IT Security News Daily Summary 2026-04-28

161 posts were published in the last hour

• 21:32 : [un]prompted 2026 – Flash Talks
• 21:7 : Decoding Q1 2026’s $152.9 Billion Crypto Custody Concentration
• 21:7 : CVE-2026-3854 GitHub flaw enables remote code execution
• 20:11 : Cequence Agent Personas bring granular control and governance to enterprise AI agents
• 20:11 : Alleged Chinese hacker extradited to US over cyberattacks targeting COVID-19 research
• 20:11 : Sevii unveils Cyber Swarm Defense Mode to stop AI-driven attacks at scale
• 20:11 : ShinyHunters claims it stole 1.4 million records from Udemy
• 20:11 : Police arrest 10 suspected members of Black Axe cybercrime gang
• 19:32 : The API Weak Spot: Study Shows AI Is Compounding Security Pressures
• 19:32 : What the March 2026 Threat Technique Catalog update means for your AWS environment
• 19:11 : Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
• 19:11 : Don’t pay Vect a ransom – your data’s likely already wiped out
• 19:11 : Cyber Insurance Data Gives CISOs New Ammo for Budget Talks
• 19:5 : IT Security News Hourly Summary 2026-04-28 21h : 10 posts
• 18:32 : ClickUp Data Leak Exposes Enterprise Emails for Over a Year
• 18:32 : Fake CAPTCHA Lures Power IRSF Fraud and Crypto Theft Campaigns
• 18:7 : ADT Confirms Major Data Breach Exposing Millions of Names, Partial SSNs
• 18:7 : Why Sharing a Screenshot Can Get You Jailed in the UAE
• 18:7 : Paragon is not collaborating with Italian authorities probing spyware attacks, report says
• 18:7 : Microsoft Confirms Remote Desktop Warnings May Display Incorrectly After April Update
• 18:7 : Critical GitHub.com and Enterprise Server RCE Vulnerability Enables Full Server Compromise
• 18:7 : New BlobPhish Attack Leverages Browser Blob Objects to Steal Users’ Login Credentials
• 18:7 : How bail bond scams are using AI to target families
• 18:7 : Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
• 17:36 : Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise
• 17:36 : Vimeo Confirms User and Customer Data Breach
• 17:36 : AI Tokenomics: Cost, Risk & AI Dependency (2026)
• 17:36 : ShinyHunters Targets McGraw Hill In Salesforce Data Leak Dispute Over Breach Scope
• 17:36 : PhantomCore Exploits TrueConf Flaws to Breach Russian Networks
• 17:12 : Designing a Secure API From Day One
• 17:12 : NSA GRASSMARLIN
• 17:12 : Checkmarx Confirms GitHub Repository Data Published on Dark Web
• 17:12 : Microsoft Confirms Remote Desktop Warnings May Display Incorrectly After April 2026 Security Update
• 17:11 : Access control with IAM Identity Center session tags
• 16:34 : US Supreme Court appears split over controversial use of ‘geofence’ search warrants
• 16:34 : [un]prompted 2026 – Detection & Deception Engineering In The Matrix
• 16:34 : How Identity, Geopolitics and Data Integrity Define Cyber Resilience
• 16:12 : Implementing Security-First CI/CD: A Hands-On Guide to DevSecOps Automation
• 16:12 : Your AD Password Policies Are Security Theater
• 16:12 : Critical LiteLLM SQL Injection Vulnerability Exploited in the Wild
• 16:12 : The Mythos Moment: Enterprises Must Fight Agents with Agents
• 16:12 : The Breach Did Not Knock on the Front Door
• 16:12 : ‘Fundamental tension’ undermines manufacturers’ cybersecurity
• 16:5 : IT Security News Hourly Summary 2026-04-28 18h : 5 posts
• 15:32 : Webinar Today: A Step-by-Step Approach to AI Governance
• 15:32 : Medtronic Confirms Data Breach After ShinyHunters Claims
• 15:12 : Shadow code: The hidden threat for enterprise IT
• 15:12 : Robinhood Vulnerability Exploited for Phishing Attacks
• 15:11 : North Korea-linked actor targets Web3 execs in social-engineering campaign
• 14:35 : Redefining security data: Red Hat’s new VEX experience heading to Red Hat Summit 2026
• 14:34 : Have I Been Pwned claims Pitney Bowes hit by 8.2M email address leak
• 14:34 : VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
• 14:34 : Cyber Briefing: 2026.04.28
• 14:9 : Stablecoins: Always-On Money Needs Always-On Controls
• 14:9 : Signal Phishing Campaign Targets German Officials in Suspected Russian Operation
• 14:9 : Alleged Chinese State Hacker Extradited to US
• 14:9 : LLM Proxies vs. MCP Gateways: What’s the Difference?
