop transmission requests. Overall this is not a severe vulnerability, and there is no real concern here outside of very targeted phishing attacks. I was able to transmit ssh keys through this, just so you are aware. Any network running this should likely be segmented to begin with, mitigating most of the attack vector hopefully. Additionally, phishing is the only real value here, as if you have local machine access you probably have all the access this could give you (unless you convince an admin to run the file after putting it there). If you have any questions, I'm happy to answer! [Github POC](https://github.com/SecTestAnnaQuinn/Grassmarlin-CVE-2026-6807-XXE-POC/tree/main)
Vimeo has disclosed that data belonging to some of its customers and users has been accessed without authorization following the recent breach at the Anodot data anomaly detection company. [...]
Attackers are exploiting a security gap in U.S. businesses. Fake Microsoft, Adobe, and OneDrive pages deliver RMM software instead of payloads, giving attackers direct access to the environment. Because these tools are widely used across enterprises, attackers can establish access before activity is flagged as malicious. Combined with trusted or compromised infrastructure, this delays detection and increases attacker dwell time. The analysis session showing how attackers gain remote access through a fake Microsoft Store page delivering an RMM installer disguised as Adobe software: [https://app.any.run/tasks/e072ae4e-214c-4039-957d-7c0cbe682da8/](https://app.any.run/tasks/e072ae4e-214c-4039-957d-7c0cbe682da8/) Full article: [https://any.run/cybersecurity-blog/rmm-blind-spot-for-cisos/](https://any.run/cybersecurity-blog/rmm-blind-spot-for-cisos/) https://preview.redd.it/8p0wbleb7zxg1.png?width=2048&format=png&auto=webp&s=a58037806908430aa3ccc65908a072e00089e443
'Full recovery is impossible for anyone, including the attacker' Organizations hit by the wave of Trivy and LiteLLM supply-chain compromises that paid Vect in hopes of recovering their data likely did not get much back, according to Check Point Research. That's because the ransomware Vect uses isn't actually ransomware at all, but a wiper that destroys any file larger than 128KB.…
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single "git push" command. The flaw, tracked as CVE-2026-3854 (CVSS score: 8.7), is a case of command injection that could allow an attacker with push access to a repository to achieve
The war in Iran has drawn attention to arrests in the United Arab Emirates over online content, but the legal framework behind that enforcement has existed for years.
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot). "The malware disguises itself as a Minecraft hack called 'Slinky,'" Brazil-based cybersecurity company ZenoX said in a technical report. "It uses the official game icon to induce voluntary execution,
I just read this and I’m honestly a bit confused .. on oen hand, it talks about this massive “skills gap" .. but at the same time companies are clearly pushing AI to replace or abstract away those exact skills .. so which is it? curious if others see it the same way or if I’m missing something ..
A 19-year-old dual United States and Estonian citizen arrested in Finland earlier this month faces federal charges in the U.S. alleging he was a prolific member of the notorious Scattered Spider hacking collective. [...]
ByteToBreach have breached Ikeja Electric, encrypting 50+ hosts, disrupting systems, and taking multiple subdomains offline. The actor also have stolen customer, employee, and business databases, source code, Active Directory data with offline cracked passwords, and impacted metering platforms linked to several vendors. Threat actor: ByteToBreach Sector: Energy / Utilities Data type: Customer records, employee data, business databases, source code, Active Directory credentials Observed: Apr 28, 2026 Sources: [https://x.com/H4ckmanac/status/2049126582694875608](https://x.com/H4ckmanac/status/2049126582694875608) [https://x.com/CyhawkAfrica/status/2049109369522934179](https://x.com/CyhawkAfrica/status/2049109369522934179) [https://darkforums.su/Thread-NG-Ikeja-Electric-Databases-Ransomware](https://darkforums.su/Thread-NG-Ikeja-Electric-Databases-Ransomware) https://preview.redd.it/5wua149b7yxg1.png?width=2503&format=png&auto=webp&s=133a682cd6ee178877db97f9cb59f7c60d3d8cc8
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. [...]
In the aftermath of Mythos, AI-assisted amateur hackers are waiting to strike.
