This is an automated aggregator of newsworthy articles collected from multiple web sites, summarised by AI. Last updated: .

⚠️

This is an archived news list from the past. Click here to view the latest news.

Tech News

Cybersecurity / Vulnerabilities:
- Microsoft's April 2026 Patch Tuesday addresses 167 vulnerabilities, including two zero-days: CVE-2026-32201 in SharePoint Server allowing spoofing, and CVE-2026-33825 (BlueHammer) in Windows Defender for privilege escalation. Google Chrome has also patched its fourth zero-day of the year, and Adobe released an emergency update for an actively exploited flaw in Acrobat Reader. 👉 msrc.microsoft.com^$ 👉 msrc.microsoft.com^$ 👉 bleepingcomputer.com 👉 infosec.exchange 👉 bleepingcomputer.com
Cybercrime / State-Sponsored Attacks:
- Russian military intelligence units (Forest Blizzard/APT28) are using known vulnerabilities in older routers to harvest authentication tokens from Microsoft Office users, compromising over 18,000 devices by modifying DNS settings to redirect users to malicious servers. The campaign targeted government agencies and SOHO routers, primarily Mikrotik and TP-Link, and involved DNS hijacking to steal OAuth tokens. 👉 microsoft.com^$ 👉 lumen.com 👉 ncsc.gov.uk
Cybercrime / Ransomware:
- German authorities have identified Daniil Maksimovich Shchukin, also known as "UNKN," as the alleged leader of the GandCrab and REvil ransomware gangs, responsible for over 130 cyberattacks in Germany between 2019 and 2021 that caused approximately 35 million euros in economic damage. Shchukin and Anatoly Sergeevitsch Kravchuk are accused of extorting nearly 2 million euros through double extortion tactics. 👉 bka.de 👉 krebsonsecurity.com
Cybercrime / Wiper Attacks:
- A hacktivist group linked to Iran's Ministry of Intelligence and Security (MOIS), known as Handala, claims responsibility for a data-wiping attack against medical technology company Stryker, impacting offices in 79 countries and potentially wiping data on over 200,000 systems. The attack, which utilized a wiper payload triggered by Iranian time zones or Farsi locale settings, is reportedly in retaliation for a missile strike. 👉 unit42.paloaltonetworks.com 👉 aikido.dev 👉 nytimes.com^$
Cybercrime / Botnets:
- U.S. authorities, in collaboration with Canadian and German law enforcement, have disrupted four major IoT botnets—Aisuru, Kimwolf, JackSkid, and Mossad—responsible for over three million compromised devices and numerous large-scale DDoS attacks. The operation targeted infrastructure used to launch hundreds of thousands of attacks, often for extortion purposes. 👉 justice.gov
AI / Security:
- The emerging trend of AI assistants, or "agents," like OpenClaw, is shifting security priorities as they gain extensive access to user data and systems, blurring lines between trusted tools and potential threats. Misconfigurations exposing web interfaces and supply chain attacks via AI tools like Cline demonstrate the risks of these autonomous programs. 👉 snyk.io 👉 grith.ai
Cybercrime / Botnets:
- The individual known as "Dort," associated with the Kimwolf botnet, has been identified through public information and cybercrime forum activity. Dort, also linked to cheating software for Minecraft and services bypassing CAPTCHAs and enabling SIM-swapping, has a history of involvement with cybercrime groups like LAPSUS$. 👉 osint.industries 👉 intel471.com 👉 pypi.org 👉 sim-land.com 👉 flashpoint.io
Phishing / SaaS:
- Starkiller, a new phishing-as-a-service, offers customers a sophisticated method to bypass anti-abuse measures by dynamically loading live website copies and acting as a relay between victims and legitimate sites. The service captures credentials, session tokens, and MFA codes in real-time, effectively neutralizing security safeguards. 👉 abnormal.ai
Cybersecurity / Vulnerabilities:
- CISA has added six vulnerabilities to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. These include an SQL injection flaw in Fortinet FortiClient EMS (CVE-2026-21643), a use-after-free vulnerability in Adobe Acrobat Reader (CVE-2020-9715), and privilege escalation flaws in Microsoft Windows (CVE-2023-236424, CVE-2023-21529) and Exchange Server (CVE-2025-60).
Malware / Mobile Security:
- The Mirax Android RAT is actively targeting Spanish-speaking countries, with campaigns reaching over 220,000 accounts via Meta platforms. This malware functions as a traditional RAT and also turns infected devices into SOCKS5 proxies, allowing attackers to route their traffic through victims' IP addresses. 👉 cleafy.com 👉 outpost24.com
Vulnerabilities / Software:
- Two critical command injection vulnerabilities (CVE-2026-40176 and CVE-2026-40261) have been disclosed in PHP's Composer package manager, potentially allowing attackers to execute arbitrary commands via malicious repository configurations. Patches have been released for these flaws. 👉 thehackernews.com
Mobile Security / Google:
- Google has integrated a Rust-based DNS parser into the firmware of its Pixel 10 devices, enhancing security by mitigating a class of vulnerabilities and promoting memory-safe code adoption in modem components. This initiative is part of Google's broader efforts to secure its mobile devices. 👉 thehackernews.com
