Recon

Cyber Kendra208IN STACK · 11d ago

Microsoft's April Patch Breaks Its Own Security Feature — Domain Controllers Are Stuck in Reboot Loops

There is a bitter irony in a security patch disabling the very infrastructure that enterprise security runs on — but that is exactly what Microsoft's April 2026 update has managed to do. Microsoft has confirmed that KB5082063, its April 2026 cumulative security update, is causing Windows domain controllers (the servers that manage user authentication and access across corporate networks) to crash and enter endless restart loops. The culprit is LSASS — the Local Security Authority Subsystem S...

Trail of Bits62 · 12d ago

We beat Google’s zero-knowledge proof of quantum cryptanalysis

Two weeks ago, Google’s Quantum AI group published a zero-knowledge proof of a quantum circuit so optimized, they concluded that first-generation quantum computers will break elliptic curve cryptography keys in as little as 9 minutes. Today, Trail of Bits is publishing our own zero-knowledge proof that significantly improves Google’s on all metrics. Our result is not due to some quantum breakthrough, but rather the exploitation of multiple subtle memory safety and logic vulnerabilities in Goo...

Simon Willison50 · 11d ago

Join us at PyCon US 2026 in Long Beach - we have new AI and security tracks this year

This year's PyCon US is coming up next month from May 13th to May 19th, with the core conference talks from Friday 15th to Sunday 17th and tutorial and sprint days either side. It's in Long Beach, California this year, the first time PyCon US has come to the West Coast since Portland, Oregon in 2017 and the first time in California since Santa Clara in 2013. If you're based in California this is a great opportunity to catch up with the Python community, meet a whole lot of interesting people ...

Huntress Blog46 · 12d ago

Untangling a Linux Incident With an OpenAI Twist

A Linux user recently tried to respond to potentially malicious behavior on their machine using OpenAI’s Codex coding agent, before installing the Huntress agent. What ensued shows the unexpected impacts of this AI use case on DFIR investigations.

Simon Willison45 · 12d ago

datasette 1.0a28

Release: datasette 1.0a28 I was upgrading Datasette Cloud to 1.0a27 and discovered a nasty collection of accidental breakages caused by changes in that alpha. This new alpha addresses those directly: Fixed a compatibility bug introduced in 1.0a27 where execute_write_fn() callbacks with a parameter name other than conn were seeing errors. ( #2691 ) The database.close() method now also shuts down the write connection for that database. New datasette.close() method for closing down all d...

Huntress Blog40 · 12d ago

Disrupting Attacks on Endpoints | Attack Disruption Engine

Standard EDR creates a gap between detection and action. Huntress closes it. Learn how our Attack Disruption Engine automatically disrupts threat actors and reduces the impact of endpoint attacks.

Microsoft Security Blog37 · 12d ago

Containing a domain compromise: How predictive shielding shut down lateral movement

Domain compromise accelerates fast. Predictive shielding slowed it down. This real-world attack shows how exposure-based containment stopped credential abuse and broke the threat actor's momentum. The post Containing a domain compromise: How predictive shielding shut down lateral movement appeared first on Microsoft Security Blog .

Rapid7 Blog35 · 11d ago

Metasploit Wrap-Up 04/17/2026

Happy Friday - Seven New Metasploit Modules We’re happy to announce that Metasploit Framework had a big week, landing seven new modules alongside various bug fixes and enhancements. This week’s highlights include RCE modules targeting AVideo, openDCIM, Selenium Grid/Selenoid, and ChurchCRM. On the post-exploitation side, Windows saw three new persistence techniques added as modules, targeting Telemetry scheduled tasks, PowerShell profiles, and Microsoft BITS. What a time to be alive as a Meta...

Huntress Blog34 · 11d ago

Uptick in Bomgar RMM Exploitation

The Huntress SOC has seen a recent uptick in incidents involving compromised Bomgar remote monitoring and management (RMM) instances.