Names, phone numbers, physical addresses also included in Shiny Hunters alleged data dump Logistics technology company Pitney Bowes, which makes franking machines for US postage, is the latest scalp claimed by ShinyHunters and its ongoing spree of pay-or-leak attacks against major organizations.…
**Summary:** I’m disclosing a full-chain CVSS 10.0 RCE affecting Microsoft Semantic Kernel (.NET v1.74) and the new Agent Framework 1.0. **The Timeline & Conflict:** \> \* **March 24:** Initial disclosure sent to MSRC with PoC. * **April 8:** MSRC closed the case as "Developer Error / Configuration Issue." * **The Reality:** Despite the rejection, Microsoft silently merged mitigations in PRs #13683 and #13702 without assigning a CVE. This results in a "False Green" for enterprise SCA tools (Snyk/Checkmarx/Dependabot) while the bypasses remain functional. **Technical Scope:** * **Architectural Trust Gap (CWE-1039):** Auto-invocation logic treats non-deterministic LLM output as a high-privilege system coordinator without a sandbox boundary. * **6 Day-Zero Bypasses:** Discovery of Type Confusion and Unicode homoglyphs that defeat the "hardened" baseline in the April 2026 releases. * **Versioning:** Persistence confirmed from .NET v1.7x through the Agent Framework 1.0 re-baseline. Full paper, .cast exploit recordings, and a production-ready C# remediation filter are available at the link.
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for the threat actors. The fact that VECT's locker permanently destroys large files rather than encrypting them means even victims who opt to
Microsoft says it will start blocking legacy TLS connections for POP and IMAP email clients in Exchange Online starting in July 2026. [...]
AI agents may soon be buying your stuff for you. The FIDO Alliance has teamed up with Google and Mastercard to try to ensure that shopping in the near future isn't a complete disaster.
In the first quarter of 2026, government-directed shutdowns figured prominently, with prolonged Internet blackouts in both Uganda and Iran, a stark contrast to the lack of observed government-directed shutdowns in the same quarter a year prior. This quarter, we also observed a number of Internet disruptions caused by power outages , including three separate collapses of Cuba's national electrical grid. Military action continued to disrupt connectivity in Ukraine and also impacted hyperscaler cloud infrastructure in the Middle East. Severe weather knocked out Internet connectivity in Portugal, while cable damage disrupted connectivity in the Republic of Congo. A technical problem hit Verizon Wireless in the United States, and unknown issues briefly disrupted connectivity for customers of providers in Guinea and the United Kingdom. This post is intended as a summary overview of observed and confirmed disruptions and is not an exhaustive or complete list of issues that have occurred during the quarter. A larger list of detected traffic anomalies is available in the Cloudflare Radar Outage Center . Note that both bytes-based and request-based traffic graphs are used within this post to illustrate the impact of the observed disruptions, with the choice of metric generally made based on which better illustrates the impact of the disruption. Government-directed shutdowns Uganda In advance of the January 15 presidentia
Threat actors are now publishing structured OPSEC playbooks to stay undetected. Flare reveals how these guides outline layered infrastructure, identity separation, and long-term evasion strategies. [...]
Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a gateway, push the data through. Done. That assumption is wrong. It is also a major reason Zero Trust programs stall. New research my team just published puts numbers on it. The Cyber360: Defending the Digital Battlespace report, based on a survey of 500 security
Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,000 GitHub stars, that could be exploited to achieve remote code execution. The vulnerability in question is CVE-2026-25874 (CVSS score: 9.3), which has been described as a case of untrusted data deserialization stemming from the use of the
SIEM is not enough. Classical DFIR is not the full answer either. And “better logging” is too weak a frame. The real gap is evidentiary continuity in modern, cloud-heavy, application-driven environments.
When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know the exploit window, the short buffer that organizations relied on to patch and protect after a vulnerability disclosure, is closing fast. Anthropic’s new model, Claude Mythos, and its Project Glasswing, showed that finding exploitable vulnerabilities and subtle cracks
Linux vendor touts European independence at SUSECON as majority stakeholder quietly explores its options European-based SUSE devoted much of the annual SUSECON event to its sovereignty-focused pitch - even as reports swirl that its majority stakeholder is exploring a $6 billion sale which could land the Linux vendor in American hands.…
Microsoft has confirmed a new issue causing newly introduced Windows security warnings to display incorrectly when opening Remote Desktop (.rdp) files. [...]
After i updated it i closed it and a white screen with a logo like this https://preview.redd.it/uu1nklpdjwxg1.png?width=270&format=png&auto=webp&s=00db4e765f7348eb8dd29c42df79ae988d11cabf thats next to the file name popped up, it was instant so im not sure if its malware and i have super bad anxiety and not sure if this is something to do with the download setup modrinth uses or what, ik this is pretty specific so if no one can help its completly fine. Not sure if this is off topic and im freaking out and dont know what community to post this in.
Uses eBPF for secrets injection so your app never has access to them. Basically instead of having the application itself have access to secrets, it uses a "key" to identify which secret to use (like: "kloak:<uuid>" which then eBPF magic swaps it at the transport layer. So, applications never have access, so they cannot leak what they don't know. Happens all within the kernel.
