Collecting Cyber-News from over 60 sources

Tag: infrastructure

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

Apr 23, 2026 5:39 AM

Tags: access, ai, attack, browser, ciso, control, cyber, data-breach, exploit, flaw, hacking, incident response, infrastructure, intelligence, monitoring, openai, software, threat, tool, unauthorized, vulnerability

Defenders now able to win ‘decisively’?: Gaps between human-discoverable and AI-discoverable bugs favor attackers, who can afford to concentrate months of human effort to find just one bug they can exploit, Holley noted. Closing this gap with AI can help defenders erode that long-term advantage.The industry has largely been fighting security “to a draw,” he…
Malicious pgserve, automagik developer tools found in npm registry

Apr 23, 2026 5:39 AM

Tags: access, attack, breach, cloud, control, corporate, credentials, crypto, data, firewall, github, infrastructure, least-privilege, malicious, malware, network, open-source, password, radius, risk, service, software, tactics, theft, threat, tool, worm

Advice to victimized developers: Developers who have downloaded the malicious versions of pgserver and automagik need to act fast, says Tanya Janca, head of Canadian secure coding consultancy SheHacksPurple.”Rotate every credential you can think of, right now, before you do anything else,” she said. “Then harden your CI/CD network egress controls so your build runners…
5 Red Flags für Unternehmen, bei denen Infrastruktur zum Risiko wird

Apr 23, 2026 5:39 AM

Tags: infrastructure, risk

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/5-red-flags-unternehmen-infrastruktur-risiko
Thales named a 2026 Google Partner of the Year Infrastructure Modernization: Sovereign Cloud Category

Apr 23, 2026 5:39 AM

Tags: access, ai, application-security, cloud, compliance, container, control, cyber, data, encryption, finance, google, government, group, Hardware, infrastructure, insurance, privacy, service, software, unauthorized

Thales named a 2026 Google Partner of the Year Infrastructure Modernization: Sovereign Cloud Category josh.pearson@t“¦ Wed, 04/22/2026 – 23:56 Thales was recognized with a 2026 Google Cloud Partner of the Year award in the Infrastructure Modernization: Sovereign Cloud category. This award highlights partners who have had a significant impact within the Google Cloud ecosystem, particularly…
Thales named a 2026 Google Partner of the Year Infrastructure Modernization: Sovereign Cloud Category

Apr 23, 2026 5:39 AM

Tags: access, ai, application-security, cloud, compliance, container, control, cyber, data, encryption, finance, google, government, group, Hardware, infrastructure, insurance, privacy, service, software, unauthorized

Thales named a 2026 Google Partner of the Year Infrastructure Modernization: Sovereign Cloud Category josh.pearson@t“¦ Wed, 04/22/2026 – 23:56 Thales was recognized with a 2026 Google Cloud Partner of the Year award in the Infrastructure Modernization: Sovereign Cloud category. This award highlights partners who have had a significant impact within the Google Cloud ecosystem, particularly…
Riddled with flaws, serialEthernet converters endanger critical infrastructure

Apr 23, 2026 5:39 AM

Tags: access, authentication, control, credentials, data, data-breach, exploit, firmware, flaw, infrastructure, malicious, network, open-source, password, rce, remote-code-execution, risk, service, threat, update, vulnerability

New RCE and other vulnerabilities: Aside from all the known vulnerabilities from open-source components, the Forescout researchers also performed manual security analysis and identified previously unknown flaws in the firmware of three specific devices from two vendors: Lantronix EDS3000PS Series, Lantronix EDS5000 Series, and Silex SD330-AC.The web-based management interface of the Lantronix EDS5000 had five…
Riddled with flaws, serialEthernet converters endanger critical infrastructure

Apr 23, 2026 5:39 AM

Tags: access, authentication, control, credentials, data, data-breach, exploit, firmware, flaw, infrastructure, malicious, network, open-source, password, rce, remote-code-execution, risk, service, threat, update, vulnerability