Huntress Blog34 · 12d ago

Attackers Love Your VPN To-Do List

VPN misconfiguration is behind 70% of intrusions. See real Huntress SOC incidents and learn the simple steps to close your biggest open door before attackers walk through it.

The Hacker News30 · 12d ago

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse (

The Hacker News28 · 12d ago

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To that end, the agency has added the vulnerability, tracked as CVE-2026-34197 (CVSS score: 8.8), to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian

[DRAGNET]22 · 11d ago

Disgruntled researcher releases second major Windows Defender zero-day

Disgruntled researcher releases second major Windows Defender zero-day TechRadar

Cloudflare20 · 12d ago

Shared Dictionaries: compression that keeps up with the agentic web

Today, we’re excited to give you a sneak peek of our support for shared compression dictionaries, show you how it improves page load times, and reveal when you’ll be able to try the beta yourself.

SitePoint20 · 12d ago

The Claude.md Trick: How to Build Full-Stack Apps 5x Faster with One File

Taylor Pearson's Claude.md workflow uses a single Markdown file as a persistent source of truth for iterative AI coding. Here's how it works and why it's changed how indie hackers build software. Continue reading The Claude.md Trick: How to Build Full-Stack Apps 5x Faster with One File on SitePoint .

Real Python20 · 12d ago

The Real Python Podcast – Episode #291: Reassessing the LLM Landscape & Summoning Ghosts

What are the current techniques being employed to improve the performance of LLM-based systems? How is the industry shifting from post-training towards context engineering and multi-agent orchestration? This week on the show, Jodie Burchell, data scientist and Python Advocacy Team Lead at JetBrains, returns to discuss the current AI coding landscape.

The Register (Security)17 · 11d ago

CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack

Bug hiding in plain sight for over a decade lands on KEV list CISA is sounding the alarm on a newly-exploited Apache ActiveMQ bug, ordering federal agencies to patch within two weeks as attackers circle a flaw that's been quietly lurking for more than a decade.…

Infosecurity17 · 12d ago

Commercial AI Models Show Rapid Gains in Vulnerability Research

AI models are making rapid gains in vulnerability research and exploit development, raising new cybersecurity risks, a Forescout study finds

SANS ISC15 · 12d ago

ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)

ProjectDiscovery.io | Blog14 · 11d ago

Neo v. DIY: The gap between a single finding and a mature security program

In our latest webinar, our Founding Solutions Engineer, Davis Franklin, addressed the massive gap between finding a vulnerability with an LLM and running a mature security program. That gap is what Neo is built to close. With the release of Opus 4.6 and the announcement of Mythos, the question we hear constantly has gotten louder: Can I just build this with Claude Code? The short answer is yes. You can spin up a working PoC in about half an hour, find a real vulnerability, and feel genuinely co

Phoronix (Linux)13 · 12d ago

Intel Xe2 Lunar Lake Linux Graphics Performance Up ~17% Over Past Year

Given the Ubuntu 26.04 LTS release being imminent and also realizing it's been nearly one year to the day since reviewing the Lenovo ThinkPad X1 Carbon Gen 13 Aura Edition laptop under Linux, I ran some fresh benchmarks for seeing how the integrated Xe2 graphics have evolved on Linux over the past year.

The Hacker News13 · 12d ago

Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul

Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9 million accounts in 2025. The new policy updates relate to contact and location permissions in Android, allowing third-party apps to access the contact lists and a user's location in

The Hacker News13 · 12d ago

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions. "CVEs that do not meet those criteria will still be listed in the NVD but will not

SitePoint12 · 12d ago

DeepSeek V4 Released: What's New in the Latest Model (2026)

Breaking news on DeepSeek V4 release with analysis of new features. Continue reading DeepSeek V4 Released: What's New in the Latest Model (2026) on SitePoint .

Erlang Solutions12 · 12d ago

SAFE: Bringing Real Static Analysis to the BEAM

Dali Khechine, from the SAFE team looks at how SAFE uses data-flow analysis to surface real security risks in BEAM applications without the noise. The post SAFE: Bringing Real Static Analysis to the BEAM appeared first on Erlang Solutions .