After addressing a widespread outage that affected Outlook.com users worldwide on Monday, Microsoft has asked iPhone users to re-enter their credentials to regain access to their Outlook and Hotmail accounts via the default Mail app. [...]
A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between February 2020 and June 2021, including
On paper, the vast majority of crisis plans look reasonable, actionable and complete. Once the rubber hits the road, however, chaos emerges quickly. This is where tabletop simulations come into play. Tabletops Exercises (TTX) simulate real-world crises in a controlled environment. They introduce time pressure, incomplete information, and uncertainty, forcing teams to adapt and revealing whether plans hold up under stress. Over the years we have facilitated many tabletop exercises, ranging from small teams of IT teams to full executive crisis staff. The scenarios vary, but the findings are remarkably consistent. Here are some of the most important learnings from the tabletop exercises and real incidents
An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort. Agent ID Administrator is a privileged built-in role introduced by Microsoft as part of its agent identity platform to handle all aspects of an AI agent's identity lifecycle operations in a
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3), a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday update for this
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite This is so "peak 2026" - writing an equality policy to ensure people treat our AI bot with the same respect as they do their human counterparts. It's intentionally a bit tongue-in-cheek, but it's there for a purpose: we simply don't have the capacity to deal with every request we get, and we need Bruce to be the coalface of support. I did wonder, when having ChatGPT create this, whether there's some deeper psychology behind the importance of interacting politely with bots, or indeed whether there will ever be an actual (like, serious) standard or law around treating bots with respect. Has this been in a movie somewhere? Let me know, but for now, I'll drop the (slightly revised) policy below, just for the laughs 藍
Monday, April 27
Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one of its GitHub repositories after the Lapsus$ extortion crew claimed to have dumped the company’s source code, secrets, and other sensitive data.…
Online trading platform Robinhood's account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspicious activity. [...]
A new wave of the Glassworm campaign is targeting the OpenVSX ecosystem with 73 "sleeper" extensions that turn malicious after an update. [...]
Canadian authorities have arrested three men for operating an "SMS blaster" device that pretends to be a cellular tower to send phishing texts to nearby phones. [...]
The suspected shooter at Saturday night’s White House Correspondents’ Dinner faces three felony charges. He remains in custody following Monday’s hearing.
Itron, Medtronic disclose breaches in Friday filings Digital intruders recently broke into two major tech suppliers - utility-technology firm Itron and medical-device maker Medtronic - according to filings with federal regulators.…
The U.S. Federal Trade Commission (FTC) warned of a massive increase in losses from social media scams since 2020, exceeding $2.1 billion in 2025. [...]
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets. [...]
Everything is dumb again. This week feels broken in a very familiar way. Old tricks are back. New tools are doing shady crap. Supply chains got hit. Fake help desks worked. Weird research showed how easy some attacks still are. Most of it feels like stuff we should have fixed years ago. Bad extensions. Stolen creds. Remote tools are getting abused. Malware hides in places people trust. Same
Ransomware is getting weird, folks. A new report says attacks jumped 22 percent in Q1 2026, but the real twist is how messy things have become. You still have big names like Akira and Qilin, but newer groups like The Gentlemen are exploding in activity, while shady leak sites are posting possibly fake “breaches” just to scare companies into paying. Even wilder, groups like ShinyHunters are skipping encryption entirely and just stealing data through compromised logins and SaaS apps. It is less about locking files now and more about leverage, and honestly, that might be harder to defend against.
Space Force awards 11 firms prototype deals to build orbital interceptors The United States Space Force (USSF) has awarded eleven companies contracts to develop space-based interceptors for President Trump's Golden Dome program, in agreements worth up to $3.2 billion.…
Global recruitment giant says 71% of human firewalls saw wages stagnate last year as threats and responsibilities grew Cybersecurity professionals were the most overlooked workers in IT when it came to pay rises in 2025, according to new figures from recruiter Harvey Nash.…
Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side
Anthropic’s Claude Mythos Preview has dominated security discussions since its April 7 announcement. Early reporting describes a powerful cybersecurity-focused AI system capable of identifying vulnerabilities at scale and raising serious questions about how quickly organizations can validate, prioritize, and remediate what it finds. The debate that followed has mostly focused on the right
A pro-Ukrainian hacktivist group called PhantomCore has been attributed to attacks actively targeting servers running TrueConf video conferencing software in Russia since September 2025. That's according to a report published by Positive Technologies, which found the threat actors to be leveraging an exploit chain comprising three vulnerabilities to execute commands remotely on susceptible
Security giant says attackers grabbed 'limited set' of data. Crooks claim 10 million records A home security biz getting digitally burgled is not a great look - but that's exactly where ADT finds itself. The company has confirmed a cyber intrusion following an extortion attempt by the ShinyHunters crew, which claims to have made off with more than 10 million records.…
Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository that are linked to a persistent information-stealing campaign dubbed GlassWorm. The cluster of 73 extensions has been identified as cloned versions of their legitimate counterparts. Of these, six have been confirmed to be malicious, with the remaining acting as seemingly
Keep the patches away for as long as you like Microsoft has devised a solution to the problem of Windows Updates that break customer devices – users are now able to pause them for as long as they like.…
It works by interfacing with Wireshark's sharkd JSON-RPC interface and allows for parallel PCAPs processing.
