IT Security News Daily Summary 2026-04-17

156 posts were published in the last hour

• 21:36 : At RSAC 2026, AI optimism and anxiety — and an MIA U.S. government
• 21:36 : Friday Squid Blogging: New Giant Squid Video
• 21:4 : Critical Exploits, AI Shifts, and Major Breaches Redefine Cybersecurity This Week
• 21:4 : Kyrgyzstan-based crypto exchange Grinex shuts down after $13.7M cyber heist, blames Western Intelligence
• 20:36 : Man who hacked US Supreme Court filing system sentenced to probation
• 20:13 : Founder Liquidity Without Compromising on Growth
• 19:34 : Clothing Retailer Patches Website Flaw Exposing Customer Data
• 19:34 : Anthropic Releases Opus 4.7, Not as ‘Broadly Capable’ as Mythos AI
• 19:34 : White House Chief of Staff to Meet With Anthropic CEO Over Its New AI Technology
• 19:34 : We Need a Shared Responsibility Model for AI
• 19:5 : IT Security News Hourly Summary 2026-04-17 21h : 9 posts
• 19:5 : New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 Apps
• 19:4 : Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts
• 18:38 : 7 Best AI Red Teaming Platforms For 2026
• 18:38 : When Geopolitics Writes Your Compliance Roadmap
• 18:11 : The Race to Quantum-Proof the Internet Has Already Begun
• 18:11 : Hackers are abusing unpatched Windows security flaws to hack into organizations
• 18:11 : Randall Munroe’s XKCD ‘Home Remedies’
• 18:11 : NIST, Overrun by Massive Numbers of Submitted CVEs, Limits Analysis Work
• 18:11 : Google’s Eloquent: Offline AI Dictation Hits iOS, Android Launch Imminent
• 17:34 : CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack
• 17:34 : [un]prompted 2026 – The Al Security Larsen Effect: How To Stop The Feedback Loop
• 17:34 : New IBM Security Services Aim to Counter Risks of Frontier AI Models
• 17:7 : Email-Borne Worm Surge Drives New Threat Wave Across Industrial Control Systems
• 17:7 : Opsec oopsie: Dutch navy frigate location outed by mailing it a Bluetooth tracker
• 17:7 : Transform security logs into OCSF format using a configuration-driven ETL solution
• 16:11 : New IBM Security Services Aim to Counter Security Risks of AI Frontier Models
• 16:11 : Containing a domain compromise: How predictive shielding shut down lateral movement
• 16:11 : TP-Link routers face exploitation attempt linked to high-severity flaw
• 16:5 : IT Security News Hourly Summary 2026-04-17 18h : 6 posts
• 15:34 : New Phishing Attack Turns n8n Into On-Demand Malware Machine
• 15:34 : Fake Zoom SDK Update Delivers Sapphire Sleet Malware in New macOS Intrusion Chain
• 15:7 : This old-school scam is still working
• 15:7 : DraftKings hacker sentenced to prison, ordered to pay $1.4 Million
• 15:7 : CoChat Launches AI Collaboration Platform to Combat Shadow AI
• 15:7 : US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms
• 14:34 : Bluesky Outage: Coordinated Traffic Attack Causes Widespread Errors
• 14:34 : Republican Mutiny Sinks Trump’s Push to Extend Warrantless Surveillance
• 14:34 : With US spy laws set to expire, lawmakers are split over protecting Americans from warrantless surveillance
• 14:34 : Hackers Use ATHR to Run AI-Powered Vishing, Credential Theft, and Phone-Based Phishing at Scale
• 14:34 : Anthropic Releases Claude Opus 4.7 with Automated Real-Time Cybersecurity Safeguards
• 14:34 : Fake Ledger Hardware Wallets on Chinese Marketplaces Steal Crypto Seeds and PINs
• 14:34 : Attackers Weaponize CVE-2026-39987 to Spread Blockchain-Based Backdoor Via Hugging Face
• 14:34 : Top XBOW Alternatives in 2026
• 14:34 : Cyber Briefing: 2026.04.17
• 14:9 : New Mirai Variant Nexcorium Hijacks DVR Devices for DDoS Attacks
• 14:9 : Operation PowerOFF: 53 DDoS domains seized and 3 Million criminal accounts uncovered
• 14:9 : Over 1 Billion Users Potentially Impacted by Microsoft Zero Day Exposure
• 14:9 : AI Search Shift Causes HubSpot Traffic Drop and Forces Businesses to Rethink Digital Strategy
• 14:9 : Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
• 13:32 : TP-Link Routers Hit by Mirai in CVE-2023-33538 Attacks
• 13:32 : Bluesky confirms DDoS attack is cause of continued app outages
• 13:32 : Tracking Mirai Variant Nexcorium: A Vulnerability-Driven IoT Botnet Campaign
• 13:32 : DDoS-For-Hire Services Disrupted by International Police Action in ‘Operation PowerOff’
• 13:31 : Commercial AI Models Show Rapid Gains in Vulnerability Research
• 13:10 : SEO Poisoning Attack Uses Microsoft Binary to Install RMM Tool
• 13:9 : Part II: The Network That Doesn’t Exist: Zero Trust, Service Meshes, and the Slow Death of Perimeter Security
• 13:9 : The Vulnerability Management Race Is Over. It’s Time to Focus on Exposure.
