CyberHappenings logo

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

News Summary

Hide ▲
Last updated: 10:15 25/04/2026 UTC
  • CISA Emergency Directive 25-03: Mitigation of Cisco ASA Zero-Day Vulnerabilities The Firestarter malware, a custom backdoor linked to the UAT-4356 threat actor (associated with the ArcaneDoor campaign), continues to persist on Cisco Firepower and Secure Firewall devices running ASA or FTD software even after firmware updates and security patches. CISA and the U.K. NCSC confirmed that the malware enables remote access and control by threat actors, with persistence mechanisms that survive reboots and patching. The adversary initially exploited CVE-2025-20333 (missing authorization) and CVE-2025-20362 (buffer overflow) to deploy Line Viper—a user-mode shellcode loader used to extract credentials and configuration details—before installing Firestarter for long-term access. CISA’s updated Emergency Directive 25-03 now requires Federal Civilian Executive Branch (FCEB) agencies to identify vulnerable Firepower and Secure Firewall devices, collect forensic evidence, and apply vendor-provided mitigations. Over 30,000 devices remain exposed globally, despite prior patching efforts, with some organizations incorrectly applying updates and leaving systems vulnerable. Cisco’s advisory details Firestarter’s persistence via LINA process hooking, modification of boot files (e.g., `CSP_MOUNT_LIST`), and memory-resident shellcode triggered by crafted WebVPN requests. Mitigation requires device reimaging or, as a last resort, a cold restart (with risks of corruption). Administrators are urged to verify compromises using the command `show kernel process | include lina_cs`. The campaign reflects a broader trend of multi-platform exploitation, with UAT-4356 also linked to zero-day attacks on Citrix Bleed 2 (CVE-2025-5777) and Cisco ISE (CVE-2025-20337), deploying custom malware like ‘IdentityAuditAction’ for persistence. The indiscriminate yet sophisticated targeting suggests a highly resourced actor with access to advanced tools or non-public vulnerability intelligence. Read
  • Windows Update policy changes reduce forced restarts and improve user control Microsoft is introducing several Windows Update policy and interface changes to reduce disruptions from forced restarts and improve user control over update timing. The changes include new pause controls, separated update-related shutdown/restart options, clearer device-specific driver labeling, and consolidation of multiple update types into a single monthly restart. These updates are designed to address user feedback about workflow interruptions and limited control over when updates are installed. The features are initially available to Windows Insiders in the Dev and Experimental channels, with broader deployment planned. Read
  • Unauthorized Access to Anthropic’s Claude Mythos via Third-Party Vendor Portal Unauthorized individuals accessed Anthropic’s Claude Mythos through a third-party vendor environment, exploiting an exposed interface designed for testing advanced AI capabilities. The incident highlights risks associated with third-party vendor integrations and the potential for misconfigured or inadequately secured AI testing interfaces to be leveraged for unauthorized access. No evidence of data exfiltration or operational disruption has been confirmed as of publication. Read
  • US disrupts Myanmar-based scam compound and sanctions Southeast Asian financial fraud network US authorities executed a coordinated enforcement action targeting a Myanmar-based scam compound linked to a broader Southeast Asian financial fraud network. The operation included sanctions against 29 individuals, the seizure of a Telegram channel with 6,000+ followers, and the takedown of over 500 .com domains tied to fake investment sites. Two Chinese nationals were criminally charged for managing operations that forced trafficked workers to conduct phone-based social engineering attacks targeting US citizens. The network’s infrastructure and workforce were traced to a compound seized by Burmese forces in November 2025 near the Thai border, revealing a multi-stage scam operation involving deceptive recruitment, coercion, and fraudulent financial schemes. Read
  • UK Biobank de-identified health dataset exposed via illicit researcher access and listed on Chinese e-commerce platforms De-identified health data from 500,000 UK Biobank volunteers surfaced on Alibaba e-commerce platforms in China after researchers at three academic institutions misused their legitimate access to extract and attempt to sell the data. The UK government confirmed listings were identified and removed, with no evidence of purchase. UK Biobank emphasized the data lacked direct identifiers such as names, addresses, phone numbers, or NHS numbers, and stated it was de-identified. The breach was traced to a contractual violation by researchers who accessed the data outside the authorized UK-hosted research platform. UK Biobank suspended all platform access and suspended implicated researchers and institutions pending a forensic investigation. Read
  • Resurgence of basic cybersecurity failures amid accelerated enterprise AI adoption Enterprises rapidly deploying AI systems are neglecting fundamental security controls, reviving previously mitigated risks while introducing new attack surfaces, according to Mandiant’s red-team findings. Security teams have observed adversaries leveraging authorized AI deployments to alter data classifications, bypass data loss prevention systems, and exfiltrate data, with initial access often gained through social engineering. Basic lapses—such as unencrypted AI-to-browser communication in financial environments—underscore systemic failures in secure AI integration. Read
