#hybrid-attack
#hybrid-attack

Software development

Claude Opus wrote a Chrome exploit for $2,283

Russo-Ukrainian War

Sweden blames Russian hackers for attempting 'destructive' cyberattack on thermal plant | TechCrunch

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

Privacy technologies

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

Healthcare

fromBoston.com

Services at Brockton hospital return to normal more than a week after cyberattack

A Brockton hospital resumed normal operations after a cybersecurity incident caused temporary service shutdowns and diverted ambulances.

18 hours ago

Government Can't Win the Cyber War Without the Private Sector

Governments must collaborate with the private sector to effectively manage the growing complexity of cyber threats.

Software development

Claude Opus wrote a Chrome exploit for $2,283

Anthropic withheld its Mythos model due to security concerns, while Opus 4.6 was used to create a functional exploit for Chrome's V8 engine.

Russo-Ukrainian War

Sweden blames Russian hackers for attempting 'destructive' cyberattack on thermal plant | TechCrunch

Russian-linked hackers attempted to disrupt a Swedish thermal power plant, highlighting increasing risks of hybrid attacks beyond cyberspace.

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

Privacy technologies

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

Healthcare

fromBoston.com

Services at Brockton hospital return to normal more than a week after cyberattack

A Brockton hospital resumed normal operations after a cybersecurity incident caused temporary service shutdowns and diverted ambulances.

53 DDoS Domains Taken Down by Law Enforcement

Law enforcement in 21 countries coordinated to disrupt DDoS-for-hire services, resulting in arrests and the takedown of numerous domains.

#north-korea

2 hours ago

US news

Two North Korean IT Worker Scheme Facilitators Jailed in the US

17 hours ago

North Korea targets macOS users in latest heist

North Korean criminals use social engineering and fake software updates to steal Apple users' credentials and cryptocurrency.

2 hours ago

US news

Two North Korean IT Worker Scheme Facilitators Jailed in the US

17 hours ago

North Korea targets macOS users in latest heist

North Korean criminals use social engineering and fake software updates to steal Apple users' credentials and cryptocurrency.

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.

Marketing tech

fromAP News

20 hours ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech companies like Google to enhance their defenses against malicious ads.

Marketing tech

fromSFGATE

20 hours ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.

Marketing tech

fromAP News

20 hours ago

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech companies like Google to enhance their defenses against malicious ads.

Secret Service is embracing new solutions to combat malicious drones, director says

The U.S. Secret Service is adopting kinetic mitigation technologies to counter drone threats for upcoming large-scale events.

Privacy professionals

22 hours ago

Congress Turns Up Pressure on DHS Over Palantir's Role in Immigration Crackdown

Members of Congress demand DHS and ICE disclose details on surveillance tools used in immigration enforcement.

Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure

Sweden's minister for civil defense, Carl-Oskar Bohlin, stated that the cyberattack targeted a heating plant in western Sweden but ultimately failed. He did not provide further details.

Europe news

What "The Pitt" Gets Right About Ransomware and What Hospitals Can't Afford to Ignore

Ransomware incidents in healthcare lead to significant operational fallout, requiring extensive recovery efforts beyond just paying the ransom.

Privacy professionals

As a small business owner, I never expected to pay $100,000 protecting my business from ransomware | Fortune

Ransomware attacks can severely impact small businesses, leading to significant recovery costs despite having cyber insurance.

EU data protection

Autovista blames ransomware for service disruption

Autovista is addressing a ransomware infection affecting its systems in Europe and Australia, prioritizing the secure restoration of impacted applications.

Ransomware Hits Automotive Data Expert Autovista

Autovista is working to restore services after a ransomware attack affected its systems in Europe and Australia.

0APT ransomware gang extorts Krybit amid doxxing threat

0APT threatens to expose Krybit members, highlighting the bizarre rivalry between ransomware gangs.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

Healthcare

What "The Pitt" Gets Right About Ransomware and What Hospitals Can't Afford to Ignore

Ransomware incidents in healthcare lead to significant operational fallout, requiring extensive recovery efforts beyond just paying the ransom.

Privacy professionals

As a small business owner, I never expected to pay $100,000 protecting my business from ransomware | Fortune

Ransomware attacks can severely impact small businesses, leading to significant recovery costs despite having cyber insurance.

EU data protection

Autovista blames ransomware for service disruption

Autovista is addressing a ransomware infection affecting its systems in Europe and Australia, prioritizing the secure restoration of impacted applications.

Ransomware Hits Automotive Data Expert Autovista

Autovista is working to restore services after a ransomware attack affected its systems in Europe and Australia.

0APT ransomware gang extorts Krybit amid doxxing threat

0APT threatens to expose Krybit members, highlighting the bizarre rivalry between ransomware gangs.

