Docker208IN STACKIoCs DETECTED · 6d ago
Trivy, KICS, and the shape of supply chain attacks so far in 2026
Catching the KICS push: what happened, and the case for open, fast collaboration In the past few weeks we've worked through two supply chain compromises on Docker Hub with a similar shape: first Trivy, now Checkmarx KICS. In both cases, stolen publisher credentials were used to push malicious images through legitimate publishing flows. In both...
Trail of Bits57 · 6d ago
Trailmark turns code into graphs
We’re open-sourcing Trailmark , a library that parses source code into a queryable call graph of functions, classes, call relationships, and semantic metadata, then exposes that graph through a Python API that Claude skills can call directly. Install it now: uv pip install trailmark “Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.” John Lambert’s widely cited observation about network security applies just as well to AI-assisted software analysis. ...
Mandiant | Transform Your Cybersecurity24 · 5d ago
M-Trends 2026: By the Numbers
Distilling insights from over 500k hours of Mandiant incident investigations in 2025, and Google Threat Intelligence Group (GTIG) research, the M-Trends 2026 Report reveals the critical shifts defining today's threat landscape. Based on our frontline data from January 1 to December 31, 2025, this report helps organizations understand the exact tactics adversaries used last year, equipping security leaders with detailed, actionable strategies needed to disrupt them. Join our expert threat anal...
Help Net Security20 · 6d ago
Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950)
Apple has rolled out security updates for iPhones and iPads that fix CVE-2026-28950, a logging issue in Notification Services that made devices unexpectedly retain notifications marked for deletion. The vulnerability was patched following a recent report about the FBI accessing a suspect’s Signal message notification content on their iPhone, despite Signal being deleted from the device. As usual, Apple did not offer more details about the flaw; it just said that the issue was addressed … More...
Cyber Kendra17 · 6d ago
Bitwarden CLI Hijacked to Steal Your AWS, GitHub, and SSH Secrets
If you installed Bitwarden's command-line password manager this month, your developer credentials — including cloud keys, SSH material, and GitHub tokens — may already be in an attacker's hands. Security researchers at Socket and JFrog have confirmed that @bitwarden/cli version 2026.4.0 , published to npm, was backdoored as part of the same sprawling Checkmarx supply chain campaign that previously poisoned official KICS Docker images and VS Code extensions. The attack vector was a compromise...
Help Net Security17 · 6d ago
Aqua Compass MCP server enables real-time investigation and containment of runtime threats
Aqua Security has announced Aqua Compass, a Model Context Protocol (MCP) server that enables agentic investigation, containment and remediation of runtime incidents, and new runtime risk dashboards. These capabilities help security teams move beyond identifying risk and focus on containing threats in running applications. The announcement builds on Aqua’s Secure AI capabilities, extending the company’s AI innovation from protecting AI applications to applying AI directly to runtime security o...
HackerNoon17 · 6d ago
The 'Moat' is a Config File: Analysis of Leaked System Prompts from OpenAI, Anthropic, Google & More
The viral GitHub repository CL4R1T4S has crowdsourced and leaked the raw, hidden system prompts defining the behavior of every major AI product, from ChatGPT and Claude to Devin and Cursor. This massive leak fundamentally proves that while the underlying LLMs are becoming commoditized, the system prompt is the actual product, serving as the load-bearing configuration layer that dictates personality, ethical constraints, business logic, and tool invocation pathways. side-by-side analysis of ke...
Help Net Security17 · 6d ago
GopherWhisper APT group hides command and control traffic in Slack and Discord
Attackers continue to lean on everyday collaboration platforms to hide command and control traffic inside normal enterprise noise. A newly identified China-aligned APT group pushes that trend further, running its operations through Slack workspaces, Discord servers, Outlook drafts, and the file.io sharing service. GopherWhisper toolset overview ESET researchers have named the group GopherWhisper and tied it to an intrusion at a Mongolian governmental entity. The name draws on two elements: mo...
The Hacker News17 · 6d ago
Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case
Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device. The vulnerability, tracked as CVE-2026-28950 (CVSS score: N/A), has been described as a logging issue that has been addressed with improved data redaction. "Notifications marked for deletion could be unexpectedly retained on the device,"
HackerNoon17 · 6d ago
Bitcoin's Quantum Migration Playbook — Every Proposal Compared
Google's March 2026 research slashed the qubit threshold for breaking Bitcoin's encryption by 20x, putting ~6.9 million BTC at risk. Seven proposals are now competing to quantum-proof Bitcoin: BIP-360 (new quantum-safe address type, already on testnet), QRAMP (mandatory migration with a coin-burn deadline), QSAVE (escrow custody for vulnerable coins), OP_CAT + Lamport signatures (a fast opt-in bridge fix), Blockstream's SHRINCS hash-based signatures (testing on Liquid), Winternitz Vaults (lay...
