access ai android api apple attack authentication backdoor breach business ceo china cisa cisco ciso cloud compliance control credentials crypto cve cyber cyberattack cybercrime cybersecurity data data-breach defense detection email exploit finance flaw framework fraud germany google governance government group hacker hacking healthcare identity infrastructure intelligence Internet jobs law leak linux malicious malware microsoft monitoring network open-source password phishing privacy ransomware remote-code-execution resilience risk russia scam service software strategy supply-chain technology theft threat tool unclassified update usa vulnerability windows zero-day
-
Claude Mythos Fears Startle Japan’s Financial Services Sector
Global financial institutions are panicked over Anthropic’s new superhacker AI model. Cyber experts aren’t quite as worried. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/claude-mythos-startle-japans-financial-sector also interesting: Cybersecurity Weekly Update 24 February 2025 Top Four Considerations for Zero Trust in Critical Infrastructure Will AI agent-fueled attacks force CISOs to fast-track passwordless projects? Smarter Threats Need…
-
Microsoft Confirms Windows Flaw Is Being Exploited After Incomplete Patch
Microsoft confirmed a Windows zero-click flaw tied to an incomplete patch is being exploited, putting credentials at risk for unpatched users. The post Microsoft Confirms Windows Flaw Is Being Exploited After Incomplete Patch appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-windows-zero-click-flaw-incomplete-patch/ also interesting: Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing…
-
Linux cryptographic code flaw offers fast route to root
Patches land for authencesn flaw enabling local privilege escalation First seen on theregister.com Jump to article: www.theregister.com/2026/04/30/linux_cryptographic_code_flaw/ also interesting: CISA Warns of Exploited Linux Kernel Vulnerability New Spectre v2 attack impacts Linux systems on Intel CPUs Mitel MiCollab VoIP authentication bypass opens new attack paths Linux Kernel Vulnerability Allows Attackers to Escalate Privileges via OutBounds…
-
Smashing Security podcast #465: This developer wanted to cheat at Roblox. It cost millions
A developer at an AI startup wanted to cheat at Roblox. They downloaded a dodgy script on their work laptop. That one decision triggered a cascade of failures that ended with a $2 million data breach affecting hundreds of thousands of organisations. All for some free in-game currency. First seen on grahamcluley.com Jump to article:…
-
Researchers unearth industrial sabotage malware that predated Stuxnet by 5 years
fast16.sys, is briefly mentioned in the 2017 Shadow Brokers leak of documents covering exploits and tools used by US National Security Agency cyber teams.”This 2005 attack is a harbinger for sabotage operations targeting ultra expensive high-precision computing workloads of national importance like advanced physics, cryptographic, and nuclear research workloads,” the SentinelOne researchers said in their…
-
Researchers built a chatbot that only knows the world before 1931
What happens when you strip the internet out of AI? Researchers built a chatbot that only knows the world before 1931. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/researchers-built-a-chatbot-that-only-knows-the-world-before-1931/ also interesting: Generative AI Security – Secure Your Business in a World Powered by LLMs Why cyber hygiene remains critical in the era of AI-driven threats…
-
KasadaIQ’s Q1 Insights: How AI Became Adversary Infrastructure
KasadaIQ’s Q1 2026 Threat Intelligence Report highlights a structural shift in automated threats: AI is now embedded across the adversary lifecycle. From large-scale account commoditization to verification bypass and AI agent exploitation, organizations face a rapidly evolving and industrialized threat environment. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/kasadaiqs-q1-insights-how-ai-became-adversary-infrastructure/ also interesting: Securing cloud-native applications: Why…
-
KasadaIQ’s Q1 Insights: How AI Became Adversary Infrastructure
KasadaIQ’s Q1 2026 Threat Intelligence Report highlights a structural shift in automated threats: AI is now embedded across the adversary lifecycle. From large-scale account commoditization to verification bypass and AI agent exploitation, organizations face a rapidly evolving and industrialized threat environment. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/kasadaiqs-q1-insights-how-ai-became-adversary-infrastructure/ also interesting: Securing cloud-native applications: Why…
-
KasadaIQ’s Q1 Insights: How AI Became Adversary Infrastructure