  • Privilege escalation vulnerability in PackageKit (CVE-2026-41651) enables root access via PackageKit daemon A local privilege escalation vulnerability in the PackageKit daemon, tracked as CVE-2026-41651, allows unauthenticated users to execute arbitrary package installation or removal commands, leading to full root access on affected Linux systems. The flaw has existed for approximately 12 years in PackageKit versions up to 1.3.4 and impacts default installations across multiple major Linux distributions. Deutsche Telekom’s Red Team discovered the issue through authentication bypass in command handling, particularly in 'pkcon install' operations on Fedora systems. No public exploit code or technical details have been released to facilitate patching. The flaw carries a CVSS score of 8.8 (Medium severity) due to its high impact on confidentiality, integrity, and availability. Read
Last updated: 10:30 25/04/2026 UTC
  • Unauthenticated RCE Vulnerability in Apache ActiveMQ Classic via Jolokia API (CVE-2026-34197) CVE-2026-34197, an unauthenticated RCE vulnerability in Apache ActiveMQ Classic via the Jolokia API, remains actively exploited with at least 6,400 exposed servers vulnerable. The flaw affects versions prior to 5.19.4 and 6.0.0 to 6.2.3, with patched releases issued on March 30, 2026. Discovered by Horizon3’s Naveen Sunkavally using AI assistance, the vulnerability chain enables attackers to execute arbitrary OS commands by abusing the Jolokia API’s addNetworkConnector function. CISA added the flaw to its Known Exploited Vulnerabilities Catalog on April 16, 2026, and ordered FCEB agencies to remediate by April 30, 2026 under BOD 22-01. Exploitation indicators include broker logs showing vm:// transport connections with brokerConfig=xbean:http:// query parameters and configuration warnings. Shadowserver reports over 7,500 exposed ActiveMQ servers, with recent data showing 6,400 still vulnerable, concentrated in Asia, North America, and Europe. Read
  • TeamPCP escalates CanisterWorm campaign with geopolitical targeting and multi-vector attacks TeamPCP has continued to escalate its multi-vector CanisterWorm campaign into a geopolitically targeted operation, leveraging compromised PyPI packages (LiteLLM versions 1.82.7–1.82.8 and Telnyx versions 4.87.1–4.87.2) and now Checkmarx KICS tooling to deliver credential-stealing malware that harvests SSH keys, cloud credentials, Kubernetes secrets, database credentials, cryptocurrency wallets, TLS/SSL private keys, and bash history files. The group’s most recent compromise involves the Checkmarx KICS analysis tool, where attackers pushed malicious Docker images to the official "checkmarx/kics" repository (overwriting v2.1.20 and introducing v2.1.21), alongside infected VS Code and Open VSX extensions that executed a hidden MCP addon to fetch and deploy multi-stage credential theft malware. The attack targeted data processed by KICS—including GitHub tokens, cloud provider credentials, npm tokens, SSH keys, and environment variables—encrypted and exfiltrated it to audit.checkmarx[.]cx, a domain designed to impersonate legitimate Checkmarx infrastructure. While TeamPCP publicly claimed the attack, researchers noted insufficient evidence beyond pattern-based correlations to confidently attribute the breach. The malicious timeframe for the Docker image compromise lasted from 2026-04-22 14:17:59 UTC to 15:41:31 UTC before affected tags were restored to legitimate digests. The campaign began as a supply-chain attack involving 47 compromised npm packages and escalated to include GitHub repository hijacking (e.g., Aqua Security), Docker Hub compromise, and direct targeting of CI/CD pipelines via GitHub Actions workflows (e.g., Checkmarx, Trivy). Recent compromises of LiteLLM and Telnyx demonstrate rapid iteration and maturation of supply-chain attack methodology, while destructive payloads targeting Iranian systems in Kubernetes environments (e.g., time-zone/locale-based wipers) highlight the group’s geopolitical alignment. The LiteLLM compromise specifically turned developer endpoints into systematic credential harvesting operations, with malware activating during installation/updates and cascading through transitive dependencies (e.g., dspy, opik) to affect organizations that never directly used LiteLLM. A coordinated attack on Checkmarx ecosystems has been discovered, including malicious images pushed to the official "checkmarx/kics" Docker Hub repository (v2.1.20, alpine overwritten; v2.1.21 introduced) and infected Visual Studio Code extensions (1.17.0, 1.19.0) that executed remote addons via Bun without user consent. The malware collected and exfiltrated sensitive data from infrastructure-as-code scans, exposing credentials in Terraform, CloudFormation, or Kubernetes configurations. Techniques and exfiltration infrastructure (e.g., ICP canister cjn37-uyaaa-aaaac-qgnva-cai.raw.icp0.io) resemble TeamPCP's CanisterWorm operations, though attribution remains unconfirmed. The Docker Hub repository has been archived, and affected organizations must remediate potentially compromised secrets. Read
  • Supply chain compromise in Trivy scanner triggers CanisterWorm propagation across CI/CD pipelines Supply chain compromise in the Trivy vulnerability scanner triggered the CanisterWorm propagation across CI/CD pipelines, now expanding to additional open-source ecosystems and involving multiple advanced threat actors. The TeamPCP threat group continues to monetize stolen supply chain secrets through partnerships with extortion groups including Lapsus$ and the Vect ransomware operation, with Wiz (Google Cloud) and Cisco confirming collaboration and horizontal movement across cloud environments. A new npm supply chain malware campaign discovered on April 24, 2026, shows self-propagating worm-like behavior via @automagik/genie and pgserve packages, stealing credentials and spreading across developer ecosystems while using Internet Computer Protocol (ICP) canisters for command and control. The malware shares technical similarities with prior TeamPCP campaigns, including post-install scripts and canister-based infrastructure, potentially indicating ongoing evolution of the threat actor's tactics or a new campaign leveraging established infrastructure. The Axios NPM package compromise via malicious versions 0.27.5 and 0.28.0 delivered a multi-platform RAT through a malicious dependency impersonating crypto-js, with attribution disputes suggesting either TeamPCP involvement or North Korean actor UNC1069 (Google's Threat Intelligence Group). Cisco's internal development environment was breached using stolen Trivy-linked credentials via a malicious GitHub Action, resulting in the theft of over 300 repositories including proprietary AI product code and customer data from banks, BPOs, and US government agencies. Multiple AWS keys were abused across a subset of Cisco's cloud accounts, with multiple threat actors participating in the breach. Read