• 14:9 : Simplifying AWS defense with Microsoft Sentinel UEBA
• 13:39 : HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)
• 13:39 : Five defender priorities from the Talos Year in Review
• 13:39 : The Race Is on to Keep AI Agents From Running Wild With Your Credit Cards
• 13:39 : New Silver Fox Campaign Uses Fake Tax Audit Alerts and Software Updates to Deliver Malware
• 13:38 : New Windows 0-Click Vulnerability Exploited to Bypass Defender SmartScreen
• 13:38 : WhatsApp Testing Own Cloud Backup Provider for Default End-to-End Encryption
• 13:38 : Chinese Silk Typhoon Hacker Extradited to the U.S. from Italy
• 13:14 : Silk Typhoon Hacker Extradited to U.S. from Italy
• 13:14 : Hugging Face LeRobot Flaw Opens Door to Remote Code Execution Attacks
• 13:14 : VECT Ransomware: Why Paying Won’t Get Your Files Back
• 13:14 : Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
• 13:14 : Dozens of Open VSX Extension Clones Linked to GlassWorm Malware
• 13:13 : The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords
• 13:13 : Ransomware Turf War as 0APT and KryBit Groups Trade Blows
• 13:13 : Chinese Engineer Stole US Military Software
• 13:13 : Proofpoint AI Incident Report 2026
• 13:13 : DORA and Operational Resilience
• 13:13 : U.S. Companies Face Record Privacy Fines in 2025
• 13:13 : Cybersecurity Professionals Feel Undervalued
• 13:5 : IT Security News Hourly Summary 2026-04-28 15h : 15 posts
• 12:36 : Checkmarx Confirms Security Incident Involving GitHub Repository Exposure
• 12:36 : Sevii Launches Cyber Swarm Defense to Make Agentic AI Security Costs Predictable
• 12:36 : Cyber Resilience as Capital Planning: Quantifying Risk
• 12:36 : Enterprise AI Adoption in 2026: Common Pitfalls, Risks, and Proven Strategies for Success
• 12:36 : Chinese National Extradited Over Silk Typhoon Cyber Campaign
• 12:36 : Fake CAPTCHA scam leads to costly phone bills
• 12:36 : Sandworm Uses SSH-over-Tor Tunnel
• 12:5 : New Linux FIRESTARTER Backdoor Targets Cisco Firepower Devices
• 12:5 : Fake Tax Audits and Updates Fuel Silver Fox Malware Campaign
• 12:5 : Microsoft fixes Entra ID flaw enabling privilege escalation
• 12:5 : New Sandworm Tradecraft Uses SSH-over-Tor Tunnel for Long-Term Hidden Persistence
• 12:5 : Microsoft Launches Copilot Agent Mode for Outlook, Inbox and Calendar Functions
• 12:5 : Chinese-Backed Smishing Services Use OTT Messaging and SMS to Scale Credential Theft
• 12:5 : No Patch for New PhantomRPC Privilege Escalation Technique in Windows
• 12:5 : Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety
• 12:4 : GUEST ESSAY: How augmented reality (AR) can turn building images into ad space with no control
• 12:4 : 6 Lessons Security Leaders Must Learn About AI and APIs
• 12:4 : Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
• 11:32 : What Anthropic’s Mythos Means for the Future of Cybersecurity
• 11:5 : Why Unofficial Download Sources Are Still a Security Risk in 2026
• 11:5 : Fake CAPTCHA scam turns a quick click into a costly phone bill
• 11:5 : Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials
• 11:5 : After Mythos: New Playbooks For a Zero-Window Era
• 10:36 : The Role of Aggregated Liquidity in Modern Crypto Markets
• 10:36 : Bridging the EU AI Act Compliance Gap – FireTail Blog
• 10:9 : OpenAI Revamps Microsoft Deal To Bring In Cloud Rivals
• 10:9 : Microsoft Expands Copilot Agent Mode for Outlook Inbox and Calendar Tasks
• 10:9 : SUSE’s sovereignty pitch meets an inconvenient $6 billion question
• 10:9 : New Android spyware Morpheus linked to Italian surveillance firm
• 10:9 : Q1 2026 Cyber Attack Statistics
• 10:5 : IT Security News Hourly Summary 2026-04-28 12h : 9 posts
• 9:32 : EU Tells Google To Open Android To AI Competition
• 9:32 : Chinese-Backed Smishing Rings Scale Credential Theft via SMS and OTT Apps
