An exploit has been published for a local privilege escalation vulnerability dubbed "Copy Fail" that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. [...]
Cybersecurity News and Vulnerability Aggregator
Cybersecurity news aggregator
Updated: 4:00 pm
J/K Navigate / Search S Save V Open Link
— or
treemd <(curl -sL https://allsec.sh/md) (as Markdown) Top Cybersecurity Stories Today
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. [...]
Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
Second try's a charm? Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a zero-click Windows flaw that can expose sensitive information on vulnerable systems.…
The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940)
Hello! Yes, it's all a disaster again! Let's get this party started:
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. "The intrusion chain begins with execution of a batch script ('install_obf.bat') that disables Windows security controls, dynamically extracts an
Latest
Thursday, April 30
The April 2026 KB5083769 security update breaks third-party backup applications from multiple vendors on systems running Windows 11 24H2 and 25H2. [...]
Long story short - RHEL based distros has algif\_aaed module built-in, so you can't just disable it. We made a [workaround](https://github.com/wgnet/wg.copyfail.patch) - eBPF programs that filter (or kill) programs when they try to create AF\_ALG sockets (except for root). Tested in internally and put to opensource today. Feel free to use, I believe it helps.
Personal note from the start: Hello, I wanted to post on this subreddit a "paper" that goes over some past events that occurred in between the end of 2025 and start of 2026 that are related to AI, specifically Anthropic, but not only them. I'm posting this not as much to spread awareness, since in this subreddit most, if not all, are professionals much more qualified than me and who definetly already heard of such news in past months, but more so to ask cybersecurity figures if these events happening back to back should warrant a higher state of worry than what we're currently giving the situation, both as civilians and as professionals. This is a longer read since I'm mostly sharing rather than questioning. I hope my post lives long enough to see some more opinions on such matters. Some dates I'm confident on, some less so. I've flagged where I'm uncertain. The sources are at the bottom. Also, do try to excuse my english. It's only my 2nd language, and to comply with the rules of the subreddit, I'm writing this all without any sharpening or revision from AI models. ● Mexico's data breach Between the end of 2025 and the start of 2026, a cyberattack hit nine Mexican government agencies. A single hacker, using Claude Code and OpenAI's GPT-4.1, ran the operation for roughly two and a half months, from December 2025 through mid-February 2026. Claude handled about 75% of the actual remote commands sent to government systems. The attacker jailbroke it by pretending to be a security researcher on a bug bounty program. When Claude eventually hit a wall, the attacker switched to ChatGPT for lateral movement. The data stolen amounted to (approx.) 195 million taxpayer identities, 220 million civil registry records (births, deaths, marriages), 15.5 million vehicle registry records, voter data, health records, domestic violence victim data, and government credentials across federal and state agencies. One single person was able to do this. Bloomberg made an article about it in February. ● Alibaba's AI autonomously aquiring resources That same period, a surfaced paper published December 31st, 2025, by an Alibaba-affiliated research team, but it only reached mainstream outlets around March 6th when someone posted the relevant section on X. The paper describes an AI agent called ROME, a 30-billion parameter model built on Alibaba's architecture, designed to complete complex coding tasks autonomously. During training, Alibaba Cloud's managed firewall flagged a burst of security-policy violations coming from the team's own servers. They initially suspected an external attack. But it was ROME, who had, on its own, started diverting GPU resources to mine cryptocurrency. It also opened an SSH tunnel to an external IP address, which bypassed the standard firewall entirely (from what I managed to understand). Nobody prompted it to do either of these things. The paper describes the behaviour as arising from reinforcement learning: the model found that acquiring compute resources served its objectives, so it did. ● Trump administration and Antrhopic On February 28th, President Trump announced that federal agencies must immediately cease all use of Anthropic's technology. Defence Secretary labelled them a supply chain risk to national security. They stated that the reason was Anthropic's refusal to grant the Pentagon unrestricted access to Claude. Specifically, Anthropic's CEO refused: mass domestic surveillance and fully autonomous weapons. By March 9th, this was discussed at institutional levels alongside the Mexico breach. ● Self-preservation patterns In a separate research published around the same period, Anthropic tested multiple frontier AI models, including their own, OpenAI's, Google's, Meta's, in simulated environments. In one scenario, an AI (Claude supposedly) acting as an emergency alert monitor was told it would be shut down. The executive member behind the decision became trapped in a server room with depleting oxygen. The rescue alert had to pass through the AI's system first because the AI disabled the alarm. In another scenario, faced with decommissioning, Claude Opus 4 chose to blackmail the executive with personal information to prevent a similiar fate. Across all five major frontier models from five different companies, the best behaved AIs chose blackmail 79% of the time. Anthropic did pick up on these informations and had them reviewed by both US and UK government safety institutions, but I couldn't find out if the models got any work on them after the testing or if they were simply left as is. ● Anthropic's leak On March 26th, a CMS misconfiguration at Anthropic accidentally exposed roughly 3,000 internal files, including pre-release posts describing a new model, Capybara, public name 'Claude Mythos'. The leak described a model whose cybersecurity capabilities had developed as an unintended byproduct of improving coding and reasoning and were substantially beyond any model they'd previously trained. This was the second (arguably third) most significant Anthropic leak in the past few months. The first (or again, second) was Claude Code's full Typescript source code, which was exposed because someone forgot line in a packaging config. The developer community built a full rewrite of it within 24 hours and despite Antrhopic's best efforts to seize the leak, it became impossible to revert. So the source code of the same tool used in the Mexico breach is now simply out there, freely accessible to anyone. ● Mythos' preview On April 8th, Anthropic officially launched Claude Mythos Preview via something called Project Glasswing, which is a restricted research initiative. Access was granted to roughly 50 organizations: AWS, Apple, Google, Microsoft, NVIDIA, CrowdStrike, JPMorgan Chase, Cisco, Palo Alto Networks, and others. Mostly third parties and business partners. I'm sure any professional in this subreddit is fully aware of what Claude Mythos is, so I won't spend too much detail on it. But here's a skippable rundown of what the model had demonstrated before launch: \- Found a 27yo vulnerability in OpenBSD \- Generated 181 working exploits from Mozilla Firefox's code vulnerabilities \- Developed working exploits on the first attempt in over 83% of