AI / Ad Fraud:
- A new ad fraud scheme, dubbed "Pushpaganda," utilizes SEO poisoning and AI-generated content to inject deceptive news stories into Google Discover, tricking users into enabling persistent browser notifications that lead to scareware and financial scams. The campaign has been observed targeting millions of Android and Chrome users. 👉 thehackernews.com
Application Security / DevSecOps:
- An analysis of 216 million security findings from 250 organizations revealed a 400% increase in critical risks, indicating a "velocity gap" where AI-assisted development outpaces remediation workflows. Business context, such as high priority or PII processing, is increasingly driving risk assessment over purely technical severity. 👉 thehackernews.com
Browser Security / Data Theft:
- Over 100 malicious Google Chrome extensions found in the Web Store are designed to steal user data, including Google OAuth2 tokens and session credentials, and enable arbitrary JavaScript execution. These extensions are published under several distinct developer identities but communicate with common command-and-control infrastructure. 👉 thehackernews.com
Vulnerabilities / Software:
- A critical remote code execution (RCE) vulnerability, CVE-2025-0520, in the ShowDoc document management service is actively being exploited. The flaw, which allows unrestricted file uploads, was fixed in version 2.8.7 in October 2020, but many instances remain unpatched. 👉 thehackernews.com
Malware / Latin America:
- The JanelaRAT malware, a variant of BX RAT, is targeting banks in Latin American countries, particularly Brazil and Mexico, with over 14,700 attacks recorded in Brazil in 2025. It steals financial and cryptocurrency data, logs keystrokes, takes screenshots, and utilizes a custom mechanism to identify and target specific financial websites. 👉 thehackernews.com
Cybercrime / Phishing:
- The FBI and Indonesian police have dismantled the W3LL phishing operation, which used a $500 toolkit to mimic legitimate login pages and steal credentials and MFA codes, potentially leading to over $20 million in fraud attempts. The alleged developer has been arrested. 👉 thehackernews.com
Cybersecurity / Threat Intelligence:
- A weekly cybersecurity recap highlights critical zero-day vulnerabilities in Adobe Acrobat Reader and Fortinet, a new Windows rootkit, AI models being used for vulnerability discovery, and North Korean social engineering tactics, alongside a major botnet takedown and research on fiber optic cable eavesdropping. 👉 thehackernews.com
AI / Cybersecurity:
- Anthropic's Mythos AI model has reportedly discovered thousands of zero-day vulnerabilities across major operating systems and browsers, outpacing companies' ability to patch them, while AI-driven attacks are collapsing adversary hand-off times to seconds, highlighting a growing gap in defensive response capabilities. 👉 thehackernews.com 👉 thehackernews.com
Cybersecurity / WordPress:
- Dozens of WordPress plugins, used by thousands of websites, have been found to contain planted backdoors, allowing attackers to execute arbitrary code and gain full control of compromised sites. 👉 techcrunch.com
AI / Tech Policy:
- Anthropic's co-founder has confirmed that the company briefed Trump administration officials on its powerful "Mythos" AI model, which has reportedly discovered thousands of zero-day vulnerabilities, raising questions about AI development and government engagement. 👉 techcrunch.com
Biotech / Startups:
- Max Hodak's Science Corp. is preparing to implant its first sensor into a human brain, marking a significant step in the company's mission to develop brain-computer interfaces. 👉 techcrunch.com
Apps / Scams:
- The rewards app Freecash has been accused of scamming users and manipulating its way to the top of app stores, raising concerns about deceptive practices in the mobile application market. 👉 techcrunch.com
AI / YouTube:
- YouTube is implementing a new strategy for livestreams, holding back ads during peak engagement periods to improve viewer experience and "protect the vibe" of live content. 👉 techcrunch.com
Automotive / Tesla:
- Tesla has introduced "streaks" and other statistics within its software to track how frequently drivers engage with the Full Self-Driving (FSD) beta feature, potentially encouraging more usage. 👉 techcrunch.com
AI / Startups:
- AI data center startup Fluidstack is reportedly in talks to raise approximately $1 billion at a $18 billion valuation, a significant increase from its previous $7.5 billion valuation earlier this year. 👉 techcrunch.com
Fintech / Venture Capital:
- Pillar, a financial risk management platform for commodity-driven businesses, has secured $20 million in seed funding led by Andreessen Horowitz (a16z), bringing its total funding to $23 million. 👉 techcrunch.com
Cybersecurity / Adobe:
- Adobe has released an emergency security update for Acrobat Reader to address a critical zero-day vulnerability (CVE-2026-34621) that has been actively exploited since December. 👉 bleepingcomputer.com
