Rapid7 Blog52 · 2026-04-13 12:57
Turning Log Lines into Answers: Instant Clarity for SOC Teams
Security teams are flooded with logs, yet every alert demands fast, accurate context. In Verizon’s 2025 Data Breach Investigations Report [1], they analyzed 22,052 security incidents, of which 12,195 (55%) were confirmed breaches, underscoring how much activity teams must sift through to find what matters. In practice, that means dozens of investigations per shift, each requiring fast judgment with incomplete context. A 2024 SANS survey shows that SOC teams report alert volume, limited contex...
Qualys Threat Research45 · 2026-04-13 15:44
Anatomy of an Autonomous AI Agent Risk: How Qualys ETM Connects the Dots on OpenClaw
Executive Summary An unauthorized OpenClaw AI agent was detected disguised as a routine package on a Windows Server host. The situation escalated into a priority incident when Qualys ETM analyzed and correlated four distinct signals. While none of these signals alone warranted urgent action, the combination of endpoint, exposure, and identity telemetry indicated an active […]
Qualys Threat Research45 · 2026-04-13 15:00
Deep Scan: Expanding Vulnerability Detection Beyond Traditional Boundaries
Security teams estimate that a significant percentage of enterprise software is installed outside standard system directories or package-managed locations, creating persistent visibility gaps for traditional vulnerability-scanning methods. As environments become more decentralized, with applications spread across different drives, custom installation locations, and unmanaged folders, organizations require more advanced inspection capabilities to maintain clear and accurate […]
The Hacker News25 · 2026-04-13 14:46
FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts
The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an off-the-shelf toolkit called W3LL to steal thousands of victims' account credentials and attempt more than $20 million in fraud. In tandem, authorities detained the alleged developer, who has&
Cyber Threat Alliance17 · 2026-04-13 20:52
CTA Webinar: Shaken and Stirred – Geopolitics and Cybersecurity in 2026
Geopolitics has always affected cybersecurity, but the current turmoil has upended many of the assumptions that drove cybersecurity operations and business. Navigating the changes requires both adaptability and resilience, based on clear-eyed analysis of the threat landscape. Join Michael Daniel, Christopher Painter, Anna Collard, and Sergey Shykevich as they discuss how geopolitical fragmentation could affect … Continued The post CTA Webinar: Shaken and Stirred – Geopolitics and Cybersecurit...
Cyber Kendra17 · 2026-04-13 17:08
Kraken Refuses to Pay Criminal Extortionists After Two Insider Breaches Exposed 2,000 Client Accounts
Crypto exchange Kraken is standing firm against an active extortion campaign after criminals — armed with recorded videos of internal support systems — threatened to leak sensitive client data unless the company paid up. Kraken's response was unambiguous: no payment, no negotiation, and now a federal investigation. The disclosure, made directly by Chief Security Officer Nick Percoco on X, confirms two separate incidents involving unauthorised insider access to Kraken's client support systems ...
Hackerman's Hacking Tutorials15 · 2026-04-13 06:07
AI Borked my Keyboard - Reversing the Aula F108 Pro Software
I used GPT-5.4 and Claude Opus 4.6 to reverse engineer the Aula F108 Pro keyboard's software using Ghidra MCP. This is how I did it, what setbacks I had, and how (A)I borked the keyboard's screen despite constant supervision and review. A common issue with the keyboard is that it ACKs bad messages, then silently drops them. Did Gene Wolfe write this firmware? I also introduce the novel wording of (A)I , meaning both I and AI did something, because everyone is making things up, why not me? I a...
Deeplinks14 · 2026-04-13 22:07
The Dangers of California’s Legislation to Censor 3D Printing
California’s bill, A.B. 2047 , will not only mandate censorware — software which exists to bluntly block your speech as a user — on all 3D printers; it will also criminalize the use of open-source alternatives. Repeating the mistakes of Digital Rights Management (DRM) technologies won’t make anyone safer. What it will do is hurt innovation in the state and risk a slew of new consumer harms, ranging from surveillance to platform lock-in. California must stand with creators and reject this legi...
Proofpoint Threat Insight14 · 2026-04-13 14:48
Mailbox rules in O365—a post-exploitation tactic in cloud ATO
Key Takeaways Mailbox rules are a high-risk post-exploitation tactic. Attackers abuse native mailbox rules for exfiltration, persistence, and communication manipulation. Combined with third-party services and domain spoofing, attackers can hijack threads, impersonate victims, and manipulate vendor communications, all without network-level interception. It's more common than you think. Approximately 10% of compromised accounts in Q4 2025 had malicious mailbox rules created shortly after init...
The Hacker News13 · 2026-04-13 17:15
JanelaRAT Malware Targets Latin American Banks with 14,739 Attacks in Brazil in 2025
Banks and financial institutions in Latin American countries like Brazil and Mexico have continued to be the target of a malware family called JanelaRAT. A modified version of BX RAT, JanelaRAT is known to steal financial and cryptocurrency data associated with specific financial entities, as well as track mouse inputs, log keystrokes, take screenshots, and collect system metadata. "One of the
The Hacker News13 · 2026-04-13 06:50
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user data or internal system was compromised. "Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps," OpenAI said in a post last week. "We found no
Deeplinks8 · 2026-04-13 17:35
Hot Off the Press: EFF's Updated Guide to Tech at the US-Mexico Border
When people see Customs & Border Protection's giant, tethered surveillance blimp flying 20 miles outside of Marfa, Texas, lots of them confuse it with an art installation. Elsewhere along the U.S.-Mexico border, surveillance towers get mistaken for cell-phone towers. And that traffic barrel? It's actually a camera. That piece of rusted litter? That's a camera too. Today we are publishing a major update to our zine, " Surveillance Technology at the U.S.-Mexico Border ," the first since the sec...
SitePoint8 · 2026-04-13 13:48
How to Use Semrush One MCP to Power AI Tools with Real SEO Data
Learn how to connect Semrush One MCP to ChatGPT, Claude, and Cursor to get real-time keyword, backlink, and competitive data inside your AI tools automatically. Continue reading How to Use Semrush One MCP to Power AI Tools with Real SEO Data on SitePoint .