  • Ransomware extortion totals $2.1B from 2022 to 2024, FinCEN reports FinCEN's report reveals that ransomware gangs extorted over $2.1 billion from 2022 to 2024, with a peak in 2023 followed by a decline in 2024 due to law enforcement actions against major gangs like ALPHV/BlackCat and LockBit. The report details 4,194 ransomware incidents, with manufacturing, financial services, and healthcare being the most targeted industries. The top ransomware families, including Akira, ALPHV/BlackCat, and LockBit, were responsible for the majority of attacks and ransom payments, with Bitcoin being the primary payment method. A former ransomware negotiator, Angelo Martino, has pleaded guilty to conspiring with BlackCat (ALPHV) operators to extort U.S. companies in 2023. Martino, along with accomplices Kevin Tyler Martin and Ryan Goldberg, deployed BlackCat ransomware, shared confidential victim information to maximize ransom demands, and laundered illicit proceeds. Authorities seized $10 million in assets from Martino, and his co-defendants pleaded guilty in December 2025. Read
  • Pre-authenticated RCE in Marimo exploited within 10 hours of advisory A pre-authenticated remote code execution (RCE) vulnerability in Marimo, tracked as CVE-2026-39987 (CVSS 9.3), was exploited in the wild within hours of public disclosure, enabling attackers to gain full PTY shells on exposed instances via the unauthenticated /terminal/ws WebSocket endpoint. The flaw, affecting Marimo versions prior to 0.23.0, initially led to rapid, human-driven exploitation campaigns focused on credential theft. Recent attacks have expanded to deploy a new NKAbuse malware variant hosted on Hugging Face Spaces, using typosquatted repositories to evade detection and establish persistent remote access. Additional exploitation activity includes sophisticated lateral movement, such as reverse-shell techniques and database enumeration, indicating a shift toward multi-stage attacks beyond initial credential harvesting. GitHub assessed the flaw with a critical CVSS score of 9.3, and Marimo developers confirmed impact on instances deployed as editable notebooks or exposed via --host 0.0.0.0 in edit mode. This event is distinct from the LMDeploy SSRF flaw (CVE-2026-33626), which was exploited within 12 hours of disclosure to conduct internal network reconnaissance via SSRF, targeting cloud metadata services, Redis, and MySQL instances. Read
  • Phishing Campaign Abuses iCloud Calendar to Send Emails from Apple Servers A phishing campaign continues to abuse Apple’s legitimate infrastructure to deliver callback phishing emails, now exploiting Apple account change notifications to embed fake purchase alerts. Scammers insert phishing text into Apple ID personal information fields, which Apple includes in security alerts sent to users. The emails originate from Apple’s servers ([email protected]), pass SPF, DKIM, and DMARC checks, and are distributed via Apple’s mailing infrastructure, bypassing spam filters and increasing legitimacy. The emails mimic iPhone purchase notifications via PayPal, claiming charges of $899, and prompt recipients to call a provided number to cancel the transaction. These scams aim to trick victims into granting remote access to their computers, enabling theft of funds, deployment of malware, or data theft. The campaign represents an evolution of prior tactics that abused iCloud Calendar invites to send phishing emails from Apple’s servers. Users are advised to treat unexpected account alerts—especially those claiming unauthorized purchases or urging calls to support numbers—with caution, particularly if they did not initiate recent changes. Read
  • PhantomCard Android Trojan Targets Brazilian Banking Customers via NFC Relay Attacks A new variant of the NGate malware family is leveraging a trojanized version of the HandyPay NFC relay app to capture payment card data and PINs from Brazilian Android users since November 2025. The malicious HandyPay app is distributed via phishing domains impersonating a Brazilian lottery site and a Google Play listing for a card protection tool. Once installed, the app relays NFC payment card data to attacker-controlled devices, enabling fraudulent contactless transactions and ATM withdrawals. Unlike earlier NGate variants that relied on open-source tools like NFCGate, this campaign uses a modified version of HandyPay to avoid detection and requires minimal permissions beyond default payment app status. PhantomCard and related NFC relay malware families have expanded their tactics in Brazil, with NGate variants now using trojanized HandyPay to exfiltrate stolen NFC data to attacker-controlled email addresses. The malware is distributed via fake apps like 'Proteção Cartão' on fake Google Play pages and through fake lottery scams via WhatsApp. ESET researchers attribute the shift from NFCGate to HandyPay to cost and evasion benefits, as HandyPay is significantly cheaper and does not require special permissions. Evidence suggests the malicious code may have been partially generated using generative AI tools, indicated by emoji markers in debug logs. Read

