NASA's Artemis II astronauts are approaching the moon's sphere of influence, aiming to surpass Apollo 13's maximum range from Earth. They will begin a six-hour lunar flyby soon, with astronauts sharing early views of the moon's far side and describing the experience as "truly awe-inspiring." πnbcnews.comπapnews.comπnbcnews.comπengadget.comπbbc.comπapnews.com
Cybersecurity / Bug Bounties:
The Internet Bug Bounty program, which has awarded over $1.5 million since 2012, has been paused for new submissions as its organizers reassess its structure and incentives in light of AI's impact on vulnerability discovery and remediation. This pause affects programs like Node.js, which will no longer offer rewards. πhackerone.comπinfoworld.comπhackerone.com
AI / Technology:
A leak of Claude Code's source code revealed features like an "undercover mode" for stealth contributions to codebases and a "frustration detection" tool that scans chat messages for specific keywords, including curse words. The purpose of this scanning is not yet clear. πdevelopers.slashdot.orgπpcworld.comπalex000kim.com
Media / AI:
A journalist at Fortune is producing over 600 AI-assisted stories, significantly increasing output compared to colleagues, by using AI tools for initial drafts which he then edits. This trend highlights the growing use of AI in journalism, though concerns remain about accuracy and disclosure. πmsn.com
A new documentary, "The AI Doc: Or How I Became An Apocaloptimist," is receiving mixed reviews, with some critics praising its "playful and heady" approach while others find it "confusing" or an "aggravating soup of information and opinion." The film explores societal reactions to AI, from doomers to optimists, and the complexities of its geopolitical and economic implications. πvariety.comπnytimes.com$πyahoo.comπtechdirt.comπtheverge.comπmashable.comπtheaidocgetinvolved.com
Cybercrime / Scams:
A crime ring scammed over 2,000 elderly individuals out of more than $27 million between 2021 and 2023 using tech support, bank impersonation, and refund scams. One perpetrator recently pleaded guilty in federal court to fraud and money laundering charges related to the scheme. πjustice.govπsfgate.comπyoutube.com
Technology / Browsers:
Google is testing a new feature for Chrome 148 that will enable "lazy loading" for video and audio elements, potentially speeding up browsing by deferring the loading of non-critical media. This feature is expected to be added to other Chromium-based browsers like Microsoft Edge and Vivaldi. πpcworld.com
Technology / Apple:
Apple has rolled out device-level age verification in the UK and is expanding to Singapore and South Korea, requiring users to verify their age to access certain content and features. While some users experienced smooth verification, others encountered issues, and Apple has provided alternative verification methods including credit card or government ID scans. πnews.slashdot.orgπ9to5mac.comπ9to5mac.comπ9to5mac.comπsupport.apple.com
Biology / Psychedelics:
Scientists have engineered a tobacco plant to produce five different psychedelic compounds simultaneously by introducing genes from plants, fungi, and toads. This breakthrough could provide a new method for producing these compounds for research, addressing ecological and ethical concerns associated with harvesting natural sources. πsciencealert.comπdoi.org
Operating Systems / Linux:
Ubuntu 26.04 LTS has increased its minimum RAM requirement to 6GB, a move that prompts discussions about evolving computing demands and the growing resource needs of modern applications and desktop environments. Alternatives like Lubuntu are mentioned for users with less RAM. πhowtogeek.comπomgubuntu.co.ukπhowtogeek.comπhowtogeek.com
Technology / Apple:
Apple's 50th anniversary has been marked by tributes including a video from CEO Tim Cook, a retrospective on early Apple I games, and a ranked list of influential figures. A new book details the company's history, including Scott Forstall's role in the creation of the App Store against Steve Jobs' initial wishes, highlighting how early Apple innovation often involved defying conventional wisdom. πx.comπhachyderm.ioπthecrazyones.itπtechradar.comπmacworld.comπpogueman.substack.comπdaringfireball.netπamzn.toπnpr.org
Operating Systems / Windows:
Microsoft pulled and re-issued a Windows 11 preview update after it caused installation issues for some users, and is now also force-updating unmanaged Windows 11 24H2 PCs to version 25H2. This update is minor as both versions share the same codebase, aiming for smoother transitions. πzdnet.comπtechrepublic.comπzdnet.comπbleepingcomputer.comπneowin.net
Geopolitics / Espionage:
