Финальный релиз Python 3.15 запланирован на 1 октября.

Он полон энергии. Просто раньше никто не знал, как её взять.

Что показал реальный тест нашумевшей ИИ-системы Anthropic для поиска дыр в коде.

Теоремы Гёделя, чтобы создать неразглашаемые доказательства. Вот как это работает.

Новая техника атаки блокирует доступ к файлам, не оставляя следов на диске.

TeamPCP так освоились в репозиториях Checkmarx, что успели заразить три разных продукта.

Тысячи роботов с камерами, микрофонами и доступом к вашей сети. Что могло пойти не так?

Компания откажется от небольших команд в дорогих юрисдикциях

Почему троян Mamont до сих пор остаётся грозой подъездов.

Исследователи нашли на месте взрыва странные кристаллы…

0Day под заказ – это когда попросил ИИ и получил эксплойт. Google говорит, что это уже реальность.

Приход эры Agentic AI породил мнение, что ИИ способен потеснить или даже заменить человека.

Например, можно ли использовать единую концепцию ИИ для построения всех ИИ-систем, если уже сейчас выявлено несколько различных типов таких систем?

(International AI Safety Report, 2026)Признаки отличий человека и ИИМы вплотную подошли к главному вопросу: в чём разница между человеком и ИИ?

Доверие человека к ИИ не формируется само по себе.

Приведённый список отличий человека и ИИ ясно показывает, что между ними сохраняется множество принципиальных различий.

Сегодня на отечественном рынке представлен широкий выбор систем управления ключевыми носителями и цифровыми сертификатами.

Основы и назначение систем PKIПод термином инфраструктура открытых ключей (Public Key Infrastructure, PKI) в сфере информационной безопасности понимают совокупность стандартов, ролей, политик и процедур для управления цифровыми сертификатами.

Для этого система управляет полным жизненным циклом цифровых сертификатов: от их генерации и распространения до использования, хранения и своевременного отзыва.

Государственные службы применяют PKI для цифровой идентификации граждан, защиты информационных систем госорганов и обеспечения юридической силы электронных документов в адм…

Там так или иначе поднимается вопрос внедрения ИИ, в том числе практические аспекты.

А на технологических конференциях при анонсе новых продуктов или сервисов всячески подчёркивается, как и где применяется ИИ и как он помогает покупателям и заказчикам внедрять свои решения на его основе.

Завершило мероприятие круглое обсуждение «ИИ не для разговоров, а для задач.

Участники дискуссии «ИИ не для разговоров, а для задач.

Плохо просчитанная экономикаВторой по значимости проблемой при реализации проектов внедрения ИИ в последнее время, когда ИТ-бюджеты снижаются, стала экономика.

Сравнение возможностей человека и ИИ показывает, что классическое образование не только сохранится, но и обеспечит технологический суверенитет.

«Мы видим свою миссию в развитии ИБ в целом, в развитии экосистемы сетевого доверия и продвижении подходов ИБ», — заявил руководитель UserGate.

Но как это соотносится с возможными изменениями в образовательном процессе с приходом эры агентных ИИ (Agentic AI)?

Другие считают, что произойдёт сдвиг в наборе востребованных навыков, но в целом это будет не революционный, а линейный процесс развития.

Самое важное — такой подход не только остаётся базовым, но и его роль будет возрастать по мере развития Agentic AI.

Данное исследование стало вторым, посвящённым анализу сценариев применения квантовых технологий в России.

Причём, как подчеркнула Анна, продукты с использованием квантовых технологий способны защищать не только от перспективных, но и актуальных угроз.

Уровень развития технологий по 10-балльной системе разных технологий, примеры внедрения которых изучались в ходе исследования, составлял от 3 до 9.

Также, как рассказал Антон Гугля, появляется всё больше оборудования, в которое можно добавить поддержку квантовых технологий с помощью замены прошивки.

Прогноз объёмов мирового рынка квантовых технологий (млрд долларов США)Fortune Business Insight прогнозирует к 2030 году семикратный рост рынка кв…

Она управляет жизненным циклом учётных записей: создаёт их при приёме, корректирует права при переводах, блокирует при увольнении.

В отличие от базового IDM, IGA работает не только с людьми, но и с сервисными аккаунтами, API-ключами и машинными идентичностями.

Инвентаризация показывает реальную картину: где затерялись забытые аккаунты, какие права не используются, какие системы не интегрированы.

Что мониторят:Жизненный цикл учётных записей — скорость создания учётных записей и базовых прав при приёме, своевременность изменения прав при переводе, время блокировки аккаунта после увольнения.

Сервисные аккаунты — сколько технических учётных записей находится под управлением IGA и проходят ли он…

Вопрос для бизнеса уже не в том, случится ли атака, а в том, насколько быстро и грамотно организация сможет на неё отреагировать и минимизировать последствия.

Скорость и качество реагирования на инциденты в области информационной безопасности напрямую влияют на бизнес-показатели.

Константин Мушовец порекомендовал компаниям, выстраивающим систему реагирования на инциденты, в первую очередь обратить внимание на решения класса EDR.

Использование ИИ при реагировании на инцидентыАлександр Григорян рассказал, что его департамент разрабатывает собственный инструментарий для расследования и реагирования на инциденты на всех этапах жизненного цикла.

Ключевая проблема многих организаций кроется не в …

Согласно судебным документам, речь шла не о взломе Signal, не о компрометации его серверов и не о расшифровке трафика.

Обновление вышло 22 апреля 2026 года и доступно для iPhone 11 и новее, а также для ряда iPad; параллельно Apple выпустила исправления и для старой ветки iOS / iPadOS 18.7.8.

Сначала сообщение поступало в Signal на iPhone.

Отключить содержимое уведомлений в мессенджерахНапример, в случае Telegram на iOS это делается через «Настройки» → «Приложения» → «Telegram» → «Уведомления» → «Показывать содержимое».

ВыводыЭтот инцидент не дискредитирует мессенджеры и Signal в частности и не доказывает бесполезность сквозного шифрования.

Анализ мирового и российского рынка показал, что спектр услуг, объединённых под понятием Red Team Operations, стал значительно шире.

Это касается и Red Team Operations (редтиминга), содержание и задачи которых со временем претерпели изменения.

Что такое Red Team OperationsКонцепция Red Team появилась в военной сфере, где силы делились на «синие» (Blue Team) и «красные» (Red Team) для отработки боевых сценариев.

Чем Red Team отличается от пентеста и BASРабота Red Team отличается от традиционного пентеста или имитации атак (Breach and Attack Simulation, BAS).

Мировой рынок услуг по оценке киберзащищённости Red Team OperationsВ зарубежной практике редтиминг чаще называют Red Team Operations ил…

У более чем трети компаний он не изменился, что в условиях инфляции, особенно опережающего роста цен на ИТ-оборудование, также означает фактическое снижение.

На чём и как можно сэкономитьПо мнению участников дискуссии, у CISO есть возможности при необходимости снизить затраты.

Однако, по его наблюдениям, как правило, и та и другая системы являются неполными, что затрудняет такие проекты и создаёт почву для конфликтов.

Дмитрий Найдёнов даже заявил, что при наиболее жёстком прессинге со стороны бизнеса можно пойти на то, чтобы полностью заморозить развитие.

Положение осложняет и то, что популярные SSD-диски, как локальные, так и на серверах и системах хранения, имеют склонность выходить из ст…

Corelight — разрабатывает коммерческую платформу на базе открытого проекта Zeek (бывший Bro), специализируется на сборе и нормализации трафика для передачи в SIEM.

Заказчики выбирают не отдельный NDR, а готовый набор ИБ-продуктов, который также включает SIEM, SOAR, NDR и системы управления уязвимостями, и всё это от одного вендора.

Основные игроки российского рынка NTA/NDR: Positive Technologies (PT NDR), R-Vision (R-Vision NDR), «Солар» (Solar NDR), «Инфосистемы Джет» (КОМРАД NDR), «Гарда Технологии» (Гарда NDR), «ИнфоТеКС» (ViPNet NDR) и «Айдеко» (Айдеко NDR).

PT NAD (Positive Technologies)PT Network Attack Discovery (PT NAD) — система поведенческого анализа сетевого трафика для обнаружен…

Средства ЭП, проверяющие статус аккредитации УЦ, будут строить цепочку до корневого сертификата в TSL и не найдут там соответствующего сертификата АУЦ.

Совокупность всех «должно» необходимо учесть в момент проверки квалифицированной электронной подписи, и вот тут-то многие средства электронной подписи могут дать осечку.

То есть они либо совсем не работали с TSL при проверке, либо не обновляли TSL (работали со старым, в котором ещё не было информации о прекращении аккредитации).

Поэтому, если средство ЭП не умеет проверять электронные подписи с метками доверенного времени, такая подпись будет ошибочно признана недействительной.

Litoria Desktop 2 корректно обрабатывает усовершенствованные фор…

Процесс управления уязвимостями и концепция VOCVulnerability Management — это непрерывный циклический процесс выявления, оценки, приоритизации, устранения и последующей верификации уязвимостей в ИТ-инфраструктуре организации.

Процесс управления уязвимостями (источник: ФСТЭК РФ)Именно на эту схему опирается большинство российских систем Vulnerability Management.

Обзор отечественных систем управления уязвимостямиКоличество систем управления уязвимостями (Vulnerability Management), предлагаемых российскими вендорами, продолжает расти.

Платформа объединяет технологии управления уязвимостями и их жизненным циклом (VM), активами (AM) и внешней поверхностью атаки (EASM), предлагая единый подход к …

«Кванмён» и ОС-доносчик: идеальная экосистема цензурыВнутренняя сеть Северной Кореи называется интранет «Кванмён».

Но есть и кулинарные рецепты, тексты «правильных» песен, порталы университетов, учебные материалы.

Но и с них подключиться к «Кванмёну» нельзя.

Цифровой рывок в клетке: смартфоны, доставка и три кастыСмартфоны в Северной Корее существуют.

15 лет за мыльную оперу: как выживает цифровая контрабандаИ все же запретный контент в Северной Корее существует.

Меня зовут Денис Ульянов, я уже 12 лет в IT и последние полтора года руковожу командой Antibot в Wildberries.

Как атакуют мобильное APIРабота с парсерами на промышленной основе так или иначе приводит к взаимодействию с нашими ресурсами через бэкенд.

Цепочка атаки на мобильное APIПредставим, что мы с вами хотим спарсить данные через мобильное API.

Поэтому мы срезали углы и для быстрого старта переиспользовали его в WebView, компоненте для просмотра веб-страниц в приложении.

Модель анализирует сессию клиента и в любой момент может сделать вывод, что поведение аномально и требуется отозвать токен.

На прошлой неделе разработчики браузера Mozilla Firefox опубликовали детальный отчет об использовании искусственного интеллекта для поиска уязвимостей (оригинальный пост, новость на Хабре).

Публикации предшествовал краткий анонс в конце апреля: тогда стало известно, что в Mozilla получили доступ к ИИ-модели Claude Mythos компании Anthropic, которая пока недоступна публично всем желающим.