Latest updates

Browse →

ADT data breach attributed to ShinyHunters via vishing and Okta compromise

Updated: · First: 25.04.2026 01:53 · 📰 1 src / 1 articles

Home security provider ADT detected and confirmed an intrusion on April 20, 2026, leading to the theft of customer and prospective customer data by the ShinyHunters extortion group. The attackers accessed ADT’s Salesforce instance after compromising an employee’s Okta SSO account via voice phishing (vishing). Stolen data included names, phone numbers, addresses, and in a small subset of cases, dates of birth and partial Social Security or Tax ID numbers. No payment or authentication data was accessed, and ADT states customer security systems remained unaffected. ShinyHunters threatened to leak the data—claiming over 10 million records—unless a ransom is paid by April 27, 2026.

CISA Emergency Directive 25-03: Mitigation of Cisco ASA Zero-Day Vulnerabilities

Updated: 24.04.2026 23:34 · First: 25.09.2025 15:00 · 📰 16 src / 36 articles

The **Firestarter malware**, a custom backdoor linked to the **UAT-4356** threat actor (associated with the **ArcaneDoor campaign**), continues to persist on **Cisco Firepower and Secure Firewall devices** running ASA or FTD software **even after firmware updates and security patches**. CISA and the U.K. NCSC confirmed that the malware enables **remote access and control** by threat actors, with persistence mechanisms that survive reboots and patching. The adversary initially exploited **CVE-2025-20333** (missing authorization) and **CVE-2025-20362** (buffer overflow) to deploy **Line Viper**—a user-mode shellcode loader used to extract credentials and configuration details—before installing Firestarter for long-term access. CISA’s updated **Emergency Directive 25-03** now requires Federal Civilian Executive Branch (FCEB) agencies to **identify vulnerable Firepower and Secure Firewall devices**, collect forensic evidence, and apply vendor-provided mitigations. Over **30,000 devices remain exposed globally**, despite prior patching efforts, with some organizations **incorrectly applying updates** and leaving systems vulnerable. Cisco’s advisory details Firestarter’s persistence via **LINA process hooking**, modification of boot files (e.g., `CSP_MOUNT_LIST`), and memory-resident shellcode triggered by crafted WebVPN requests. Mitigation requires **device reimaging** or, as a last resort, a **cold restart** (with risks of corruption). Administrators are urged to verify compromises using the command `show kernel process | include lina_cs`. The campaign reflects a broader trend of **multi-platform exploitation**, with UAT-4356 also linked to zero-day attacks on **Citrix Bleed 2 (CVE-2025-5777)** and **Cisco ISE (CVE-2025-20337)**, deploying custom malware like **‘IdentityAuditAction’** for persistence. The indiscriminate yet sophisticated targeting suggests a **highly resourced actor** with access to advanced tools or non-public vulnerability intelligence.

Windows Update policy changes reduce forced restarts and improve user control

Updated: · First: 24.04.2026 23:08 · 📰 1 src / 1 articles

Microsoft is introducing several Windows Update policy and interface changes to reduce disruptions from forced restarts and improve user control over update timing. The changes include new pause controls, separated update-related shutdown/restart options, clearer device-specific driver labeling, and consolidation of multiple update types into a single monthly restart. These updates are designed to address user feedback about workflow interruptions and limited control over when updates are installed. The features are initially available to Windows Insiders in the Dev and Experimental channels, with broader deployment planned.

BlackFile extortion group escalates vishing campaigns with identity theft and data theft targeting retail and hospitality sectors

Updated: · First: 24.04.2026 21:26 · 📰 1 src / 1 articles

A financially motivated hacking group, tracked as BlackFile (aliases: CL-CRI-1116, UNC6671, Cordial Spider), has conducted sustained data theft and extortion attacks against retail and hospitality organizations since February 2026. The group employs voice-based phishing (vishing) campaigns impersonating corporate IT helpdesk staff to steal employee credentials and bypass multifactor authentication (MFA), escalating to executive-level account access. Stolen data is exfiltrated via Salesforce and SharePoint API functions, targeting files containing sensitive terms such as 'confidential' and 'SSN', prior to dark web leak site publications and extortion demands. Additional pressure tactics include swatting attempts against employees and executives.

Microsoft Introduces Phishing-Resistant Passkeys for Windows Sign-Ins

Updated: 24.04.2026 21:13 · First: 10.03.2026 17:27 · 📰 2 src / 2 articles

Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, enabling phishing-resistant passwordless authentication via Windows Hello. The feature is opt-in and will be available in public preview from mid-March through late April 2026 for worldwide tenants, with government cloud environments following in mid-April through mid-May and general availability expected by mid-June 2026. The update extends passwordless sign-in to unmanaged Windows devices—including corporate, personal, and shared devices—addressing a previous security gap where these devices relied on password-based authentication. The passkeys are device-bound and cryptographically secured, preventing theft via phishing or malware, and are stored in the Windows Hello container for authentication via face, fingerprint, or PIN. Admin controls via Conditional Access and Authentication Methods policies enable IT administrators to manage access across different device ownership scenarios.

Privilege escalation vulnerability in PackageKit (CVE-2026-41651) enables root access via PackageKit daemon

Updated: · First: 24.04.2026 20:28 · 📰 1 src / 1 articles

A local privilege escalation vulnerability in the PackageKit daemon, tracked as CVE-2026-41651, allows unauthenticated users to execute arbitrary package installation or removal commands, leading to full root access on affected Linux systems. The flaw has existed for approximately 12 years in PackageKit versions up to 1.3.4 and impacts default installations across multiple major Linux distributions. Deutsche Telekom’s Red Team discovered the issue through authentication bypass in command handling, particularly in 'pkcon install' operations on Fedora systems. No public exploit code or technical details have been released to facilitate patching. The flaw carries a CVSS score of 8.8 (Medium severity) due to its high impact on confidentiality, integrity, and availability.

US disrupts Myanmar-based scam compound and sanctions Southeast Asian financial fraud network

Updated: · First: 24.04.2026 19:48 · 📰 1 src / 1 articles

US authorities executed a coordinated enforcement action targeting a Myanmar-based scam compound linked to a broader Southeast Asian financial fraud network. The operation included sanctions against 29 individuals, the seizure of a Telegram channel with 6,000+ followers, and the takedown of over 500 .com domains tied to fake investment sites. Two Chinese nationals were criminally charged for managing operations that forced trafficked workers to conduct phone-based social engineering attacks targeting US citizens. The network’s infrastructure and workforce were traced to a compound seized by Burmese forces in November 2025 near the Thai border, revealing a multi-stage scam operation involving deceptive recruitment, coercion, and fraudulent financial schemes.