A former CIA operative has revealed clandestine work to prevent Iran from acquiring nuclear weapons, which involved offering scientists a choice between defection with a new life or assassination. The operations, publicly known as "Brain Drain," sometimes involved intelligence sharing with Mossad to facilitate assassinations, and were successful in disrupting Iran's nuclear program. πnewyorker.comπlatimes.com
Fortinet has released an emergency patch for a critical vulnerability (CVE-2026-35616) in FortiClient EMS that is actively being exploited in the wild, allowing unauthenticated attackers to bypass access controls and execute unauthorized code. πbleepingcomputer.comπthehackernews.com
Cybercrime / Phishing:
Device code phishing attacks have surged dramatically, with new kits enabling attackers to exploit the OAuth 2.0 Device Authorization Grant flow to hijack accounts and bypass security controls. πbleepingcomputer.comπthehackernews.com
Cybersecurity / Ransomware:
Germany's Federal Criminal Police Office has identified Daniil Maksimovich Shchukin, a 31-year-old Russian national, as the leader behind the REvil and GandCrab ransomware operations, which conducted at least 130 attacks in Germany. Shchukin was previously implicated in U.S. Justice Department filings related to REvil's cryptocurrency proceeds. πbka.deπkrebsonsecurity.comπkrebsonsecurity.comπkrebsonsecurity.comπtherecord.mediaπkrebsonsecurity.com
AI assistants like OpenClaw are gaining popularity but introduce significant security risks due to their autonomous nature and potential for misconfiguration, as demonstrated by an incident where an assistant mass-deleted an inbox. Researchers warn that exposing OpenClaw's administrative interface can lead to credential theft and supply chain attacks. πsnyk.ioπx.comπx.comπgrith.aiπx.comπkrebsonsecurity.com
U.S. authorities, alongside international partners, have dismantled four major IoT botnetsβAisuru, Kimwolf, JackSkid, and Mossadβresponsible for numerous large-scale DDoS attacks. These botnets compromised over three million IoT devices, leading to significant extortion attempts and operational disruptions. πjustice.govπkrebsonsecurity.comπi2p.netπgithub.comπkrebsonsecurity.comπkrebsonsecurity.com
Cybercrime / Phishing-as-a-Service:
A new phishing service called Starkiller dynamically loads real login pages and acts as a proxy, relaying victim credentials and MFA codes to attackers in real-time. This sophisticated service allows cybercriminals to bypass security measures and conduct account takeovers with advanced features like live screen streaming and analytics. πabnormal.aiπkrebsonsecurity.com
Cybersecurity / Supply Chain Attacks:
The maintainer of the Axios npm package confirmed that a social engineering campaign by suspected North Korean threat actors (UNC1069) led to a supply chain attack. The attackers used a convincing AI deepfake during a fake meeting to trick the developer into installing malware, highlighting the growing sophistication of these attacks. πbleepingcomputer.comπthehackernews.com
Technology / Drones:
Cybersecurity veteran Mikko HyppΓΆnen, known for his work in fighting malware, is now shifting his focus to developing anti-drone systems for law enforcement and military applications, reflecting a broader trend of cybersecurity expertise being applied to new technological frontiers. πtechcrunch.comπdailyausaf.comπsiliconcanals.comπbsky.appπbsky.appπinfosec.exchangeπc.im
Documents reveal that OpenAI and Anthropic have projected profitability to investors by potentially excluding or downplaying significant AI training and inference costs, with inference costs reportedly exceeding half of revenue, raising questions about their financial projections and IPO readiness. πwsj.com$πx.comπlatimes.com
China is integrating AI into K-12 education to reduce teacher workload, improve rural schools, and support students with disabilities, with pilot schools already using AI for grading artwork and monitoring student engagement. πchinatalk.mediaπspokesman.comπbostonherald.comπfoxnews.comπsubstack.comπhoodline.com
Technology / Software Development:
Job openings for software engineers are up 30% in 2026, reaching the highest level in three years, indicating robust demand in the tech sector despite broader tech layoffs. This surge suggests AI has not yet replaced software coding jobs, but rather is creating new opportunities. πbusinessinsider.com$πimplicator.aiπcoloradosun.comπx.comπbsky.app$
Business / Tech:
Indian IT services company Wipro has agreed to acquire Olam Group's IT unit, Mindsprint, for $375 million and secured a $1 billion contract with Olam, signaling a strategic expansion in the IT services and agri-tech sectors. πreuters.com
A New York Times report explores how teenagers are using popular AI-powered role-playing chatbots, highlighting the challenges for parents in understanding the potential addictive impact of these platforms. πnytimes.com$πbsky.app
