#us-cyberattack
#us-cyberattack

Russo-Ukrainian War

Sweden blames Russian hackers for attempting 'destructive' cyberattack on thermal plant | TechCrunch

15 hours ago

Information security

2026's Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable

Information security

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers

Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Third-party tools are exploited to gain internal access, highlighting a shift in attack strategies that bend trust rather than break systems.

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

A critical vulnerability in the Model Context Protocol allows remote code execution, affecting over 7,000 servers and compromising sensitive data.

43 minutes ago

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

CISA added eight new vulnerabilities to its KEV catalog, including critical flaws in Cisco Catalyst SD-WAN Manager, indicating active exploitation.

Russo-Ukrainian War

Sweden blames Russian hackers for attempting 'destructive' cyberattack on thermal plant | TechCrunch

Russian-linked hackers attempted to disrupt a Swedish thermal power plant, highlighting increasing risks of hybrid attacks beyond cyberspace.

15 hours ago

2026's Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable

2026 has seen significant cyber threats, including a major FBI hack and the discovery of the DarkSword iPhone exploit framework.

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers

Hackers have targeted a vulnerability in discontinued TP-Link routers for a year without successful exploitation, according to Palo Alto Networks.

Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Third-party tools are exploited to gain internal access, highlighting a shift in attack strategies that bend trust rather than break systems.

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

A critical vulnerability in the Model Context Protocol allows remote code execution, affecting over 7,000 servers and compromising sensitive data.

more#cybersecurity

15 hours ago

NSA spies are reportedly using Anthropic's Mythos, despite Pentagon feud | TechCrunch

The NSA is reportedly using Anthropic's Mythos model for cybersecurity despite previous tensions over access to AI capabilities.

Privacy professionals

US gets second Scattered Spider-linked guilty plea

A Scottish man pleaded guilty to a phishing and SIM-swap scheme, stealing over $8 million in cryptocurrency.

Fundraising

fromIndependent

Company has more than 2m stolen from account following cyber attack

Future Energy Capital Limited lost over €2m due to a cyber attack last October.

#cryptocurrency

Cryptocurrency

North Korea hackers blamed for $290M crypto theft | TechCrunch

Cryptocurrency

Russia-friendly exchange says "western special service" behind $15 million cyberattack

Cryptocurrency

North Korea hackers blamed for $290M crypto theft | TechCrunch

Cryptocurrency

Russia-friendly exchange says "western special service" behind $15 million cyberattack

AI capabilities are needed to counter drone threats, senator says

The U.S. must adopt new AI capabilities to counter the growing threat of unmanned drones used by foreign adversaries.

#anthropic

fromAxios

Intellectual property law

Scoop: NSA using Anthropic's Mythos despite Defense Department blacklist

fromEngadget

The NSA is reportedly using Anthropic's new model Mythos

The NSA is using Anthropic's Mythos Preview despite ongoing tensions with the Pentagon over military use safeguards.

Anthropic's new cybersecurity model could get it back in the government's good graces

Anthropic's relationship with the Trump administration has improved due to its new cybersecurity model, Claude Mythos Preview.

fromAxios

Intellectual property law

Scoop: NSA using Anthropic's Mythos despite Defense Department blacklist

fromEngadget

The NSA is reportedly using Anthropic's new model Mythos

The NSA is using Anthropic's Mythos Preview despite ongoing tensions with the Pentagon over military use safeguards.

Anthropic's new cybersecurity model could get it back in the government's good graces

Anthropic's relationship with the Trump administration has improved due to its new cybersecurity model, Claude Mythos Preview.

US news

Pentagon pulls the plug on one of the military's most troubled space programs

US Security Agency Leverages Claude Mythos Despite Pentagon Blacklist

The Pentagon has designated Anthropic as a supply-chain risk, yet the NSA is using its new model, Claude Mythos Preview.

5 hours ago

US news

Pentagon pulls the plug on one of the military's most troubled space programs

US Security Agency Leverages Claude Mythos Despite Pentagon Blacklist

The Pentagon has designated Anthropic as a supply-chain risk, yet the NSA is using its new model, Claude Mythos Preview.