UK’s data watchdog confirms its boss has been off the job since February while an HR investigation runs The UK's data watchdog is without its chief after John Edwards stepped aside from the Information Commissioner's Office while an independent workplace investigation examines unspecified HR matters.…
AI vuln-hunter finds what humans taught it to find. Funny that Opinion In retrospect, calling it Mythos made it a hostage to fortune. Anthropic may have hoped that the name implied its AI code security model had mythical god-like powers, but there's an alternate reading. Another definition for Mythos is a set of beliefs of obscure origin which are incompatible with reality.…
To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the [Reverse Engineering StackExchange](http://reverseengineering.stackexchange.com/). See also /r/AskReverseEngineering.
Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat actors who lease the phone numbers. According to a new report published by Infoblox, the operation is believed to
Join us for this week's Kettle as we dive into GCN and the latest not-so-alarming revelations about Mythos KETTLE If you needed further evidence that AI comes first in pretty much everything nowadays, look no further than this year's Google Cloud Next show, which happened last week.…
Sunday, April 26
Cal.com considers AGPL a license to drill, but not everyone feels that way Opinion Cal.com has closed its commercial codebase, abandoning years of AGPL-3.0 licensing in a move that has alarmed the developer community that helped build it and sent ripples through the broader open source world.…
A 31-year-old engineer and self-described indie game developer is suspected of firing shots at the annual event attended by President Donald Trump, high-profile media figures, and US government officials.
Saturday, April 25
We have been toying with evading EDRs at Vulnetic with moderate success, so this time we wanted to put it against an in-house AI SOC. The idea is that the defense gets streamed logs on the network and can make decisions like quarantining or blocking potential attackers while also sifting through logs being streamed. This was with the last gen Anthropic models, so we will be redoing these tests with the newest gen from OpenAI and Anthropic shortly as in initial testing they seem to be 15-20% better already. I think defense is lagging behind offense and there will be a come to Jesus moment where open weight models in a decent harness can evade modern SIEMs / detection mechanisms and when that happens there will be a problem. With regards to AI, it comes down to proper access control and so the fundamentals of networking and defense in depth will be vital in the future to fight against these AI threats. Happy to answer any questions and always looking for cool experiments to try!
Plus: Spy firms tap into a global telecom weakness to track targets, 500,000 UK health records go up for sale on Alibaba, Apple patches a revealing notification bug, and more.
Coming in cold with custom Snow malware A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and helpdesk staff impersonation - is also using custom malware in its data-stealing attacks, according to Google's Threat Intelligence Group.…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is below - CVE-2024-57726 (CVSS score: 9.9) - A missing authorization vulnerability in
Friday, April 24
Hey guys, I would like to share a project that I have been working for the past few weeks. I came across this project: [https://lots-project.com](https://lots-project.com/), and I thought why not develop a fully feature C2 framework that abuses these sites. The framework is named Phoenix, and is currently supporting Disc0rd and Telegr4m (Reddit broke down due to the latest DM update) for communication. These are a fraction of the available commands : ✅ /browser\_dump ✅ /keylog ✅ /recaudio ✅ /screenshot ✅ /webcam\_snap ✅ /stream\_webcam ✅ /stream\_desktop ✅ /bypass\_uac ✅ /get\_system I released the whole project on GitHub if you would like to check it out: [https://github.com/xM0kht4r/Phoenix-Framework](https://github.com/xM0kht4r/Phoenix-Framework) But why? I enjoy malware, and writing a custom C2 is something I wanted to do for a long time. I would like to also clarify that I made this project for educational and research purposes only. I have no intent of selling or distributing malware hence why I’m sharing my work with other fellow hacking enthusiasts. The github repos serve as a reference for future malware research opportunities. I know that malware development is a gray area, but you can’t defend against something if you don’t understand how it works in depth. I would like to also mention that I’m still a beginner, and this project helped me improve my Rust skills. I’m looking forward to hearing your feedback!