• 13:9 : Google blocks 602 million scam ads
• 13:9 : FIRST CEO Calls for CVE Collaboration
• 13:9 : DraftKings Hacker Sentenced to Prison
• 13:9 : Circle faces lawsuit over stolen USDC
• 13:9 : Pentagon Announces New CIO Office Appointments
• 13:5 : IT Security News Hourly Summary 2026-04-17 15h : 6 posts
• 12:32 : Industrial Systems Hit by New Email-Worm Threat Wave
• 12:32 : Operation PowerOFF Knocks Out 75,000 DDoS Attackers and Over 50 Service Domains
• 12:32 : The Rise of Remote Jobs in Cybersecurity and Authentication
• 12:7 : In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested
• 12:7 : Breaking Into IAM: How to Pivot Your Developer Career Toward Security
• 12:7 : Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul
• 11:36 : Microsoft Acknowledges Reboot Loop Issue on Windows Servers Following April Patches
• 11:36 : OpenAI Extends GPT-5.4-Cyber Access to Trusted Organizations Worldwide
• 11:36 : Mythos and Cybersecurity
• 11:3 : New ZionSiphon Malware Discovered Targeting Israeli Water Systems
• 11:3 : Leaked Windows Defender 0-Day Vulnerability Actively Exploited in Attacks
• 11:3 : CISA Warns of Apache ActiveMQ Input Validation Vulnerability Exploited in Attacks
• 11:3 : Payouts King Rises as New Ransomware Threat Linked to Former BlackBasta Affiliates
• 11:3 : Another DraftKings Hacker Sentenced to Prison
• 11:3 : From Analytics to “Interception”: How Website Tracking Became a Wiretap Problem—and What Companies Should Do About It
• 11:3 : Google wipes out 602 million scam ads with Gemini on duty
• 10:34 : Claude Mythos: Dangers and rewards, right next to each other
• 10:34 : Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed
• 10:34 : Vibe Coding vs. SBOM: One Builds Fast. The Other Tells You What You Just Built
• 10:34 : Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
• 10:9 : Fake Zoom SDK Update Spreads Sapphire Sleet Malware in New macOS Attack Chain
• 10:9 : Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug
• 10:9 : The Shocking Secrets of Madison Square Garden’s Surveillance Machine
• 10:9 : Inside ZionSiphon: politically driven malware aims at Israeli water systems
• 10:9 : Recent Apache ActiveMQ Vulnerability Exploited in the Wild
• 10:9 : GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics
• 10:5 : IT Security News Hourly Summary 2026-04-17 12h : 11 posts
• 9:34 : New CGrabber and Direct-Sys Malware Spread Through GitHub ZIP Files
• 9:34 : Critical Flowise Flaw Enables Remote Command Execution via MCP Adapters
• 9:34 : PoC Released for FortiSandbox Flaw Enabling Arbitrary Command Execution
• 9:34 : Top 5 Disaster Recovery Companies in 2026
• 9:34 : One-Click RCE in Azure Windows Admin Center Allow Attacker to Execute Arbitrary Commands
• 9:34 : Windows Snipping Tool Vulnerability Allows Attacker to Perform Spoofing Over a Network
• 9:34 : Microsoft Confirms Windows Servers Enter Reboot Loops Following April Patches
• 9:34 : Two North Korean IT Worker Scheme Facilitators Jailed in the US
• 9:34 : Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control
• 9:34 : Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery
• 9:7 : Codex can now operate between apps. Where are the boundaries?