KasadaIQ’s Q1 2026 Threat Intelligence Report highlights a structural shift in automated threats: AI is now embedded across the adversary lifecycle. From large-scale account commoditization to verification bypass and AI agent exploitation, organizations face a rapidly evolving and industrialized threat environment. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/kasadaiqs-q1-insights-how-ai-became-adversary-infrastructure/ also interesting: Securing cloud-native applications: Why…
-
Adaptive Security Leadership in an Expanding Threat Surface
Tags: access, attack, automation, control, cyber, data, identity, least-privilege, resilience, risk, saas, service, technology, threat, zero-trustLast week I joined fellow security leaders at CISO Inspire Summit North for a panel discussion on The Expanding Threat Surface: Adaptive Security Leadership for 2026 and Beyond. It was a timely discussion, because the challenge facing security leaders today is not simply more threats. It is more connections, more dependencies, and more complexity. Suppliers, SaaS, identities, automation…
-
Official SAP npm packages compromised to steal credentials
Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal credentials and authentication tokens from developers’ systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/official-sap-npm-packages-compromised-to-steal-credentials/ also interesting: Cybersecurity at the edge: Securing rugged IoT in mission-critical environments Mandiant pushes organizations to dump insecure NTLMv1 by releasing…
-
Visual Studio Code 1.118 adds auto model selection to Copilot CLI
Microsoft’s editor releases continue on a monthly cadence, with the Insiders build of Visual Studio Code 1.118. The update concentrates on the Copilot CLI integration, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/30/visual-studio-code-1-118-released/ also interesting: Fortinet confirms zero-day flaw used in attacks against its firewalls Cisco warns of critical API vulnerabilities in ISE and…
-
Ransomware-Hotspot: Deutschland als Top-Ziel für Erpresser
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/ransomware-hotspot-deutschland-top-ziel-erpresser also interesting: GlobalIndex zeigt 18 Prozent aller Malware-Infektionen in Deutschland durch Cloudeye verursacht Working in critical infrastructure? Boost your effectiveness with these cybersecurity certifications Ransomware bei einem Anbieter von Elektronik-Produkten in Deutschland Ransomware Hits Phone Repair Insurance Firm, Causing Millions in Damage
-
Sicherheitsmanagement der Digitalen Angriffsfläche: Ganzheitliche Transparenz und kontinuierliche Kontrolle
Tags: unclassifiedFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/sicherheitsmanagement-digital-angriffsflaeche-transparenz-kontrolle also interesting: Petraeus-Affäre: Die verräterische Spur der Liebes-Mails… Facebook-Konto einer Einrichtungskette gehackt Digitale Pandemie: Chris Dimitriadis kommentiert IT-Sicherheitsvorfälle vom 19. Juli 2024 Anonymous Takes Down NISD Over Student Tracking
-
House approves spy program on second attempt, Senate fate murky
The bill, which passed 235-191, would renew Section 702 of the Foreign Intelligence Surveillance Act for three years. First seen on therecord.media Jump to article: therecord.media/house-approves-spy-program-on-second-attempt also interesting: Trump’s Spy Chief Urged to Declassify Details of Secret Surveillance Program UK appoints first-ever female chief of foreign intelligence service MI6 Russia establishes Vienna as key western…
-
Popular WordPress redirect plugin hid dormant backdoor for years
The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that allows injecting arbitrary code into users’ sites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/popular-wordpress-redirect-plugin-hid-dormant-backdoor-for-years/ also interesting: Popular WordPress Plugins Leave Millions Open to Backdoor Attacks Stealthy WordPress Malware Uses PHP Backdoor to Deliver Windows Trojan…
-
OpenAI’s Founding Promise Goes on Trial
Elon Musk’s Lawsuit Threatens a $852B AI Empire. Elon Musk took the stand this week in a lawsuit that could unwind OpenAI’s corporate structure, derail its IPO bid and transform the artificial intelligence landscape. The stakes are high for enterprise customers that bet on OpenAI’s technology platform. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/openais-founding-promise-goes-on-trial-a-31550…
-
FBI-Backed Takedown Hits Crypto Scam Centers
Federal Charges Target Recruiters, Managers in Scam Centers After Global Takedown. U.S. and international law enforcement agencies dismantled a network of overseas scam centers linked to cryptocurrency investment fraud schemes, officials said Wednesday, arresting at least 276 individuals in a crackdown across the Middle East and Southeast Asia. First seen on govinfosecurity.com Jump to article:…
-
Silverfort Purchases Fabrix to Bring AI to Access Decisions
Fabrix Security Buy Adds Real-Time Decisioning for Human and Machine Identities. Silverfort’s acquisition of Israeli startup Fabrix Security adds AI-driven, real-time access decisioning built on a contextual knowledge graph, aiming to replace static policies and scale identity security for human, machine and agentic identities operating at machine speed. First seen on govinfosecurity.com Jump to article:…
