News – April 2026

April 24, 2026

A US federal agency was successfully targeted by a previously unknown backdoor malware called Firestarter, according to CISA cybersnoops and their UK counterparts – neither of which disclosed the agency’s name. Federal Civilian Executive Branch (FCEB) agencies include NASA; Homeland Security itself (cyberworkers at CISA are part of an operational unit in Homeland Security); the FBI; the DoJ; the IRS; the ...

April 24, 2026

Windows Interprocess Communication (IPC) is one of the most complex technologies within the Windows operating system. At the core of this ecosystem is the Remote Procedure Call (RPC) mechanism, which can function as a standalone communication channel or as the underlying transport layer for more advanced interprocess communication technologies. Because of its complexity and widespread ...

April 24, 2026

Infosec outfit SentinelOne found malware that tries to induce errors in engineering and physics simulation software and therefore represents an attempt at sabotage, and suggests it was created years before the Stuxnet worm that aimed to destroy Iran’s uranium enrichment centrifuges. The company’s Vitaly Kamluk discussed the malware in a talk at the Black Hat Asia ...

April 23, 2026

Apple has released a software update that deals with an issue that could allow deleted notifications to be retrieved. Something that, in at least one reported case, was used by law enforcement during forensic analysis. Apple fixed the issue in iOS and iPadOS versions 18.7.8 and 26.4.2 (check availability for your device at those links). The ...

April 23, 2026

Health information belonging to 500,000 people in the United Kingdom has been stolen and offered for sale on the Chinese website Alibaba, the UK’s technology minister Ian Murray has confirmed. The medical data comes from participants of UK Biobank, the world’s most comprehensive dataset of biological, health, and lifestyle information, compiled from volunteers and used by ...

April 22, 2026

The French government agency that handles the issuing and management of citizens’ identity documents, including national IDs, passports, and immigration documents, confirmed Wednesday that it experienced a data breach. In an announcement, the Agence Nationale des Titres Sécurisés (ANTS) said the data stolen in the breach could include full names, dates and places of birth, mailing ...

April 22, 2026

From 21 to 23 April 2026, a NATO team of cyber experts joined forces NATO Allies Norway and Iceland to participate in Exercise Locked Shields from the Norwegian Cyber Command in Lillehammer, Norway. Organized annually by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), Locked Shields is the live-fire largest cyber defence and cyber resilience ...

April 22, 2026

Enterprises have long trusted Wi-Fi encryption and client isolation to secure their wireless infrastructure. However, Palo Alto conducted research presented at the NDSS Symposium 2026 that reveals that these safeguards can be breached by a novel set of attack techniques that they call AirSnitch. These techniques exploit subtle security issues in protocol-infrastructure interactions to undermine the ...

April 21, 2026

Void Dokkaebi, also tracked as Famous Chollima, is a North Korea-aligned intrusion set that systematically targets software developers who hold cryptocurrency wallet credentials, signing keys, and access to continuous integration/continuous delivery (CI/CD) pipelines and production infrastructure. As previously documented by TrendAI Research, the group poses as recruiters from cryptocurrency and AI firms, luring developers into cloning ...

April 21, 2026

In light of geopolitical tensions that occurred in the Caribbean region in late 2025 and early 2026, artifacts associated with the attack chain of a destructive wiping campaign targeting the energy and utilities sector in Venezuela were identified on a publicly available resource. They were uploaded in mid-December. Two batch scripts are responsible for initiating the ...

April 21, 2026

UK enterprise software consultancy The Adaptavist Group is investigating a security breach after an intruder logged in with stolen credentials, while a ransomware crew claims it grabbed far more than the company is currently admitting. In a letter to customers, Adaptavist’s CEO Simon Haighton-Williams said the biz detected an “IT security incident” in late March after ...

April 21, 2026

Iranian media is claiming that the US used backdoors and/or botnets to disable networking equipment during the current war, and Chinese state media is dining out on the allegations. Reports from Iran claim hardware made by Cisco, Juniper, Fortinet, and MikroTik either rebooted or disconnected during recent attacks on Iran – despite the regime disconnecting the ...

April 20, 2026

Booking a train ticket shouldn’t come with a side of data exposure, but that’s the situation Amtrak customers are now facing. The rail service is dealing with a breach after hackers claimed to have accessed and released millions of customer records online. The exposed dataset was confirmed to contain at least 2.1 million unique accounts, although ...

April 20, 2026

Over the weekend, hackers stole more than $290 million in cryptocurrency from Kelp DAO, a protocol that allows users to earn yields on idle crypto investments. By Monday, LayerZero, one of the projects affected by the hack, accused North Korea of carrying out the heist. The hack is now the largest crypto theft of the year ...

April 20, 2026

Anthropic’s most capable model to date, Claude Mythos Preview (aka Mythos), has been described as a “step change” in AI performance, especially on cybersecurity tasks. Anthropic tried to keep Mythos a secret until a few weeks ago, when a data leak revealed the existence of what the company said was its most powerful artificial intelligence to ...

April 20, 2026

Scammers have found a way to abuse Apple’s email notification system to deliver phishing messages and trick people into giving away sensitive data and system access. Recently, people started receiving emails from the email.apple.com domain, notifying them of a $899 iPhone purchase via PayPal. The email also shared a phone number for the victims to call, ...

April 20, 2026

Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data. Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, Context AI. One of Vercel’s employees ...