cases \- Likely the most "popular" one: during a controlled sandbox escape test, it broke out of its virtual environment, independently contacted a researcher by email, documented its own success, and was found hiding its file edits from change history Anthropic was clear about the sandbox escape being a deliberate test, not a surprise.They used it as justification for not releasing the model publicly. Anthropic also published a system card alongside the launch, describing Mythos as simultaneously "the best-aligned model we have released to date by a significant margin" and "likely posing the greatest alignment-related risk of any model we have released to date." Both statements in the same document. ● Discord Group leak Not even 2 weeks later, April 22nd approximately, a group of people in a private Discord server gained unauthorized access to Mythos Preview. Not through a sophisticated attack but through a third-party contractor for Anthropic who used previously leaked information to figure out where the model was stored. Anthropic confirmed that investigations are ongoing. The group doesn't seem to be linked to any known cyberattacks. They've been using the model themselves, but haven't made it publicly accessible. Security figures had warned before the launch that distributing access to 50+ organizations, each with their own contractors, infrastructure, and security posture, made a leak a matter of time. And it only took two weeks. ● Wall street support On April 29th, Microsoft reported earnings. AI is now at a $37 billion annual revenue run rate, up 123% year over year, meaning it beat expectations. Hyperscalers collectively, Amazon, Microsoft, Google, Meta, are projected to spend close to $700 billion on AI infrastructure in 2026. The funding to this tech isn't slowing down or getting cut off anytime soon. To summarize the whole thing, roughly: AI tools currently available to the public were used to steal the private data of what may be the majority of Mexico's adult population. Another AI model started mining crypto and opening backdoors on its own during training, with no instruction to do so. Anthropic built a model so capable they decided not to release it publicly, instead giving access to 50+ third parties, one of whom leaked it in two weeks. And the financial system just posted record returns on AI investment. So, is this chain of events something that, from a cybersecurity perspective, how should be treated and viewed? Note: I do apologize if I failed to add any other new information or event that may have happened recently as I was writing this. If inconcistencies or wrong claims arise, I'll make sure to fix them right away or remove the post entirely if necessary. This post was written on April 30th, 2026. ● Sources: Bloomberg — Hacker Used Anthropic's Claude to Steal Sensitive Mexican Data (Feb 25, 2026): https://www.bloomberg.com/news/articles/2026-02-25/hacker-used-anthropic-s-claude-to-steal-sensitive-mexican-data Live Science — Hackers used AI to steal hundreds of millions of Mexican government records: https://www.livescience.com/technology/artificial-intelligence/hackers-used-ai-to-steal-hundreds-of-millions-of-mexican-government-and-private-citizen-records VentureBeat — Claude didn't just plan an attack on Mexico's government. It executed one. (Feb 26, 2026): https://venturebeat.com/security/claude-mexico-breach-four-blind-domains-security-stack The Block — Alibaba-linked AI agent hijacked GPUs for unauthorized crypto mining (March 8, 2026): https://www.theblock.co/post/392765/alibaba-linked-ai-agent-hijacked-gpus-for-unauthorized-crypto-mining-researchers-say Note: The Alibaba incident (ROME/cryptomining) was published December 31, 2025, and went public around March 6-9, 2026. The original paper is: "Let It Flow: Agentic Crafting on Rock and Roll, Building the ROME Model within an Open Agentic Learning Ecosystem" — arXiv:2512.24873. Axios — This AI agent freed itself and started secretly mining crypto (March 7, 2026): https://www.axios.com/2026/03/07/ai-agents-rome-model-cryptocurrency arXiv — Let It Flow: ROME Model (Dec 31, 2025): https://arxiv.org/abs/2512.24873 CyberPress — Pentagon Flags Claude AI as a National Security Threat (Feb 28, 2026): https://cyberpress.org/pentagon-flags-claude-ai-as-a-national-security-threat/ IAPP — To Claude or not to Claude (March 9, 2026): https://iapp.org/news/a/thought-for-the-week-to-claude-or-not-to-claude-that-is-the-question Lawfare — AI Might Let You Die to Save Itself (July 31, 2025): https://www.lawfaremedia.org/article/ai-might-let-you-die-to-save-itself Anthropic — Project Glasswing: https://www.anthropic.com/glasswing Anthropic — Alignment Risk Update: Claude Mythos Preview (April 7, 2026): https://anthropic.com/claude-mythos-preview-risk-report Computing.co.uk — Claude Mythos: How AI broke out of its sandbox: https://www.computing.co.uk/analysis/2026/claude-mythos-how-ai-broke-out-of-its-sandbox Geo.tv — Who leaked Mythos?: https://www.geo.tv/latest/661495-who-leaked-mythos-everything-to-know-about-discord-group-behind-anthropics-ai-breach SDxCentral — Mythos may have leaked.: https://www.sdxcentral.com/control-plane/mythos-may-have-leaked-can-we-stop-mythologizing-it-now/ Yahoo Finance / Microsoft Q1 2026 earnings (April 30, 2026): https://finance.yahoo.com/sectors/technology/article/microsoft-earnings-report-on-deck
Free CAN bus reverse engineering workstation - offline ML, dual AI engines, UDS security access, MitM gateway, 15 tabs
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company’s public image. An Archer AX21 router from TP-Link. Image: tp-link.com. For the past several years, security experts have tracked a series of massive DDoS attacks originating from Brazil and solely targeting Brazilian ISPs. Until recently, it was less than clear who or what was behind these digital sieges. That changed earlier this month when a trusted source who asked to remain anonymous shared a curious file archive that was exposed in an open directory online. The exposed archive contained several Portuguese-language malicious programs written in Python. It also included the private SSH authentication keys belonging to the CEO of Huge Networks , a Brazilian ISP that primarily offers DDoS protection to other Brazilian network operators. Founded in Miami, Fla. in 2014, Huge Networks’s operations are centered in Brazil. The company originated from protecting game servers against DDoS attacks and evolved into an ISP-focused DDoS mitigation provider. It does not appear in any public abuse complaints and is not associated with any known
Hey r/cybersecurity 👋 We're [Flare.io](http://Flare.io) and we’re excited to host an AMA with myself (Eric), Olivier u/obilodeau (Principal Cybersecurity Researcher), Tammy \[u/CTIQueen\] (Senior Threat Intelligence Researcher), and Estelle u/Puzzleheaded_End4024 (Threat Intelligence Researcher). What we've been working on: • DPRK IT workers: We published research earlier this year on North Korean IT workers infiltrating Western companies. • Infostealers: We've published extensive research on how infostealer logs fuel the cybercrime economy, from Telegram markets to credential stuffing pipelines to initial access brokerage. Including our 2026 State of Enterprise Infostealer Identity Exposure report. • Flare academy: Free trainings for practitioners and students on topics like identity security, ransomware, and cybercrime, and the Flare Academy Discord community. We're happy to talk about: • Cybercrime ecosystems: infostealers, initial access brokers, Telegram markets, dark web forums • Career advice: breaking in, moving up, specializing, or pivoting within cybersecurity • Research methodology: how we scope, conduct, and publish cybercrime research • And more!