В анонсе разработчики браузера не стеснялись в хвалебных эпитетах, предрекая скорый конец уязвимостям нулевого дня — когда разработчик ПО обнаруживает баг, который уже эксплуатируется в реальных атаках.

Это, впрочем, не означает, что в Firefox исправлены 180 методов взлома браузера.

Он также получил доступ …

Вы на 1-м этаже, коллега на 5-м, а между вами — облако проблем.

Чтобы не переключаться в мессенджеры и не тратить время на звонки, в «Офис+» встроен внутренний чат.

Настройка подключения к облаку в «Офис+ Документ»Открытие документа из облака в «Офис+ Документ»Как открывается документ из сетевой папки коллеги, надеюсь показывать не обязательно.

ВыводСовместная работа с документами в изолированной сети без внешних облаков — это не миф, а жесткое требование современных ИТ-реалий.

Сталкивались ли вы с необходимостью разворачивать тяжелые локальные облака ради одной функции?

Сетевой доступ к базе был открыт с нескольких сервисов — как на Windows, так и на Linux.

Отдельно стоит отметить атаку 3Shake, в которой атакующий мог установить две сессии с одинаковыми мастер-ключами через механизм возобновления сессии в TLS 1.2.

Если мы хотим посмотреть CB в Kerberos в Wireshark, то нам нужно смотреть TDS7-Login-пакет, в нём ap-req authenticator с полем Bnd.

Мы также ставим параметры Initiator и Acceptor в 0 и заполняем cbApplicationDataLength и dwApplicationDataOffset .

ЗаключениеМы разобрали, как работает механизм EPA, и добавили его поддержку в ключевые библиотеки для Linux — PR в FreeTDS и PR в microsoft/go-mssqldb.

В постмортеме TanStack компрометация объясняется цепочкой атак на GitHub Actions, включающей паттерн pull_request_target «Pwn Request» → отравление кэша GitHub Actions через границу доверия fork-to-base → извлечение токена OIDC из памяти во время выполнения из процесса GitHub Actions runner.

Этап 3 — Отравление репозиториев через GitHub GraphQLПомимо распространения через npm, имплант атакует исходные репозитории мейнтейнеров, чьи учётные данные ему удалось собрать.

Вредоносная программа перебирает process.env , проверяет наличие окружений GitHub Actions и runner’ов и пытается собрать секреты из GitHub, npm, AWS, Kubernetes и развёртываний Vault.

ПослесловиеИнцидент с @tanstack в очередной …

MFA для VPN в UserGate — штука полезная: никакого RADIUS, без дополнительных лицензий, всё — из коробки.

Сетевые интерфейсы и маршрутизацияСначала определяем, через какой интерфейс будут приходить удаленные подключения и куда именно мы будем пускать пользователей после аутентификации.

Для этого на внешнем интерфейсе (в нашем случае — 192.168.1.10) нужно разрешить два сервиса на уровне зоны: VPN и Веб-портал.

MFA-профиль не привязан к профилю аутентификации, пользователь не попал в нужную группу или правило VPN указывает не на те объекты.

Он не требует отдельного RADIUS-сервера, не просит дополнительных лицензий и в базовом варианте закрывает потребность в защищенном соединении.

10 мая 2026 года OpenAI анонсировала Daybreak — инициативу, объединяющую модели GPT-5.5 и агентную обвязку Codex в инструмент для cyber-defense команд.

По задумке компании, это «первый рассветный луч» нового подхода к безопасности: не патчить уязвимости постфактум, а делать софт устойчивым к ним по умолчанию.

GPT-5.5 — флагман общего назначения, релизнутый 23 апреля 2026 года; согласно Preparedness Framework, это первая модель OpenAI, перешедшая порог «High» по кибервозможностям.

С 1 июня 2026 года для верхнего тира потребуется phishing-resistant аутентификация: OpenAI явно подчёркивает, что относится к этому SKU не как к подписке, а как к привилегированной инфраструктуре с именованной отве…

Помните, если вы не попадётесь на их уловки, то ваши взрослые знакомые или родственники наиболее подвержены социальной инженерии.

После того, как вы нашли N-ое количество информации о себе в первом браузере ищем всё то же самое.

Коллега сохранил вас как «Пётр работа Москва», родственник как «Петя брат», знакомый как «Васильченко сослуживец».

Рекламные сети используют cookies, чтобы понимать: вот этот браузер был на сайте с кроссовками, потом на сайте с кредитами, потом на сайте с медицинской статьёй.

И не надо себя обманывать, что если вы совершили, что-то серьёзное у вас получится скрыться.

И мы не просто зашли в дверь.

Стоит упомянуть, что это было не какое-то обычное здание, а Федеральный Объект, cодержащий cекретную информацию (SCIF - Sensitive Compartmented Information Facitlity).

И вот наступила ночь и, достав инструменты, мы с Брентом смогли открыть окно отеля.

Не совершайте резких движений и не бегайте, чтобы не привлечь внимание и не вызвать подозрения.

Как нам позже пояснили, никто и не мог предположить, что возможно попасть на крышу из окна соседнего отеля.

Энтони Левандовски и GoogleПроблемы у бывшего инженера Google Энтони Левандовски начались в 2019 году, когда его обвинили в краже коммерческой тайны.

Дело в том, что в Google Левандовски работал над беспилотными автомобилями в дочерней фирме, примыкающей к поисковику, — Waymo.

И перед уходом он вытащил из внутренних баз IT-корпорации 14 тысяч файлов, где рассказывалось о лидарах и самоуправляемых машинах.

Архивы, скачанные Левандовски, включали не только инструкции, но и, например, схемы используемых печатных плат, механизмах правильного тестирования лидаров, а также документы внутреннего отслеживания.

Это означает, что в договорах с сотрудниками фирмы — соответствующий пункт обязателен.

Я сто­рон­ник идеи, что не быва­ет абсо­лют­но защищен­ных сис­тем: ата­кующие про­дол­жают находить всё более изощ­ренные уяз­вимос­ти.

Сис­тема пос­тро­ена по прин­ципу API first — вся работа с Пас­свор­ком — это, по сути, работа с API раз­ными спо­соба­ми.

call ( " GET " , " / api/ v1/ notifications " ) if not raw or " items " not in raw : print ( " Нет items в ответе " , file = sys .

call ( " GET " , f " / api/ v1/ items " , payload = { " vaultId " : vault_id } ) items = items_raw .

Ско­рее все­го, в PyPL и в Git Verse вер­сии выкаты­вают­ся одновре­мен­но.

В этой статье соб­ран перечень акту­аль­ных тех­ник тес­тирова­ния безопас­ности OAuth 2.0 и OIDC, которые мож­но исполь­зовать в тес­тирова­нии реаль­ных при­ложе­ний.

Ну и пос­леднее пре­дуп­режде­ние: статья будет рас­кры­вать тех­ники доволь­но повер­хностно и без всех деталей, потому что замысел и объ­ем матери­ала такого не под­разуме­вают.

За­дача статьи — дать рабочий матери­ал, показать, на что имен­но смот­реть, какие сиг­налы могут ука­зывать на недос­татки в реали­зации про­токо­ла в веб‑при­ложе­ниях.

Фор­мат у спис­ков с приз­наками вос­про­изво­димос­ти такой: приз­нак наличия уяз­вимос­ти → что с этим мож­но сде­лать.

Он дает воз­можность убе­дить­ся, что сто­рона, завер­шаю…

В этой статье под­робно рас­смот­рим, как с помощью Network File System мож­но повысить при­виле­гии на Linux-сер­вере.

NFS (Network File System) — рас­пре­делен­ная фай­ловая сис­тема, с помощью которой ты можешь мон­тировать уда­лен­ные пап­ки на свою Linux-машину и работать с ними, как с локаль­ными.

Обра­ти вни­мание, что я раз­бираю имен­но повыше­ние при­виле­гий с помощью NFS.

Setuid/setgidПо умол­чанию в NFS исполь­зует­ся опция пониже­ния прав root_squash .

Экспор­ты для NFS сде­ланы с no_root_squash , и мы лег­ко реали­зуем повыше­ние при­виле­гий.

Что такое Trivy Trivy — извес­тный опен­сор­сный ска­нер уяз­вимос­тей, раз­работан­ный ком­пани­ей Aqua Security.

В резуль­тате теги ука­зыва­ли уже не на легитим­ные ком­миты, а на вре­донос­ные.

TeamPCP Cloud StealerМал­варь, которую TeamPCP внед­рила в Trivy, получи­ла наз­вание TeamPCP Cloud Stealer.

Как объ­ясня­ли спе­циалис­ты CERT-EU, точ­кой вхо­да зло­умыш­ленни­ков стал API-ключ от AWS, ском­про­мети­рован­ный еще 19 мар­та в ходе ата­ки на Trivy.

Эк­спер­ты напоми­нают, что всег­да рекомен­дует­ся при­вязы­вать GitHub Actions к пол­ным SHA ком­митов, а не к тегам и отно­сить­ся к CI/CD-ран­нерам с той же серь­езностью, что и к про­дак­шен‑хос­там.

Цены уже полете­ли вверх, а ко мне вне­зап­но приш­ло осоз­нание, что для моих целей малова­то Xeon 2696 и 256 Гбайт опе­рати­вы.

Вто­рой момент — разъ­емы PCI-E находят­ся перед опе­ратив­кой, поэто­му пол­нораз­мерную видяху мож­но уста­новить толь­ко одну, ну да в моем слу­чае это не так страш­но.

Собс­твен­но, на этой машине я и выяс­нил, что один из моих AMD Epyc 7532 — битый и это тот камень, который был ведущим (незало­чен­ным).

Парал­лель­но уда­лось выяс­нить, что в сокете име­ются пог­нутые пины, и для SP3 это прям очень боль­но.

Путем еще нес­коль­ких переты­каний я выяс­нил, что в вось­мом канале без глю­ков работа­ет лишь один слот.

Но глав­ный тезис я сфор­мулирую пря­мо сей­час: ес­ли план защиты мобиль­ного при­ложе­ния сво­дит­ся к вклю­чению обфуска­тора, то это не план защиты.

ProGuard и R8: первый рубеж обороныДля подав­ляюще­го боль­шинс­тва Android-раз­работ­чиков зна­комс­тво с обфуска­цией начина­лось с ProGuard — бес­плат­ного инс­тру­мен­та, который изна­чаль­но соз­давал­ся как опти­миза­тор и минифи­катор кода, а не как пол­ноцен­ное средс­тво защиты.

Клю­чевой нюанс, который час­то упус­кали из виду, зак­лючал­ся в том, что обфуска­ция в ProGuard «исполь­зует­ся толь­ко в целях минифи­кации (не безопас­ности)».

Индус­трия при­няла это как дан­ность: абсо­лют­ной защиты не сущес­тву­ет, но мож­но сде­лат…

В этой статье мы пос­тарались соб­рать основные исто­рии о безопас­ности OpenClaw в одну хро­ноло­гию.

Штай­нбер­гер пере­име­новал про­ект в Moltbot, а через нес­коль­ко дней — в OpenClaw, потому что Moltbot, по его сло­вам, «не очень ложил­ся на язык».