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.

more#ransomware

Social media marketing

fromAxios

The first AI-era war is a "slopaganda" battle to control memes

AI-generated content is rapidly spreading propaganda, making it easier for influencers to adopt conspiracy theories.

Artificial intelligence

A retired general's warning: America can't fight the AI arms race on tech it doesn't control | Fortune

The U.S. faces a critical AI arms race affecting military power and national security, highlighted by the Anthropic-Pentagon standoff over AI usage control.

ZionSiphon Malware Targets ICS in Water Facilities

ZionSiphon is a new malware targeting water treatment plants in Israel, designed to manipulate chlorine levels and pressure in these facilities.

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

A new malware campaign targeting Ukrainian healthcare institutions has been identified, utilizing deceptive emails to deliver malicious payloads.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

3 hours ago

ZionSiphon Malware Targets ICS in Water Facilities

ZionSiphon is a new malware targeting water treatment plants in Israel, designed to manipulate chlorine levels and pressure in these facilities.

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

A new malware campaign targeting Ukrainian healthcare institutions has been identified, utilizing deceptive emails to deliver malicious payloads.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

more#malware

EU data protection

fromComputerWeekly.com

19 hours ago

CYBERUK '26: UK lagging on legal protections for cyber pros | Computer Weekly

The outdated Computer Misuse Act hinders UK cyber security innovation and needs urgent reform to protect cyber professionals.

Software development

Security by Design prevents higher bills

Incorporating security during design reduces costs significantly compared to retrofitting security measures after development.

#ai

fromFast Company

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

21 hours ago

Information security

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

Information security

GPT-5.4-Cyber aims to further embed AI in cybersecurity

Information security

Runtime security becomes critical as AI accelerates threats

'Mythos-Ready' Security: CSA Urges CISOs to Prepare for Accelerated AI Threats

Mythos from Anthropic poses a significant threat by accelerating the timeline between vulnerability detection and exploitation in cybersecurity.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

Artificial intelligence

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

21 hours ago

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

OpenAI launched GPT-5.4-Cyber, a cybersecurity AI model, expanding access to verified defenders and enhancing capabilities for vulnerability analysis.

GPT-5.4-Cyber aims to further embed AI in cybersecurity

OpenAI's GPT-5.4-Cyber enhances generative AI for cybersecurity, focusing on defensive applications and providing trusted users with advanced capabilities.

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

'Mythos-Ready' Security: CSA Urges CISOs to Prepare for Accelerated AI Threats

Mythos from Anthropic poses a significant threat by accelerating the timeline between vulnerability detection and exploitation in cybersecurity.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source

Cal is shifting from open source to proprietary licensing due to security risks posed by modern AI tools.

Cursor AI Vulnerability Exposed Developer Devices

A vulnerability in Cursor AI allows attackers to hijack developer machines via malicious repositories without user interaction.

World politics

3 weeks ago

We Are At War

Rising geopolitical tensions are increasingly intertwined with cyber operations and the politicization of technology.

European police email 75,000 people asking them to stop DDoS attacks | TechCrunch

A global law enforcement operation targeted over 75,000 alleged cybercriminals using DDoS-for-hire services, resulting in arrests and domain takedowns.

Triad Nexus Evades Sanctions to Fuel Cybercrime

Triad Nexus is a cybercrime network responsible for over $200 million in losses through scams and money laundering, using various techniques to evade sanctions.

17 hours ago

European police email 75,000 people asking them to stop DDoS attacks | TechCrunch

A global law enforcement operation targeted over 75,000 alleged cybercriminals using DDoS-for-hire services, resulting in arrests and domain takedowns.

Triad Nexus Evades Sanctions to Fuel Cybercrime

Triad Nexus is a cybercrime network responsible for over $200 million in losses through scams and money laundering, using various techniques to evade sanctions.

How CSOs Can Win Board Support for Gunshot Detection Technology

CSOs must effectively frame gunshot detection technology to gain executive support and align it with corporate risk priorities.

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

NIST will only enrich certain cybersecurity vulnerabilities in its database due to a surge in CVE submissions.

'By Design' Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

MCP's architectural flaw allows adversarial takeover of user systems, exposing sensitive data and enabling malware installation.

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A social engineering campaign exploits Obsidian to distribute PHANTOMPULSE trojan targeting financial and cryptocurrency sectors.

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities, including critical flaws in Webex and Identity Services Engine, allowing potential unauthorized access and command execution.

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities, including critical flaws in Webex and Identity Services Engine, allowing potential unauthorized access and command execution.

more#cisco

The New Battleground of Cybersecurity

I've always had what I would consider a hacker mindset, a curiosity to take things apart, understand them, and use that knowledge to solve problems. That mindset took me on a circuitous route into the cybersecurity industry; after being kicked out of high school for hacking computer systems, I worked a range of jobs, managing office supply companies by day and cracking Wi-Fi networks by night until I started a Digital Forensics degree which led me to the world of security research.