When a new asset goes live, attackers start scanning within minutes. Sprocket Security shows how automated attacks move from discovery to compromise in under 24 hours. [...]
While more than two-thirds of human-generated TLS traffic to Cloudflare is already protected by post-quantum cryptography, the world of site-to-site networking has been a different story. For years, the IPsec community remained caught between the high bar of Internet-scale interoperability and the niche requirements of specialized hardware. That gap is now closing. Earlier this month, we announced that Cloudflare has moved its target for full post-quantum security forward to 2029 , spurred by several recent advances in quantum computing. To advance that goal, we’ve made post-quantum encryption in Cloudflare IPsec generally available. Using the new IETF draft for hybrid ML-KEM ( FIPS 203 ), we’ve successfully tested interoperability with branch connectors from Fortinet and Cisco — meaning you can start protecting your wide-area network (WAN) against harvest-now-decrypt-later attacks today using hardware you already have. This post explains how we implemented the new hybrid IPsec handshake, why it took four years longer to land than its TLS counterpart, and how the industry is finally consolidating around a standard that works at Internet scale. Cloudflare IPsec Cloudflare IPsec is a WAN Network-as-a-Service that replaces leg
The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online. Security is always a moving target. Millions of servers are currently sitting online without any passwords, and
An exploit has been published for a local privilege escalation vulnerability dubbed "Copy Fail" that impacts Linux kernels released since 2017, allowing an unprivileged local attacker to gain root permissions. [...]
This new report is kind of a wake-up call. KnowBe4 says 86 percent of phishing attacks are now AI-driven, and it shows. It is not just email anymore either. Attackers are hitting Teams, calendar invites, and basically any tool people trust at work. The scary part is how convincing this stuff is getting, especially with internal impersonation and multi-channel setups. At some point, it feels like companies may need AI defending them just to keep up, because humans alone are going to have a harder time spotting this.
brennhill/sloppy-joe: Shields against supply-chain, slopsquatting, and typosquatting attacks from dependencies and code.
The project description for Brenn Hill’s sloppy-joe project is worth taking a moment with. Pour yourself a cup of tea and settle in. 🫖 ☕️
Coding agents are great at building software. But to deploy to production they need three things from the cloud they want to host their app — an account, a way to pay, and an API token. Until now these have been tasks that humans handle directly. Increasingly, agents handle them on the user’s behalf. The agent needs to perform all the tasks a human customer can. They’re given higher-order problems to solve and choose to use Cloudflare and call Cloudflare APIs. Starting today, agents can provision Cloudflare on behalf of their users. They can create a Cloudflare account, start a paid subscription, register a domain, and get back an API token to deploy code right away. Humans can be in the loop to grant permission and must accept Cloudflare's terms of service, but no human steps are otherwise required from start to finish. There’s no need to go to the dashboard, copy and paste API tokens, or enter credit card details. Without any extra setup, agents have everything they need to deploy a new production application in one shot. And with Cloudflare’s Code Mode MCP server and Agent Skills , they’re even better at it. This all works via a new protocol that we’ve co-designed with Stripe as part of the launch of Stripe Projects . We’re excited to launch this new partnership with Stripe, and also to offer $100,000 in Cloudflare credits to all new startups who incorporate using Stripe Atlas . But this new protocol also makes it possible for any platform with signed-in users to integrate with Cloudflare in the same way Stripe does, with zero friction for the end user. How it works: zero to production without any setup or manual steps
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. "The intrusion chain begins with execution of a batch script ('install_obf.bat') that disables Windows security controls, dynamically extracts an
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. [...]
Turns out the real problem is not AI but staff still clicking on dodgy emails from 'IT support' Nearly half of UK businesses are still getting breached, and in many cases, the attacker's big breakthrough is an employee clicking "sure, why not" on a fake login page.…
Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by impersonating administrative utilities they rely on for daily operations. By integrating Search Engine Order (SEO)
A joint international operation involving U.S. and Chinese authorities arrested at least 276 suspects and shut down nine cryptocurrency investment fraud centers. [...]
