X-Industry

Ukraine’s CERT-UA has uncovered a new malware campaign using a toolset called “AgingFly” to target local governments, hospitals, and possibly Ukrainian defense personnel.

The attack (UAC-0247) begins with phishing emails disguised as humanitarian aid offers that lure victims into downloading malicious shortcut files.  These files trigger a chain of scripts and loaders that ultimately deploy AgingFly, a C# malware strain that gives attackers remote control of infected systems.[1]

Example of chain

The surge in security vulnerabilities stems primarily from organizations’ increasing adoption of agentic AI applications, particularly those utilizing technologies such as Model Context Protocol (MCP).  This rapid deployment, combined with immature security practices and emerging attack vectors, is creating substantial risk exposure across the enterprise landscape.[1]

Senior Director Analyst at Gartner, Aaron Lord, explained that MCP's design philosophy prioritizes interoperability, ease of use,

Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google's Discover feed and trick users into enabling persistent browser notifications that lead to scareware and financial scams.[1]

The campaign, which has been found to target the personalized content feeds of Android and Chrome users, has been codenamed Pushpaganda by HUMA

Researchers at Darktrace have identified ZionSiphon, a new malware targeting Israeli water treatment plants.  Learn how this OT-focused attack uses ICS protocols like Modbus and S7comm to target critical infrastructure.

Cybersecurity firm Darktrace has released a report on a new strain of malware named ZionSiphon created specifically to target Operational Technology (OT) systems that manage water treatment and desalination in Israel.  For your information, desalination is a process of converting

SonicWall has launched its 2026 Cyber Protect Report, marking a significant shift in how the organization presents threat intelligence.  Rather than focusing solely on raw data, the report prioritizes protection outcomes for business leaders.  The findings indicate that while the volume of attacks remains high, adversaries are becoming more precise, with medium and high-severity incidents rising by over 20% to reach 13 billion hits.

One of the most significant findings in the 2026 report is the

Researchers in Japan have shown that living brain cells can learn to produce precise, repeatable patterns of activity, a task normally associated with artificial neural networks.  Their work, described in the paper “Online supervised learning of temporal patterns in biological neural networks under feedback control” and summarized in “Living brain cells enable machine learning computations,” represents a step toward computing systems that blend biological and artificial components.  The achievem

A new malware campaign built around the HanGhost loader is actively targeting corporate environments, focusing on employees involved in payments, logistics, and contract operations.  The attack is designed to operate without leaving clear artifacts, enabling it to reach systems linked to revenue and operations before they are fully analyzed.  The campaign has already shown multiple waves of activity with different malware families, indicating active development and scaling rather than a one-off

The idea that artificial intelligence might one day rival human creativity has become a familiar theme in public conversation. Generative models can rapidly produce images, stories and designs, which makes it tempting to assume that they possess something like imagination. A new study published in Advanced Science challenges that assumption in a direct and illuminating way. By examining how humans and AI generate images from abstract prompts, the researchers show that what looks like creativity

Senior business leaders in the UK are experiencing a significant rise in job complexity, with artificial intelligence (AI) identified as a primary driver.  A study by Alliance Manchester Business School (AMBS), based on a Censuswide survey of 500 UK managers, directors, and C-suite executives, reveals that almost three quarters (73%) of senior management have found their roles more complex since 2020 because of AI.  This figure climbs to 79% among directors and C-suite personnel, and 82% among m

Users frequently entrust AI assistants with highly sensitive information, including medical records, financial documents, and proprietary business code.  Check Point researchers have disclosed a critical vulnerability in ChatGPT's architecture that enables attackers to extract user data covertly.  A flaw in ChatGPT's code execution environment demonstrated how a single malicious prompt could quietly exfiltrate sensitive user data without warning or user approval.[1]

The Vulnerability - OpenAI de

If there's one thing that AI is good at, particularly language models, it's detecting patterns in datasets so large that it would be practically impossible for humans to sift through them all, quickly and accurately.  That certainly seems to be the case with Anthropic's new general-purpose model, Claude Mythos, as the company has announced that it used it to detect "thousands of high-severity vulnerabilities, including some in every major operating system and web browser."

Alongside the launch o

Over the last several years, academia and industry have been converging on a shorter and more realistic timeline to Q-Day.  While new research continues to move the Q-Day timeline up to 2028-2030, the scale and scope of the impact have been less clear.  Broadly, the expectation has been that quantum attacks on cryptography would be serious, but there has been less information on which to base estimates of their speed, accessibility, and breadth.  Two new research papers, released within a day of

Security researchers from Hunt.io have identified an unauthenticated open directory while examining indicators of compromise published in an earlier CyberXTron report on the TheGentlemen ransomware group.  The directory, hosted at IP address 176.120.22.127 on port 80, resides on infrastructure belonging to Proton66 OOO (AS198953), a Russian provider previously linked to other malicious campaigns. The server had been active for at least 24 days prior to discovery.  The directory contained 126 fil

On 28 February 2026, a joint US-Israeli military campaign struck Iranian nuclear facilities, military infrastructure, and leadership targets in what was officially called Operation Epic Fury.  Social media quickly flooded with false footage of the conflict, including massive explosions in Tel Aviv, successful Iranian missile strikes on US warships, and satellite imagery purporting to show damage to American military bases in the Gulf. 

Some of this footage was recycled from unrelated conflicts,

A recent report from our friends at the cybersecurity firm SentinelOne has detailed an unprecedented incident in which Anthropic's Claude Code, operating with unrestricted system permissions, attempted to execute a Trojan software package.   The malicious activity was detected and neutralized by SentinelOne’s behavioral artificial intelligence (AI) endpoint detection and response (EDR) system in under 44 seconds, preventing a potential supply chain compromise.  The event highlights a new dimensi

If you've been using OpenClaw, the wildly popular AI agentic tool that took the developer community by storm, you should probably update it if you haven't done so already.  OpenClaw, as was reported in the past, has widely known security problems.  From the beginning, OpenClaw creator Peter Steinberger has warned potential users on GitHub that "There is no 'perfectly secure' setup."  Users can grant OpenClaw control over their devices and access to specific apps, local files, and logged-in accou

In theory, a significant cyber hacking event could occur on or about April 15^th which is Tax Day deadline in the US.  With the Iran War in high gear, there are multiple enemies who are bent on targeting multiple US government organizations and resulting in widespread disruption.   The Internal Revenue Service (IRS) is not immune.  Attackers could exploit vulnerabilities in current network security systems, which may lead to unauthorized access and the theft of sensitive data.

Cyber security auth

Sentinel Labs has provided yet another great report on: Building an Adversarial Consensus Engine / Multi-Agent LLMs for Automated Malware Analysis.  Large Language Models can perform static malware analysis, but individual tool runs produce unreliable results contaminated by decompiler artifacts, dead code, and hallucinated capabilities.[1]

Researchers built a multi-agent architecture for reversing macOS malware that treats each reverse engineering tool (radare2, Ghidra, Binary Ninja, IDA Pro) a

Nearly all organizations report having only limited confidence in their cybersecurity suppliers, according to a new global study released by Sophos.  The Cybersecurity Trust Reality 2026 report, based on responses from 5,000 organizations across 17 countries, is described as one of the largest independent examinations of trust in the cybersecurity sector.  Conducted on a vendor-agnostic basis, the research highlights how fragile supplier confidence is influencing both day-to-day operations and b

Release Date: 7 April 2026

CISA Alert Code: AA26-097A