Вско­ре пос­ле пуб­ликации CERT ста­ло извес­тно, что в ряде государс­твен­ных учрежде­ний и гос­банков Китая зап­ретили уста­нав­ливать OpenClaw на рабочие компь­юте­ры.

Эн­тузи­асты, впро­чем, уже наш­ли спо­соб час­тично сни­зить угро­зу: они мас­сово ску­пают Mac mini для раз­верты­вания OpenClaw на выделен­ном железе.

Не­кото­рые поль­зовате­ли даже заводят для OpenClaw отдель­ные email-адре­са и акка­унты в менед­жерах паролей — как д…

Why do the Riskiest SOC Alerts Go Unanswered?

The findings point to a structural gap in how security coverage is delivered today: not a lack of tooling, but a ceiling built into every existing model.

Your SOC Model Has a Coverage CeilingIn-house SOC teams are the first to feel the gap.

These alert types require deep, domain-specific knowledge that most SOC teams simply don't have on staff.

AI SOC automation platforms have made significant progress on common alert types, but most cap out at four to six pre-defined categories.

Agentic AI is already running in production environments across many organizations today.

The practical consequence of being behind on agentic AI goes beyond technical exposure.

This hands-on familiarity is where real understanding begins, and real understanding is what makes everything else possible.

Three categories of agents, three categories of riskThe agentic AI landscape is broad, and the risk profile varies significantly across it.

The skills that matter right nowBuilding competency in agentic AI security requires two distinct layers of knowledge.

TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of a fresh Mini Shai-Hulud campaign.

TanStack has since traced the compromise to a chained GitHub Actions attack involving the "pull_request_target" trigger, GitHub Actions cache poisoning, and runtime memory extraction of an OIDC token from the GitHub Actions runner process.

"The attack published malicious versions through the project's own GitHub Actions release pipeline using hijacked OIDC tokens," StepSecurity researcher Ashish Kurmi said.

"In an extremely rare escalation, the compro…

American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities.

It also said it has been informed that none of the company's customers will be separately extorted as a result of the hack.

The disclosure comes as the ShinyHunters extortion crew waged a digital attack against Canvas, a popular web-based learning management system, late last month, resulting in the theft of 3.65TB of data.

"Leaked records can be used to impersonate school administrators, IT support, or financial aid …

OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues.

"Daybreak combines the intelligence of OpenAI models, the extensibility of Codex as an agentic harness, and our partners across the security flywheel to help make the world safer for everyone," the AI upstart said.

"Defenders can bring secure code review, threat modeling, patch validation, dependency risk analysis, detection, and remediation guidance into the everyday development loop so software becomes more resilient from th…

To that end, E2EE RCS messaging is rolling out to iPhone users running iOS 26.5 with supported carriers and Android users on the latest version of Google Messages.

"When RCS messages are end-to-end encrypted, they can't be read while they're sent between devices," Apple said in a statement.

"Users will know that a conversation is end-to-end encrypted when they see a new lock icon in their RCS chats."

Apple began testing with E2EE in RCS messages in iOS and iPadOS 26.4 Beta, initially limiting it to only conversations between Apple devices.

In a similar statement, Google said Google Messages for Android users will see a padlock icon to indicate that the cross-platform conversation is end-to-…

Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace.

"If you are using Checkmarx Jenkins AST plugin, you need to ensure that you are using the version 2.0.13-829.vc72453fa_1c16 that was published on December 17, 2025 or previously," the cybersecurity company said in a statement over the weekend.

It did not disclose how the malicious plugin version was published.

The development is the latest attack orchestrated by TeamPCP targeting Checkmarx.

According to details shared by security researcher Adnan Khan and SOCRadar, TeamPCP is said to have gained unauthorized access to the plugin's GitHub repository and renamed it to "Checkmarx…

A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments.

The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager (WHM) that could result in an authentication bypass and allow remote attackers to gain elevated control of the control panel.

]com") that's designed to implant a compromised cPanel system with an SSH public key for persistent access, along with dropping a PHP web shell that facilitates file upload/download and remote command execution.

Once the details are transmitted, the attack chain culminates with the deployment of …

The activity is said to be the work of cybercrime threat actors who appear to have collaborated together to plan what the tech giant described as a "mass vulnerability exploitation operation."

The vulnerability, described as a 2FA bypass, requires valid user credentials for exploitation.

"Threat actors now pursue anonymized, premium-tier access to models through professionalized middleware and automated registration pipelines to illicitly bypass usage limits.

These relay or transfer stations route access to these AI models through proxy servers that are hosted outside mainland China.

A performance evaluation of these services uncovered evidence of model substitution, exposing AI application…

"Threat actors are able to redeploy phishing campaigns with ease if a web page is taken down," Cofense said.

—Threat actors are increasingly using Vercel to create large numbers of realistic phishing websites that impersonate well-known brands.

"Threat actors are able to redeploy phishing campaigns with ease if a web page is taken down," Cofense said.

Some of the fake brands used by the threat actors include MeetLab, Juseo, Meetix, and Carolla.

The threat actors exploited a "vulnerability regarding support tickets in our Free for Teacher environment," the company added.

A red team script is being rewritten by hand so the blue team can use it.

For a decade, the security industry has had a name for the practice that's supposed to close this gap: purple teaming.

What Purple Teaming Actually IsPurple teaming is simple in concept.

Three Reasons that Traditional Purple Teaming Hasn’t Been OperationalizedReason 1: Human purple teaming creates too much friction.

The red team script is being rebuilt by hand for the blue team.

A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users.

The project, named Open-OSS/privacy-filter, masqueraded as its legitimate counterpart, released by OpenAI late last month (openai/privacy-filter), including copying the entire description verbatim to trick unsuspecting users into downloading it.Access to the malicious model has since been disabled by Hugging Face.

The PowerShell command is used to download a batch script from a remote server ("api.eth-fastscan[.

"Despite using a scheduled task, this stage establishes no persistence:…

Smart glasses allow anyone to track and record the world around them.

So we probably shouldn’t be surprised that smart glasses are doing the rounds once more, after a failed attempt by Google to popularize them over a decade ago.

This presents significant security and privacy risks for both smart glasses users and the people they interact with.

Smart glasses give anyone the ability to record or take photos of strangers surreptitiously.

It might put you in physical danger if you lose track of your surroundingsFor bystanders:Keep your eyes peeled for anyone wearing smart glasses.

We identified and reported 28 CallPhantom apps on Google Play, cumulatively downloaded more than 7.3 million times.

The table in the Analyzed CallPhantom apps section lists each app along with its key details, including the download count.

Examples of CallPhantom initial screensCampaign overviewThe CallPhantom apps we found on Google Play mainly targeted Android users in India and the broader Asia‑Pacific region.

No data generation occurs until after payment; users have to pay or subscribe before any email would supposedly be sent.

For these third-party payment apps, CallPhantom apps either included hardcoded URLs or fetched the URLs dynamically from a Firebase realtime database, meaning th…

The most-used password globally is exactly what you think it is: ‘123456.’ That’s according to NordPass’s latest annual report on passwords exposed in data breaches globally.

NordPass’s data suggests that there are many more sites that set limited password policies and allow trivial passwords like ‘123456’.

However, I think there may also be elements of legacy in the method used to calculate the most common passwords.

Breaking the cycleNow, how do we resolve this never-ending loop of negativity about passwords, along with the ridiculous situation that platforms still permit non-secure passwords?

There is a simple and effective way to resolve it: mandate complex passwords or, better yet, MFA.

In this blogpost, we provide an overview of the attack, and the first public analysis of the Android backdoor.

sqgame is a gaming platform tailored for the people of Yanbian and hosts traditional Yanbian games for Windows, Android, and iOS.

Android BirdCall analysisIn this section, we provide a technical analysis of the Android BirdCall backdoor – an Android port of the eponymous Windows backdoor written in C++.

Trojanized Android gamesAndroid BirdCall is distributed via trojanized Android games.

During our research, we observed 12 Zoho WorkDrive drives used by the Android BirdCall backdoor for C&C purposes.

Tony also offers insights that the they may hold for your own cyber-defenses.

Iranian-linked hackers are targeting Rockwell programmable logic controllers (PLCs), with almost 4,000 such devices exposed on the networks of U.S. critical infrastructure organizations, according to a warning from multiple U.S. federal agencies.

How can critical infrastructure organizations using Rockwell PLCs stay safe?

How do the FBI's figures compare to those from 2024 and what was the most damaging scam to affect businesses last year?

Learn this and more from Tony's video and be sure to check out the March 2026 edition of Tony's monthly security news roundup for more insights.

Calm feels like evidence that the danger has passed, which changes behavior in ways that reintroduce the danger.

Yet more trapsThe formal state of an organization’s security is easy to measure and – assuming all turns out well – also easy to feel good about.

When the confidence shattersThis all matters also because a ransomware intrusion is a business continuity event whose effects extend far and wide.

Discipline is everythingIn addition to the right tools and people, security that holds up over time rests on the habit of watching and adapting.

It’s what security tools can ‘convert’ into detections and alerts that let security teams act in time.

GopherWhisper abuses legitimate services, notably Discord, Slack, Microsoft 365 Outlook, and file.io for command and control (C&C) communication and exfiltration.

GopherWhisper leverages Discord, Slack, Microsoft 365 Outlook, and file.io for C&C communications and exfiltration.

The malware we initially discovered consists of the following:JabGopher: an injector that executes the LaxGopher backdoor disguised as whisper.dll .

GopherWhisper toolset overviewRevealing messagesAs mentioned in the introduction, GopherWhisper is characterized by the extensive use of legitimate services such as Slack, Discord, and Outlook for C&C communication.

In addition, several interesting links to GitHub reposi…

Additionally, the code can also capture the victim’s payment card PIN and exfiltrate it to the operators’ C&C server.

Apart from relaying NFC data, the malicious code also steals payment card PINs.

The first NGate attacks employed the open-source NFCGate tool to facilitate the transfer of NFC data.

Once installed, the app asks to be set as the default payment app, which can be seen in Figure 10.

Initial request to set the app as the default NFC payment appFigure 11.

Collectively, they pave the way for the intrusion long before the ransom note arrives.

ESET’s detection data shows ransomware rising by 13 percent in the second half of 2025 compared to the prior six months, following a 30-percent increase in the first half of 2025.

Meanwhile, Verizon’s 2025 Data Breach Investigations Report (DBIR) recorded a jump from 32% to 44% in the share of breaches involving ransomware, while the median ransom payment fell from $150,000 to $115,000.

As the products have improved, criminals responded by building a clandestine market for tools designed to disable them.

The sheer investment in EDR killers is, somewhat perversely, the clearest measure of how much damage t…

Ignoring a real breach notification invites risk, but falling for a bogus one could be even worse.

What do fake breach notification scams look like?

Either:The scammers wait for a real breach, and piggyback on the news to send out a fake notification.

Spotting the red flagsFake breach notifications should be easy to spot if you know what to look out for.

Staying safeUnderstanding what to look out for is the first step to staying safe from breach notification scams.

This seems extremely low given the scale and frequency of supply chain incidents – and how broadly ‘supply chain’ really stretches.