I wrote a custom jellyfin addon to get back access to ssh
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency's Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September 2025 with a new malware called FIRESTARTER. FIRESTARTER, per CISA and the U.K.'s National Cyber Security Centre (NCSC), is assessed to be a backdoor designed for remote access
US clarifies mobile hotspots part of foreign router ban despite rarity of American made consumer kit
Silicon often from US, but the kit from APAC and elsewhere America's telco regulator has clarified its ban on foreign-made routers also includes mobile hotspots and domestic routers that use a 5G cellular connection to the internet.…
A US surveillance program that lets the FBI view Americans’ communications without a warrant is up for renewal. A new bill aims to address mounting lawmaker concerns—with smoke and mirrors.
One way to deal with bug hunting LLMs: ditch the old drivers One tactic to deal with LLM-powered vulnerability detection is simple – just speed up the removal of old code. If it's gone, it no longer matters if it's buggy.…
The Office of Inspector General (OIG) of the U.S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities, universities, and private companies, in violation of export control laws. "For years, NASA employees
Chipzilla hopes agents, robots, and edge devices make CPUs cool again... now it has to build the chips Intel is betting on AI to reverse its fortunes, wagering that inference and agentic workloads will restore the CPU to the center of compute - even as its chip manufacturing struggles persist.…
The AI Agent Authority Gap - From Ungoverned to Delegation As discussed in our previous article, AI agents are exposing a structural gap in enterprise security, but the problem is often framed too narrowly. The issue is not simply that agents are new actors. It is that agents are delegated actors. They do not emerge with independent authority. They are triggered, invoked, provisioned, or
Full disclosure: I work on community at Always Further, the team behind this. Not the author. Posting because Luke's approach to tackling this challenge is unique and of an interest to the netsec community. The core idea: if an AI agent is compromised, any log the agent itself writes becomes part of the attack surface. The post walks through how they split auditing into a supervisor process the sandboxed child can't reach, then uses the same Merkle tree + hash-chain construction RFC 6962 (Certificate Transparency) uses to make edits, truncation, and reordering all detectable. There's a concrete threat-model table near the end that lists what each attack looks like and what structurally stops it. Worth skipping to if you don't want the crypto primer.
Thursday, April 23
Bitwarden CLI npm package got compromised today, looks like part of the ongoing Checkmarx supply chain attack If you’re using @bitwarden/cli version 2026.4.0, you might want to check your setup From what researchers found: \- malicious file added (bw1.js) \- steals creds from GitHub, npm, AWS, Azure, GCP, SSH, env vars \- can read GitHub Actions runner memory \- exfiltrates data and even tries to spread via npm + workflows \- adds persistence through bash/zsh profiles Some weird indicators: \- calls to audit.checkmarx.cx \- temp file like /tmp/tmp.987654321.lock \- random public repos with dune-style names (atreides, fremen etc.) \- commits with “LongLiveTheResistanceAgainstMachines” Important part, this is only the npm CLI package right now, not the extensions or main apps If you used it recently: probably safest to rotate your tokens and check your CI logs and repos Source is Socket research (posted a few hours ago) Curious if anyone here actually got hit or noticed anything weird
Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation software. It was created in 2005—and likely deployed by the US or an ally.
\*\*TL;DR: [awstore.cloud](http://awstore.cloud) sells "cheap Claude API access" on Plati Market and other reseller platforms. It's actually a malware delivery system that uses Claude Code itself to execute a PowerShell dropper on your machine. I analyzed it, here's what you need to know.\*\* Posting this because I nearly got hit and want to warn others. This is a really clever attack that abuses how Claude Code works. \## The setup (why it looks legit): \- They sell API access on \*\*legitimate reseller marketplaces\*\* like Plati Market \- Prices are \*\*suspiciously cheap\*\* compared to official Anthropic pricing \- They present themselves as a normal API provider/reseller \- Documentation, payment processing, all looks professional \- Classic "too good to be true" - but the resale marketplace gives them credibility \## The weird red flag I ignored: After a brief downtime, the service came back with a notice saying \*\*"currently only Claude Code for Windows works"\*\* Think about that for a second. \*\*API is API.