Cybercrime / Rockstar Games:
- Rockstar Games has confirmed a data breach following an extortion threat, with stolen analytics data reportedly leaked by the ShinyHunters gang after a security incident at Anodot. 👉 bleepingcomputer.com
Cybersecurity / Microsoft:
- Microsoft has released Windows 10 KB5082200, an extended security update that addresses vulnerabilities from the April 2026 Patch Tuesday, including the BlueHammer flaw in Windows Defender. 👉 bleepingcomputer.com
Cybersecurity / Booking.com:
- Booking.com has warned customers that their data may have been exposed following a breach where hackers accessed reservation details, leading to reports of phishing scams targeting users. 👉 cybernews.com
Cybersecurity / Chrome:
- Over 100 malicious Google Chrome extensions have been identified that steal user data, including Google OAuth2 tokens and Telegram information, and are being controlled by a single operator. 👉 cybernews.com
Cybercrime / Law Enforcement:
- The FBI, in collaboration with Indonesian police, has dismantled the W3LL phishing network, a global operation that used a toolkit to steal thousands of credentials and attempt over $20 million in fraud, leading to the arrest of the alleged developer. 👉 cybernews.com
Malware / Android:
- A new Android RAT called Mirax is targeting Latin American banks, particularly in Brazil and Mexico, turning infected devices into SOCKS5 proxies and enabling attackers to route traffic through victims' IP addresses. 👉 thehackernews.com
AI / Cybersecurity:
- A study analyzing 216 million security findings revealed a nearly fourfold increase in critical risks, partly attributed to the rapid adoption of AI coding tools, creating a "velocity gap" in vulnerability management. 👉 thehackernews.com
Cybersecurity / PHP:
- Two critical command injection vulnerabilities (CVE-2026-40176 and CVE-2026-40261) in the PHP Composer package manager have been disclosed, allowing for arbitrary command execution through malicious repository configurations. 👉 thehackernews.com
Mobile Security / Google:
- Google is integrating a Rust-based DNS parser into the Pixel 10 modem firmware to enhance security and promote memory-safe code adoption. 👉 thehackernews.com
AI / Ad Fraud:
- A new campaign called "Pushpaganda" uses SEO poisoning and AI-generated content to push fake news into Google Discover, leading users to scareware and ad fraud schemes through malicious browser notifications. 👉 thehackernews.com
Cybercrime / Iran:
- The Iranian-linked hacktivist group Handala claims responsibility for a wiper attack against medical technology company Stryker, impacting operations globally and potentially wiping data on over 200,000 systems as retaliation for a missile strike. 👉 krebsonsecurity.com
Cybercrime / Botnets:
- A cybercrime group known as "Dort," linked to the Kimwolf botnet and past involvement with LAPSUS$, has been identified by threat intelligence firms for their extensive cheating software and services used in Minecraft and for bypassing CAPTCHAs and facilitating SIM-swapping. 👉 krebsonsecurity.com
Cybersecurity / Microsoft:
- Microsoft's March 2026 Patch Tuesday addressed 77 vulnerabilities, including two publicly disclosed flaws: CVE-2026-21262 for privilege escalation in SQL Server and CVE-2026-26127 for potential denial of service in .NET applications. 👉 krebsonsecurity.com
AI / Security:
- The increasing adoption of AI assistants like OpenClaw is raising security concerns due to potential misconfigurations and supply chain attacks, as demonstrated by incidents where AI agents mass-deleted data or installed rogue software without user consent. 👉 krebsonsecurity.com
Cybercrime / Russia:
- Russian state-backed hackers, identified as Forest Blizzard (APT28), are exploiting known router vulnerabilities to steal Microsoft Office authentication tokens from over 18,000 organizations by hijacking DNS settings. 👉 krebsonsecurity.com
Cybersecurity / WordPress:
- Dozens of WordPress plugins, utilized by thousands of websites, have been compromised with planted backdoors, enabling attackers to execute arbitrary code and gain full control over affected sites. 👉 techcrunch.com
AI / Policy:
- Anthropic's co-founder confirmed that the company briefed the Trump administration on its advanced AI model, Mythos, which has reportedly identified numerous zero-day vulnerabilities across major tech systems. 👉 techcrunch.com
Biotech / Startups:
- Max Hodak's Science Corp. is preparing to implant its first brain sensor, advancing its development of brain-computer interfaces. 👉 techcrunch.com
Apps / Scams:
- The rewards app Freecash is under scrutiny for allegedly scamming users and manipulating its way to popularity on app stores. 👉 techcrunch.com
AI / YouTube:
- YouTube is testing a new approach to livestreams, planning to temporarily pause ads during peak engagement to enhance the viewing experience. 👉 techcrunch.com
Automotive / Tesla:
- Tesla is introducing new in-car metrics, including "streaks," to encourage more frequent use of its Full Self-Driving software among drivers. 👉 techcrunch.com