Notably, 3CX itself was the downstream victim of another supply chain attack, courtesy of a compromised Trading Technologies X_TRADER installer.

CISOs rated supply chain disruption #2 for 2025 and #2 again for 2026, while CEOs rate supply chain disruption #3 for 2025.

Talk about a supply chain blind spot…What are key considerations around geopolitical supply chain risk?

Resilience is imperativeIn a world of escalating threats and risky interdependencies, supply chain cyber resilience is a competitive differentiator at the survival level.

If you’ve been the victim of fraud, you’re likely already a lead on a ‘sucker list’ – and if you’re not careful, your ordeal may be about to get worse.

Online scammers only care about one thing: making money, so when new opportunities arise to do just that, they take them.

Recovery fraud is an umbrella for several predatory tactics, all sharing a common goal: the “second strike.”How does recovery fraud work?

This is basically a kind of advance fee fraud.

If you’ve been victimized by recovery scammers, there are a limited set of options available to you.

Threat actors are using AI to supercharge tried-and-tested TTPs.

The former are using AI, automation and a range of techniques to sometimes devastating effect.

But n the other hand, threat actors are just doing what they have done before – supercharging existing tactics, techniques and procedures (TTPs) to accelerate attacks.

Threat actors are:Getting better at stealing/cracking/phishing legitimate credentials from your employees.

Catching threat actors at this point is essential – especially as exfiltration (when it begins) is also being accelerated by AI.

Now just have a think about all of the digital assets you’re likely to leave for loved ones to manage.

From a legal perspective, inheritance laws often don’t include digital assets, online policies can be “opaque” and tools fragmented, it says.

However, a proposed Property (Digital Assets, etc.)

However, a proposed Property (Digital Assets, etc.)

Or a fictitious “account recovery” service provider claiming they can access your loved one’s digital assets for a fee.

The past four weeks have seen a slew of new cybersecurity wake-up calls that showed why every organization needs a well-thought-out cyber-resilience planAs March 2026 draws to a close, ESET Chief Security Evangelist Tony Anscombe looks at some of the top cybersecurity stories that made the news this month and offers insights that they may hold for your cyber-defenses.

Here's Tony's rundown of some of what stood out most over the four or so weeks:The medtech giant Stryker fell victim to a cyberattack that was claimed by the Iran-linked Handala hacktivist group and reportedly wiped “over 200,000 systems, servers, and mobile devices” and stole 50 terabytes of data,Research by the Google Threat…

Citrix has introduced Citrix Platform Flex, a secure access platform that combines software, management, and infrastructure to deliver managed desktops, enterprise browsing, and zero-trust access in a single offering. Built around workforce personas, Platform Flex replaces one-size-fits-all licensing with a flexible consumption model. Customers purchase a shared pool of Flex credits and allocate them based on the performance, security, and resilience needs of different worker types, adjusting usage as requirements change. The approach changes how … More →

The post Citrix moves secure access to a flexible, credit-based consumption model appeared first on Help Net Security.

Recent disclosures have revealed that open-source networking tool dnsmasq is grappling with a serious set of vulnerabilities. The problems span memory safety and input validation, with researchers identifying heap buffer overflows, heap corruption, and code execution bugs among the issues. Taken together, the security flaws open the door to various attacks: poisoning cached DNS entries, slipping past security controls, crashing the dnsmasq process, and in certain scenarios, escalating privileges locally. To address all of this, … More →

The post Six new dnsmasq vulnerabilities open the door to DNS cache poisoning, local root appeared first on Help Net Security.

Car manufacturer Škoda discovered that attackers had exploited a vulnerability in its online shop software and gained temporary unauthorized access to the system. What happened? After discovering the incident, the company took the shop offline as a precautionary measure, fixed the vulnerability, referred the incident to a specialized IT forensics team for technical analysis, and reported it to the data protection supervisory authority. “Technical analysis has revealed that access to data stored in the shop … More →

The post Škoda confirms unauthorized access to its online shop appeared first on Help Net Security.

OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It combines OpenAI models, Codex Security, and cyber-focused GPT-5.5 variants to help organizations identify, validate, and prioritize software vulnerabilities. How Daybreak identifies exploitable vulnerabilities Daybreak builds editable threat models from a company’s code repository, analyzes realistic attack paths, validates likely vulnerabilities in isolated environments, and helps teams focus on exploitable issues instead of noisy alerts. … More →

The post OpenAI’s Daybreak uses Codex Security to identify risky attack paths appeared firs…

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

Friday Squid Blogging: Giant Squid Live in the Waters of Western AustraliaEvidence of them has been found by analyzing DNA in the seawater.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

Posted on May 8, 2026 at 5:03 PM • 2 Comments

Insider trading is rife on Polymarket:Analysis by the Anti-Corruption Data Collective, a non-profit research and advocacy group, found that long-shot bets—­defined as wagers of $2,500 or more at odds of 35 percent or less—­on the platform had an average win rate of around 52 percent in markets on military and defense actions.

That compares with a win rate of 25 percent across all politics-focused markets and just 14 percent for all markets on the platform as a whole.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

A new rowhammer attack gives complete control of NVIDIA CPUs.

On Thursday, two research teams, working independently of each other, demonstrated attacks against two cards from Nvidia’s Ampere generation that take GPU rowhammering into new—­and potentially much more consequential—­territory: GDDR bitflips that give adversaries full control of CPU memory, resulting in full system compromise of the host machine.

For the attack to work, IOMMU memory management must be disabled, as is the default in BIOS settings.

“Our work shows that Rowhammer, which is well-studied on CPUs, is a serious threat on GPUs as well,” said Andrew Kwong, co-author of one of the papers.

Unlike the previous two, the res…

DarkSword is a sophisticated piece of malware—probably government designed—that targets iOS.

Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit that leveraged multiple zero-day vulnerabilities to fully compromise devices.

Based on toolmarks in recovered payloads, we believe the exploit chain to be called DarkSword.

These threat actors have deployed the exploit chain against targets in Saudi Arabia, Turkey, Malaysia, and Ukraine.

The proliferation of this single exploit chain across disparate threat actors mirrors the previously discovered Coruna iOS exploit kit.

Hacking PolymarketPolymarket is a platform where people can bet on real-world events, political and otherwise.

Leaving the ethical considerations of this aside (for one, it facilitates assassination), one of the issues with making this work is the verification of these real-world events.

Polymarket gamblers have threatened a journalist because his story was being used to verify an event.

And now, gamblers are taking hair dryers to weather sensors to rig weather bets.

Posted on May 4, 2026 at 5:46 AM • 0 Comments

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

Fast16 MalwareResearchers have reverse-engineered a piece of malware named Fast16.

It’s almost certainly state-sponsored, probably US in origin, and was deployed against Iran years before Stuxnet:“…the Fast16 malware was designed to carry out the most subtle form of sabotage ever seen in an in-the-wild malware tool: By automatically spreading across networks and then silently manipulating computation processes in certain software applications that perform high-precision mathematical calculations and simulate physical phenomena, Fast16 can alter the results of those programs to cause failures that range from faulty research results to catastrophic damage to real-world equipment.”Another news…

No, it’s an extraordinary number:Since February, the Firefox team has been working around the clock using frontier AI models to find and fix latent security vulnerabilities in the browser.

We wrote previously about our collaboration with Anthropic to scan Firefox with Opus 4.6, which led to fixes for 22 security-sensitive bugs in Firefox 148.

This week’s release of Firefox 150 includes fixes for 271 vulnerabilities identified during this initial evaluation.

Our experience is a hopeful one for teams who shake off the vertigo and get to work.

Our work isn’t finished, but we’ve turned the corner and can glimpse a future much better than just keeping up.

This capability will have major security implications, compromising the devices and services we use every day.

The news rocked the internet security community.

Unpatchable or hard to verify systems should be protected by wrapping them in more restrictive, tightly controlled layers.

These are bog-standard security ideas that we might have been tempted to throw out in the era of AI, but they’re still as relevant as ever.

Rethinking Software Security PracticesThis also raises the salience of best practices in software engineering.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

About Bruce SchneierI am a public-interest technologist, working at the intersection of security, technology, and people.

I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

I'm a fellow and lecturer at Harvard's Kennedy School, a board member of EFF, and the Chief of Security Architecture at Inrupt, Inc.

This personal website expresses the opinions of none of those organizations.

It was used to track a Dutch naval ship:Dutch journalist Just Vervaart, working for regional media network Omroep Gelderland, followed the directions posted on the Dutch government website and mailed a postcard with a hidden tracker inside.

Because of this, they were able to track the ship for about a day, watching it sail from Heraklion, Crete, before it turned towards Cyprus.

While it only showed the location of that one vessel, knowing that it was part of a carrier strike group sailing in the Mediterranean could potentially put the entire fleet at risk.

[…]Navy officials reported that the tracker was discovered within 24 hours of the ship’s arrival, during mail sorting, and was eventuall…

For the past several years, security experts have tracked a series of massive DDoS attacks originating from Brazil and solely targeting Brazilian ISPs.

The company originated from protecting game servers against DDoS attacks and evolved into an ISP-focused DDoS mitigation provider.

But so-called “DNS reflection” attacks rely on DNS servers that are (mis)configured to accept queries from anywhere on the Web.

“We received and notified many Tier 1 upstreams regarding very very large DDoS attacks against small ISPs,” Nascimento said.

Nascimento flatly denied being involved in DDoS attacks against Brazilian operators to generate business for his company’s services.

A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft.

FBI investigators tied Buchanan to the 2022 SMS phishing attacks after discovering the same username and email address was used to register numerous phishing domains seen in the campaign.

That same year, U.K. investigators found a device at Buchanan’s Scotland residence that included data stolen from SMS phishing victims and seed phrases from cryptocurrency theft victims.

Buchanan is the second known Scattered Spider member to plead guilty.

Two other alleged Scattered Spider members will soon be tried in the United Kingdom.

“This CVE can enable phishing attacks, unauthorized data manipulation, or social engineering campaigns that lead to further compromise,” Walters said.

Satnam Narang, senior staff research engineer at Tenable, said April marks the second-biggest Patch Tuesday ever for Microsoft.

Narang also said there are indications that a zero-day flaw Adobe patched in an emergency update on April 11 — CVE-2026-34621 — has seen active exploitation since at least November 2025.

Adam Barnett, lead software engineer at Rapid7, called the patch total from Microsoft today “a new record in that category” because it includes nearly 60 browser vulnerabilities.

For example, a Google Chrome update released earlier t…

Hackers linked to Russia’s military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today.

The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code.

Instead, they used known vulnerabilities to modify the Domain Name System (DNS) settings of the routers to include DNS servers controlled by the hackers.

English said the routers attacked by Forest Blizzard were reconfigured to use DNS servers that pointed to a handful of virtual private servers controlled by …

An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face.

Shchukin’s name appeared in a Feb. 2023 filing (PDF) from the U.S. Justice Department seeking the seizure of various cryptocurrency accounts associated with proceeds from the REvil ransomware gang’s activities.