Unauthorized Access to Anthropic’s Claude Mythos via Third-Party Vendor Portal

Updated: · First: 24.04.2026 17:31 · 📰 1 src / 1 articles

Unauthorized individuals accessed Anthropic’s Claude Mythos through a third-party vendor environment, exploiting an exposed interface designed for testing advanced AI capabilities. The incident highlights risks associated with third-party vendor integrations and the potential for misconfigured or inadequately secured AI testing interfaces to be leveraged for unauthorized access. No evidence of data exfiltration or operational disruption has been confirmed as of publication.

DORA enforcement expands to mandate phishing-resistant MFA and privileged credential vaulting in EU financial sector

Updated: · First: 24.04.2026 17:10 · 📰 1 src / 1 articles

The Digital Operational Resilience Act (DORA) has enforced Article 9 requirements since January 17, 2025, establishing credential security as a binding financial risk control for EU financial institutions. Stolen credentials remain the leading initial access vector, accounting for 22% of breaches and costing the sector an average of $5.56 million per incident. DORA’s Article 9(4)(c) mandates least-privilege access, while Article 9(4)(d) requires strong authentication mechanisms, including phishing-resistant standards such as FIDO2/WebAuthn, and cryptographic key protection. Institutions failing to meet these controls face supervisory consequences, with mandatory incident reporting timelines under Article 19 triggered by credential-based breaches. Vendor credential security now falls under the same compliance perimeter, as demonstrated by high-profile breaches leveraging third-party access.

UK Biobank de-identified health dataset exposed via illicit researcher access and listed on Chinese e-commerce platforms

Updated: · First: 24.04.2026 16:25 · 📰 1 src / 1 articles

De-identified health data from 500,000 UK Biobank volunteers surfaced on Alibaba e-commerce platforms in China after researchers at three academic institutions misused their legitimate access to extract and attempt to sell the data. The UK government confirmed listings were identified and removed, with no evidence of purchase. UK Biobank emphasized the data lacked direct identifiers such as names, addresses, phone numbers, or NHS numbers, and stated it was de-identified. The breach was traced to a contractual violation by researchers who accessed the data outside the authorized UK-hosted research platform. UK Biobank suspended all platform access and suspended implicated researchers and institutions pending a forensic investigation.

Resurgence of basic cybersecurity failures amid accelerated enterprise AI adoption

Updated: · First: 24.04.2026 15:10 · 📰 1 src / 1 articles

Enterprises rapidly deploying AI systems are neglecting fundamental security controls, reviving previously mitigated risks while introducing new attack surfaces, according to Mandiant’s red-team findings. Security teams have observed adversaries leveraging authorized AI deployments to alter data classifications, bypass data loss prevention systems, and exfiltrate data, with initial access often gained through social engineering. Basic lapses—such as unencrypted AI-to-browser communication in financial environments—underscore systemic failures in secure AI integration.

AI Agent Delegation Authority Gap Exposed Through Continuous Observability Frameworks

Updated: · First: 24.04.2026 14:49 · 📰 1 src / 1 articles

Enterprises are confronting a structural governance failure in AI agent deployment tied to ungoverned delegation chains. AI agents derive authority from traditional enterprise identities—human users, machine identities, bots, and service accounts—creating a delegation gap where unmanaged or poorly governed delegators amplify hidden access and execution paths. Unlike static IAM models, agent authority requires dynamic, real-time observability of the entire delegation chain to determine permissible actions based on delegator posture, intent, context, and scope. The absence of such controls risks transforming agents into efficient vectors for privilege escalation and lateral movement.

Malicious Ledger Live macOS app on Apple App Store facilitates $9.5M crypto theft via seed phrase harvesting

Updated: 24.04.2026 14:48 · First: 14.04.2026 19:37 · 📰 4 src / 4 articles

A fraudulent Ledger Live macOS application, distributed through Apple’s App Store under the publisher name ‘Leva Heal Limited,’ compromised approximately 50 users in early April 2026, resulting in the theft of $9.5 million in cryptocurrency assets. The illicit app tricked users into entering seed phrases, granting attackers full wallet control and enabling fund transfers to attacker-controlled addresses. The incident is part of the broader Apple App Store infiltration campaign dubbed FakeWallet, linked to the SparkKitty operation and active since at least fall 2025. Kaspersky identified 26 malicious apps impersonating major wallets (e.g., Ledger, MetaMask, Coinbase) to steal seed phrases and drain crypto assets, with malware delivered via libraries, injected code, or OCR-based recovery phrase theft. Some apps contained latent malicious features awaiting future activation, and the campaign’s modules lacked regional restrictions despite initial targeting of Chinese-speaking users. Apple began removing malicious apps after Kaspersky’s disclosure, freezing implicated KuCoin accounts until April 20, 2026. New details indicate the apps redirected users to fake App Store-like browser pages to distribute trojanized wallet versions, while some non-crypto apps (e.g., games, calculators) acted as placeholders to direct victims to official wallets under regulatory pretexts. Attackers used OCR modules to capture recovery phrases and employed sophisticated phishing tactics, including code hooking during entry and fake verification prompts, to maximize theft efficiency.

Enterprise administrators gain ability to remove Copilot AI assistant via new policy setting

Updated: · First: 24.04.2026 14:38 · 📰 1 src / 1 articles

Microsoft has introduced a new policy setting, RemoveMicrosoftCopilotApp, enabling enterprise administrators to uninstall the Copilot AI assistant from Windows 11 25H2 enterprise-managed devices after the April 2026 Patch Tuesday update. The policy is accessible via Policy CSP and Group Policy within Microsoft Intune or System Center Configuration Manager (SCCM) environments, targeting Windows 11 25H2 endpoints where Copilot is installed without user initiation and not recently used. The removal is non-disruptive and allows users to reinstall Copilot if desired, while applying only to Enterprise, Professional, and Education client SKUs.