• 8:34 : Weaponized CVE-2026-39987 Pushes Blockchain Backdoor Through Hugging Face
• 8:34 : Hackers Target Israeli Desalination Plants With ZionSiphon Sabotage Malware
• 8:34 : ZionSiphon Malware Targets ICS in Water Facilities
• 8:7 : Starlink Outage Disrupted US Navy Drone Tests
• 8:7 : “Your shipment has arrived” email hides remote access software
• 8:6 : U.S. CISA adds a flaw in Apache ActiveMQ to its Known Exploited Vulnerabilities catalog
• 8:6 : NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
• 7:34 : EU Tells Google To Share Search Data
• 7:34 : Hackers Deploy ATHR for Scalable AI-Driven Vishing and Credential Theft
• 7:34 : Claude Opus wrote a Chrome exploit for $2,283
• 7:34 : Cursor AI Vulnerability Exposed Developer Devices
• 7:34 : Cisco Webex warning, Splunk’s Enterprise fix, Git spoof tricks Claude
• 7:5 : Russia-Linked Grinex Crypto Exchange Suspended After Hack
• 7:5 : Payouts King Emerges: New Ransomware Operation Tied to Ex-BlackBasta Members
• 7:5 : IT Security News Hourly Summary 2026-04-17 09h : 13 posts
• 7:5 : Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits
• 7:5 : 53 DDoS Domains Taken Down by Law Enforcement
• 7:4 : What Is SPIFFE and How Does It Work?
• 7:4 : Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts
• 6:34 : Anthropic Introduces Claude Opus 4.7 for Advanced Problem-Solving
• 6:34 : Amtrak – 2,147,679 breached accounts
• 6:34 : Microsoft Defender 0-Day Vulnerability “RedSun” Enables Full SYSTEM Access
• 6:34 : Microsoft Confirms Windows 11 Updates May Force Users to Enter BitLocker Recovery Key
• 6:34 : Hackers Target Trucking and Freight Firms to Steal Real-World Cargo Shipments
• 6:7 : Google Deploys Gemini AI to Stop Threat Actors, Blocking 8.3 Billion Ads
• 6:7 : ZionSiphon Malware Hits Israeli Desalination Plants
• 6:7 : Supply chain dependencies: Have you checked your blind spot?
• 6:7 : Apple AirTag tracking can be misled by replayed Bluetooth signals
• 6:7 : Cisco Warns Webex Customers Of Critical SSO Problem
• 5:34 : Censys Warns 6 Million Public-Facing FTP Servers Are Still Exposed in 2026
• 5:34 : New infosec products of the week: April 17, 2026
• 5:34 : Workplace stress in 2026 is still worse than before the pandemic
• 5:34 : Social media bans might steer kids into riskier corners of the internet
• 5:11 : EU Age Verification App Breached in Just 2 Minutes, Researchers Claim
• 5:11 : Cargo Hackers Hit Trucking Firms to Steal Physical Shipments
• 4:34 : EU’s New Age Verification App Can Be Hacked Within 2 Minutes, Researchers Claim
• 4:34 : Why Backups Alone Can No Longer Protect Against Modern Ransomware
• 4:5 : IT Security News Hourly Summary 2026-04-17 06h : 2 posts
• 4:4 : Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
• 3:36 : Anthropic won’t own MCP ‘design flaw’ putting 200K servers at risk, researchers say
• 3:2 : Zero-Knowledge Proofs for Privacy-Preserving AI Tool Execution
• 2:2 : ISC Stormcast For Friday, April 17th, 2026 https://isc.sans.edu/podcastdetail/9896, (Fri, Apr 17th)
• 1:59 : 2026-04-16: Files for an ISC diary (Lumma Stealer infection with Sectop RAT/ArechClient2)
• 1:52 : 2026-04-16: Files for an ISC diary (Lumma Stealer infection with Sectop RAT/ArechClient2)
• 1:5 : IT Security News Hourly Summary 2026-04-17 03h : 1 posts
• 0:55 : Lumma Stealer infection with Sectop RAT (ArechClient2), (Fri, Apr 17th)
• 23:13 : Anthropic won’t own MCP ‘design flaw’ putting 200K servers at risk, researcher says
• 23:13 : Beyond the Spreadsheet: Why Manual AI Audits Are an EU AI Act Compliance Liability – FireTail Blog
• 23:13 : Article 12 and the Logging Mandate: What the EU AI Act Actually Requires – FireTail Blog
• 23:13 : The Shadow AI Trap: Why Your AI Inventory is Your Biggest EU AI Act Compliance Risk – FireTail Blog
• 22:34 : ImmuniWeb brings AI upgrades, post-quantum detection and more in Q1 2026
• 22:7 : A Deep Dive Into Attempted Exploitation of CVE-2023-33538
• 22:5 : IT Security News Hourly Summary 2026-04-17 00h : 2 posts
• 21:55 : IT Security News Daily Summary 2026-04-16