X-Industry

On 20 April 2026, the coding world was alerted after a widely used tool called @bitwarden/cli was found to be compromised.  According to researchers at GitGuardian, who shared their analysis, the attack was a calculated operation by a group called TeamPCP, who used what researchers describe as a cross-campaign pivot to exploit trusted developer tools.

For context, Bitwarden is an open-source password manager that stores and encrypts sensitive data like passwords, API keys, and secure notes in a

The US Coast Guard's first-ever mandatory cybersecurity framework for ports, vessels, and offshore facilities has taken effect, ending two decades of voluntary compliance and putting operators on a countdown with a 2027 deadline.  The regulations affect any US-flagged vessel or maritime facility subject to the Maritime Transportation Security Act of 2002 and require that they develop and maintain a cybersecurity plan, designate a Cybersecurity Officer (CySO), conduct annual assessments, and trai

Jack Wallen, Contributing Writer for ZDnet explains he has several Linux systems connected to his home lab; some of them are desktops, and some of them are servers. Ninety-nine percent of the time, those machines work flawlessly.  When that 1% happens, any machine that goes south needs help.

One way of helping is via a small software package called Watchdog.  This piece of software runs various checks to see if the hardware has "locked up."  If it detects that it has happened, it will reboot the

A group of China-linked hackers known as Mustang Panda has expanded its spying efforts to target the Indian financial sector and political circles in South Korea.  The Acronis Threat Research Unit discovered the group’s latest activity after its previous campaign involving Venezuela-related lures designed to target US government earlier in 2026.

Targeting HDFC Bank and Diplomacy Experts - The hackers reportedly began this dual-sided campaign in March 2026.  In India, they used a file named Reque

President Donald Trump’s administration has outlined plans to reduce the Cybersecurity and Infrastructure Security Agency's budget by $707 million in its fiscal year 2027 proposal. The announcement, made earlier this month, forms part of broader government spending plans that also touch on areas such as airport security.   Separate government budget documents present a slightly different figure, suggesting a reduction of $361 million instead.  The variation is thought to arise from differences i

IoT devices are increasingly prime targets for large-scale attacks due to their widespread use, lack of patching, and often weak security settings.  Threat actors continue exploiting known vulnerabilities to gain initial access and deploy malware that can persist, spread, and cause distributed denial-of-service (DDoS) attacks.

Fo

Ukraine’s CERT-UA has uncovered a new malware campaign using a toolset called “AgingFly” to target local governments, hospitals, and possibly Ukrainian defense personnel.

The attack (UAC-0247) begins with phishing emails disguised as humanitarian aid offers that lure victims into downloading malicious shortcut files.  These files trigger a chain of scripts and loaders that ultimately deploy AgingFly, a C# malware strain that gives attackers remote control of infected systems.[1]

Example of chain

The surge in security vulnerabilities stems primarily from organizations’ increasing adoption of agentic AI applications, particularly those utilizing technologies such as Model Context Protocol (MCP).  This rapid deployment, combined with immature security practices and emerging attack vectors, is creating substantial risk exposure across the enterprise landscape.[1]

Senior Director Analyst at Gartner, Aaron Lord, explained that MCP's design philosophy prioritizes interoperability, ease of use,

Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google's Discover feed and trick users into enabling persistent browser notifications that lead to scareware and financial scams.[1]

The campaign, which has been found to target the personalized content feeds of Android and Chrome users, has been codenamed Pushpaganda by HUMA

Researchers at Darktrace have identified ZionSiphon, a new malware targeting Israeli water treatment plants.  Learn how this OT-focused attack uses ICS protocols like Modbus and S7comm to target critical infrastructure.

Cybersecurity firm Darktrace has released a report on a new strain of malware named ZionSiphon created specifically to target Operational Technology (OT) systems that manage water treatment and desalination in Israel.  For your information, desalination is a process of converting

SonicWall has launched its 2026 Cyber Protect Report, marking a significant shift in how the organization presents threat intelligence.  Rather than focusing solely on raw data, the report prioritizes protection outcomes for business leaders.  The findings indicate that while the volume of attacks remains high, adversaries are becoming more precise, with medium and high-severity incidents rising by over 20% to reach 13 billion hits.

One of the most significant findings in the 2026 report is the

Researchers in Japan have shown that living brain cells can learn to produce precise, repeatable patterns of activity, a task normally associated with artificial neural networks.  Their work, described in the paper “Online supervised learning of temporal patterns in biological neural networks under feedback control” and summarized in “Living brain cells enable machine learning computations,” represents a step toward computing systems that blend biological and artificial components.  The achievem

A new malware campaign built around the HanGhost loader is actively targeting corporate environments, focusing on employees involved in payments, logistics, and contract operations.  The attack is designed to operate without leaving clear artifacts, enabling it to reach systems linked to revenue and operations before they are fully analyzed.  The campaign has already shown multiple waves of activity with different malware families, indicating active development and scaling rather than a one-off

The idea that artificial intelligence might one day rival human creativity has become a familiar theme in public conversation. Generative models can rapidly produce images, stories and designs, which makes it tempting to assume that they possess something like imagination. A new study published in Advanced Science challenges that assumption in a direct and illuminating way. By examining how humans and AI generate images from abstract prompts, the researchers show that what looks like creativity

Senior business leaders in the UK are experiencing a significant rise in job complexity, with artificial intelligence (AI) identified as a primary driver.  A study by Alliance Manchester Business School (AMBS), based on a Censuswide survey of 500 UK managers, directors, and C-suite executives, reveals that almost three quarters (73%) of senior management have found their roles more complex since 2020 because of AI.  This figure climbs to 79% among directors and C-suite personnel, and 82% among m

Users frequently entrust AI assistants with highly sensitive information, including medical records, financial documents, and proprietary business code.  Check Point researchers have disclosed a critical vulnerability in ChatGPT's architecture that enables attackers to extract user data covertly.  A flaw in ChatGPT's code execution environment demonstrated how a single malicious prompt could quietly exfiltrate sensitive user data without warning or user approval.[1]

The Vulnerability - OpenAI de

If there's one thing that AI is good at, particularly language models, it's detecting patterns in datasets so large that it would be practically impossible for humans to sift through them all, quickly and accurately.  That certainly seems to be the case with Anthropic's new general-purpose model, Claude Mythos, as the company has announced that it used it to detect "thousands of high-severity vulnerabilities, including some in every major operating system and web browser."

Alongside the launch o

Over the last several years, academia and industry have been converging on a shorter and more realistic timeline to Q-Day.  While new research continues to move the Q-Day timeline up to 2028-2030, the scale and scope of the impact have been less clear.  Broadly, the expectation has been that quantum attacks on cryptography would be serious, but there has been less information on which to base estimates of their speed, accessibility, and breadth.  Two new research papers, released within a day of

Security researchers from Hunt.io have identified an unauthenticated open directory while examining indicators of compromise published in an earlier CyberXTron report on the TheGentlemen ransomware group.  The directory, hosted at IP address 176.120.22.127 on port 80, resides on infrastructure belonging to Proton66 OOO (AS198953), a Russian provider previously linked to other malicious campaigns. The server had been active for at least 24 days prior to discovery.  The directory contained 126 fil

On 28 February 2026, a joint US-Israeli military campaign struck Iranian nuclear facilities, military infrastructure, and leadership targets in what was officially called Operation Epic Fury.  Social media quickly flooded with false footage of the conflict, including massive explosions in Tel Aviv, successful Iranian missile strikes on US warships, and satellite imagery purporting to show damage to American military bases in the Gulf. 

Some of this footage was recycled from unrelated conflicts,