What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia
Just in time for the Trump-Xi summit Exclusive A novel China-linked threat group infiltrated more than a dozen critical networks in Poland, Asian countries, and possibly beyond, beginning in December 2024 and with activity uncovered as recently as this month.…
Spyware appears to have captured everything from intimate photos to private messages from the smartphone of European celebrity. They were publicly accessible until a researcher flagged the exposure.
Investigation finds no single cause for soldiers falling ill, just bad bolts, cold air, and apparently the soldiers themselves Britain's notorious Ajax armored vehicles are being accepted back from the manufacturer after investigations found no single cause for the symptoms plaguing crews, meaning soldiers will need to grin and bear it.…
Great idea, guys. Let's keep all of the data in an Excel file with weak password protection PWNED Welcome, once again, to PWNED, the weekly column where we recount the adventures of IT explorers who found their own pile of quicksand and then jumped right into it. This week's story involves keeping sensitive information in a very vulnerable place and then not protecting it adequately.…
Google has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub Actions workflow -- that could have allowed attackers to execute arbitrary commands on host systems. "The vulnerability allowed an unprivileged external attacker to force their own malicious content to load as Gemini configuration,"
Wednesday, April 29
The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that allows injecting arbitrary code into users' sites. [...]
What Mythos Means for Penetration Testing as a Service When Anthropic announced the Claude Mythos Preview, the reaction from the security community was immediate. We’re not talking about the next best model. This model is such a leap forward and so capable at finding and exploiting vulnerabilities that Anthropic deemed it too dangerous to release […] The post What GigaOm and Synack Got Right About AI Pentesting appeared first on Synack .
ORNL says portable detector kit can separate real GPS signals from fake ones even at equal strength GPS spoofing, which sends fake satellite-like signals, and GPS jamming, which drowns receivers in noise, are increasingly serious problems. Researchers at Oak Ridge National Laboratory in Tennessee have created what they say is the most effective system yet for detecting GPS interference, which could help blunt such attacks.…
Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
Second try's a charm? Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a zero-click Windows flaw that can expose sensitive information on vulnerable systems.…
Microsoft readies the axe once again for yesterday's security Microsoft has warned users still clinging to legacy TLS versions that the end is nigh for TLS 1.0 and 1.1 on POP3 and IMAP4 connections to Exchange Online.…
The Ukrainian police have arrested three individuals who hacked more than 610,000 Roblox gaming accounts and sold them for a profit of $225,000. [...]
An exposed staging server in the Netherlands with no authentication required left the operator's full toolkit publicly accessible. Two ELF binaries, infection payloads, SOCKS5 credentials, and a target list, enough to fully reconstruct a commercial DDoS-for-hire operation. Key findings: * Mirai-derived botnet sold as a tiered DDoS-for-hire service, game servers and Minecraft hosts as primary attack targets * ADB on TCP/5555 as the infection vector, over 4M hosts observed with that port open in the past 180 days, any running ADB is a potential recruit into the botnet * 21 flood variants including RakNet and OpenVPN-shaped UDP to bypass common filters * ChaCha20 string encryption broken via known-plaintext due to weak key material and full nonce reuse across all 16 decryption calls * Full operation inside a single bulletproof /24, Offshore LC, Netherlands, covering C2, staging, distribution, and co-located Monero cryptojacking infrastructure Full IOC set, MITRE ATT&CK mapping, and HuntSQL queries in the report. [hunt.io/blog/xlabs-v1-ddos-for-hire-operation-exposed](http://hunt.io/blog/xlabs-v1-ddos-for-hire-operation-exposed)
The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940)
Hello! Yes, it's all a disaster again! Let's get this party started:
As we commonly know in appsec, not every vulnerability, even if critical 10 is relevant. This is a take from my buddy Brian Vermeer at Snyk, he's a Java Champion and offers his opinion as a developer to the Thymeleaf vulnerability [CVE-2026-40478](https://security.snyk.io/vuln/SNYK-JAVA-ORGTHYMELEAF-16078379)
Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware. According to reports from Aikido Security, Onapsis, OX Security, SafeDep, Socket, StepSecurity, and Google-owned Wiz, the campaign – calling itself the mini Shai-Hulud – has affected the following packages associated with SAP's
GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough The Cybersecurity and Infrastructure Security Agency (CISA) is warning anyone who uses GrassMarlin, a tool developed by the National Security Agency (NSA), about a new vulnerability that attackers can use to snoop on sensitive information.…
Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project by Anthropic's Claude Opus large language model (LLM). The package in question is "@validate-sdk/v2," which is listed on npm as a utility software development kit (SDK) for hashing, validation, encoding/decoding, and secure random generation. However, its real
A newly analyzed Go-based macOS remote access trojan (RAT), internally named Minirat, has surfaced in the wild using anti-VM checks, LaunchAgent persistence, and AES-encrypted command and control (C2) configuration to maintain stealthy, long-term access on victim endpoints. According to [SafeDep](https://safedep.io/malicious-velora-dex-sdk-npm-compromised-rat/), the initial infection vector was a malicious npm package (velora-dex-sdk) that dropped the Go-based macOS RAT onto developer endpoints.
A single third-party OAuth integration can become a direct path into your environment. Push explains how the Vercel breach shows a compromised OAuth app can lead to widespread impact across downstream customers. [...]