New RCE and other vulnerabilities: Aside from all the known vulnerabilities from open-source components, the Forescout researchers also performed manual security analysis and identified previously unknown flaws in the firmware of three specific devices from two vendors: Lantronix EDS3000PS Series, Lantronix EDS5000 Series, and Silex SD330-AC.The web-based management interface of the Lantronix EDS5000 had five…
Interview: Critical local infrastructure is missing link in UK cyber resilience

Apr 22, 2026 11:39 PM

Tags: ai, cyber, infrastructure, resilience, strategy

Jonathan Lee, director of cyber strategy at Trend AI, argues for more focus on local and municipal cyber resilience First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641946/Interview-Critical-local-infrastructure-is-missing-link-in-cyber-resilience
You’re Not Watching MCPs. Anthropic’s Vulnerability Shows Why You Should Be.

Apr 22, 2026 10:39 PM

Tags: access, ai, api, attack, authentication, breach, control, credentials, cve, data, framework, hacker, infrastructure, injection, LLM, remote-code-execution, risk, saas, siem, supply-chain, threat, update, vulnerability

Last week, researchers at OX Security published findings that should stop every security leader in their tracks. They discovered a critical vulnerability baked directly into Anthropic’s Model Context Protocol SDK, affecting every supported language: Python, TypeScript, Java, and Rust. The result: remote code execution on any system running a vulnerable MCP implementation, with direct access…
A Poisoned Xinference Package Targets AI Inference Servers

Apr 22, 2026 10:39 PM

Tags: ai, infrastructure, pypi

Three poisoned xinference releases on PyPI target AI infrastructure credentials. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/a-poisoned-xinference-package-targets-ai-inference-servers/
UK government says 100 countries have spyware that can hack people’s phones

Apr 22, 2026 4:38 PM

Tags: access, attack, cybersecurity, government, infrastructure, phone, spyware, technology, threat

The U.K.’s cybersecurity chief warned that U.K. businesses and critical infrastructure are underestimating the threat from spyware attacks and other cyberthreats, with more governments having access to the powerful surveillance technology than ever. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/22/uk-government-says-100-countries-have-spyware-that-can-hack-peoples-phones/
109 Fake GitHub Repos Spread SmartLoader, StealC Malware

Apr 22, 2026 3:39 PM

Tags: blockchain, cyber, detection, github, infrastructure, malicious, malware, open-source

A coordinated malware operation is abusing fake GitHub repositories to distribute a LuaJIT-based loader, SmartLoader, and a follow-on StealC infostealer, with at least 109 malicious repos active across 103 accounts. The campaign blends cloned open source code, obfuscated Lua stages, and blockchain-backed C2 resolution to evade detection and keep infrastructure agile. Instead of relying on…
Researchers Uncover SIM Farm-as-a-Service Operation Spanning 87 Panels in 17 Nations

Apr 22, 2026 3:39 PM

Tags: control, cyber, data-breach, infrastructure, intelligence, phone, service, software

Infrastructure intelligence firm Infrawatch has exposed a globally distributed SIM Farm-as-a-Service ecosystem powered by a single Belarus-based software platform called ProxySmart, identifying 87 exposed control panels across 17 countries and at least 94 physical phone-farm locations. A SIM farm is a physical rack of smartphones or 4G/5G USB modems, each loaded with active SIM cards…
New GoGra malware for Linux uses Microsoft Graph API for comms

Apr 22, 2026 12:39 PM

Tags: api, backdoor, infrastructure, linux, malware, microsoft

A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy payload delivery. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-gogra-malware-for-linux-uses-microsoft-graph-api-for-comms/
Anthropic bets on EPSS for the coming bug surge

Apr 22, 2026 11:39 AM

Tags: ai, cisco, ciso, cloud, crowdstrike, cve, cvss, cyber, data, exploit, flaw, government, Hardware, healthcare, infrastructure, network, update, vulnerability

