Security Issues, Vulnerabilities, Exploits & Government Alerts
The AI Agent Authority Gap – From Ungoverned to Delegation As discussed in our previous article, AI agents are exposing a structural gap in enterprise security, but the problem is often framed too narrowly. The…
Cybersecurity researchers have discovered a set of malicious apps on the Apple App Store that impersonate popular cryptocurrency wallets in an attempt to steal recovery phrases and private keys since at least fall 2025. “Once…
Ravie LakshmananApr 24, 2026Malware / Threat Intelligence Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the…
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving LLMs, has come under active exploitation in the wild less than 13 hours after its public disclosure. The vulnerability, tracked as…
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts. “As with many other intrusions in recent…
Ravie LakshmananApr 23, 2026Supply Chain Attack / Open Source Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from JFrog and Socket. “The…
Ravie LakshmananApr 23, 2026Hacking News / Cybersecurity News You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same…
The Hacker NewsApr 23, 2026Artificial Intelligence / Enterprise Security Imagine a world where hackers don’t sleep, don’t take breaks, and find weak spots in your systems instantly. Well, that world is already here. Thanks to…
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to read, modify, or delete files. The following versions of Intrado 911 Emergency Gateway (EGW) are affected: Emergency Gateway 7.x (CVE-2026-6074) Emergency Gateway…
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC-UK), together with federal and international partners, have released a new cybersecurity advisory titled “Defending Against China-Nexus Covert…