Emergency Update for Windows Server Following Reboot Issues

Microsoft released emergency updates for Windows Server to address LSASS crashes and installation issues following the April 2026 Patch Tuesday updates.

Cisco Sovereign Critical Infrastructure now available in Europe

Cisco launches Sovereign Critical Infrastructure across EMEA, enabling organizations to innovate while maintaining control over their data and infrastructure.

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities, including critical flaws in Webex and Identity Services Engine, allowing potential unauthorized access and command execution.

European startups

Cisco Sovereign Critical Infrastructure now available in Europe

Cisco launches Sovereign Critical Infrastructure across EMEA, enabling organizations to innovate while maintaining control over their data and infrastructure.

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities, including critical flaws in Webex and Identity Services Engine, allowing potential unauthorized access and command execution.

more#cisco

21 hours ago

Senate Extends Surveillance Powers Until April 30 After Chaotic Votes in House

It's not making a choice between security and liberty. That's garbage. We're going to show that the two aren't mutually exclusive.

SF politics

US politics

Secret Service is embracing new solutions to combat malicious drones, director says

The U.S. Secret Service is adopting kinetic mitigation technologies to counter drone threats for upcoming large-scale events.

Iran claims US used backdoors in networking equipment

Iran claims the US sabotaged its networking equipment during the war using backdoors or botnets.

fromWIRED

1 week ago

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Iran has launched a hacking campaign targeting US industrial control systems, causing disruptions in critical infrastructure.

1 hour ago

Iran claims US used backdoors in networking equipment

Iran claims the US sabotaged its networking equipment during the war using backdoors or botnets.

fromWIRED

1 week ago

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Iran has launched a hacking campaign targeting US industrial control systems, causing disruptions in critical infrastructure.

more#iran

Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure

Sweden's minister for civil defense, Carl-Oskar Bohlin, stated that the cyberattack targeted a heating plant in western Sweden but ultimately failed. He did not provide further details.

Europe news

22 hours ago

Half of the 6 Million Internet-Facing FTP Servers Lack Encryption

Approximately 6 million internet-accessible systems are using FTP today, and almost half of them do not use encryption, exposing enterprises and end users to avoidable risks.

Privacy professionals

SF politics

CISA resources 'more limited than I would like' amid shutdown, top official says

CISA faces significant funding limitations impacting its ability to counter hacking threats and conduct essential activities.

#north-korea

US news

Two North Korean IT Worker Scheme Facilitators Jailed in the US

Information security

North Korean social engineering campaign targets macOS users | Computer Weekly

North Korea targets macOS users in latest heist

North Korean criminals use social engineering and fake software updates to steal Apple users' credentials and cryptocurrency.

US news

Two North Korean IT Worker Scheme Facilitators Jailed in the US

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.

North Korea targets macOS users in latest heist

North Korean criminals use social engineering and fake software updates to steal Apple users' credentials and cryptocurrency.

more#north-korea

12 hours ago

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.

#data-breach

8 hours ago

Privacy professionals

Lovable denies data leak, cites 'intentional behavior'

Vercel Breach Originated from an Employee's AI Tool

Vercel confirmed a data breach caused by a third-party AI tool used by an employee, impacting a limited subset of customers.

Privacy professionals

8 hours ago

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.

Vercel Breach Originated from an Employee's AI Tool

Vercel confirmed a data breach caused by a third-party AI tool used by an employee, impacting a limited subset of customers.

more#data-breach

Bluesky Disrupted by Sophisticated DDoS Attack

The attack is impacting our application, with users experiencing intermittent interruptions in service for their feeds, notifications, threads and search.

Information security

Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand

Vercel confirmed a security incident involving unauthorized access to internal systems, with a threat actor claiming to sell stolen company data.