The Gandcrab ransomware affiliate program first surfaced in January 2018, and paid enterprising hackers huge shares of the profits just for hacking into user accounts at major corporations.

The Gandcrab team would then try to expand that access, often siphoning vast amounts of sensitive and internal documents in the process.

REvil never recovered f…

Experts say the wiper campaign against Iran materialized this past weekend and came from a relatively new cybercrime group known as TeamPCP.

TeamPCP then attempted to move laterally through victim networks, siphoning authentication credentials and extorting victims over Telegram.

Eriksen said it appears TeamPCP used access gained in the first attack on Aqua Security to perpetrate this weekend’s mischief.

“It’s a little all over the place, and there’s a chance this whole Iran thing is just their way of getting attention,” Eriksen said.

“While security firms appear to be doing a good job spotting this, we’re also gonna need GitHub’s security team to step up,” Cimpanu wrote.

The feds say the four botnets — named Aisuru, Kimwolf, JackSkid and Mossad — are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline.

The government alleges the unnamed people in control of the four botnets used their crime machines to launch hundreds of thousands of DDoS attacks, often demanding extortion payments from victims.

The oldest of the botnets — Aisuru — issued more than 200,000 attacks commands, while JackSkid hurled at least 90,000 attacks.

Aisuru emerged in late 2024, and by mid-2025 it was launching record-breaking DDoS attacks as it rapidly infected new IoT devices.

That disclosure help…

A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan.

Meanwhile, a voicemail message at Stryker’s main U.S. headquarters says the company is currently experiencing a building emergency.

In a lengthy statement posted to Telegram, an Iranian hacktivist group known as Handala (a.k.a.

Palo Alto says Handala surfaced in late 2023 and is assessed as one of several online personas maintained by Void Manticore, a MOIS-affiliated actor.

The security firm said Handala also has taken credit for recent attacks against fuel systems in Jordan and an Israeli energy exploratio…

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software.

It would hardly be a proper Patch Tuesday without at least one critical Microsoft Office exploit, and this month doesn’t disappoint.

Ben McCarthy, lead cyber security engineer at Immersive, called attention to CVE-2026-21536, a critical remote code execution bug in a component called the Microsoft Devices Pricing Program.

Microsoft has already resolved the issue on their end, and fixing it requires no action on the part of Windows users.

For a complete breakdown of all the patches Microsoft released today, check out the SANS Internet Storm Center’s Patch Tues…

The new hotness in AI-based assistants — OpenClaw (formerly known as ClawdBot and Moltbot) — has seen rapid adoption since its release in November 2025.

“The testimonials are remarkable,” the AI security firm Snyk observed.

WHEN AI INSTALLS AIOne of the core tenets of securing AI agents involves carefully isolating them so that the operator can fully control who and what gets to talk to their AI assistant.

Probably the best known (and most bizarre) example is Moltbook, where a developer told an AI agent running on OpenClaw to build him a Reddit-like platform for AI agents.

Claude Code Security is a legitimate signal that AI is reshaping parts of the security landscape.

In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf, the world’s largest and most disruptive botnet.

Dort was an extremely active player in the Microsoft game Minecraft who gained notoriety for their “Dortware” software that helped players cheat.

Dort also used the nickname DortDev, an identity that was active in March 2022 on the chat server for the prolific cybercrime group known as LAPSUS$.

Dort peddled a service for registering temporary email addresses, as well as “Dortsolver,” code that could bypass various CAPTCHA services designed to prevent automated account abuse.

The breach tracking service Constella I…

Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms.

Enter Starkiller, a new phishing service that dynamically loads a live copy of the target login page and records everything the user types, proxying the data to the legitimate site and back to the victim.

According to an analysis of Starkiller by the security firm Abnormal AI, the service lets customers select a brand to impersonate (e.g., Apple, Facebook, Google, Microsoft et.

“Starkiller represents a significant escalation in phishing infrastructure, reflecting a broader trend toward commoditized, enterp…

I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet’s control servers.

I2P is a decentralized, privacy-focused network that allows people to communicate and share information anonymously.

However, Lance James, founder of the New York City based cybersecurity consultancy Unit 221B and the original founder of I2P, told KrebsOnSecurity the entire I2P network now consists of between 15,000 and 20,000 devices on any given day.

Brundage said the Kimwolf operator(s) have been trying to build a command and control network that can’t easily be taken down by security companies and network …

The zero-day flaw CVE-2026-21513 is a security bypass bug targeting MSHTML, the proprietary engine of the default Web browser in Windows.

CVE-2026-21514 is a related security feature bypass in Microsoft Word.

The zero-day CVE-2026-21533 allows local attackers to elevate their user privileges to “SYSTEM” level access in Windows Remote Desktop Services.

Chris Goettl at Ivanti reminds us Microsoft has issued several out-of-band security updates since January’s Patch Tuesday.

On January 26, Microsoft patched a zero-day security feature bypass vulnerability (CVE-2026-21509) in Microsoft Office.

One in eight UK workers admits to selling their company login credentials - or knowing someone who has - in the past 12 months. The really alarming bit? Their bosses are even more relaxed about it. Read more in my article on the Fortra blog.

Russia's military intelligence service, the GRU, directly controls who gets into Department 4, according to the leak.

It is GRU that is overseeing exams, and signing-off on graduates' postings, with some promising students scouted as early as secondary school.

Upon his graduation, he is said to have been assigned to the Fancy Bear hacking group, which was linked by the US Department of Justice over the high profile hack of the Democratic National Committee.

He has, it seems, gone from running the Fancy Bear hacking group to helping train its replacements.

What the report does is act as a useful reminder that the threat posed by groups like Fancy Bear and Sandworm is serious and organised.

Sri Lankan police have arrested 37 people suspected of running a scam centre in a suburb of the capital city Colombo.

Prior to that, in March, immigration officers arrested 135 Chinese men and women in connection with another scam centre.

So the obvious question to ask is: what are these alleged scam centres suspected of being doing?

Sri Lanka has recently boosted its appeal to foreign tourists by relaxing visa requirements, and has been "rewarded" by more scam centers popping up in its cities residential suburbs.

You don't have to live anywhere near a scam compound for any of this to land in your life.

Meta sees everything, copy fail, and a deepfake gets hired with Graham Cluley and special guest Paul Ducklin.

Sometimes I have to whisper and sometimes the whisper is edited out afterwards, say, "Say who you are."

They had this secret memo where they said, "Look, there's going to be a bit of aggro when we launch this.

So they say there's clear user consent, they say.

And we've got so many people that still don't know about the technology.

This is the picture that US prosecutors have painted of a teenager arrested earlier this month at Helsinki Airport while trying to board a flight to Tokyo.

Prosecutors allege that the teenage suspect took part in at least four Scattered Spider attacks , the earliest in March 2023 - just months after his 16th birthday.

The complaint also alleges that the Scattered Spider gang mocked law enforcement, with one 2024 screenshot reportedly showed failed login attempts captioned "F*** off, FBI."

Scattered Spider is a loosely-formed English-speaking collective of teenagers and young adults who became infamous after the 2023 attacks on MGM Resorts and Caesars Entertainment.

You should also consider …

US Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes.

The messages, which began arriving on Monday, came signed by the Iran-linked Handala hacking group, that has spent much of 2026 attacking US and Israeli targets.

A day later, the Handala hacking crew took to its Telegram channel to announce that it had published the names and phone numbers of 2,379 US Marines stationed in the Persian Gulf.

Handala, which first surfaced in late 2023, presents itself as a pro-Palestinian hacktivist group.

If a Marine receives a WhatsApp message naming them and threatening their family, it does not really ma…

All this and more in episode 465 of the “Smashing Security” podcast with cybersecurity keynote speaker and industry veteran Graham Cluley, joined this week by special guest James Ball.

Smashing Security listeners get $1000 off!

Support the show:You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Join Smashing Security PLUS for ad-free episodes and our early-release feed!

Follow us:Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.

34-year-old Xu Zewei arrived in Houston, Texas at the weekend after Italian authorities approved his extradition to the United States.

The US Department of Justice alleges that Xu was following orders from officers at the Shanghai State Security Bureau, an arm of China's Ministry of State Security.

According to the FBI, Hafnium targeted more than 60,000 organisations in the United States and successfully broke into over 12,700 of them.

The Chinese Foreign Ministry opposed Xu's extradition to the United States, and claimed that cases are being fabricated against Chinese citizens.

But every so often, a suspect makes the mistake of going on holiday somewhere with an extradition agreement with …

A 21-year-old man suspected of conducting approximately 100 data breaches since late 2025 - including a hack of the French Ministry of National Education that exposed records on almost a quarter of a million employees — has been arrested at his home in western France.

According to French prosecutors, the man was reportedly preparing to dump yet another collection of stolen data online at the time of his arrest on 20 April, and has admitted to using the pseudonym "HexDex" online.

The police investigation began on 19 December last year, when the Paris prosecutor's cybercrime unit received around 100 reports of data exfiltration, all apparently linked to the same perpetrator.

In an interview g…

Yeah, yeah.

Yeah, yeah.

As a journalist, this really, really bugs me because of course, it's really difficult when you cover these cybercrime incidents because the victim here, is it P3?

And the company have been clearly really, really terrible in transparency.

Yeah, yeah, yeah.

Garrett Dutton, better known as G. Love - the front man of blues-hip-hop outfit G. Love & Special Sauce - has learnt that lesson the hard way.

In what must have been a painful admission earlier this month, G. Love described how while setting up a new computer, he downloaded what he believed was the legitimate Ledger Live app from Apple's official App Store.

The bogus app tricked the singer into entering his seed phrase - the master key to his cryptocurrency holdings.

The real Ledger Live app will never ask you for your seed phrase.

In the past Apple has presented its App Store as a more secure and safer place to find and download apps than other operating systems.

Have you ever taken a look at your Microsoft 365 mailbox rules? If not, it might be worth a few minutes of your time. Because newly released research reveals that hackers may already have beaten you to it. Read more in my article on the Fortra blog.

Right, right.

And by legacy, I mean software that's already out in production that's been out one or more years.

Oh, whether we've got the right security controls in place, whether our vendors are secure, how to escape the nightmare of outdated tools and endless manual processes.

Right, right.

Right, right.

Cybersecurity researchers have revealed that 108 malicious Google Chrome extensions have been quietly stealing user credentials, hijacking Telegram sessions, and injecting unwanted ads and scripts into browsers - all reporting back to the same central point.

Between them, before being identified, the extensions had racked up approximately 20,000 installs from the Chrome Web Store.

And to further disguise the reality of what was going on, each malicious Google Chrome extension adopted differing disguises - including posing as a Telegram sidebar client, slot machine games, tools to enhance YouTube and TikTok, or translation tools.

More recently, in 2023, a rogue "ChatGPT for Google" extension…

The fraud landscape has been changed by AI and cryptocurrency in a way that should concern organisations and individuals alike. Read more in my article on the Fortra blog.

Поэтому при внедрении собственных ИИ-серверов и их вспомогательных систем (RAG, MCP и так далее) необходимо с самого начала внедрять строгие меры безопасности.