Security leaders weigh promise versus reality: Security vendors are increasingly incorporating EPSS scores into their systems.According to Roytman, EPSS has been incorporated into more than 120 security vendors’ products, including CrowdStrike, Cisco, Palo Alto Networks, Qualys, and Tenable platforms.”I do not think other CISOs realize how broadly EPSS has been adopted, but that adoption is…
Oil crisis? What oil crisis? IT spending de-coupled from wider war shock

Apr 22, 2026 11:39 AM

Tags: ai, cloud, gartner, infrastructure

Gartner sees accelerating growth in IT spending, powered by cloud and AI infrastructure investment First seen on theregister.com Jump to article: www.theregister.com/2026/04/22/oil_crisis_what_oil_crisis/
Amazon, Anthropic Expand Alliance With 5GW Compute Push to Power Claude

Apr 22, 2026 9:39 AM

Tags: ai, cyber, infrastructure, training

Amazon and Anthropic have announced a massive expansion of their strategic partnership. The tech giants signed a new agreement to secure up to 5 gigawatts (GW) of compute capacity for training and deploying the Claude AI model. This aggressive push highlights the immense infrastructure required to securely and efficiently support rapidly advancing generative AI technologies.…
French Authorities Confirm Data Breach Amid Hackers’ Data Leak Allegations

Apr 22, 2026 8:39 AM

Tags: breach, cyber, data, data-breach, government, hacker, identity, infrastructure, intelligence, leak, security-incident, threat

The French National Agency for Secure Documents (ANTS) has officially confirmed a severe data breach affecting its central government portal. This critical infrastructure system manages the issuance of national identity cards, passports, vehicle registration certificates, and driver’s licenses nationwide. Recent threat intelligence reports suggest this security incident represents a massive compromise that could impact up…
French Authorities Confirm Data Breach Amid Hackers’ Data Leak Allegations

Apr 22, 2026 8:39 AM

Tags: breach, cyber, data, data-breach, government, hacker, identity, infrastructure, intelligence, leak, security-incident, threat

The French National Agency for Secure Documents (ANTS) has officially confirmed a severe data breach affecting its central government portal. This critical infrastructure system manages the issuance of national identity cards, passports, vehicle registration certificates, and driver’s licenses nationwide. Recent threat intelligence reports suggest this security incident represents a massive compromise that could impact up…
Thousands of Apache ActiveMQ instances still unpatched, weeks after an actively exploited hole discovered

Apr 21, 2026 11:39 PM

Tags: ai, apache, cybersecurity, defense, exploit, flaw, infrastructure, LLM, software, tool, update, vulnerability

CSO. “In a world where an LLM can help an attacker weaponize a bug the second it’s announced, taking 12 days to patch is essentially a suicide note for your network”.Vulnerable are versions of ActiveMQ and ActiveMQ Broker before 5.19.4, and 6.0 to before 6.2.3; this means the flaw could have been exploited for over…
Forescout Uncovers New Security Risks in Widely Used Industrial Networking Devices

Apr 21, 2026 6:39 PM

Tags: cyberattack, cybersecurity, data-breach, infrastructure, risk, vulnerability

Cybersecurity firm Forescout has identified 22 previously unknown vulnerabilities in serial-to-IP converters, devices commonly used to connect legacy industrial equipment to modern networks. The company warns that thousands of these systems are currently exposed online, potentially increasing the risk of cyberattacks across critical infrastructure sectors. The findings are part of a new research initiative called…
Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations

Apr 21, 2026 3:39 PM

Tags: access, ai, api, automation, cloud, credentials, cybersecurity, data, data-breach, endpoint, finance, flaw, identity, infrastructure, microsoft, saas, service, tool

Watching a privileged operator think out loud: The category of flaw should not be compared too closely to a conventional API bug, said Alexander Hagenah, cybersecurity researcher and executive director at Zurich-based financial infrastructure operator SIX Group.”A normal API issue is usually bound by a specific endpoint, dataset, or permission check. With an AI operations…
Why identity is the driving force behind digital transformation