Information security

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Information security

Cloud development platform Vercel was hacked

fromInfoWorld

19 hours ago

Information security

Hackers exploit Vercel's trust in AI integration

23 hours ago

Information security

Next.js Creator Vercel Hacked

Information security

Next.js developer Vercel warns customer creds compromised

Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand

Vercel confirmed a security incident involving unauthorized access to internal systems, with a threat actor claiming to sell stolen company data.

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Vercel experienced a data breach due to a compromised employee account linked to Context AI, exposing customer credentials.

Cloud development platform Vercel was hacked

Vercel experienced a security breach due to a compromised third-party AI tool, leading to the exposure of customer data.

fromInfoWorld

19 hours ago

Hackers exploit Vercel's trust in AI integration

Sensitive secrets should be treated as potentially exposed and rotated as a priority.

23 hours ago

Next.js Creator Vercel Hacked

Vercel confirmed a data breach involving unauthorized access to internal systems and compromised customer credentials.

Next.js developer Vercel warns customer creds compromised

Vercel experienced a data leak due to a compromise of Context.ai, affecting customer credentials and prompting immediate action.

more#vercel

11 hours ago

The government is buying AI faster than it is assigning authority

Federal governance of AI requires clear authority to pause or override systems when risks materialize.

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Three new security flaws in Microsoft Defender are actively exploited, with only one patched, allowing full SYSTEM-level access to attackers.

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.

13 hours ago

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Three new security flaws in Microsoft Defender are actively exploited, with only one patched, allowing full SYSTEM-level access to attackers.

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.

more#microsoft-defender

Privacy professionals

2 weeks ago

FBI Declares Surveillance System Breach a 'Major Incident'

A China-linked breach of an FBI surveillance system has been classified as a major incident, posing significant risks to US national security.

23 hours ago

Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems

ZionSiphon malware targets Israeli water treatment systems, showcasing a trend in politically motivated attacks on critical infrastructure.

16 hours ago

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP converters have serious vulnerabilities that can expose critical systems to remote attacks.

Anthropic's Mythos AI model sparks fears of turbocharged hacking

AI-enabled cyber attacks surged 89% in 2025, with attackers acting within 29 minutes of gaining access.

58% of Organizations Spend Over 10 Hours a Month Securing AI-generated Code

31% of organizations using AI-generated code spend 10 hours or less per month on validation and auditing, raising security concerns.

19 hours ago

Aikido Endpoint offers developers additional protection against supply chain attacks

Aikido Endpoint protects developers' endpoints from supply chain attacks by blocking high-risk installations before they reach the system.

Hackers Abuse QEMU for Defense Evasion

Threat actors are exploiting QEMU for ransomware and remote access tool deployment, with increased activity observed since late 2025.

fromThe New Yorker

2 months ago

National Security Begins Behind the Toaster

Dear Secretary Pete Hegseth, I realize that this is a big ask, but would you please invade and take possession of my son and daughter-in-law's apartment? Or maybe you'd like to make them an offer first? Either way, as a concerned mother and patriot who believes that national security begins at home, I feel it's my duty to let you know that Otis and Luna, the co-dictators of Unit 4-C, at 439 Bergen Street, in Park Slope, Brooklyn, must be overthrown.

Humor

Top 3 Cyber Insurance Incident Claims

Cyber incidents are increasing claims in the insurance industry despite decreasing premiums, indicating a more active risk environment.

2 days ago

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.

#nist

Surging CVE disclosures force NIST to shake up workflows | Computer Weekly

NIST is changing its approach to handling CVEs, focusing on those with the greatest potential impact due to increased submissions.

NIST updates NVD: not every CVE will be scrutinized

NIST is updating its vulnerability assessment methodology due to an overwhelming increase in CVEs, prioritizing critical vulnerabilities for analysis.

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

NIST updates its National Vulnerability Database operations to prioritize enriching critical CVEs due to a surge in submissions.

Surging CVE disclosures force NIST to shake up workflows | Computer Weekly

NIST is changing its approach to handling CVEs, focusing on those with the greatest potential impact due to increased submissions.