В ответ на запросы он отчитывается о доступности серверов Ollama, LM Studio, AutoGPT, LangServe, text-gen-webui, которые часто используются для «обвязки» запущенных локально ИИ-моделей.

Дополнительно сервер-приманка отчитывался о наличии разнообразных баз данных RAG и MCP-сервера с привлекательными возможностями вроде «get_credentials» (получить учетные данные).

На самом деле на Raspberry PI просто были сохранены 500 ответов настоящей модели Qwen3, из которых несложный скрипт выбирал наиболее подходящий с учетом присланного запроса.

…

Кроме того, взлом паролей ускоряется из года в год: в нашем аналогичном исследовании 2024 года процент паролей, нестойких ко взлому, был ниже.

К сожалению, многие пользователи хранят свои пароли в открытом виде в заметках, сообщениях в мессенджерах, в документах, а также в браузерах, сохраненные пароли из которых злоумышленники вытаскивают за считаные секунды.

Не храните пароли в виде обычного текстаНи в коем случае не записывайте пароли в файлах, сообщениях и документах — они не защищены должным шифрованием, как в менеджере паролей.

Не храните пароли в браузерахМногие пользователи сохраняют свои пароли в браузерах — тем более что те любезно позволяют делать это автоматически.

Важно соблюда…

К сожалению, создатели зловредов уже не первый раз находят способы обойти эту защиту, так что секреты, хранящиеся в Chrome, опять под угрозой.

Как работает шифрование с привязкой к приложению в ChromeGoogle представила механизм шифрования с привязкой к приложению (Application-Bound Encryption) в июле 2024 года в 127-й версии браузера Chrome.

Мы уже подробно рассказывали, что представляют собой эти файлы и к чему может привести их кража, поэтому здесь лишь кратко напомним основные факты.

Дело в том, что в данной ОС Chrome использовал только стандартный встроенный механизм защиты данных Data Protection API (DPAPI).

В теории это должно было заметно усложнить атаки на Chrome и снизить эффективн…

Наши эксперты обнаружили масштабную атаку на цепочку поставок через ПО для эмуляции оптического дисковода DAEMON Tools.

Кого именно атакуютС начала апреля было зарегистрировано несколько тысяч попыток установки дополнительной вредоносной нагрузки через зараженное ПО DAEMON Tools.

Что именно было зараженоВредоносный код был обнаружен в DAEMON Tools начиная с версии 12.5.0.2421 и до 12.5.0.2434.

Если у вас на компьютере (или где-то в организации) используется ПО DAEMON Tools, наши эксперты рекомендуют тщательно проверить устройства на наличие аномальной активности начиная с 8 апреля.

Наши решения успешно защищают пользователей от всего вредоносного ПО, используемого в атаке на цепочку поставо…

Практически в каждом фильме или сериале из вселенной «Звездных войн» присутствуют дроиды.

Кто-то, наверное, скажет: «Да какая разница?» И с точки зрения нормального зрителя будет абсолютно прав.

Дроид — сложная киберфизическая система, повлияв на мотивацию которой атакующий может получить доступ к конфиденциальным данным, а то и вовсе причинить вред настоящему владельцу.

В нескольких случаях человек, не являющийся формальным владельцем дроида, старается повлиять на его поступки, пытаясь ввести дроида в заблуждение.

Ферн вводит в дискуссию понятие из детских игр — unclaimsies (то есть как бы обнуление прав) и заявляет собственные права на место капитана.

Динамически обновляемый контентКорреляционный контент сегодня — это не статичный набор правил, а процесс: он постоянно развивается и адаптируется под актуальные угрозы.

Только за 2025 год мы выпустили 55 обновлений пакетов правил для разных версий и разных языков нашей SIEM-системы KUMA.

Всего за год добавилось 10 новых пакетов, а также 250 правил обнаружения и множество улучшений существующего контента.

Эффективность работы KUMA повышается за счет интеграции с Kaspersky EDR и отдельными наборами правил для Active Directory, в которых реализованы десятки сценариев обнаружения атак на разных стадиях.

В целом SIEM перестает быть набором правил и превращается в постоянно обновляемую систему об…

В случае если авто или его владелец потенциально связаны с преступлением, автомобиль могут изучать не только под микроскопом и ультрафиолетом.

Комплексная слежкаДля слежки за «лицами, представляющими интерес», данные, полученные с самого автомобиля, связывают с информацией из других источников.

Журналисты обнаружили, что некоторые компании рекламируют возможность дистанционного скрытного включения микрофонов и камер автомобиля, что позволяет прослушивать разговоры в реальном времени.

Если это приложение вам очень нужно, откажитесь от передачи своих данных «на сторону» в настройках фирменного приложения.

Откажитесь от передачи данных и в настройках самого автомобиля, если это возможно.

Например, приложение, которое обрабатывает конфиденциальные данные организации, опубликовано на публичном конструкторе вайб-код-приложений (Lovable и ему подобным) и по умолчанию доступно всему Интернету.

Нельзя один раз проделать упражнение «защита приложения» и на этом остановиться.

Всегда просите ИИ добавлять проверки для любых данных, которые вводят люди (как в формы, так и в строки поиска).

Тестируйте новые функции и новые версии приложения в безопасной среде — на копии сайта или приложения и на копии базы данных.

С помощью сканера вы проследите, чтобы файлы с ключами и паролями не попадали в Git и не публиковались вместе с проектом.

Преступники внедряют уже известные трюки в новые цепочки атак, в том числе ловят жертв в App Store.

Подделки под криптокошелькиВ марте этого года мы обнаружили в топе китайского App Store фишинговые приложения, иконки и названия которых мимикрируют под приложения для управления распространенными криптокошельками.

Чтобы приложения были пропущены в App Store, в них добавляли какую-либо базовую функциональность, например игру, калькулятор или планировщик задач.

Установка без App StoreКлючевой частью схемы является установка вредоносов на iPhone жертв в обход App Store и его процесса верификации.

Такие приложения не требуют публикации в App Store, и их можно устанавливать без ограничений по кол…

Возможно, именно это в какой-то мере сформировало их отношение к информации и сподвигло заняться ее защитой.

То есть, по сути, описана виртуальная реальность, неотличимая от настоящей (и это за 35 лет до «Матрицы»).

«Нейромант» (1984)«Нейромант» — книга, опубликованная в 1984 году и, по сути, положившая начало популярности жанра «киберпанк» (хотя само слово было изобретено немного раньше).

И эту идею отложили в долгий ящик, и она до сих пор так и не реализовалась.

Это уже не фантастика, и в этой подборке он стоит скорее для контраста.

Такие документы — лакомый кусочек для злоумышленников, ведь в них хранятся личные данные, информация о работе, доходах, собственности и банковских счетах — и далее по списку.

Неудивительно, что именно в это время мошенники становятся особенно активными: Интернет сейчас буквально кишит поддельными сайтами, имитирующими государственные ресурсы и налоговые органы.

В этом посте рассказываем, как действуют поддельные сайты от «налоговых органов» в разных странах и чего делать точно не стоит, чтобы сохранить свои деньги и конфиденциальную информацию.

На подобных сайтах-подделках мошенники крадут учетные данные от легитимных сайтов и личную информацию, а затем предлагают оформить налоговый вычет и…

«Оптика» уже давно является стандартным средством передачи данных благодаря возможности транслировать информацию с высокой скоростью и на большие расстояния.

Потенциально это позволяет превратить оптоволоконный кабель в микрофон и перехватывать разговоры в помещении, находясь в километрах от источника звука.

Конечно, данная работа имеет скорее теоретический характер, как и другие подобные исследования, о которых мы писали ранее (прослушивание через датчик мыши, модули оперативной памяти как радиопередатчик, похищение данных с сенсора камеры видеонаблюдения, подглядывание в экран через кабель HDMI).

Трудности оптического подслушиванияВпервые о таких особенностях оптического кабеля задумались…

Если компания производит программное обеспечение, то злоумышленники получат возможность организовать масштабную атаку на цепочку поставок для атаки на пользователей разрабатываемого приложения.

Варианты атак на разработчиков ПОВыбрав целью разработчика программного обеспечения, злоумышленники, как правило, пытаются теми или иными способами подсунуть ему вредоносный код.

Вредоносный код в тестовых заданияхПериодически злоумышленники публикуют привлекательные вакансии для разработчиков и снабжают их тестовыми заданиями, в которых содержится вредоносный код.

Атака была направлена на разработчиков, которые пытаются найти способ использовать ассистентов без ведома ИБ-службы компании.

Узкоспециал…

DarkSword и Coruna — два новых инструмента для бесконтактных и незаметных атак на iOS-устройства, которые уже активно используются злоумышленниками «в дикой природе».

Однако DarkSword и Coruna, обнаруженные исследователями кибербезопасности в этом году, меняют правила игры: эти зловреды уже используются для массового заражения рядовых пользователей.

Получается зловред двойного назначения, который может использоваться как для шпионажа, так и для кражи криптовалюты.

Последняя версия Coruna, как и DarkSword, имеет модификации для кражи криптовалюты, а также ворует фотографии и в некоторых случаях электронную почту.

Кто создал Coruna и DarkSword и как они попали в «дикую природу»Исследование ко…

Помимо экранных дикторов, для помощи незрячим и слабовидящим существуют и специальные приложения и сервисы для мобильных устройств, среди которых один из самых популярных — Be My Eyes.

Кроме того, в Be My Eyes встроен ИИ, который может распознавать и озвучивать текст и называть объекты вокруг.

Приложение для Windows, Android и iOS позволяет незрячим и слабовидящим обращаться за помощью к волонтерам по видеосвязи с любыми бытовыми вопросами.

Мы также рекомендуем установить на все ваши устройства — и смартфоны, и компьютеры — надежное защитное решение, которое заблокирует попытки фишинга и перехода на вредоносные или подозрительные сайты.

При этом фото и видео шифруются как при передаче, так …

The Missing Surface: Security ContextAsk a SOC analyst what they need from a security platform and you get consistent answers.

Cisco Secure Access now includes Security Insights: a security analytics dashboard that surfaces where risk is concentrated, helps teams identify emerging threats and policy gaps, and gives security leadership the trend data to report on posture and measure the impact of initiatives over time.

Secure Access addresses this through the AI view, which tracks GenAI application usage and guardrail violations alongside the rest of security operations.

Security Insights gives analysts the signals to start an investigation, security managers the view to close policy gaps, a…

The integrity of the systems we depend on, the trust layer underneath everything, is equally exposed.

This integrates naturally with external key management systems, including Quantum Key Distribution platforms for the most sensitive environments.

In the meantime, visit the Cisco Trust Center to learn more about our PQC approach and stay ahead of what’s coming.

Ask a question and stay connected with Cisco Security on social media.

Cisco Security Social MediaLinkedInFacebookInstagram

Cisco Catalyst SD-WAN for Government integration with Cisco Secure Access FedRAMP instances: Government agencies require secure, compliant networking solutions that meet stringent federal security standards.

Cisco Catalyst SD-WAN for Government now integrates with Cisco Secure Access FedRAMP instances, enabling government organizations to maintain secure connectivity while ensuring compliance with federal security standards.