Venture capitalists are increasingly covering living expenses, such as rent, for young college dropouts founding AI startups. The average age of an AI unicorn founder has notably decreased from 40 in 2020 to 29 in 2024, reflecting a trend of younger entrepreneurs in the AI space. πwsj.com$πgizmodo.comπx.comπbsky.app
EU legislation allowing voluntary Child Sexual Abuse Material (CSAM) scanning by tech companies expired on April 3rd after lawmakers failed to reach an agreement on an extension, creating a legal vacuum for such practices in Europe starting Saturday. Major tech firms like Meta and Google have pledged to continue scanning despite the expiration. πpolitico.euπblog.googleπsocialmediatoday.comπx.comπlinkedin.comπlinkedin.comπlinkedin.comπlinkedin.comπlinkedin.comπbsky.app
Cybersecurity / Vulnerabilities:
The Axios npm package maintainer confirmed a social engineering attack by North Korean actors (UNC1069) led to a supply chain compromise, using a deepfake to trick the developer into installing malware. This highlights the increasing use of sophisticated social engineering tactics in supply chain attacks. πbleepingcomputer.comπthehackernews.com
Cybersecurity / Malware:
Thirty-six malicious npm packages disguised as Strapi CMS plugins have been discovered, containing payloads that exploit Redis and PostgreSQL, deploy reverse shells, harvest credentials, and install persistent implants. These packages were uploaded by multiple accounts, aiming to deceive developers. πthehackernews.com
Cybersecurity / Ransomware:
The REvil ransomware group leaders, identified as Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk by German authorities, are linked to at least 130 ransomware attacks in Germany, causing over 35 million euros in damages. Shchukin was previously named in U.S. filings related to REvil's cryptocurrency proceeds. πbka.deπkrebsonsecurity.comπkrebsonsecurity.comπkrebsonsecurity.comπtherecord.mediaπkrebsonsecurity.com
Cybersecurity / Cloud Security:
The cybercrime group TeamPCP is industrializing known attack techniques to target cloud infrastructure, primarily Azure and AWS, using a self-propagating worm that exploits exposed Docker APIs, Kubernetes clusters, and vulnerabilities like React2Shell. They recently compromised Trivy's GitHub actions to distribute malware and deployed a wiper targeting Iran. πflare.ioπgithub.comπwiz.ioπaikido.devπkrebsonsecurity.com
Cybersecurity / India:
Indian IT services firm Wipro has agreed to acquire Olam Group's IT unit, Mindsprint, for $375 million and secured an eight-year, $1 billion contract with Olam, signaling a strategic expansion in the IT services and agri-tech sectors. πreuters.com
Cybercrime / Identity Theft:
A new phishing-as-a-service called Starkiller allows attackers to bypass traditional defenses by dynamically loading real login pages and acting as a proxy to steal credentials and MFA codes in real-time. The service features session monitoring, geo-tracking, and automated alerts for operators. πabnormal.aiπkrebsonsecurity.com
Cybersecurity / Data Breaches:
Telehealth provider Hims & Hers is notifying customers of a data breach resulting from the compromise of a third-party customer service platform, Zendesk, which led to the theft of support tickets containing personal information. πbleepingcomputer.com
Cybersecurity / Malware:
A new variant of the SparkCat malware has been found on the Apple App Store and Google Play Store, capable of scanning photo galleries for cryptocurrency wallet recovery phrases. The malware disguises itself within seemingly legitimate apps and targets cryptocurrency users, particularly in Asia for the iOS version. πthehackernews.com
Cybersecurity / Ransomware:
The German political party Die Linke confirmed a data theft incident attributed to the Qilin ransomware group, which caused an IT systems outage and threatened the leak of sensitive party data. πbleepingcomputer.com
Cybersecurity / Threat Intelligence:
China-linked threat actor TA416 has targeted European government and diplomatic organizations since mid-2025 with campaigns involving PlugX malware and OAuth-based phishing, exhibiting adaptive tactics including abusing Cloudflare Turnstile and C# project files. πthehackernews.com
Cybersecurity / Vulnerabilities:
Cisco has released updates to address critical vulnerabilities in its Integrated Management Controller (IMC) and Secure Services Module (SSM), including CVE-2026-20093, a 9.8 CVSS-rated flaw allowing unauthenticated remote attackers to bypass authentication and gain elevated privileges. πthehackernews.com
Cybersecurity / Microsoft:
Microsoft is still working to resolve intermittent mailbox access issues affecting Outlook mobile and macOS users that have persisted for weeks, impacting Exchange Online services. πbleepingcomputer.com