Intigriti17 · 6d ago
Vulnpocalypse Now? How AI is changing vulnerability discovery
What you will learn How vulnerability research and security testing may evolve in the future, based on expert insights and reflections from Intigriti COO Ed Parsons. How AI is reshaping vulnerability discovery, including the major trends and developments security teams should understand today. The ‘vulnpocalypse’, and what it signals about the future of AI-assisted hacking. The risks, opportunities, and practical impact of AI-supported hackers. Contextualizing AI’s impact Intigriti i…
The Hacker News16 · 6d ago
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they took the extraordinary step of postponing its public release. Instead, the company has given access to Apple, Microsoft, Google, Amazon, and a coalition of others to find and patch bugs before adversaries can. Mythos Preview, the model that led to Project Glasswing, found
Security Boulevard15 · 5d ago
Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign
A compromise of the popular Bitwarden password manager is linked to the ongoing Checkmarx supply chain campaign, with bad actor injecting malicious code in a version of its CLI. However, while there are some overlaps in such areas a tools that suggest TeamPCP was behind the attack, there are differences in operation that make attribution difficult. The post Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign appeared first on Security Boulevard .
IEEE Spectrum15 · 5d ago
GPU Renters Are Playing a Silicon Lottery
Think one GPU is very much like another? Think again. It turns out that there’s surprising variability in the performance delivered by chips of the same model. That can make getting your money’s worth by renting time on a GPU from a cloud provider a real roll of the dice, according to research from the College of William & Mary, Jefferson Lab, and Silicon Data . “It’s called the silicon lottery,” says Carmen Li, founder and CEO of Silicon Data, which tracks GPU rental prices and benchmarks cl...
Rapid7 Blog14 · 6d ago
AI is Changing Vulnerability Discovery and your Software Supply Chain Strategy has to Change with it
Wade Woolwine is Senior Director, Product Security at Rapid7. The headlines around Glasswing have focused on how quickly AI can surface vulnerabilities, which has naturally caught the attention of security leaders. In my conversations with teams and customers, the more useful discussion has been about what that speed means in practice for business protection, especially across open source risk, dependency choices, and software supply chain resilience. The deeper issue for security leaders sit...
The Hacker News13 · 6d ago
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI has been compromised as part of the newly discovered and ongoing Checkmarx supply chain campaign, according to new findings from JFrog and Socket. "The affected package version appears to be @bitwarden/cli@2026.4.0, and the malicious code was published in 'bw1.js,' a file included in the package contents," the application security company said. "The attack appears to have leveraged
The Hacker News13 · 6d ago
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes. The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. Attacking the systems behind apps is easier than breaking the apps themselves. The exploits are simple but still work
The Hacker News13 · 6d ago
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
Imagine a world where hackers don't sleep, don't take breaks, and find weak spots in your systems instantly. Well, that world is already here. Thanks to AI, attackers are now launching automated, large-scale exploits faster than ever before. The time you have to fix a vulnerability before it gets attacked is shrinking to zero. We call this the Collapsing Exploit Window, and it means your
Security Boulevard12 · 5d ago
Quantum Networking Breakthrough Points to Key Security Gains
Cybersecurity professionals have long had high hopes for a quantum Internet, given that any attempt to intercept data alters it, which exposes the intrusion. This basic principle of physics positions quantum networking as a potential structural shift in cybersecurity. New research from New York University, in collaboration with Qunnect and Cisco, brings that concept closer.. The post Quantum Networking Breakthrough Points to Key Security Gains appeared first on Security Boulevard .
Rational Security12 · 5d ago
The “Sun-kissed to Death” Edition
This week, Scott sat down with his Lawfare colleagues Eric Columbus, Molly Roberts, and Loren Voss to talk through a few of the week’s big news stories, including: •“Meet Joe Flack.” The Justice Department’s ongoing investigation into the alleged “grand conspiracy” against President Trump in relation to the 2016 elections and their aftermath has entered a new phase this week with the appointment of Joseph diGenova, a former Reagan-era U.S. Attorney and political commentator, as counselor to t...