Policy groups in Cisco Catalyst SD-WAN Manager enable agencies to define IPSec tunnels and connection parameters to Secure Access instances, ensuring secure and compliant access across their network infrastructure.

AI application classification and shadow AI control: Ci…

With modular N+1 clustering (supporting up to 16 nodes), the 6100 Series scales to up to 8 Tbps of L7 throughput.

Using our AI-driven Encrypted Visibility Engine (EVE), the 6100 Series identifies threats in encrypted traffic without decryption, preserving privacy and line-rate speed.

Because at this scale, security shouldn’t hold you back—it should help you move faster.

Ask a question and stay connected with Cisco Security on social media.

Cisco Security Social MediaLinkedInFacebookInstagram

Cisco Secure Firewall uses encryption for many things: VPN tunnels, remote management, hardware-level trust, and inline decryption.

They also define stronger baselines of security for existing algorithms, which are already incorporated into Cisco Secure Firewall.

Support arrives in Secure Firewall Threat Defense (FTD) 10.5 and ASA 9.25, targeted for General Availability in late 2026.

PQC support for TLS client features is planned for ASA/FTD 11.0, while management web server PQC support depends on underlying web server library readiness.

Cisco Secure Firewall is building post-quantum cryptography into every layer of the platform, so that when your organization is ready to make the transitio…

At this year’s Mobile World Congress in Barcelona, service providers showed up from around the world to join over 115,000 attendees from 210 countries.

We leveraged the lessons learned from previous SOC deployments, adding the new Secure Firewall 6160, which is designed specifically for AI-ready data centers.

Clockwise from the upper left quadrant: Firepower in Security Cloud Control, Splunk Cloud dashboard for MWC, Splunk Enterprise Security Mission Control and Cisco XDR.

Ask a question and stay connected with Cisco Security on social media.

Cisco Security Social MediaLinkedInFacebookInstagram

Mobile World Congress (MWC) Barcelona is one of the most demanding environments for network and security operations.

For the 2nd year, the Cisco team leveraged Splunk, in addition to its other security products, to deliver a unified Security Operations Center (SOC) and Network Operations Center (NOC) experience.

Clockwise from the upper left quadrant: Firepower in Security Cloud Control, Splunk Cloud dashboard for MWC, Splunk Enterprise Security Mission Control and Cisco XDR.

Bridging SOC and NOC: From Visibility to ContextTraditionally, SOC and NOC teams operate in parallel, often using separate tools and datasets.

Edge engineering still matters in cloud-first architecturesComponents like …

Among the new security features, the one I was most eager to explore was Shadow Traffic detection.

Observing Shadow Traffic at scale on the live congress wireless network provided useful insight.

The Shadow Traffic dashboard put Tailscale VPN, ExpressVPN, and NordVPN at the top of the list.

Shadow Traffic detection conveniently labels the suspicious connections, making filtering in the Unified Events Viewer straightforward and precise.

With Shadow Traffic detection, you expand visibility into inspection gaps that most organizations don’t even realize they have.

Please note that the network of the venue remains protected at the DNS level by Cisco Secure Access outside the event.

Access to these AI models can be managed with Secure Access to secure AI apart from just leveraging AI for security.

During the event, Secure Access blocked access to one of those phishing domains.

Secure Access Investigate, as appearing above, provides real-time actionable threat intelligence by analysing global data from the Secure Access network using AI to detect, score, and predict emerging threats.

ConcludingThe AI-powered Security and Network Operations Center (S/NOC) at Mobile World Congress 2026 demonstrated Cisco’s commitment to leveraging cutting-edge technologie…

Data optimization in security is often discussed as a cost control mechanism.

In a Splunk security stack, data optimization is not about reducing volume.

Advanced Optimization Blind Spots in Splunk Security EnvironmentsData Model Acceleration Blindness: Aggressive filtering often breaks Common Information Model (CIM) compliance or data model population.

Security data optimization must include: Search workload modeling; concurrent triage simulation; adversary emulation exercises.

Final Thought and Call to ActionIn Splunk security architectures, data optimization is not a storage tuning exercise, finance initiative, or infrastructure refresh it is a security engineering discipline.

Every year, the Cisco Talos Year in Review captures the patterns shaping the threat landscape.

To unpack the biggest takeaways and what they mean for security teams, we brought together Christopher Marshall, VP of Cisco Talos, and Peter Bailey, SVP and GM of Cisco Security.

For the full discussion, head over to the Cisco Talos blog where you can also download the Year in Review report.

Old vulnerabilities, new speedMarshall: One of the clearest trends in this year’s data is the contrast in how vulnerabilities are being exploited.

Read full post on the Cisco Talos blogWe’d love to hear what you think!

Our research shows that nearly 60% of security leaders view security concerns as the primary barrier to broader agentic AI adoption.

At the exact same time, 29% rank securing agentic AI among their top three priorities for the coming year.

Much like a public-facing web service, an external AI agent can be attacked, exploited, or “poisoned” by malicious inputs.

The “Who Owns This?” ProblemAs agentic AI expands into operational systems, who is actually responsible for securing it?

Explore our Agentic AI Security Solution to learn more, or view the full survey results infographic.

Welcome to the Agentic AI EraEnterprise interest in agentic AI is accelerating.

AI agents operate at machine speeds to execute complex tasks, yet they completely lack essential human judgment and contextual awareness.

Current challenges in the agentic AI ecosystemWhen our teams were analyzing the problem around governing this new digital AI workforce, we saw three areas across our customer and prospect conversations on why zero trust access built for humans must adapt to agentic workflows:Early and fragmented ecosystem.

Zero trust for agentic AI in practiceLet’s look at a typical scenario — a financial automation agent kicking off vendor payments.

We are thrilled to partner with AI-driven o…

Part 2 is about the uncomfortable reality that our identity systems are unprepared for what’s already here.

The Attacks from Part 1 Were Identity FailuresEvery major attack examined in Part 1 was, at its core, an identity problem.

Every one expands the potential damage of a security breach, and our identity systems were not built for this.

What Workload Identity Gets Right — And Where It Falls ShortThe security industry’s answer to machine identity is SPIFFE, and SPIRE, a standard that gives every workload a cryptographic identity card.

Today’s workload identity systems typically assign the same identity to every copy of an application when instances are functionally identical.

Meet Cisco Talos Incident Response, or Talos IR – our frontline response team.

Talos IR works holidays, weekends, and through the night because someone on the other end of that call is counting on us.

The threats responders see in the field today become the protections in Cisco products tomorrow.

Different perspectives, same missionAsk a Talos IR team member why they do this work and you will get different answers.

Unlike many security roles, incident responders build deep connections with the people they help.

Public reporting and proof-of-concept activity indicate the exploit is designed to provide more reliable privilege escalation than traditional race-condition-dependent Linux local privilege escalation techniques.

Dirty Frag may be leveraged after initial compromise through SSH access, web-shell execution, container escape, or compromise of a low-privileged account.

Why Dirty Frag mattersLocal privilege escalation vulnerabilities are frequently used by threat actors after initial access to expand control over a compromised environment.

Dirty Frag is notable because it introduces multiple kernel attack paths involving rxrpc and esp/xfrm networking components to improve exploitation reliabilit…

The AI model itself isn’t the issue as it’s behaving exactly as designed by parsing language into tool schemas.

As part of our mission to make AI systems more secure and eliminate new class of vulnerabilities, we’re launching a research series focused on identifying vulnerabilities in popular AI agent frameworks.

A representative case study: Semantic KernelSemantic Kernel is Microsoft’s open-source framework for building AI agents and integrating AI models into applications.

During our security research into the Semantic Kernel framework, we identified and disclosed two critical vulnerabilities: CVE-2026-25592 and CVE-2026-26030.

With this understanding of how a Semantic Kernel agent perfor…

World Passkey Day is a chance to reflect on progress toward a shared goal: reducing our reliance on passwords and other phishable authentication methods by accelerating passkey adoption.

In partnership with the FIDO Alliance, Microsoft is committed to advancing passkey adoption through ongoing standards work, active participation in working groups, and other contributions to a passwordless future.

This means passkey users can’t be tricked into signing in to a malicious lookalike website, and a passkey is unusable unless the user is present and consenting.

Get started with a phishing-resistant passwordless authentication deployment in Microsoft Entra ID.

4FIDO Alliance Champions Widespread P…

KuppingerCole Analysts’ 2026 Emerging AI Security Operations Center (SOC) reflects this shift clearly: the future of security automation is not defined by static rules or isolated workflows, but by intelligence‑driven automation that supports analyst decision‑making across the full security lifecycle.

As KuppingerCole’s research makes clear, it is becoming a foundational element of modern security operations.

Read the Emerging AI Security Operations Center (SOC) report to learn more.

To learn more about Microsoft Security solutions, visit our website.

Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

We’re classifying these as a loader install campaign, a script install campaign, and a helper install campaign.

Payload delivery.

]com Domain Payload delivery vcopp[.

]com Domain Payload delivery kcbps[.

]com Domain Payload delivery jpbassin[.

Microsoft Defender detectionsMicrosoft Defender customers can refer to the list of applicable detections below.

Microsoft Security Copilot customers can also use the Microsoft Security Copilot integration in Microsoft Defender Threat Intelligence, either in the Security Copilot standalone portal or in the embedded experience in the Microsoft Defender portal to get more information about this threat actor.

]com Domain Domain hosting sender email address 2026-04-14 2026-04-16 Gadellinet[.

]com Domain Domain hosting sender email address 2026-04-14 2026-04-16 Harteprn[.

To hear stories and insights from the Microsoft Threat Intelligence community about the ever-evolving threat landscape, listen…

Microsoft Defender detectionsMicrosoft Defender customers can refer to the list of applicable detections below.

Microsoft Security Copilot customers can also use the Microsoft Security Copilot integration in Microsoft Defender Threat Intelligence, either in the Security Copilot standalone portal or in the embedded experience in the Microsoft Defender portal to get more information about this threat actor.

]com Domain Domain hosting sender email address 2026-04-14 2026-04-16 Gadellinet[.

]com Domain Domain hosting sender email address 2026-04-14 2026-04-16 Harteprn[.

To hear stories and insights from the Microsoft Threat Intelligence community about the ever-evolving threat landscape, listen…

Microsoft Defender is investigating a high-severity local privilege escalation vulnerability (CVE-2026-31431) affecting multiple major Linux distributions including Red Hat, SUSE, Ubuntu, and AWS Linux.

CVE-2026-31431 (also known as “Copy Fail”) is a high‑severity local privilege escalation (LPE) vulnerability affecting the Linux kernel’s cryptographic subsystem.

Tactic Observed activity Microsoft Defender coverage Execution Exploitation of CVE-2026-31431 Microsoft Defender Antivirus– Exploit:Linux/CopyFailExpDl.A– Exploit:Python/CopyFail.A– Exploit:Linux/CVE-2026-31431.A– Behavior:Linux/CVE-2026-31431Microsoft Defender for Endpoint– Possible CVE-2026-31431 (“Copy Fail”) vulnerability explo…

Microsoft Defender is investigating a high-severity local privilege escalation vulnerability (CVE-2026-31431) affecting multiple major Linux distributions including Red Hat, SUSE, Ubuntu, and AWS Linux.