Apr 21, 2026 12:39 PM

Tags: access, ai, business, control, cyberattack, data, detection, email, finance, fraud, identity, infrastructure, jobs, login, privacy, risk, software, tool, update

Who they are and what they are up to.The project they are working on.Which environment should they use?Using this information, the system can determine which resource someone needs, when they need it and how to use it. The principle behind it is ‘never trust, always verify’. With it, errors that normally occur are reduced, less…
U.S. CISA adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog

Apr 21, 2026 12:39 PM

Tags: cisa, cisco, cybersecurity, exploit, flaw, infrastructure, kev, vulnerability

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco Catalyst, Kentico Xperience, PaperCut NG/MF, Synacor ZCS, Quest KACE SMA, and JetBrains TeamCity flaws to its Known…
Top techniques attackers use to infiltrate your systems today

Apr 21, 2026 11:39 AM

Tags: 2fa, access, ai, api, attack, authentication, automation, business, captcha, cloud, container, control, corporate, credentials, cybercrime, cybersecurity, data, deep-fake, defense, detection, email, exploit, flaw, hacking, Hardware, identity, infrastructure, least-privilege, malicious, mfa, microsoft, monitoring, network, password, phishing, powershell, ransomware, risk, saas, scam, service, social-engineering, software, supply-chain, theft, tool, training, vpn, vulnerability, worm

Network security device hacking: Network edge devices have increasingly drawn attackers’ attention over the past two years, establishing a new battleground where the very devices meant to protect the network have become attractive targets for exploitation.As a result, flaws in security device, such as SSL VPN systems and other gateways, are among the top initial…
The thin gray line: Handala, CyberAv3ngers and Iran’s proxy ops

Apr 21, 2026 11:39 AM

Tags: access, apt, breach, control, country, cyber, espionage, government, group, hacking, infrastructure, intelligence, iran, military, stuxnet, threat

A state of perpetual interference: To understand how proxy insurgent groups such as Handala fit within Iran’s modern-day intelligence ecosystem, we first need to look at the historical development of the country’s intelligence operations.In 1953, the United States and Britain (via conduit operations of the CIA and MI6, respectively) instigated a coup in Iran that…
CISA Adds 8 Exploited Vulnerabilities Affecting Cisco, Zimbra, TeamCity

Apr 21, 2026 11:39 AM

Tags: cisa, cisco, cybersecurity, exploit, flaw, infrastructure, kev, update, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) have expanded its Known Exploited Vulnerabilities, commonly referred to as the KEV catalog, with eight newly identified security flaws that are currently being exploited in real-world attacks. The update was announced on April 21, 2026. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-kev-catalog-vulnerabilities/
CISA Alerts Defenders to Exploited Cisco Catalyst SD-WAN Manager Security Flaws

Apr 21, 2026 9:39 AM

Tags: cisa, cisco, cyber, cybersecurity, exploit, flaw, infrastructure, kev, network, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning to network defenders regarding the active exploitation of Cisco Catalyst SD-WAN Manager. On April 20, 2026, CISA officially added three distinct security flaws affecting the platform to its Known Exploited Vulnerabilities (KEV) catalog. Cisco Catalyst SD-WAN Manager is a critical administrative console used…
CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

Apr 21, 2026 9:39 AM

Tags: authentication, cisa, cisco, cve, cybersecurity, exploit, flaw, infrastructure, kev, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active exploitation.The list of vulnerabilities is as follows -CVE-2023-27351 (CVSS score: 8.2) – An improper authentication vulnerability in PaperCut First seen on thehackernews.com…
CISA Warns Compromised Axios npm Package Fueled Major Supply Chain Attack

Apr 21, 2026 7:39 AM

Tags: attack, cisa, cyber, cybersecurity, infrastructure, software, supply-chain

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a severe software supply chain compromise affecting the widely used Axios node package manager (npm). Axios is a highly popular JavaScript library that developers rely on to handle HTTP requests in both Node.js and browser environments. Because of its massive global adoption…