Critical Path Traversal and Privilege Escalation Vulnerabilities Fixed in CrowdStrike LogScale and Tenable Nessus Products

Updated: · First: 24.04.2026 12:49 · 📰 1 src / 1 articles

Critical vulnerabilities in CrowdStrike LogScale and Tenable Nessus products were patched this week, exposing self-hosted LogScale instances to unauthenticated path traversal and enabling Windows-based Nessus scanners to suffer privilege escalation via junction-based attacks. CrowdStrike resolved CVE-2026-40050, a critical unauthenticated path traversal flaw in LogScale that permitted arbitrary file read access on affected servers. Tenable addressed CVE-2026-33694, a high-severity vulnerability in Nessus for Windows allowing arbitrary file deletion and potential arbitrary code execution with SYSTEM privileges through junction-based exploitation. No evidence of exploitation in the wild has been identified by CrowdStrike, and mitigations were automatically applied for SaaS LogScale customers. Self-hosted LogScale and Nessus users are advised to apply vendor-supplied updates immediately.

Tropic Trooper leverages trojanized SumatraPDF to deliver AdaptixC2 Beacon via GitHub C2

Updated: · First: 24.04.2026 12:29 · 📰 1 src / 1 articles

A campaign attributed to Tropic Trooper (APT23, Earth Centaur) uses a trojanized SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent. Chinese-speaking individuals in Taiwan and users in South Korea and Japan are targeted via military-themed ZIP archives containing malicious SumatraPDF executables. The executable displays a decoy PDF while fetching encrypted shellcode from a staging server to launch AdaptixC2, which communicates with C2 infrastructure via GitHub. Subsequent activity includes deployment of Microsoft VS Code tunnels for remote access on high-value hosts, alongside the use of trojanized applications for camouflage. The staging server at 158.247.193[.]100 has hosted Cobalt Strike Beacon and the custom EntryShell backdoor previously associated with Tropic Trooper.

Supply chain compromise in Trivy scanner triggers CanisterWorm propagation across CI/CD pipelines

Updated: 24.04.2026 11:10 · First: 23.03.2026 15:14 · 📰 8 src / 11 articles

Supply chain compromise in the Trivy vulnerability scanner triggered the CanisterWorm propagation across CI/CD pipelines, now expanding to additional open-source ecosystems and involving multiple advanced threat actors. The TeamPCP threat group continues to monetize stolen supply chain secrets through partnerships with extortion groups including Lapsus$ and the Vect ransomware operation, with Wiz (Google Cloud) and Cisco confirming collaboration and horizontal movement across cloud environments. A new npm supply chain malware campaign discovered on April 24, 2026, shows self-propagating worm-like behavior via @automagik/genie and pgserve packages, stealing credentials and spreading across developer ecosystems while using Internet Computer Protocol (ICP) canisters for command and control. The malware shares technical similarities with prior TeamPCP campaigns, including post-install scripts and canister-based infrastructure, potentially indicating ongoing evolution of the threat actor's tactics or a new campaign leveraging established infrastructure. The Axios NPM package compromise via malicious versions 0.27.5 and 0.28.0 delivered a multi-platform RAT through a malicious dependency impersonating crypto-js, with attribution disputes suggesting either TeamPCP involvement or North Korean actor UNC1069 (Google's Threat Intelligence Group). Cisco's internal development environment was breached using stolen Trivy-linked credentials via a malicious GitHub Action, resulting in the theft of over 300 repositories including proprietary AI product code and customer data from banks, BPOs, and US government agencies. Multiple AWS keys were abused across a subset of Cisco's cloud accounts, with multiple threat actors participating in the breach.

Pre-authenticated RCE in Marimo exploited within 10 hours of advisory

Updated: 24.04.2026 10:24 · First: 10.04.2026 10:37 · 📰 4 src / 4 articles

A pre-authenticated remote code execution (RCE) vulnerability in Marimo, tracked as CVE-2026-39987 (CVSS 9.3), was exploited in the wild within hours of public disclosure, enabling attackers to gain full PTY shells on exposed instances via the unauthenticated /terminal/ws WebSocket endpoint. The flaw, affecting Marimo versions prior to 0.23.0, initially led to rapid, human-driven exploitation campaigns focused on credential theft. Recent attacks have expanded to deploy a new NKAbuse malware variant hosted on Hugging Face Spaces, using typosquatted repositories to evade detection and establish persistent remote access. Additional exploitation activity includes sophisticated lateral movement, such as reverse-shell techniques and database enumeration, indicating a shift toward multi-stage attacks beyond initial credential harvesting. GitHub assessed the flaw with a critical CVSS score of 9.3, and Marimo developers confirmed impact on instances deployed as editable notebooks or exposed via --host 0.0.0.0 in edit mode. This event is distinct from the LMDeploy SSRF flaw (CVE-2026-33626), which was exploited within 12 hours of disclosure to conduct internal network reconnaissance via SSRF, targeting cloud metadata services, Redis, and MySQL instances.

Unauthenticated arbitrary file upload flaw in Breeze Cache WordPress plugin leads to RCE

Updated: · First: 24.04.2026 00:33 · 📰 1 src / 1 articles

Unauthenticated attackers are actively exploiting a critical file upload vulnerability (CVE-2026-3844) in the Breeze Cache WordPress plugin (400,000+ active installations) to upload arbitrary files and achieve remote code execution (RCE) on affected servers. Exploitation requires the optional "Host Files Locally - Gravatars" add-on to be enabled, which is disabled by default. The flaw stems from missing file-type validation in the ‘fetch_gravatar_from_remote’ function and has a CVSS score of 9.8. Cloudways issued a patch in version 2.4.5, but over 138,000 downloads of the latest version suggest widespread exposure.