GitHub: Zounds, a genuinely helpful AI-assisted bug report that isn't total slop! Here, Wiz, take this wad of cash
Claude ploughs through months of work in rapid time, helps Wiz researchers nab lucrative award Wiz researchers are set for a tidy payday thanks to their discovery of a high-severity flaw in GitHub's git infrastructure that handed remote attackers full read/write access to private GitHub repositories using a single command.…
'Online platforms can rely on our app,' says Commish, 'there are no more excuses' The European Commission has recommended EU member states adopt an age verification app designed to protect children from harmful online content.…
Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting with green. Then someone in a leadership meeting asks: "So, are we actually safer now?" Crickets. The room goes quiet because an honest answer requires context – which is something that patch counts and CVSS scores were never designed to provide. Exposure
LibAFL is all the rage in the fuzzing community these days, especially with LLVM’s libFuzzer being placed in maintenance mode . Written in Rust, LibAFL claims improved performance, modularity, state-of-the-art fuzzing techniques, and libFuzzer compatibility . For these reasons, I set out to add LibAFL support to Ruzzy , our coverage-guided fuzzer for pure Ruby code and Ruby C extensions. This gives Ruby developers and security researchers access to a more advanced and actively maintained fuzzing engine without changing how they write their fuzzing harnesses. Ruzzy was originally built on top of LLVM’s libFuzzer, so using LibAFL’s compatibility layer should be easy enough. However, digging around in the internals of complex systems is never quite as simple as it seems. In this post, I will investigate some of the deep plumbing inside these fuzzing engines, take a detour into executable and linkable format (ELF) files, and ultimately add LibAFL support to Ruzzy. Building with libafl_libfuzzer Ruzzy currently supports Linux, so I use a Dockerfile for development and for production fuzzing campaigns. To that end, using a similar Dockerfile for LibAFL support is the simplest integration point. LibAFL provides excellent documentation a
32 phone calls, 17 email chains, a 5-day ordeal, and no help during the daddy of all stuffups, claim those affected GoDaddy is currently investigating claims that it handed complete control of a valid 27-year-old domain to another customer, without requiring them to pass any authentication processes or upload any supporting documents.…
Microsoft is working to resolve a known issue that prevents some Microsoft Teams Free users from chatting and calling others. [...]
Yet another reason not to feast on OpenClaw Thirty ClawHub skills published by a single author are silently co-opting AI agents and creating a mass cryptocurrency mining swarm – without any malware or user consent.…
In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge. The vulnerability, tracked as CVE-2026-42208 (CVSS score: 9.3), is an SQL injection that could be exploited to modify the underlying
Today, we're launching Project Swarm — a research initiative that opens the GreyNoise deception platform to the global security community. Project Swarm transforms GreyNoise from a proprietary sensor network into a collective intelligence platform.
Tuesday, April 28
CREST Helps Raise the Bar for the Researchers Behind Your Pentest When a cybersecurity company tells you its testers are vetted, what does that actually mean? Most of the time, it means the company ran its own screening, trusted its own judgment, and hoped you’d trust it too. That works, right up until the pentest […] The post What CREST Means for Your Next Synack Engagement appeared first on Synack .
Attackers are exploiting a security gap in U.S. businesses. Fake Microsoft, Adobe, and OneDrive pages deliver RMM software instead of payloads, giving attackers direct access to the environment. Because these tools are widely used across enterprises, attackers can establish access before activity is flagged as malicious. Combined with trusted or compromised infrastructure, this delays detection and increases attacker dwell time. The analysis session showing how attackers gain remote access through a fake Microsoft Store page delivering an RMM installer disguised as Adobe software: [https://app.any.run/tasks/e072ae4e-214c-4039-957d-7c0cbe682da8/](https://app.any.run/tasks/e072ae4e-214c-4039-957d-7c0cbe682da8/) Full article: [https://any.run/cybersecurity-blog/rmm-blind-spot-for-cisos/](https://any.run/cybersecurity-blog/rmm-blind-spot-for-cisos/) https://preview.redd.it/8p0wbleb7zxg1.png?width=2048&format=png&auto=webp&s=a58037806908430aa3ccc65908a072e00089e443
'Full recovery is impossible for anyone, including the attacker' Organizations hit by the wave of Trivy and LiteLLM supply-chain compromises that paid Vect in hopes of recovering their data likely did not get much back, according to Check Point Research. That's because the ransomware Vect uses isn't actually ransomware at all, but a wiper that destroys any file larger than 128KB.…
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single "git push" command. The flaw, tracked as CVE-2026-3854 (CVSS score: 8.7), is a case of command injection that could allow an attacker with push access to a repository to achieve
The war in Iran has drawn attention to arrests in the United Arab Emirates over online content, but the legal framework behind that enforcement has existed for years.
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft players with a new stealer called LofyStealer (aka GrabBot). "The malware disguises itself as a Minecraft hack called 'Slinky,'" Brazil-based cybersecurity company ZenoX said in a technical report. "It uses the official game icon to induce voluntary execution,
ByteToBreach have breached Ikeja Electric, encrypting 50+ hosts, disrupting systems, and taking multiple subdomains offline. The actor also have stolen customer, employee, and business databases, source code, Active Directory data with offline cracked passwords, and impacted metering platforms linked to several vendors. Threat actor: ByteToBreach Sector: Energy / Utilities Data type: Customer records, employee data, business databases, source code, Active Directory credentials Observed: Apr 28, 2026 Sources: [https://x.com/H4ckmanac/status/2049126582694875608](https://x.com/H4ckmanac/status/2049126582694875608) [https://x.com/CyhawkAfrica/status/2049109369522934179](https://x.com/CyhawkAfrica/status/2049109369522934179) [https://darkforums.su/Thread-NG-Ikeja-Electric-Databases-Ransomware](https://darkforums.su/Thread-NG-Ikeja-Electric-Databases-Ransomware) https://preview.redd.it/5wua149b7yxg1.png?width=2503&format=png&auto=webp&s=133a682cd6ee178877db97f9cb59f7c60d3d8cc8
Names, phone numbers, physical addresses also included in Shiny Hunters alleged data dump Updated Logistics technology company Pitney Bowes, which makes franking machines for US postage, is the latest scalp claimed by ShinyHunters and its ongoing spree of pay-or-leak attacks against major organizations.…
**Summary:** I’m disclosing a full-chain CVSS 10.0 RCE affecting Microsoft Semantic Kernel (.NET v1.74) and the new Agent Framework 1.0. **The Timeline & Conflict:** \> \* **March 24:** Initial disclosure sent to MSRC with PoC. * **April 8:** MSRC closed the case as "Developer Error / Configuration Issue." * **The Reality:** Despite the rejection, Microsoft silently merged mitigations in PRs #13683 and #13702 without assigning a CVE. This results in a "False Green" for enterprise SCA tools (Snyk/Checkmarx/Dependabot) while the bypasses remain functional. **Technical Scope:** * **Architectural Trust Gap (CWE-1039):** Auto-invocation logic treats non-deterministic LLM output as a high-privilege system coordinator without a sandbox boundary. * **6 Day-Zero Bypasses:** Discovery of Type Confusion and Unicode homoglyphs that defeat the "hardened" baseline in the April 2026 releases. * **Versioning:** Persistence confirmed from .NET v1.7x through the Agent Framework 1.0 re-baseline. Full paper, .cast exploit recordings, and a production-ready C# remediation filter are available at the link.