NIST updates NVD: not every CVE will be scrutinized

NIST is updating its vulnerability assessment methodology due to an overwhelming increase in CVEs, prioritizing critical vulnerabilities for analysis.

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

NIST updates its National Vulnerability Database operations to prioritize enriching critical CVEs due to a surge in submissions.

Cursor AI Vulnerability Exposed Developer Devices

A vulnerability in Cursor AI allows attackers to hijack developer machines via malicious repositories without user interaction.

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Threat actors exploit vulnerabilities in TBK DVR and TP-Link routers to deploy Mirai-botnet variants, targeting IoT devices for large-scale attacks.

Recent advances push Big Tech closer to the Q-Day danger zone

Organizations are transitioning to new algorithms to replace RSA and elliptic curves due to vulnerabilities exposed by quantum computing threats.

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

Information security

ZionSiphon Malware Targets ICS in Water Facilities

Information security

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

ZionSiphon Malware Targets ICS in Water Facilities

ZionSiphon is a new malware targeting water treatment plants in Israel, designed to manipulate chlorine levels and pressure in these facilities.

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.

Cisco Systems issues three advisories for critical vulnerabilities in Webex, ISE

Identity and access management is crucial for cybersecurity, with a focus on IAM hygiene necessary to mitigate risks from vulnerabilities.

#microsoft

fromComputerworld

Information security

Microsoft's Windows Recall still allows silent data extraction

Microsoft needs to enhance code integrity for AIXHost.exe to prevent injection attacks.

fromZero Day Initiative

6 days ago

Zero Day Initiative - The April 2026 Security Update Review

Several critical vulnerabilities in Microsoft products require attention, particularly those related to Office, RDP, Active Directory, and .NET Framework.

fromComputerworld

Microsoft's Windows Recall still allows silent data extraction

Microsoft needs to enhance code integrity for AIXHost.exe to prevent injection attacks.

fromZero Day Initiative

6 days ago

Zero Day Initiative - The April 2026 Security Update Review

Several critical vulnerabilities in Microsoft products require attention, particularly those related to Office, RDP, Active Directory, and .NET Framework.

'By Design' Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

MCP's architectural flaw allows adversarial takeover of user systems, exposing sensitive data and enabling malware installation.

6 days ago

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

Critical risk findings surged by nearly 400% amid a 52% increase in raw alert volume, driven by AI-assisted development.

fromThe Cipher Brief

America Is Digitally Fragile - and Our Adversaries Know It

America faces unprecedented vulnerability as critical infrastructure systems are digitally dependent and interconnected, while adversaries possess capabilities to penetrate and pre-position for exploitation before conflict begins.

Iran-Linked Hackers Take Aim at US and Other Targets, Raising Risk of Cyberattacks During War

Pro-Iranian hackers are expanding cyberattacks from the Middle East into the United States, targeting defense contractors, medical device companies, and critical infrastructure like power stations and water plants.

Potential US-built hacking tools obtained by foreign spies and cybercriminals, research says

A sophisticated iPhone hacking toolkit called Coruna, likely originating from U.S. government development, has proliferated to foreign intelligence agencies and criminal groups, compromising iOS devices through multiple exploit chains.

2 months ago

Cyber Insights 2026: Cyberwar and Rising Nation State Threats

Entering the cyber world is stepping into a warzone. Cyber is considered a war zone, and what happens there is described as cyberwar. But it's not that simple. War is conducted by nations (political), not undertaken by criminals (financial). Both are increasing in this war zone we call cyber, but the political threat is growing fast. Cyberwar is a complex subject, and a formal definition is difficult.

Information security

2 months ago

CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update

CISA added four actively exploited high-severity vulnerabilities to its KEV catalog, including Chrome use-after-free, TeamT5 arbitrary upload, Zimbra SSRF, and Windows ActiveX RCE.

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

Microsoft warns of phishing campaigns exploiting OAuth redirect mechanisms to bypass email and browser defenses, targeting government and public-sector organizations to deliver malware without stealing credentials.