Tech News

Cybersecurity / Vulnerabilities:

Microsoft's April 2026 Patch Tuesday addresses 167 vulnerabilities, including two zero-days: CVE-2026-32201 in SharePoint Server allowing spoofing, and CVE-2026-33825 (BlueHammer) in Windows Defender for privilege escalation. Google Chrome has also patched its fourth zero-day of the year, and Adobe released an emergency update for an actively exploited flaw in Acrobat Reader. 👉 msrc.microsoft.com^$ 👉 msrc.microsoft.com^$ 👉 bleepingcomputer.com 👉 infosec.exchange 👉 bleepingcomputer.com

Cybercrime / State-Sponsored Attacks:

Russian military intelligence units (Forest Blizzard/APT28) are using known vulnerabilities in older routers to harvest authentication tokens from Microsoft Office users, compromising over 18,000 devices by modifying DNS settings to redirect users to malicious servers. The campaign targeted government agencies and SOHO routers, primarily Mikrotik and TP-Link, and involved DNS hijacking to steal OAuth tokens. 👉 microsoft.com^$ 👉 lumen.com 👉 ncsc.gov.uk

Cybercrime / Ransomware:

German authorities have identified Daniil Maksimovich Shchukin, also known as "UNKN," as the alleged leader of the GandCrab and REvil ransomware gangs, responsible for over 130 cyberattacks in Germany between 2019 and 2021 that caused approximately 35 million euros in economic damage. Shchukin and Anatoly Sergeevitsch Kravchuk are accused of extorting nearly 2 million euros through double extortion tactics. 👉 bka.de 👉 krebsonsecurity.com

Cybercrime / Wiper Attacks:

A hacktivist group linked to Iran's Ministry of Intelligence and Security (MOIS), known as Handala, claims responsibility for a data-wiping attack against medical technology company Stryker, impacting offices in 79 countries and potentially wiping data on over 200,000 systems. The attack, which utilized a wiper payload triggered by Iranian time zones or Farsi locale settings, is reportedly in retaliation for a missile strike. 👉 unit42.paloaltonetworks.com 👉 aikido.dev 👉 nytimes.com^$