Science

World news

fromEmptywheel

Hybrid or Ambiguous, Asymmetric Warfare is Here to Stay

Asymmetric and ambiguous warfare doctrines from China and Russia anticipated cyber and hybrid attacks that the U.S. failed to adequately prepare for.

Server-room lock was nothing but a crock

A security vulnerability allowed unauthorized access to a server room due to a flaw in the two-factor authentication lock.

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

Threat actors are weaponizing n8n to conduct phishing campaigns and deliver malicious payloads through automated emails.

Critical Fortinet sandbox bugs allow auth bypass and RCE

Two critical vulnerabilities in Fortinet's sandbox allow unauthenticated attackers to bypass authentication or execute unauthorized code.

Ancient Excel bug comes out of retirement for active attacks

A 17-year-old critical Excel vulnerability is actively being exploited, prompting CISA to issue a patch deadline for federal agencies.

fromArs Technica

UK gov's Mythos AI tests help separate cybersecurity threat from hype

Mythos outperformed previous models in TLO tests, showing capability in attacking vulnerable systems but still facing limitations in complex scenarios.

ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories

Multiple industrial giants have released new ICS security advisories addressing various vulnerabilities since the last Patch Tuesday.

Cyber Insights 2026: Malware and Cyberattacks in the Age of AI

By mid-2026, at least one major global enterprise will fall to a breach caused or significantly advanced by a fully autonomous agentic AI system.

Artificial intelligence

In the Wake of Anthropic's Mythos, OpenAI Has a New Cybersecurity Model-and Strategy

OpenAI announced GPT-5.4-Cyber, emphasizing cybersecurity safeguards and the need for advanced protections in AI models.

fromAxios

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

In the Wake of Anthropic's Mythos, OpenAI Has a New Cybersecurity Model-and Strategy

OpenAI announced GPT-5.4-Cyber, emphasizing cybersecurity safeguards and the need for advanced protections in AI models.

fromAxios

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

Critical risk findings surged by nearly 400% amid a 52% increase in raw alert volume, driven by AI-assisted development.

#microsoft

fromZero Day Initiative

Zero Day Initiative - The April 2026 Security Update Review

Several critical vulnerabilities in Microsoft products require attention, particularly those related to Office, RDP, Active Directory, and .NET Framework.

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft's Patch Tuesday updates address 165 vulnerabilities, including a critical SharePoint zero-day exploit tracked as CVE-2026-32201.

fromZero Day Initiative

Zero Day Initiative - The April 2026 Security Update Review

Several critical vulnerabilities in Microsoft products require attention, particularly those related to Office, RDP, Active Directory, and .NET Framework.

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft's Patch Tuesday updates address 165 vulnerabilities, including a critical SharePoint zero-day exploit tracked as CVE-2026-32201.

Attackers are targeting developers via Slack and Google Sites

A targeted phishing campaign exploits trust in the open-source community, tricking developers into providing credentials and installing malicious software.

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.

Ransomware scum, other crims exploit 4 old Microsoft bugs

Four Microsoft vulnerabilities are actively exploited, including one from 2012, prompting CISA to urge federal agencies to patch them within two weeks.

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

2 weeks ago

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Attackers Don't Just Send Phishing Emails. They Weaponize Your SOC's Workload

Attackers deliberately overwhelm SOC analysts with high-volume phishing campaigns to delay investigations and create windows for successful breaches, making analyst capacity a critical vulnerability.

fromNextgov.com

Potential US-built hacking tools obtained by foreign spies and cybercriminals, research says

A sophisticated iPhone hacking toolkit called Coruna, likely originating from U.S. government development, has proliferated to foreign intelligence agencies and criminal groups, compromising iOS devices through multiple exploit chains.

Cyber Insights 2026: Cyberwar and Rising Nation State Threats

Entering the cyber world is stepping into a warzone. Cyber is considered a war zone, and what happens there is described as cyberwar. But it's not that simple. War is conducted by nations (political), not undertaken by criminals (financial). Both are increasing in this war zone we call cyber, but the political threat is growing fast. Cyberwar is a complex subject, and a formal definition is difficult.

Information security

Cyber Insights 2026: Offensive Security; Where It is and Where Its Going

Red teaming and offensive security must accelerate and expand to proactively find and harden system weaknesses against increasingly frequent, sophisticated, and damaging attacks.

Why cyberattacks don't require advanced hacking

Poor cyber hygiene, weak identity security, overdue IT maintenance, and incomplete logging make organizations vulnerable to financially motivated attacks such as ransomware and email fraud.