CVE-2026-31431 (also known as “Copy Fail”) is a high‑severity local privilege escalation (LPE) vulnerability affecting the Linux kernel’s cryptographic subsystem.

Tactic Observed activity Microsoft Defender coverage Execution Exploitation of CVE-2026-31431 Microsoft Defender Antivirus– Exploit:Linux/CopyFailExpDl.A– Exploit:Python/CopyFail.A– Exploit:Linux/CVE-2026-31431.A– Behavior:Linux/CVE-2026-31431Microsoft Defender for Endpoint– Possible CVE-2026-31431 (“Copy Fail”) vulnerability explo…

Microsoft Agent 365 Now generally available for commercial customers.

Additionally, we’re announcing the previews of new Agent 365 capabilities and integrations to help you scale agent adoption with the right controls in place.

Agent 365 software development company launch partnersAgent 365 Software Development Company Launch Partners have built agents fully enabled to be managed by Agent 365.

These Agent 365 enabled agents are then observable, governable, and securable in the Agent 365 control plane, accelerating adoption for your organization.

Each of today’s announcements build upon Agent 365 capabilities we shared in March 2026 as well as detailed feedback of customers using the Frontie…

New capabilities in Microsoft Agent 365; new Microsoft Defender and GitHub integrationAt Microsoft, security innovations are purpose-built to help every organization protect end-to-end with the speed and scale of AI.

In the Loop is a new series from Microsoft Security that delivers timely news and updates to the global security community.

New demo: Run a data security investigation in Microsoft PurviewData Security Investigations Get started ↗Step into the role of a data security analyst and see how Microsoft Purview Data Security Investigations helps you identify investigation‑relevant data, analyze it using AI‑powered deep content analysis, and mitigate sensitive data risks—all within a s…

New capabilities in Microsoft Agent 365; new Microsoft Defender and GitHub integrationAt Microsoft, security innovations are purpose-built to help every organization protect end-to-end with the speed and scale of AI.

In the Loop is a new series from Microsoft Security that delivers timely news and updates to the global security community.

New demo: Run a data security investigation in Microsoft PurviewData Security Investigations Get started ↗Step into the role of a data security analyst and see how Microsoft Purview Data Security Investigations helps you identify investigation‑relevant data, analyze it using AI‑powered deep content analysis, and mitigate sensitive data risks—all within a s…

This blog provides a view of email threat activity across the first quarter of 2026, highlighting key trends in phishing techniques, payload delivery, and threat actor behavior observed by Microsoft Threat Intelligence.

Monthly CAPTCHA-gated phishing volume by distribution method (Q1 2026)Another notable shift in CAPTCHA-gated phishing attacks was the erosion of Tycoon2FA’s impact on the landscape.

Example of file names used in the campaign include the following:_statements_inv_.svg401K_copy___241.svgCheck_2408_Payment_Copy___241.svgINV#_1709612175_.svgListen_().svgPLAY_AUDIO_MESSAGE____241.svgIf an attached SVG file was opened, the user’s browser would open locally and fetch content from o…

Here, threat actors may simply seed prompt injections on websites in hope of corrupting AI systems that browse them.

Early experiments revealed a significant volume of "benign" prompt injection text, which illustrates the complexity of distinguishing between functional threats and harmless content.

Many prompt injections were found in research papers, educational blog posts, or security articles discussing this very topic.

(Source: GitHub/swisskyrepo)When searching for prompt injections naively, the majority of detections are benign content – false positives in our case.

Malicious: ExfiltrationWe were able to observe a small number of prompt injections that aim at theft of data.

Recognizing the risks associated within the complex modem firmware, Pixel 9 shipped with mitigations against a range of memory-safety vulnerabilities.

Following our previous discussion on "Deploying Rust in Existing Firmware Codebases", this post shares a concrete application: integrating a memory-safe Rust DNS(Domain Name System) parser into the modem firmware.

Hook-up Rust to modem firmwareBefore building the Rust DNS library, we defined several Rust unit tests to cover basic arithmetic, dynamic allocations, and FFI to verify the integration of Rust with the existing modem firmware code base.

Pixel modem firmware already has a well-tested and specialized global memory allocation system to…

This project represents a significant step forward in our ongoing efforts to combat session theft, which remains a prevalent threat in the modern security landscape.

Session theft typically occurs when a user inadvertently downloads malware onto their device.

Once active, the malware can silently extract existing session cookies from the browser or wait for the user to log in to new accounts, before exfiltrating these tokens to an attacker-controlled server.

How DBSC WorksDBSC protects against session theft by cryptographically binding authentication sessions to a specific device.

The issuance of new short-lived session cookies is contingent upon Chrome proving possession of the correspondi…

Staying ahead of the latest indirect prompt injection attacks is critical to our mission of securing Workspace with Gemini.

In our previous blog “Mitigating prompt injection attacks with a layered defense strategy”, we reviewed the layered architecture of our IPI defenses.

Synthetic data generationAfter we discover, curate, and catalog new attacks, we use Simula to generate synthetic data expanding these new attacks.

We partition the synthetic data described above into separate training and validation sets to ensure performance is evaluated against held-out examples.

This process leverages the newly generated synthetic attack data described on this blog, to create a robust, end-to-end evalu…

2025 marked a special year in the history of vulnerability rewards and bug bounty programs at Google: our 15th anniversary 🎉🎉🎉!

Coming back to 2025 specifically, our VRP once again confirmed the ongoing value of engaging with the external security research community to make Google and its products safer.

Vulnerability Reward Program 2025 in NumbersWant to learn more about who’s reporting to the VRP?

Tip: Want to be informed of new developments and events around our Vulnerability Reward Program?

Follow the Google VRP channel on X to stay in the loop and be sure to check out the Security Engineering blog, which covers topics ranging from VRP updates to security practices and vulnerability des…

To stay ahead of the curve, the technology industry must undertake a proactive, multi-year migration to Post-Quantum Cryptography (PQC).

To bring these critical protections to the wider developer community with minimal friction, the transition will be supported through Play App Signing.

Play App Signing leverages Google Cloud KMS, which helps ensure industry-leading compliance standards, to secure signing keys.

Empower Developers : The inclusion of ML-DSA support within Android Keystore and Play App Signing allows developers to safeguard their users and application.

: The inclusion of ML-DSA support within Android Keystore and Play App Signing allows developers to safeguard their users and …

Today we're announcing a new program in Chrome to make HTTPS certificates secure against quantum computers.

Instead, Chrome, in collaboration with other partners, is developing an evolution of HTTPS certificates based on Merkle Tree Certificates (MTCs), currently in development in the PLANTS working group.

Since MTC technology shares significant architectural similarities with CT, these operators are uniquely qualified to ensure MTCs are able to get off the ground quickly and successfully.

The Chrome Quantum-resistant Root Program will operate alongside our existing Chrome Root Program to ensure a risk-managed transition that maintains the highest levels of security for all users.

First, we…

For Majik, Scam Detection was the intervention he needed: “The warning is what made me pause and avoid a bad situation”.

As scammers evolve their tactics and create more convincing and personalized threats, we’re using the best of Google AI to stay one step ahead.

Expanding Scam Detection for Calls to Samsung DevicesTo help protect you during phone calls, Scam Detection alerts you if a caller uses speech patterns commonly associated with fraud.

Scam Detection for phone calls on Google Pixel devices is available in the U.S., Australia, Canada, India, Ireland, and the UK.

Powered by Gemini’s on-device model, Scam Detection provides intelligent protection against scam calls while ensuring that…

Upgrading Google Play’s AI-powered, multi-layered user protectionsWe’ve seen a clear impact from these safety efforts on Google Play.

As Android’s built-in defense against malware and unwanted software, Google Play Protect now scans over 350 billion Android apps daily.

This proactive protection constantly checks both Play apps and those from other sources to ensure they are not potentially harmful.

Looking aheadOur top priority remains making Google Play and Android the most trusted app ecosystems for everyone.

Thank you for being part of the Google Play and Android community as we work together to build a safer app ecosystem.

That’s why we're committed to providing multi-layered defenses that help protect you before, during, and after a theft attempt.

Today, we're announcing a powerful set of theft protection feature updates that build on our existing protections, designed to give you greater peace of mind by making your device a much harder target for criminals.

These updates are now available for Android devices running Android 16+.

More User Control for Failed Authentications: In Android 15, we launched Failed Authentication Lock, a feature that automatically locks the device's screen after excessive failed authentication attempts.

This feature is now getting a new dedicated enable/disable toggle in settings,…

These initiatives, driven by Ballots SC-080, SC-090, and SC-091, will sunset 11 legacy methods for Domain Control Validation.

What’s Domain Control Validation?

Domain Control Validation is a security-critical process designed to ensure certificates are only issued to the legitimate domain operator.

Sunsetted methods relying on email:Sunsetted methods relying on phone:Sunsetted method relying on a reverse lookup:For everyday users, these changes are invisible - and that’s the point.

These changes push the ecosystem toward standardized (e.g., ACME), modern, and auditable Domain Control Validation methods.

Partnership with ArmOur goal is to raise the bar on GPU security, ensuring the Mali GPU driver and firmware remain highly resilient against potential threats.

We partnered with Arm to conduct an analysis of the Mali driver, used on approximately 45% of Android devices.

This approach allowed us to roll out the new security policy broadly while minimizing the impact on developers.

This effort spans across Android and Android OEMs, and required close collaboration with Arm.

The Android security team is committed to collaborating with ecosystem partners to drive broader adoption of this approach to help harden the GPU.

We built on Gemini's existing protections and agent security principles and have implemented several new layers for Chrome.

To further bolster model alignment beyond spotlighting, we’re introducing the User Alignment Critic — a separate model built with Gemini that acts as a high-trust system component.

A flow chart that depicts the User Alignment Critic: a trusted component that vets each action before it reaches the browser.

The User Alignment Critic runs after the planning is complete to double-check each proposed action.

Looking forwardThe upcoming introduction of agentic capabilities in Chrome brings new demands for browser security, and we've approached this challenge with the same ri…

Android uses the best of Google AI and our advanced security expertise to tackle mobile scams from every angle.

Over the last few years, we’ve launched industry-leading features to detect scams and protect users across phone calls, text messages and messaging app chat notifications.

To help combat these types of financial scams, we launched a pilot earlier this year in the UK focused on in-call protections for financial apps.

The UK pilot of Android’s in-call scam protections has already helped thousands of users end calls that could have cost them a significant amount of money.

We’ve also started to pilot this protection with more app types, including peer-to-peer (P2P) payment apps.

Secure by DesignWe built Quick Share’s interoperability support for AirDrop with the same rigorous security standards that we apply to all Google products.

Secure Sharing Channel: The communication channel itself is hardened by our use of Rust to develop this feature.

On Android, security is built in at every layer.

On Android, security is built in at every layer.

Secure Sharing Using AirDrop's "Everyone" ModeTo ensure a seamless experience for both Android and iOS users, Quick Share currently works with AirDrop's "Everyone for 10 minutes" mode.