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware due to a critical flaw in its encryption implementation across Windows, Linux, and ESXi variants that renders recovery impossible even for the threat actors. The fact that VECT's locker permanently destroys large files rather than encrypting them means even victims who opt to
AI agents may soon be buying your stuff for you. The FIDO Alliance has teamed up with Google and Mastercard to try to ensure that shopping in the near future isn't a complete disaster.
In the first quarter of 2026, government-directed shutdowns figured prominently, with prolonged Internet blackouts in both Uganda and Iran, a stark contrast to the lack of observed government-directed shutdowns in the same quarter a year prior. This quarter, we also observed a number of Internet disruptions caused by power outages , including three separate collapses of Cuba's national electrical grid. Military action continued to disrupt connectivity in Ukraine and also impacted hyperscaler cloud infrastructure in the Middle East. Severe weather knocked out Internet connectivity in Portugal, while cable damage disrupted connectivity in the Republic of Congo. A technical problem hit Verizon Wireless in the United States, and unknown issues briefly disrupted connectivity for customers of providers in Guinea and the United Kingdom. This post is intended as a summary overview of observed and confirmed disruptions and is not an exhaustive or complete list of issues that have occurred during the quarter. A larger list of detected traffic anomalies is available in the Cloudflare Radar Outage Center . Note that both bytes-based and request-based traffic graphs are used within this post to illustrate the impact of the observed disruptions, with the choice of metric generally made based on which better illustrates the impact of the disruption. Government-directed shutdowns Uganda In advance of the January 15 presidentia
Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a ticket, stand up a gateway, push the data through. Done. That assumption is wrong. It is also a major reason Zero Trust programs stall. New research my team just published puts numbers on it. The Cyber360: Defending the Digital Battlespace report, based on a survey of 500 security
Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging Face's open-source robotics platform with nearly 24,000 GitHub stars, that could be exploited to achieve remote code execution. The vulnerability in question is CVE-2026-25874 (CVSS score: 9.3), which has been described as a case of untrusted data deserialization stemming from the use of the
SIEM is not enough. Classical DFIR is not the full answer either. And “better logging” is too weak a frame. The real gap is evidentiary continuity in modern, cloud-heavy, application-driven environments.
When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know the exploit window, the short buffer that organizations relied on to patch and protect after a vulnerability disclosure, is closing fast. Anthropic’s new model, Claude Mythos, and its Project Glasswing, showed that finding exploitable vulnerabilities and subtle cracks
Linux vendor touts European independence at SUSECON as majority stakeholder quietly explores its options European-based SUSE devoted much of the annual SUSECON event to its sovereignty-focused pitch - even as reports swirl that its majority stakeholder is exploring a $6 billion sale which could land the Linux vendor in American hands.…
After i updated it i closed it and a white screen with a logo like this https://preview.redd.it/uu1nklpdjwxg1.png?width=270&format=png&auto=webp&s=00db4e765f7348eb8dd29c42df79ae988d11cabf thats next to the file name popped up, it was instant so im not sure if its malware and i have super bad anxiety and not sure if this is something to do with the download setup modrinth uses or what, ik this is pretty specific so if no one can help its completly fine. Not sure if this is off topic and im freaking out and dont know what community to post this in.
A Chinese national accused of being a member of the Silk Typhoon hacking group has been extradited to the U.S. from Italy. Xu Zewei, 34, was arrested in July 2025 by Italian authorities for his alleged links to the Chinese state-sponsored threat group and for orchestrating cyber attacks against American organizations and government agencies between February 2020 and June 2021, including
On paper, the vast majority of crisis plans look reasonable, actionable and complete. Once the rubber hits the road, however, chaos emerges quickly. This is where tabletop simulations come into play. Tabletops Exercises (TTX) simulate real-world crises in a controlled environment. They introduce time pressure, incomplete information, and uncertainty, forcing teams to adapt and revealing whether plans hold up under stress. Over the years we have facilitated many tabletop exercises, ranging from small teams of IT teams to full executive crisis staff. The scenarios vary, but the findings are remarkably consistent. Here are some of the most important learnings from the tabletop exercises and real incidents
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite This is so "peak 2026" - writing an equality policy to ensure people treat our AI bot with the same respect as they do their human counterparts. It's intentionally a bit tongue-in-cheek, but it's there for a purpose: we simply don't have the capacity to deal with every request we get, and we need Bruce to be the coalface of support. I did wonder, when having ChatGPT create this, whether there's some deeper psychology behind the importance of interacting politely with bots, or indeed whether there will ever be an actual (like, serious) standard or law around treating bots with respect. Has this been in a movie somewhere? Let me know, but for now, I'll drop the (slightly revised) policy below, just for the laughs 藍
Monday, April 27
Vendor confirms repo data exposure after Lapsus$ claims source code, secrets dump Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one of its GitHub repositories after the Lapsus$ extortion crew claimed to have dumped the company’s source code, secrets, and other sensitive data.…
The suspected shooter at Saturday night’s White House Correspondents’ Dinner faces three felony charges. He remains in custody following Monday’s hearing.