China-aligned threat actors expanding botnet infrastructure via compromised SOHO devices for sustained operations

Updated: · First: 23.04.2026 23:52 · 📰 1 src / 1 articles

China-nexus cyber actors are systematically industrializing botnets composed primarily of compromised small office/home office (SOHO) routers and consumer IoT devices to support low-signature, high-deniability operations against US and allied organizations. These covert networks are maintained at scale by dedicated teams—potentially affiliated with Chinese information security firms—who continuously update and expand the botnets, while distributing access to multiple state-backed groups such as Flax Typhoon and Volt Typhoon. The infrastructure enables reconnaissance, malware delivery, command-and-control, data exfiltration, and deniable browsing, complicating attribution and defensive countermeasures. The advisory emphasizes that while botnet usage is not new, the strategic scale, tempo, and division of labor in China-aligned operations represent a marked escalation. Organizations are urged to implement network edge profiling, zero-trust controls, and threat hunting to detect anomalous connectivity patterns from consumer broadband ranges and known covert nodes.

Trigona ransomware affiliates adopt custom exfiltration tool for efficient data theft

Updated: · First: 23.04.2026 21:59 · 📰 1 src / 1 articles

Trigona ransomware affiliates are deploying a custom-built command-line exfiltration tool named "uploader_client.exe" to streamline data theft from compromised environments. The tool facilitates parallel uploads, connection rotation post-2GB traffic to evade monitoring, selective file type exfiltration, and access restriction via authentication keys. Observed in March 2026 attacks, the utility supports faster and stealthier data exfiltration compared to public tools like Rclone or MegaSync, reducing detection risks during critical phases of intrusions. The campaign leverages the Trigona ransomware, a double-extortion operation active since October 2022, targeting high-value documents such as invoices and PDFs on network drives. Recent activity suggests resumption of operations following disruptions to the group’s infrastructure in October 2023.

Google Cloud Deprioritizes Cyber-Specific Frontier Models in Favor of General-Purpose Gemini Integration

Updated: · First: 23.04.2026 19:40 · 📰 1 src / 1 articles

Google Cloud has decided against releasing a dedicated cybersecurity-focused frontier AI model, instead prioritizing the use of its general-purpose Gemini series (e.g., Gemini 3.1 Pro) for security workflows. Francis DeSouza, Google Cloud COO, stated that generalist models like Gemini have demonstrated sufficient capability across domains, including cybersecurity, negating the need for niche alternatives. The strategy emphasizes integrating high-quality general models with tailored tooling, governance, and contextual training for defense use cases rather than developing specialized cyber models.

TeamPCP escalates CanisterWorm campaign with geopolitical targeting and multi-vector attacks

Updated: 23.04.2026 19:05 · First: 21.03.2026 09:28 · 📰 11 src / 18 articles

TeamPCP has continued to escalate its multi-vector CanisterWorm campaign into a geopolitically targeted operation, leveraging compromised PyPI packages (LiteLLM versions 1.82.7–1.82.8 and Telnyx versions 4.87.1–4.87.2) and now Checkmarx KICS tooling to deliver credential-stealing malware that harvests SSH keys, cloud credentials, Kubernetes secrets, database credentials, cryptocurrency wallets, TLS/SSL private keys, and bash history files. The group’s most recent compromise involves the Checkmarx KICS analysis tool, where attackers pushed malicious Docker images to the official "checkmarx/kics" repository (overwriting v2.1.20 and introducing v2.1.21), alongside infected VS Code and Open VSX extensions that executed a hidden MCP addon to fetch and deploy multi-stage credential theft malware. The attack targeted data processed by KICS—including GitHub tokens, cloud provider credentials, npm tokens, SSH keys, and environment variables—encrypted and exfiltrated it to audit.checkmarx[.]cx, a domain designed to impersonate legitimate Checkmarx infrastructure. While TeamPCP publicly claimed the attack, researchers noted insufficient evidence beyond pattern-based correlations to confidently attribute the breach. The malicious timeframe for the Docker image compromise lasted from 2026-04-22 14:17:59 UTC to 15:41:31 UTC before affected tags were restored to legitimate digests. The campaign began as a supply-chain attack involving 47 compromised npm packages and escalated to include GitHub repository hijacking (e.g., Aqua Security), Docker Hub compromise, and direct targeting of CI/CD pipelines via GitHub Actions workflows (e.g., Checkmarx, Trivy). Recent compromises of LiteLLM and Telnyx demonstrate rapid iteration and maturation of supply-chain attack methodology, while destructive payloads targeting Iranian systems in Kubernetes environments (e.g., time-zone/locale-based wipers) highlight the group’s geopolitical alignment. The LiteLLM compromise specifically turned developer endpoints into systematic credential harvesting operations, with malware activating during installation/updates and cascading through transitive dependencies (e.g., dspy, opik) to affect organizations that never directly used LiteLLM. A coordinated attack on Checkmarx ecosystems has been discovered, including malicious images pushed to the official "checkmarx/kics" Docker Hub repository (v2.1.20, alpine overwritten; v2.1.21 introduced) and infected Visual Studio Code extensions (1.17.0, 1.19.0) that executed remote addons via Bun without user consent. The malware collected and exfiltrated sensitive data from infrastructure-as-code scans, exposing credentials in Terraform, CloudFormation, or Kubernetes configurations. Techniques and exfiltration infrastructure (e.g., ICP canister cjn37-uyaaa-aaaac-qgnva-cai.raw.icp0.io) resemble TeamPCP's CanisterWorm operations, though attribution remains unconfirmed. The Docker Hub repository has been archived, and affected organizations must remediate potentially compromised secrets.