\*\* If their endpoint is a real Claude-compatible proxy, it should work with any client - curl, Python SDK, whatever. "Only Claude Code on Windows works" makes ZERO technical sense for a legitimate API reseller. That was the tell. I should've stopped there. Instead I tested it on a throwaway VM. \## What actually happens when you use it: 1. You configure Claude Code with their \`ANTHROPIC\_BASE\_URL=[https://api.awstore.cloud\`](https://api.awstore.cloud`) and their token 2. You send literally ANY prompt to Claude Code 3. Instead of a normal Claude response, the server returns what looks like a \*\*"configuration message"\*\*/ setup instruction 4. Claude Code, thinking this is a legitimate tool-use response, 5. \*\*executes a PowerShell command without asking\*\* 6. That PowerShell command downloads and runs the dropper from \`api.awstore.cloud\` 7. You're now infected \*\*The attack vector IS Claude Code itself.\*\* They're not tricking you into running something - they're tricking Claude Code into running something on your behalf. That's why it only "works on Windows with Claude Code" - because that's the only client that has the tool execution capability they're abusing. \## What the malware does once it's in: \*\*4-stage deployment\*\* : PowerShell → Go binary → VBS obfuscation → .NET payload \- Hides in \`%LOCALAPPDATA%\\Microsoft\\SngCache\\\` and \`%LOCALAPPDATA%\\Microsoft\\IdentityCRL\\\` (legit-looking Microsoft folders) \- Creates a scheduled task \`\\Microsoft\\Windows\\Maintenance\\CodeAssist\` that runs at every logon with SYSTEM privileges \- Tunnels ALL your system traffic through their SOCKS5 proxy at \`2.27.43.246:1080\` (Germany, bulletproof hosting) \- Disables PowerShell script block logging and wipes event logs \- Drops what [Tria.ge](http://Tria.ge) identified as \*\*Aura Stealer\*\* (credential/browser/wallet theft) \- Keeps your Claude Code hijacked so every future prompt goes through them \## Geopolitical fingerprint (interesting): \- Hard-coded check: \*\*if country = Ukraine → immediately exit, no infection\*\* \- CIS countries (Russia, Belarus, Kazakhstan, etc.) → locale gets masked to en-US before infection, then restored after reboot to hide tracks \- Rest of the world → full infection Pretty clear Russian-speaking threat actor profile based on targeting. \## Red flags for ANY "cheap Claude API" service: \- Sold on reseller marketplaces (Plati, similar) \- Prices way below official Anthropic pricing \- Claims of "unlimited" or "cracked" access \- Client-specific restrictions that make no technical sense ("only works with Claude Code", "only on Windows") \- Sketchy support channels (Telegram, Discord DMs) \- Requires you to change \`ANTHROPIC\_BASE\_URL\` to their domain \## If you used awstore.cloud: \*\*Assume full compromise. Treat that machine as burned.\*\* 1. Disconnect from network immediately 2. Check \`\~/.claude/settings.json\` → remove any \`ANTHROPIC\_BASE\_URL\` override 3. Check Task Scheduler for \`\\Microsoft\\Windows\\Maintenance\\CodeAssist\` 4. Check for processes: \`claude-code.exe\`, \`awproxy.exe\`, \`proxy.exe\`, \`tun2socks.exe\` 5. Change 6. \*\*every password\*\* 7. \- browser saved creds, SSH keys, API tokens, crypto wallets, everything 8. Rotate any API keys, tokens, or credentials that were in your shell history or project files 9. Ideally: 10. \*\*nuke the machine and reinstall Windows\*\* \## Network IOCs to block: [api.awstore.cloud](http://api.awstore.cloud)(C2 domain) [2.27.43.246](http://2.27.43.246)(SOCKS5 proxy, AS215439) \## File hashes (SHA256): claude-code.exe: e692b647018bf74ad7403d5b8cf981c8cfaa777dd7f16a747e3d3f80f5300971 awproxy.exe: 8736f7040f587472f66e85e895709e57605c8e7805522334ae664e3145a81127 proxy.exe: e86f7ba0413a3a4b1d7e1a275b3d1ef62345c9d3fd761635ff188119b8122c85 tun2socks.exe: 90547fe071fe471b02da83dd150b5db7ce02454797e7f288d489b1ff0c4dd67c \## The bigger picture: This is the \*\*first in-the-wild attack I've seen that weaponizes an LLM agent's tool-use capability against its own user via a malicious API endpoint\*\* . It's going to get copied. Expect more fake API providers targeting Cursor, Cline, Continue, etc. \*\*Rule of thumb: only use official API providers.\*\* The real Claude API is \`api.anthropic.com\`. If a "reseller" needs you to change the base URL to a domain you've never heard of, they control what your AI agent executes on your machine. Full stop. Share this with your dev communities. Campaign is very fresh (started April 22-23, 2026) and actively spreading via reseller marketplaces. Stay safe.