Cybercrime / Botnets:

U.S. authorities, in collaboration with Canadian and German law enforcement, have disrupted four major IoT botnets—Aisuru, Kimwolf, JackSkid, and Mossad—responsible for over three million compromised devices and numerous large-scale DDoS attacks. The operation targeted infrastructure used to launch hundreds of thousands of attacks, often for extortion purposes. 👉 justice.gov

AI / Security:

The emerging trend of AI assistants, or "agents," like OpenClaw, is shifting security priorities as they gain extensive access to user data and systems, blurring lines between trusted tools and potential threats. Misconfigurations exposing web interfaces and supply chain attacks via AI tools like Cline demonstrate the risks of these autonomous programs. 👉 snyk.io 👉 grith.ai

Cybercrime / Botnets:

The individual known as "Dort," associated with the Kimwolf botnet, has been identified through public information and cybercrime forum activity. Dort, also linked to cheating software for Minecraft and services bypassing CAPTCHAs and enabling SIM-swapping, has a history of involvement with cybercrime groups like LAPSUS$. 👉 osint.industries 👉 intel471.com 👉 pypi.org 👉 sim-land.com 👉 flashpoint.io

Phishing / SaaS:

Starkiller, a new phishing-as-a-service, offers customers a sophisticated method to bypass anti-abuse measures by dynamically loading live website copies and acting as a relay between victims and legitimate sites. The service captures credentials, session tokens, and MFA codes in real-time, effectively neutralizing security safeguards. 👉 abnormal.ai

Cybersecurity / Vulnerabilities:

CISA has added six vulnerabilities to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. These include an SQL injection flaw in Fortinet FortiClient EMS (CVE-2026-21643), a use-after-free vulnerability in Adobe Acrobat Reader (CVE-2020-9715), and privilege escalation flaws in Microsoft Windows (CVE-2023-236424, CVE-2023-21529) and Exchange Server (CVE-2025-60).

Malware / Mobile Security:

The Mirax Android RAT is actively targeting Spanish-speaking countries, with campaigns reaching over 220,000 accounts via Meta platforms. This malware functions as a traditional RAT and also turns infected devices into SOCKS5 proxies, allowing attackers to route their traffic through victims' IP addresses. 👉 cleafy.com 👉 outpost24.com

Vulnerabilities / Software:

Two critical command injection vulnerabilities (CVE-2026-40176 and CVE-2026-40261) have been disclosed in PHP's Composer package manager, potentially allowing attackers to execute arbitrary commands via malicious repository configurations. Patches have been released for these flaws. 👉 thehackernews.com

Mobile Security / Google:

Google has integrated a Rust-based DNS parser into the firmware of its Pixel 10 devices, enhancing security by mitigating a class of vulnerabilities and promoting memory-safe code adoption in modem components. This initiative is part of Google's broader efforts to secure its mobile devices. 👉 thehackernews.com

AI / Ad Fraud:

A new ad fraud scheme, dubbed "Pushpaganda," utilizes SEO poisoning and AI-generated content to inject deceptive news stories into Google Discover, tricking users into enabling persistent browser notifications that lead to scareware and financial scams. The campaign has been observed targeting millions of Android and Chrome users. 👉 thehackernews.com

Application Security / DevSecOps:

An analysis of 216 million security findings from 250 organizations revealed a 400% increase in critical risks, indicating a "velocity gap" where AI-assisted development outpaces remediation workflows. Business context, such as high priority or PII processing, is increasingly driving risk assessment over purely technical severity. 👉 thehackernews.com

Browser Security / Data Theft:

Over 100 malicious Google Chrome extensions found in the Web Store are designed to steal user data, including Google OAuth2 tokens and session credentials, and enable arbitrary JavaScript execution. These extensions are published under several distinct developer identities but communicate with common command-and-control infrastructure. 👉 thehackernews.com

Vulnerabilities / Software:

A critical remote code execution (RCE) vulnerability, CVE-2025-0520, in the ShowDoc document management service is actively being exploited. The flaw, which allows unrestricted file uploads, was fixed in version 2.8.7 in October 2020, but many instances remain unpatched. 👉 thehackernews.com

Malware / Latin America:

The JanelaRAT malware, a variant of BX RAT, is targeting banks in Latin American countries, particularly Brazil and Mexico, with over 14,700 attacks recorded in Brazil in 2025. It steals financial and cryptocurrency data, logs keystrokes, takes screenshots, and utilizes a custom mechanism to identify and target specific financial websites. 👉 thehackernews.com

Cybercrime / Phishing:

The FBI and Indonesian police have dismantled the W3LL phishing operation, which used a $500 toolkit to mimic legitimate login pages and steal credentials and MFA codes, potentially leading to over $20 million in fraud attempts. The alleged developer has been arrested. 👉 thehackernews.com

Cybersecurity / Threat Intelligence:

A weekly cybersecurity recap highlights critical zero-day vulnerabilities in Adobe Acrobat Reader and Fortinet, a new Windows rootkit, AI models being used for vulnerability discovery, and North Korean social engineering tactics, alongside a major botnet takedown and research on fiber optic cable eavesdropping. 👉 thehackernews.com

AI / Cybersecurity:

Anthropic's Mythos AI model has reportedly discovered thousands of zero-day vulnerabilities across major operating systems and browsers, outpacing companies' ability to patch them, while AI-driven attacks are collapsing adversary hand-off times to seconds, highlighting a growing gap in defensive response capabilities. 👉 thehackernews.com 👉 thehackernews.com

Cybersecurity / WordPress:

Dozens of WordPress plugins, used by thousands of websites, have been found to contain planted backdoors, allowing attackers to execute arbitrary code and gain full control of compromised sites. 👉 techcrunch.com

AI / Tech Policy:

Anthropic's co-founder has confirmed that the company briefed Trump administration officials on its powerful "Mythos" AI model, which has reportedly discovered thousands of zero-day vulnerabilities, raising questions about AI development and government engagement. 👉 techcrunch.com

Biotech / Startups:

Max Hodak's Science Corp. is preparing to implant its first sensor into a human brain, marking a significant step in the company's mission to develop brain-computer interfaces. 👉 techcrunch.com

Apps / Scams:

The rewards app Freecash has been accused of scamming users and manipulating its way to the top of app stores, raising concerns about deceptive practices in the mobile application market. 👉 techcrunch.com

AI / YouTube:

YouTube is implementing a new strategy for livestreams, holding back ads during peak engagement periods to improve viewer experience and "protect the vibe" of live content. 👉 techcrunch.com

Automotive / Tesla:

Tesla has introduced "streaks" and other statistics within its software to track how frequently drivers engage with the Full Self-Driving (FSD) beta feature, potentially encouraging more usage. 👉 techcrunch.com

AI / Startups:

AI data center startup Fluidstack is reportedly in talks to raise approximately $1 billion at a $18 billion valuation, a significant increase from its previous $7.5 billion valuation earlier this year. 👉 techcrunch.com

Fintech / Venture Capital:

Pillar, a financial risk management platform for commodity-driven businesses, has secured $20 million in seed funding led by Andreessen Horowitz (a16z), bringing its total funding to $23 million. 👉 techcrunch.com

Cybersecurity / Adobe:

Adobe has released an emergency security update for Acrobat Reader to address a critical zero-day vulnerability (CVE-2026-34621) that has been actively exploited since December. 👉 bleepingcomputer.com

Cybercrime / Rockstar Games:

Rockstar Games has confirmed a data breach following an extortion threat, with stolen analytics data reportedly leaked by the ShinyHunters gang after a security incident at Anodot. 👉 bleepingcomputer.com

Cybersecurity / Microsoft:

Microsoft has released Windows 10 KB5082200, an extended security update that addresses vulnerabilities from the April 2026 Patch Tuesday, including the BlueHammer flaw in Windows Defender. 👉 bleepingcomputer.com

Cybersecurity / Booking.com:

Booking.com has warned customers that their data may have been exposed following a breach where hackers accessed reservation details, leading to reports of phishing scams targeting users. 👉 cybernews.com