The Register (Security)12 · 12d ago

Claude Opus wrote a Chrome exploit for $2,283

Pause your Mythos panic because mainstream models anyone can use already pick holes in popular software Anthropic withheld its Mythos bug-finding model from public release due to concerns that it would enable attackers to find and exploit vulnerabilities before anyone could react.…

Platformer (Platform Intelligence)12 · 12d ago

The scientific case for being nice to your chatbot

New research confirms that LLMs often perform better when you encourage them. But why?

SearchSecurity12 · 12d ago

RSAC 2026 Conference: Key news and industry analysis

Check out SearchSecurity's RSAC 2026 guide for reports on notable presentations and breaking news at the world's biggest infosec event.

Malwarebytes Unpacked11 · 12d ago

“Your shipment has arrived” email hides remote access software

This DHL-themed email tries to get recipients to install remote access software attackers can use to deploy further malware, including ransomware.

SentinelOne9 · 12d ago

The Good, the Bad and the Ugly in Cybersecurity – Week 16

Authorities take down W3LL phishing ring, AgingFly malware steals Ukrainian government data, and actors exploit Nginx flaw to hijack servers.

IEEE Spectrum8 · 12d ago

Designing Broadband LPDA-Fed Reflector Antennas With Full-Wave EM Simulation

A practical guide to designing log-periodic dipole array fed parabolic reflector antennas using advanced 3D MoM simulation — from parametric modeling to electrically large structures. What Attendees will Learn How to set design requirements for LPDA-fed reflector antennas — Understand the key specifications including bandwidth ratio, gain targets, and VSWR matching constraints across the full operating range from 100 MHz to 1 GHz. Why advanced 3D EM solvers enable simulation of electrically l...

Cloudflare8IoCs DETECTED · 12d ago

Unweight: how we compressed an LLM 22% without sacrificing quality

Running LLMs across Cloudflare’s network requires us to be smarter and more efficient about GPU memory bandwidth. That’s why we developed Unweight, a lossless inference-time compression system that achieves up to a 22% model footprint reduction, so that we can deliver faster and cheaper inference than ever before.

Graham Cluley8 · 12d ago

Singer loses life savings to fake wallet downloaded from the Apple App Store

If you hold cryptocurrency, there's a very simple golden rule that you should always follow. Never hand over your seed phrase. Garrett Dutton, better known as G. Love - the front man of blues-hip-hop outfit G. Love & Special Sauce - has learnt that lesson the hard way. Read more in my article on the Hot for Security blog.

shkspr.mobi8 · 12d ago

Book Review: How To Kill A Witch - A Guide For The Patriarchy by Claire Mitchell and Zoe Venditozzi ★★★⯪☆

After reading The Wicked of the Earth, I wanted to understand some of the history behind the stories. Why were women accused of being witches? What really happened in those trials? What are the modern consequences of those events? This is the story of the Scottish Witch Trials - with brief forays into England and abroad. It examines the central tension of whether witchcraft was real to the…

Red Hat Security8 · 12d ago

MCP security: Containerization and Red Hat OpenShift integration

In our previous 3 articles, we laid the groundwork for a protected Model Context Protocol (MCP) ecosystem by analyzing the current threat landscape, implementing robust authentication and authorization, and exploring critical logging and runtime security measures. These focused on who can access what, and how to monitor those interactions. Now, we'll shift the focus to the physical and virtual environments in which these systems live. Of course, security-focused development is only half the b...

gilesthomas.com6 · 11d ago

How an LLM becomes more coherent as we train it

I remember finding it interesting when, back in 2015, Andrej Karpathy posted about RNNs and gave an example of how their output improves over the course of a training run . What might that look like for a (relatively) modern transformers-based LLM? I recently trained a GPT-2-small-style LLM, with 163 million parameters, on about 3.2 billion tokens (that's about 12.8 GiB of text) from the Hugging Face FineWeb dataset, and over the course of that training run, I saved the current model periodic...

[DRAGNET]5 · 11d ago

2026-04-17