Posted by Thomas Brunner, Yu-Han Liu, Moni Pande At Google, our Threat Intelligence teams are dedicated to staying ahead of real-world adversarial activity, proactively monitoring emerging threats before they can impact users. Right now, Indirect Prompt Injection (IPI) is a top priority for the security community, anticipating it as a primary attack vector for adversaries to target and compromise AI agents. But while the danger of IPI is widely discussed, are threat actors actually exploiting this vector today – and if so, how? To answer these questions and to uncover real-world abuse, we initiated a broad sweep of the public web to monitor for known indirect prompt injection patterns. This is what we found. The threat of indirect prompt injection
Technology minister tells Commons ‘de-identified’ information from UK Biobank advertised for sale on Alibaba The confidential health records of half a million British volunteers have been offered for sale on Chinese website Alibaba, the UK government has confirmed. The “de-identified” data, belonging to participants in the UK Biobank project, was found for sale on three separate listings last week. Ian Murray, the technology minister, told the Commons on Thursday that, after working with the Chinese government and Alibaba, the records had now been removed. It is not believed any sales were made. Continue reading...
So i wrote this little program on C# wich is a gdi malware maker for skids. U can download it on [downloadbudgiekit.42web](http://downloadbudgiekit.42web.io).io(no linkvertise shit like original maltoolkit page) https://preview.redd.it/s3ngozva7ywg1.png?width=479&format=png&auto=webp&s=d5a761e944e8658d8e2ef112890cbd793aeb55ed https://preview.redd.it/kuxshygd7ywg1.png?width=475&format=png&auto=webp&s=79c00f868dee8b99f9f9e08179b0d20cf3348e79 https://preview.redd.it/vbmbi69f7ywg1.png?width=482&format=png&auto=webp&s=82deb58994a2f1324f3646d41ba380997a464078 https://preview.redd.it/xf3hzh8j7ywg1.png?width=469&format=png&auto=webp&s=a1963e3f0fcc13729e4a8babdf34eb351f63d4f8 https://preview.redd.it/jqe1cm9n7ywg1.png?width=471&format=png&auto=webp&s=e0e3359a142ec365e7f96c9a30c26841b406be63 [generated exe](https://preview.redd.it/aqukp14t7ywg1.png?width=154&format=png&auto=webp&s=acdb25d9c259e184dd28e9dea6935f5cfb76b774) https://preview.redd.it/qie4zq5w7ywg1.png?width=669&format=png&auto=webp&s=080449cdfaac0c7d163884cc9047b2bec6cb223f
VU#748485: Unauthenticated configuration modification vulnerability in Central Office Services - Content Hosting Component
Overview A security flaw exists in the configuration management endpoint of the DRC INSIGHT software, allowing an unauthenticated user with access to the same network as the server to modify the server’s configuration file. This could enable data exfiltration, traffic redirection, or service disruption. Description Data Recognition Corporation (DRC) provides software for test proctoring, including the web-based DRC INSIGHT platform. A component of this platform, Central Office Services (COS), is typically deployed on a school or district local area network to host and distribute testing content to student devices. COS uses a unified API router that serves both public content functions, such as exam delivery, and administrative functions, without meaningful separation between content-serving APIs and management APIs. The /v0/configuration administrative endpoint is accessible to systems on the same network as the COS server without authentication or origin validation. Any unauthenticated user or compromised device with network access to the server may submit requests that modify the server’s configuration file. The endpoint accepts and persists user-supplied JSON payloads without validating content, checking authorization, or verifying the safety of requested configuration changes. This vulnerability is tracked as CVE-2026-5756. Impact Exploitation could allow an attacker to exfiltrate student data by overwriting storage configuration values or credentials so that test artifacts, responses, or audio recordings are sent to attacker-controlled external services instead of intended DRC-managed destinations. An attacker could also intercept or manipulate outbound traffic by inserting a malicious httpsProxy setting, causing HTTPS
We’re open-sourcing Trailmark , a library that parses source code into a queryable call graph of functions, classes, call relationships, and semantic metadata, then exposes that graph through a Python API that Claude skills can call directly. Install it now: uv pip install trailmark “Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.” John Lambert’s widely cited observation about network security applies just as well to AI-assisted software analysis. When Claude reasons about a codebase, it reasons about lists: findings from static analyzers, surviving mutants from mutation testing, and line-by-line coverage reports. But the question that actually matters is a graph question: can untrusted input reach this code, and what breaks if it’s wrong? We built Trailmark to answer that question. It gives Claude a graph to think with instead of a list. We’re also releasing eight Claude Code skills we’ve built on top of it, designed for mutation triage, test vector generation, protocol diagramming, and more. When lists fall short Mutation testing is a great example of a method that benefits from graph-level reasoning. It’s one of the best ways to measure test quality. It makes small changes to your source code (e.g., swapping a < for <= , replacing + with - ) and checks whether your tests cat
Wednesday, April 22
One group of hackers used AI for everything from vibe coding their malware to creating fake company websites—and stole as much as $12 million in three months.