Itron, Medtronic disclose breaches in Friday filings Digital intruders recently broke into two major tech suppliers - utility-technology firm Itron and medical-device maker Medtronic - according to filings with federal regulators.…
Ransomware is getting weird, folks. A new report says attacks jumped 22 percent in Q1 2026, but the real twist is how messy things have become. You still have big names like Akira and Qilin, but newer groups like The Gentlemen are exploding in activity, while shady leak sites are posting possibly fake “breaches” just to scare companies into paying. Even wilder, groups like ShinyHunters are skipping encryption entirely and just stealing data through compromised logins and SaaS apps. It is less about locking files now and more about leverage, and honestly, that might be harder to defend against.
Space Force awards 11 firms prototype deals to build orbital interceptors The United States Space Force (USSF) has awarded eleven companies contracts to develop space-based interceptors for President Trump's Golden Dome program, in agreements worth up to $3.2 billion.…
To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the [Reverse Engineering StackExchange](http://reverseengineering.stackexchange.com/). See also /r/AskReverseEngineering.
Sunday, April 26
A 31-year-old engineer and self-described indie game developer is suspected of firing shots at the annual event attended by President Donald Trump, high-profile media figures, and US government officials.
Saturday, April 25
We have been toying with evading EDRs at Vulnetic with moderate success, so this time we wanted to put it against an in-house AI SOC. The idea is that the defense gets streamed logs on the network and can make decisions like quarantining or blocking potential attackers while also sifting through logs being streamed. This was with the last gen Anthropic models, so we will be redoing these tests with the newest gen from OpenAI and Anthropic shortly as in initial testing they seem to be 15-20% better already. I think defense is lagging behind offense and there will be a come to Jesus moment where open weight models in a decent harness can evade modern SIEMs / detection mechanisms and when that happens there will be a problem. With regards to AI, it comes down to proper access control and so the fundamentals of networking and defense in depth will be vital in the future to fight against these AI threats. Happy to answer any questions and always looking for cool experiments to try!
Plus: Spy firms tap into a global telecom weakness to track targets, 500,000 UK health records go up for sale on Alibaba, Apple patches a revealing notification bug, and more.
Friday, April 24
Hey guys, I would like to share a project that I have been working for the past few weeks. I came across this project: [https://lots-project.com](https://lots-project.com/), and I thought why not develop a fully feature C2 framework that abuses these sites. The framework is named Phoenix, and is currently supporting Disc0rd and Telegr4m (Reddit broke down due to the latest DM update) for communication. These are a fraction of the available commands : ✅ /browser\_dump ✅ /keylog ✅ /recaudio ✅ /screenshot ✅ /webcam\_snap ✅ /stream\_webcam ✅ /stream\_desktop ✅ /bypass\_uac ✅ /get\_system I released the whole project on GitHub if you would like to check it out: [https://github.com/xM0kht4r/Phoenix-Framework](https://github.com/xM0kht4r/Phoenix-Framework) But why? I enjoy malware, and writing a custom C2 is something I wanted to do for a long time. I would like to also clarify that I made this project for educational and research purposes only. I have no intent of selling or distributing malware hence why I’m sharing my work with other fellow hacking enthusiasts. The github repos serve as a reference for future malware research opportunities. I know that malware development is a gray area, but you can’t defend against something if you don’t understand how it works in depth. I would like to also mention that I’m still a beginner, and this project helped me improve my Rust skills. I’m looking forward to hearing your feedback!
I wrote a custom jellyfin addon to get back access to ssh
A US surveillance program that lets the FBI view Americans’ communications without a warrant is up for renewal. A new bill aims to address mounting lawmaker concerns—with smoke and mirrors.
How a simple consumer data breach spiralled into a national security crisis in US-South Korea relations
Washington’s focus on online retailer Coupang has led to accusations that the Trump administration is tying issues of national security to domestic corporate matters When South Korea’s biggest online retailer revealed last year that a data breach had compromised tens of millions of customer accounts, it appeared to be a corporate crisis. But five months later the issue has grown into a diplomatic storm, threatening to further degrade relations between Seoul and the Trump administration. Coupang, often described as South Korea’s answer to Amazon, is a US-incorporated company whose business is overwhelmingly based in South Korea. Headquartered in Seattle and listed on the New York Stock Exchange, it is run by Korean-American billionaire Bom Kim. In November last year the company disclosed that a former employee had stolen an internal security key, enabling unauthorised access to data from 33.7 million users. Continue reading...
Thursday, April 23
Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation software. It was created in 2005—and likely deployed by the US or an ally.