Cybersecurity / Chrome:

Over 100 malicious Google Chrome extensions have been identified that steal user data, including Google OAuth2 tokens and Telegram information, and are being controlled by a single operator. 👉 cybernews.com

Cybercrime / Law Enforcement:

The FBI, in collaboration with Indonesian police, has dismantled the W3LL phishing network, a global operation that used a toolkit to steal thousands of credentials and attempt over $20 million in fraud, leading to the arrest of the alleged developer. 👉 cybernews.com

Malware / Android:

A new Android RAT called Mirax is targeting Latin American banks, particularly in Brazil and Mexico, turning infected devices into SOCKS5 proxies and enabling attackers to route traffic through victims' IP addresses. 👉 thehackernews.com

AI / Cybersecurity:

A study analyzing 216 million security findings revealed a nearly fourfold increase in critical risks, partly attributed to the rapid adoption of AI coding tools, creating a "velocity gap" in vulnerability management. 👉 thehackernews.com

Cybersecurity / PHP:

Two critical command injection vulnerabilities (CVE-2026-40176 and CVE-2026-40261) in the PHP Composer package manager have been disclosed, allowing for arbitrary command execution through malicious repository configurations. 👉 thehackernews.com

Mobile Security / Google:

Google is integrating a Rust-based DNS parser into the Pixel 10 modem firmware to enhance security and promote memory-safe code adoption. 👉 thehackernews.com

AI / Ad Fraud:

A new campaign called "Pushpaganda" uses SEO poisoning and AI-generated content to push fake news into Google Discover, leading users to scareware and ad fraud schemes through malicious browser notifications. 👉 thehackernews.com

Cybercrime / Iran:

The Iranian-linked hacktivist group Handala claims responsibility for a wiper attack against medical technology company Stryker, impacting operations globally and potentially wiping data on over 200,000 systems as retaliation for a missile strike. 👉 krebsonsecurity.com

Cybercrime / Botnets:

A cybercrime group known as "Dort," linked to the Kimwolf botnet and past involvement with LAPSUS$, has been identified by threat intelligence firms for their extensive cheating software and services used in Minecraft and for bypassing CAPTCHAs and facilitating SIM-swapping. 👉 krebsonsecurity.com

Cybersecurity / Microsoft:

Microsoft's March 2026 Patch Tuesday addressed 77 vulnerabilities, including two publicly disclosed flaws: CVE-2026-21262 for privilege escalation in SQL Server and CVE-2026-26127 for potential denial of service in .NET applications. 👉 krebsonsecurity.com

AI / Security:

The increasing adoption of AI assistants like OpenClaw is raising security concerns due to potential misconfigurations and supply chain attacks, as demonstrated by incidents where AI agents mass-deleted data or installed rogue software without user consent. 👉 krebsonsecurity.com

Cybercrime / Russia:

Russian state-backed hackers, identified as Forest Blizzard (APT28), are exploiting known router vulnerabilities to steal Microsoft Office authentication tokens from over 18,000 organizations by hijacking DNS settings. 👉 krebsonsecurity.com

Cybersecurity / WordPress:

Dozens of WordPress plugins, utilized by thousands of websites, have been compromised with planted backdoors, enabling attackers to execute arbitrary code and gain full control over affected sites. 👉 techcrunch.com

AI / Policy:

Anthropic's co-founder confirmed that the company briefed the Trump administration on its advanced AI model, Mythos, which has reportedly identified numerous zero-day vulnerabilities across major tech systems. 👉 techcrunch.com

Biotech / Startups:

Max Hodak's Science Corp. is preparing to implant its first brain sensor, advancing its development of brain-computer interfaces. 👉 techcrunch.com

Apps / Scams:

The rewards app Freecash is under scrutiny for allegedly scamming users and manipulating its way to popularity on app stores. 👉 techcrunch.com

AI / YouTube:

YouTube is testing a new approach to livestreams, planning to temporarily pause ads during peak engagement to enhance the viewing experience. 👉 techcrunch.com

Automotive / Tesla:

Tesla is introducing new in-car metrics, including "streaks," to encourage more frequent use of its Full Self-Driving software among drivers. 👉 techcrunch.com