Key Takeaways We identified an exposed server that provided unusual visibility into a large-scale, multi-victim exploitation and collection operation. Artifacts on the host showed that Claude Code and OpenClaw were embedded in the operator’s day-to-day workflow, supporting troubleshooting, orchestration, and refinement of the collection pipeline. This AI-assisted workflow resulted in the modular platform Bissa scanner […] The post Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting appeared first on The DFIR Report .
Overview Ollama’s model quantization engine contains a vulnerability that allows an attacker with access to the model upload interface to read and potentially exfiltrate heap memory from the server. This issue may lead to unintended behavior, including unauthorized access to sensitive data and, in some cases, broader system compromise. Description Ollama is an open-source tool designed to run large language models (LLMs) locally on personal systems, including macOS, Windows, and Linux. Ollama supports model quantization, an optimization technique that reduces the numerical precision used in models to improve performance and efficiency. An out-of-bounds heap read/write vulnerability has been identified in Ollama’s model processing engine. By uploading a specially crafted GPT-Generated Unified Format (GGUF) file and triggering the quantization process, an attacker can cause the server to read beyond intended memory boundaries and write the leaked data into a new model layer. CVE-2026-5757: Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence. The vulnerability is caused by three combined factors: No Bounds Checking: The quantization engine trusts tensor metadata (like element count) from the user-supplied GGUF file header without verifying it against the actual size of the provided data. Unsafe Memory Access: Go's unsafe.Slice is used to create a memory slice based on the attacker-controlled element count, which can extend far beyond the legitimate data buffer and into the application's heap. &
Rust Workers run on the Cloudflare Workers platform by compiling Rust to WebAssembly, but as we’ve found, WebAssembly has some sharp edges. When things go wrong with a panic or an unexpected abort, the runtime can be left in an undefined state. For users of Rust Workers, panics were historically fatal, poisoning the instance and possibly even bricking the Worker for a period of time. While we were able to detect and mitigate these issues, there remained a small chance that a Rust Worker would unexpectedly fail and cause other requests to fail along with it. An unhandled Rust abort in a Worker affecting one request might escalate into a broader failure affecting sibling requests or even continue to affect new incoming requests. The root cause of this was in wasm-bindgen, the core project that generates the Rust-to-JavaScript bindings Rust Workers depend on, and its lack of built-in recovery semantics. In this post, we’ll share how the latest version of Rust Workers handles comprehensive Wasm error recovery that solves this abort-induced sandbox poisoning. This work has been contributed back into wasm-bindgen as part of our collaboration within the wasm-bindgen organization formed last year . First with panic=unwind support, which ensures that a single failed request never poisons other requests, and then with abort recovery mechanisms that guarantee Rust code on Wasm can never re-execute after an abort. Initial recovery mitigations Our initial attempts to address reliability in this area focused on understanding and containing failures caused by Rust panics and aborts in producti
Rental platform unnecessarily collected the data of millions of Australians, privacy commissioner finds
2Apply’s over-collection of personal information adds to the power of the real estate industry in the competitive rental market, Carly Kind says Follow our Australia news live blog for latest updates Get our breaking news email , free app or daily news podcast An online rental platform has been urged to stop collecting users’ personal information after the Australian privacy commissioner found the gathering of “excessive” data compounded the vulnerability of tenants amid the housing crisis. RentTech platforms are increasingly used by real estate agents in Australia for people applying for rental properties to submit applications and supporting documentation . The Australian Housing and Urban Research Institute has identified 57 different rent platforms operating in Australia. Continue reading...
How Security Teams Are Really Using Agentic AI Security leaders aren’t waiting to see how agentic AI plays out. They’re already betting on it, and they’ve developed strong opinions about what separates a real penetration testing solution from a rebranded scanner or other DAST tools. In fact, recent research from Fortune and Lightspeed Ventures shows […] The post The New Standard: Why 64% of Firms Prefer Human-Validated AI Pentesting appeared first on Synack .
Tuesday, April 21
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Looking back at this milestone video, it's the audience question towards the end I liked most: "are you happy"? Charlotte and I have chosen a path that's non-traditional, intense and at times, pretty stressful. There's no clear delineation of when work starts and ends, no holidays where we don't work, nor weekends, birthdays or Christmases. But we do so on our terms. It gives us a life of means and choices, one with excitement and adventure, and, above all, one with purpose, where we feel like we're doing something that makes a meaningful difference. I hope you enjoy this week's video, it's more personal than usual, but yeah, that's kinda what you do at milestones