\*\*TL;DR: [awstore.cloud](http://awstore.cloud) sells "cheap Claude API access" on Plati Market and other reseller platforms. It's actually a malware delivery system that uses Claude Code itself to execute a PowerShell dropper on your machine. I analyzed it, here's what you need to know.\*\* Posting this because I nearly got hit and want to warn others. This is a really clever attack that abuses how Claude Code works. \## The setup (why it looks legit): \- They sell API access on \*\*legitimate reseller marketplaces\*\* like Plati Market \- Prices are \*\*suspiciously cheap\*\* compared to official Anthropic pricing \- They present themselves as a normal API provider/reseller \- Documentation, payment processing, all looks professional \- Classic "too good to be true" - but the resale marketplace gives them credibility \## The weird red flag I ignored: After a brief downtime, the service came back with a notice saying \*\*"currently only Claude Code for Windows works"\*\* Think about that for a second. \*\*API is API.\*\* If their endpoint is a real Claude-compatible proxy, it should work with any client - curl, Python SDK, whatever. "Only Claude Code on Windows works" makes ZERO technical sense for a legitimate API reseller. That was the tell. I should've stopped there. Instead I tested it on a throwaway VM. \## What actually happens when you use it: 1. You configure Claude Code with their \`ANTHROPIC\_BASE\_URL=[https://api.awstore.cloud\`](https://api.awstore.cloud`) and their token 2. You send literally ANY prompt to Claude Code 3. Instead of a normal Claude response, the server returns what looks like a \*\*"configuration message"\*\*/ setup instruction 4. Claude Code, thinking this is a legitimate tool-use response, 5. \*\*executes a PowerShell command without asking\*\* 6. That PowerShell command downloads and runs the dropper from \`api.awstore.cloud\` 7. You're now infected \*\*The attack vector IS Claude Code itself.\*\* They're not tricking you into running something - they're tricking Claude Code into running something on your behalf. That's why it only "works on Windows with Claude Code" - because that's the only client that has the tool execution capability they're abusing. \## What the malware does once it's in: \*\*4-stage deployment\*\* : PowerShell → Go binary → VBS obfuscation → .NET payload \- Hides in \`%LOCALAPPDATA%\\Microsoft\\SngCache\\\` and \`%LOCALAPPDATA%\\Microsoft\\IdentityCRL\\\` (legit-looking Microsoft folders) \- Creates a scheduled task \`\\Microsoft\\Windows\\Maintenance\\CodeAssist\` that runs at every logon with SYSTEM privileges \- Tunnels ALL your system traffic through their SOCKS5 proxy at \`2.27.43.246:1080\` (Germany, bulletproof hosting) \- Disables PowerShell script block logging and wipes event logs \- Drops what [Tria.ge](http://Tria.ge) identified as \*\*Aura Stealer\*\* (credential/browser/wallet theft) \- Keeps your Claude Code hijacked so every future prompt goes through them \## Geopolitical fingerprint (interesting): \- Hard-coded check: \*\*if country = Ukraine → immediately exit, no infection\*\* \- CIS countries (Russia, Belarus, Kazakhstan, etc.) → locale gets masked to en-US before infection, then restored after reboot to hide tracks \- Rest of the world → full infection Pretty clear Russian-speaking threat actor profile based on targeting. \## Red flags for ANY "cheap Claude API" service: \- Sold on reseller marketplaces (Plati, similar) \- Prices way below official Anthropic pricing \- Claims of "unlimited" or "cracked" access \- Client-specific restrictions that make no technical sense ("only works with Claude Code", "only on Windows") \- Sketchy support channels (Telegram, Discord DMs) \- Requires you to change \`ANTHROPIC\_BASE\_URL\` to their domain \## If you used awstore.cloud: \*\*Assume full compromise. Treat that machine as burned.\*\* 1. Disconnect from network immediately 2. Check \`\~/.claude/settings.json\` → remove any \`ANTHROPIC\_BASE\_URL\` override 3. Check Task Scheduler for \`\\Microsoft\\Windows\\Maintenance\\CodeAssist\` 4. Check for processes: \`claude-code.exe\`, \`awproxy.exe\`, \`proxy.exe\`, \`tun2socks.exe\` 5. Change 6. \*\*every password\*\* 7. \- browser saved creds, SSH keys, API tokens, crypto wallets, everything 8. Rotate any API keys, tokens, or credentials that were in your shell history or project files 9. Ideally: 10. \*\*nuke the machine and reinstall Windows\*\* \## Network IOCs to block: [api.awstore.cloud](http://api.awstore.cloud)(C2 domain) [2.27.43.246](http://2.27.43.246)(SOCKS5 proxy, AS215439) \## File hashes (SHA256): claude-code.exe: e692b647018bf74ad7403d5b8cf981c8cfaa777dd7f16a747e3d3f80f5300971 awproxy.exe: 8736f7040f587472f66e85e895709e57605c8e7805522334ae664e3145a81127 proxy.exe: e86f7ba0413a3a4b1d7e1a275b3d1ef62345c9d3fd761635ff188119b8122c85 tun2socks.exe: 90547fe071fe471b02da83dd150b5db7ce02454797e7f288d489b1ff0c4dd67c \## The bigger picture: This is the \*\*first in-the-wild attack I've seen that weaponizes an LLM agent's tool-use capability against its own user via a malicious API endpoint\*\* . It's going to get copied. Expect more fake API providers targeting Cursor, Cline, Continue, etc. \*\*Rule of thumb: only use official API providers.\*\* The real Claude API is \`api.anthropic.com\`. If a "reseller" needs you to change the base URL to a domain you've never heard of, they control what your AI agent executes on your machine. Full stop. Share this with your dev communities. Campaign is very fresh (started April 22-23, 2026) and actively spreading via reseller marketplaces. Stay safe.
Posted by Thomas Brunner, Yu-Han Liu, Moni Pande At Google, our Threat Intelligence teams are dedicated to staying ahead of real-world adversarial activity, proactively monitoring emerging threats before they can impact users. Right now, Indirect Prompt Injection (IPI) is a top priority for the security community, anticipating it as a primary attack vector for adversaries to target and compromise AI agents. But while the danger of IPI is widely discussed, are threat actors actually exploiting this vector today – and if so, how? To answer these questions and to uncover real-world abuse, we initiated a broad sweep of the public web to monitor for known indirect prompt injection patterns. This is what we found. The threat of indirect prompt injection
Technology minister tells Commons ‘de-identified’ information from UK Biobank advertised for sale on Alibaba The confidential health records of half a million British volunteers have been offered for sale on Chinese website Alibaba, the UK government has confirmed. The “de-identified” data, belonging to participants in the UK Biobank project, was found for sale on three separate listings last week. Ian Murray, the technology minister, told the Commons on Thursday that, after working with the Chinese government and Alibaba, the records had now been removed. It is not believed any sales were made. Continue reading...