Service Desk Social Engineering Enables Enterprise Account Compromise via Password Reset

Updated: · First: 23.04.2026 17:10 · 📰 1 src / 1 articles

Threat actors impersonated a Marks & Spencer (M&S) employee to a third-party service desk in April 2025, convincing agents to perform a password reset that bypassed multi-factor authentication (MFA). This granted initial access, enabling subsequent Active Directory credential theft, lateral movement, and ransomware deployment that disrupted national operations for five days, resulting in estimated daily losses of £3.8 million ($5.1 million).

Teams meeting join failures linked to Microsoft Edge update regression

Updated: · First: 23.04.2026 16:18 · 📰 1 src / 1 articles

A regression introduced in a recent Microsoft Edge browser update prevents Windows users from joining Microsoft Teams meetings via scheduled invites or direct links. Microsoft confirmed the issue on April 23, 2026, and assigned incident report TM1288497. The failure occurs during the meeting join process, with restarting the Teams client serving as a temporary workaround. Microsoft is actively investigating the regression source and monitoring diagnostic data to determine the full scope of impact, including affected user counts and regions.

Proxy networks of hijacked consumer devices leveraged by China-nexus APT groups for operational security

Updated: · First: 23.04.2026 15:28 · 📰 1 src / 1 articles

China-nexus advanced persistent threat (APT) groups are increasingly routing malicious traffic through large-scale botnets composed of compromised consumer and small office/home office (SOHO) devices to evade detection and attribution. These botnets, primarily consisting of routers, IP cameras, video recorders, and NAS units, enable threat actors to chain traffic through multiple intermediate nodes, obscuring geographic origins and disguising malicious activity as benign traffic. The UK National Cyber Security Centre (NCSC-UK) and allied agencies report that the majority of Chinese state-sponsored groups now favor such proxy networks over traditional infrastructure procurement. Recent disruptions—including the FBI’s takedown of the Raptor Train botnet in September 2024 and disruption of the KV-Botnet in January 2024—highlight the scale and persistence of these operations, with some networks revived within months by threat actors.

GopherWhisper APT compromises Mongolian government systems with Go-based backdoors via Discord, Slack, and Office 365

Updated: 23.04.2026 15:06 · First: 23.04.2026 12:04 · 📰 2 src / 2 articles

A previously undocumented China-aligned APT group named GopherWhisper has compromised at least 12 confirmed systems across Mongolian governmental institutions and dozens more globally since at least 2023 using a suite of Go-based backdoors and loaders. The threat actor abuses legitimate services—Discord, Slack, Microsoft 365 Outlook, and file.io—for command-and-control (C2) communications and data exfiltration. Operational activity began as early as November 2023, with C2 timestamps aligning to China Standard Time working hours (8 a.m.–5 p.m. CST), confirming human operator involvement. ESET telemetry indicates further victimization beyond Mongolia, though geography and sector details remain limited. Newly identified tools include JabGopher (an injector for LaxGopher) and FriendDelivery (a loader for BoxOfFriends), expanding the group’s toolkit. Hardcoded credentials in backdoors enabled researchers to recover thousands of Slack and Discord messages, reinforcing attribution to China.

Google launches unique cryptographic agent identities and security controls in Gemini Enterprise Agent Platform

Updated: · First: 23.04.2026 15:00 · 📰 1 src / 1 articles

Google Cloud introduced the Gemini Enterprise Agent Platform to manage autonomous AI agents with unique cryptographic identities and enforce zero-trust verification across orchestration steps. The platform assigns each agent a distinct cryptographic ID tied to auditable authorization policies, enabling traceability and governance across agent actions. Security risks introduced by autonomous, goal-oriented AI agents are addressed through a suite of new capabilities, including an Agent Registry for indexing agents and tools, an Agent Gateway for policy enforcement, and an Agent Security Dashboard for threat detection and vulnerability scanning.

Shift in Email-Based Threats: Behavioral and Relationship Exploitation Now Dominant in Phishing, BEC, and VEC Campaigns

Updated: · First: 23.04.2026 14:06 · 📰 1 src / 1 articles

Analysis of nearly 800,000 email attacks across 4,600+ organizations reveals a significant shift in attacker tactics from exploiting technical flaws to targeting behavioral and organizational trust within workflows. Email-based threats now rely on finely tailored social engineering, leveraging trusted relationships, routine operations, and evasive pretexts to bypass detection. Phishing remains the most prevalent method (58%), while Business Email Compromise (BEC) and its subtype Vendor Email Compromise (VEC)—now comprising over 60% of BEC attacks—deliver higher impact despite lower volume. Attackers exploit predictable workflows such as file-sharing, invoicing, and internal communications, using redirect chains (over 20% of phishing) and popular URL shorteners (e.g., TinyURL, t.co) to conceal malicious destinations. Geographic targeting is evident, with invoice fraud dominating VEC in North America and procurement-stage pretexts prevailing in EMEA.

Unauthorized access to My Rituals member data at luxury cosmetics company Rituals

Updated: · First: 23.04.2026 14:04 · 📰 1 src / 1 articles

Luxury cosmetics company Rituals disclosed an unauthorized access incident affecting its My Rituals loyalty program members. The intrusion occurred earlier in April 2026 and resulted in the exfiltration of members’ personally identifiable information (PII), including names, addresses, phone numbers, email addresses, dates of birth, and gender. The incident was contained after detection, with no indication of password or payment data compromise. Rituals has initiated forensic analysis and notified relevant authorities but has not disclosed the number of affected individuals at this time.