-
Silverfort Purchases Fabrix to Bring AI to Access Decisions
Fabrix Security Buy Adds Real-Time Decisioning for Human and Machine Identities. Silverfort’s acquisition of Israeli startup Fabrix Security adds AI-driven, real-time access decisioning built on a contextual knowledge graph, aiming to replace static policies and scale identity security for human, machine and agentic identities operating at machine speed. First seen on govinfosecurity.com Jump to article:…
-
Cursor AI Agent Wipes PocketOS Database and Backups in 9 Seconds
PocketOS founder says Cursor AI agent deleted its production database in 9 seconds after misusing a root API token, exposing major Railway security flaws. First seen on hackread.com Jump to article: hackread.com/cursor-ai-agent-wipes-pocketos-database-backups/ also interesting: The 7 most in-demand cybersecurity skills today Disaster recovery and business continuity: How to create an effective plan Dull but dangerous:…
-
Oracle plans to power its New Mexico mega datacenter with a 2.45GW fuel cell farm
No sense in OpenAI stressing over its cloud bills if Oracle can’t get the lights on First seen on theregister.com Jump to article: www.theregister.com/2026/04/28/oracle_new_mexico_power_fuel_cell_farm/ also interesting: OpenAI reportedly on the hook for $300B Oracle Cloud bill Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence vanishes Breach Roundup: Port of Seattle Notifies…
-
Reverse Engineering With AI Unearths High-Severity GitHub Bug
Wiz used an AI reverse-engineering tool to pinpoint a vulnerability that previously would have been too costly and time-consuming to undertake. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/reverse-engineering-ai-unearths-high-severity-github-bug also interesting: Neues GenAI-Tool soll Open-Source-Sicherheit erhöhen Bug-Bounty-Programm trifft KI ein zweischneidiges Schwert What’s Powering Enterprise AI in 2025: ThreatLabz Report Sneak Peek Shai-Hulud & Co.:…
-
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
Tags: authentication, exploit, flaw, hacker, open-source, rce, remote-code-execution, tool, vulnerabilityHackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on developers’ servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-rce-flaws-in-qinglong-task-scheduler-for-cryptomining/ also interesting: Top 12 ways hackers broke into your systems in 2024 Top 7 zero-day exploitation trends of 2024 The 2024 cyberwar playbook: Tricks used by nation-state…
-
cPanel Vulnerability Exposes Servers to Takeover
A cPanel flaw allows authentication bypass and risks full server compromise, prompting urgent patching. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cpanel-vulnerability-exposes-servers-to-takeover/ also interesting: API Supply Chain Attacks, The Sky’s the Limit Researchers uncover RCE attack chains in popular enterprise credential vaults Recap of Our “Passkeys Pwned” Talk at DEF CON Cybersecurity Snapshot: AI Will…
-
US FDA Piloting Use of AI for ‘Real-Time’ Clinical Trials
Goal Is for Faster, Better Treatment Innovation, Drug Therapies. The U.S. Food and Drug Administration is planning to launch a pilot program aimed at advancing real-time clinical trials through the use of artificial intelligence tools and data science. The goal is to accelerate the development of promising new drugs, which often end up slowed down…
-
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure
Attackers quickly exploited a critical LiteLLM flaw (CVE-2026-42208) to access and modify sensitive database data via SQL injection. Attackers rapidly exploited a critical vulnerability in LiteLLM Python package, tracked as CVE-2026-42208, just days after it became public. The vulnerability, an SQL injection in the proxy API key verification process, lets attackers access and potentially modify database…
-
Zounds, a genuinely helpful AI-assisted bug report that isn’t total slop! Here, Wiz, take this wad of cash
Claude ploughs through months of work in rapid time, helps Wiz researchers nab lucrative award First seen on theregister.com Jump to article: www.theregister.com/2026/04/29/github_woah_a_genuinely_helpful/ also interesting: Die 10 besten APITools GitHub Actions missbraucht Vibe-codierte Ransomware auf Microsoft Marketplace entdeckt Vibe-codierte Ransomware auf Microsoft Marketplace entdeckt
-
Zounds, a genuinely helpful AI-assisted bug report that isn’t total slop! Here, Wiz, take this wad of cash
Claude ploughs through months of work in rapid time, helps Wiz researchers nab lucrative award First seen on theregister.com Jump to article: www.theregister.com/2026/04/29/github_woah_a_genuinely_helpful/ also interesting: Die 10 besten APITools GitHub Actions missbraucht Vibe-codierte Ransomware auf Microsoft Marketplace entdeckt Vibe-codierte Ransomware auf Microsoft Marketplace entdeckt