Security Boulevard12 · 6d ago
[un]prompted 2026 – LLMs Winning At Pwn2Own
center>Author, Creator & Presenter: Georgi G, Director Of Research At Interrupt Labs Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations' YouTube Channel . Permalink The post [un]prompted 2026 – LLMs Winning At Pwn2Own appeared first on Security Boulevard .
Hacker News Frontpage12 · 6d ago
UK Biobank health data keeps ending up on GitHub
I'm a researcher studying privacy, and I started tracking the DMCA notices that UK Biobank sends to GitHub. I tracked 110 notices filed so far, targeting 197 code repositories by 170 developers across the world. The exposure of Biobank data on GitHub is the latest in a long series of governance challenges for UK Biobank. (My colleague and I have an editorial in the BMJ about this: http://bmj.com/cgi/content/full/bmj.s660?ijkey=dEot4dJZGZGXe... ). The latest is today, with information of all h...
Help Net Security12 · 6d ago
GDPR works, but only where someone enforces it
A new measurement study of web tracking across ten countries offers a reality check for anyone working on privacy compliance. Researchers crawled the same set of globally popular websites from virtual machines located in Australia, Brazil, Canada, Germany, India, Singapore, South Africa, South Korea, Spain, and California. The results show that European privacy law does reduce tracking, and that most of the reduction happens in the two jurisdictions where regulators bring cases. The headline ...
The Register (Security)11 · 5d ago
Chinese attackers are pwning your infrastructure to use in attacks, 10 countries warn
All the Typhoons, everywhere, all at once A majority of China-linked threat actors are using compromised routers and IoT devices worldwide, turning this gear into proxy networks to carry out further intrusions, steal sensitive data, and disrupt victim organizations’ operations, according to a joint 10-country advisory.…
Help Net Security11 · 6d ago
Hacker with a special interest in breaching sports institutions ends behind bars
French police have arrested a suspected hacker linked to a series of data breaches affecting organizations in the country. Citing authorities, Le Parisien reported that the suspect, a 20-year-old man using the alias ‘HexDex,’ was taken into custody on April 22, 2026, in the Vendée region, western France. The suspect admitted to using the alias ‘HexDex,’ which he used to claim the leaks online and repost the data on forums such as BreachForum and Darkforum, … More → The post Hacker with a spec...
Help Net Security11 · 6d ago
OpenAI tackles a bad habit people have when interacting with AI
Since people tend to paste personal data into AI tools such as ChatGPT, OpenAI has released Privacy Filter, an open-weight model designed to detect and redact personally identifiable information (PII) in text. The model is available under the Apache 2.0 license on Hugging Face and GitHub. “This release is part of our broader effort to support a more resilient software ecosystem by providing developers with practical infrastructure for building with AI safely, including tools and … More → The ...
Security Boulevard10 · 5d ago
When Mythos Finds Thousands of Zero-Days, EU Regulators Won’t Wait for Your SOC to Catch Up
Can your SOC triage thousands of Mythos findings in 24 hours? NIS2, CRA, and DORA are all waiting. Miss one clock and the penalties begin. The post When Mythos Finds Thousands of Zero-Days, EU Regulators Won’t Wait for Your SOC to Catch Up appeared first on D3 Security . The post When Mythos Finds Thousands of Zero-Days, EU Regulators Won’t Wait for Your SOC to Catch Up appeared first on Security Boulevard .
IEEE Spectrum8 · 6d ago
What Anthropic’s Mythos Means for the Future of Cybersecurity
Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without expert guidance. These were vulnerabilities in key software like operating systems and internet infrastructure that thousands of software developers working on those systems failed to find. This capability will have major security implications, compromising the devices and services we use every day. As a result, ...
IEEE Spectrum8 · 6d ago
This Roboticist-Turned-Teacher Built a Life-Size Replica of ENIAC
Tom Burick has always considered himself a builder. Over the years he’s designed robots, constructed a vintage teardrop trailer , and most recently, led a group of students in building a full-scale replica of a pivotal 1940s computer. Burick is a technology instructor at PS Academy in Gilbert, Ariz., a middle and high school for students with autism and other specialized learning needs. At the start of the 2025–26 school year, he began a project with his students to build a full-scale replica...
Help Net Security8 · 6d ago
Scenario: Open-source framework for automated AI app red-teaming
Enterprises running customer service bots, data analytics agents, and other AI-driven applications in production handle sensitive records and connect to core business systems every day. LangWatch has released Scenario, an open-source framework that runs automated red-team exercises against AI agents using multi-turn attack techniques that mirror how adversaries operate in the wild. Multi-turn attacks replace single-shot testing Single-prompt penetration tests have long been the standard appro...