-
US, China partner on scam center takedown in Dubai
The Justice Department said the operation began last year following “numerous” victim complaints to the FBI by U.S. victims who lost millions through cryptocurrency investment fraud schemes. First seen on therecord.media Jump to article: therecord.media/us-china-partner-on-dubai-scam-compound-takedown also interesting: SMS Pools and what the US Secret Service Really Found Around New York Top 10 Cybersecurity Predictions for…
-
SailPoint CEO: The ‘Tailwind Is Picking Up’ On Securing AI Agents
In an interview with CRN, SailPoint CEO Mark McClain discusses the security implications of rising agentic adoption and AI-powered vulnerability discovery tools such as Anthropic’s Claude Mythos Preview. First seen on crn.com Jump to article: www.crn.com/news/security/2026/sailpoint-ceo-the-tailwind-is-picking-up-on-securing-ai-agents also interesting: Starbucks operations hit after ransomware attack on supply chain software vendor Not all cuts are equal: Security…
-
The Hidden Tax on Security: How Data Costs Are Eating Your Controls Budget
A few months ago I was in a conversation with a CISO at a large financial institution that I’ve known and respected for years, and she said something that every CISO I know has felt but doesn’t get said nearly loudly enough. “Preston, I can justify every dollar I spend on detection. I cannot justify..…
-
Survey Sees Rising Demand for Senior Cybersecurity Pros in Age of AI
A global survey of 2,750 cybersecurity and IT professionals published this week finds that for the third consecutive year a lack of cybersecurity skills is cited as the top cause of security breaches (56%), with 51% reporting they specifically need individuals with senior-level skills. Conducted by Sapio Research on behalf of Fortinet, the survey, however,..…
-
Survey Sees Rising Demand for Senior Cybersecurity Pros in Age of AI
A global survey of 2,750 cybersecurity and IT professionals published this week finds that for the third consecutive year a lack of cybersecurity skills is cited as the top cause of security breaches (56%), with 51% reporting they specifically need individuals with senior-level skills. Conducted by Sapio Research on behalf of Fortinet, the survey, however,..…
-
AI Finds 38 Security Flaws in Electronic Health Record Platform
Flaws in OpenEMR’s platform, used by more than 100,000 healthcare providers, enabled database compromise, remote code execution, and data theft. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/ai-finds-38-security-flaws-openemr also interesting: Top 12 ways hackers broke into your systems in 2024 FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word FAQ on CVE-2026-21514: OLE bypass N-Day…
-
Hackers Abuse Robinhood Signup Process to Deliver Phishing Emails
Robinhood fixed an account-creation flaw that hackers abused to send convincing phishing emails from its own system to some users over the weekend. The post Hackers Abuse Robinhood Signup Process to Deliver Phishing Emails appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-robinhood-phishing-emails-official-address/ also interesting: Russian APT28 compromised Western logistics and IT…
-
GitHub Flaw Enables Remote Code Execution With a Single Git Push
A GitHub flaw (CVE-2026-3854) enabled backend code execution via a single git push, risking exposure of repositories and secrets. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/github-flaw-enables-remote-code-execution-with-a-single-git-push/ also interesting: Malicious Commands in GitHub Codespaces Enable RCE Attackers exploit critical Langflow RCE within hours as CISA sounds alarm CVE-2026-3854 GitHub flaw enables remote code execution 88%…
-
GitHub Flaw Enables Remote Code Execution With a Single Git Push
A GitHub flaw (CVE-2026-3854) enabled backend code execution via a single git push, risking exposure of repositories and secrets. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/github-flaw-enables-remote-code-execution-with-a-single-git-push/ also interesting: Malicious Commands in GitHub Codespaces Enable RCE Attackers exploit critical Langflow RCE within hours as CISA sounds alarm CVE-2026-3854 GitHub flaw enables remote code execution 88%…
-
GitHub Flaw Enables Remote Code Execution With a Single Git Push
A GitHub flaw (CVE-2026-3854) enabled backend code execution via a single git push, risking exposure of repositories and secrets. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/github-flaw-enables-remote-code-execution-with-a-single-git-push/ also interesting: WinDbg Vulnerability Allows Attackers to Execute Remote Code From Clawdbot to Moltbot to OpenClaw: Security Experts Detail Critical Vulnerabilities and 6 Immediate Hardening Steps for the…
-
OpenAI Trades Azure Exclusivity for Enterprise Reach
Renegotiated Pact With Microsoft Clears OpenAI Path to Enterprise Clouds. OpenAI has launched its models and tools on Amazon Web Services, one day after revising its agreement with Microsoft to end years of cloud exclusivity, a move likely driven by competitive pressure from Anthropic’s hold on enterprise AWS customers. First seen on govinfosecurity.com Jump to…
-
UK Biobank Health Data Listed for Sale on Alibaba
UK Government Said It Is Working With Chinese Officials to Remove Listings. The U.K. government is working with Chinese officials to remove the sensitive de-identified data of 500,000 participants of the UK Biobank that was listed for sale on the Chinese e-commerce site Alibaba. U.K. officials said the incident did not appear to involve a…
-
Researchers move in the right direction, develop powerful GPS interference alarm
Tags: unclassifiedORNL says portable detector kit can separate real GPS signals from fake ones even at equal strength First seen on theregister.com Jump to article: www.theregister.com/2026/04/29/boffins_new_gps_interference_alarm/ also interesting: Attraktive Venus-Surferfallen: Die 10 gefährlichsten Damen im Web CYRISMA Wants to Expand Platform Features and Reach After Raising $7M Protest gegen die Kriminalisierung von Filesharing SC Award Winners…
-
Congress, industry ponder government posture for protecting data centers
A hearing of the House Homeland Security panel’s cyber subcommittee weighed whether to designate data centers as a standalone critical infrastructure sector. First seen on cyberscoop.com Jump to article: cyberscoop.com/congress-industry-ponder-government-posture-for-protecting-data-centers/ also interesting: Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros SCADA Vulnerabilities Allow Attackers to…
-
prompted 2026 Your Agent Works For Me Now
Author, Creator & Presenter: Johann Rehberger, Red Team Director Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/unprompted-2026-your-agent-works-for-me-now/ also interesting: Check Point, Cisco Boost AI Investments With Latest Deals Anton’s Security Blog…
-
Hackers arrested for hijacking and selling 610,000 Roblox accounts
The Ukrainian police have arrested three individuals who hacked more than 610,000 Roblox gaming accounts and sold them for a profit of $225,000. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-arrested-for-hijacking-and-selling-610-000-roblox-accounts/ also interesting: Russia Used Borrowed Spyware to Target Ukrainian Troops Hackers Using FLIPPER Devices to Breach IT Systems Arrested by Authorities Top 10 Cybersecurity…
-
Legacy TLS tour continues with Exchange Online blocking old versions from July 2026
Tags: microsoftMicrosoft readies the axe once again for yesterday’s security First seen on theregister.com Jump to article: www.theregister.com/2026/04/29/exchange_online_blocks_old_versions/ also interesting: Vectra erläutert Microsoft Teams aktuelle Schwachstelle l+f: Microsoft verliert Log-Dateien Microsoft Backs Sola’s $35M Push Into Autonomous AI Security Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service
-
Microsoft’s patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
Second try’s a charm? First seen on theregister.com Jump to article: www.theregister.com/2026/04/29/microsoft_zero_click_exploit/ also interesting: The 2024 cyberwar playbook: Tricks used by nation-state actors Google patches Chrome vulnerability used for account takeover and MFA bypass Patch Tuesday priorities: Vulnerabilities in SAP NetWeaver and Microsoft NTLM and Hyper-V The rise of the evasive adversary
-
Navigating FedRAMP’s Move to Certification Classes
Anchored by the FedRAMP Authorization Act and OMB Memo M-24-15, FedRAMP is undergoing a major change that affects virtually every aspect of how cloud service providers pursue, achieve, and maintain federal authorization. Named FedRAMP 20x, this program is meant to streamline compliance and make it easier for cloud products to enter the federal marketplace. The”¦…
-
From Army Ranger to Ethical Hacker: What Cybersecurity Can Learn from the Battlefield
<div cla Cybersecurity doesn’t start with tools”, it starts with mindset. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/from-army-ranger-to-ethical-hacker-what-cybersecurity-can-learn-from-the-battlefield/ also interesting: A US soldier is suspected of being behind the massive Snowflake data leak Pakistani APT Hackers Attacking Indian Govt Entities With Weaponized Shortcut Files Hackers Exploit AutoIT Scripts to Deploy Malware Targeting Windows Systems…
-
From Army Ranger to Ethical Hacker: What Cybersecurity Can Learn from the Battlefield
<div cla Cybersecurity doesn’t start with tools”, it starts with mindset. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/from-army-ranger-to-ethical-hacker-what-cybersecurity-can-learn-from-the-battlefield/ also interesting: A US soldier is suspected of being behind the massive Snowflake data leak Pakistani APT Hackers Attacking Indian Govt Entities With Weaponized Shortcut Files Hackers Exploit AutoIT Scripts to Deploy Malware Targeting Windows Systems…