• 9:32 : Chinese engineer stole US military and NASA software for years
• 9:9 : Chinese Robotaxi Companies Ramp International Plans
• 9:9 : Sandworm Uses SSH-over-Tor Tunnel for Stealthy Long-Term Persistence
• 9:9 : Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
• 9:9 : Multiple OpenClaw Vulnerabilities Enables Policy Bypass and Host Override
• 9:9 : Windows Remote Desktop Leaves Behind Image Fragments Attackers Can Stitch Into Screenshots
• 9:9 : Popular PyPI Package With 1 Million Monthly Downloads Hacked to Inject Malicious Scripts
• 8:32 : Chinese Optical Chipmaker Sees Elevenfold Profit Growth
• 8:32 : DORA and the Practical Test of Operational Resilience
• 8:32 : Beyond the perimeter: Why identity and cyber security are one single story
• 8:32 : Spectrum Security Emerges From Stealth Mode With $19 Million
• 8:32 : No Metrics Are Better Than Bad Metrics in the SOC, Says NCSC
• 8:11 : China Tells Meta To Unwind Manus Acquisition
• 8:11 : Waymo Vehicle Drives Into London Crime Scene
• 8:11 : Microsoft Given Go-Ahead For Massive Yorkshire Data Centre
• 8:11 : “G DATA’s Security Awareness trainings have significantly increased security awareness at HBC-radiomatic”
• 8:11 : NCSC launches SilentGlass, a plug-in device to secure HDMI and DisplayPort links
• 8:11 : North Korean Hackers Target Crypto Firms with ClickFix and AI-Made Zoom Lures
• 7:32 : WhatsApp Tests Encrypted Cloud Backup Service for Safer Message Storage
• 7:32 : Fake Document Reader On Google Play With 10K Downloads Installing Anatsa Malware
• 7:32 : New Android Banking Malware Abuses Fake KYC Workflow and WhatsApp Delivery to Hijack Accounts
• 7:32 : OilRig Hides C2 Configuration in Google Drive Image Using LSB Steganography
• 7:31 : PhantomRPC flaw, Checkmarx GitHub dark web data, PyPI package infostealer
• 7:9 : OilRig Hides C2 Config in Google Drive Image via LSB Steganography
• 7:9 : Critical LiteLLM Flaw Enables Database Attacks Through SQL Injection
• 7:9 : Medtronic Hack Confirmed After ShinyHunters Threatens Data Leak
• 7:9 : Artifact Poisoning: A Silent Threat to Enterprise Software Supply Chains
• 7:9 : Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
• 7:9 : Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
• 7:5 : IT Security News Hourly Summary 2026-04-28 09h : 5 posts
• 6:13 : Notepad++ Vulnerability Lets Attackers Crash App and Expose Memory Data
• 6:13 : Fake KYC Android Malware Spreads via WhatsApp to Hijack Bank Accounts
• 6:13 : ClickUp Security Flaw Exposes 959 Emails Linked to Major Fortune 500 Firms
• 6:13 : Endpoint and memory forensics fundamentals for UK SMEs
• 6:13 : The Shift from Cyber Defense to Recovery-Driven Security
• 5:31 : Claude Opus 4.6-Powered AI Coding Agent Wipes Production Database in 9 Seconds
• 5:31 : AI Coding Agent Powered by Claude Opus 4.6 Deletes Production Database in 9 Seconds
• 5:7 : Fake Document Reader App Hits 10K Downloads, Spreads Anatsa Malware
• 5:6 : 12 Signs Your SaaS Product Isn’t Enterprise-Ready (and How to Fix Each)
• 5:6 : AI Was Meant to Help. So Why Is It Making Work Harder for Women in Indonesia?
• 4:11 : How Authentication Systems Help Build Trust in Online Education Platforms
• 4:11 : How Email Infrastructure Impacts OTP and Magic Link Authentication Success Rates
• 2:6 : ISC Stormcast For Tuesday, April 28th, 2026 https://isc.sans.edu/podcastdetail/9908, (Tue, Apr 28th)
• 2:6 : How to fix cybersecurity’s agentic AI identity crisis
• 1:5 : IT Security News Hourly Summary 2026-04-28 03h : 3 posts
• 1:2 : Contextual Anomaly Detection in Quantum-Resistant MCP Transport Layers
• 0:9 : Pitney Bowes – 8,243,989 breached accounts
• 0:9 : Ongoing supply-chain attack ‘explicitly targeting’ security, dev tools
• 22:5 : IT Security News Hourly Summary 2026-04-28 00h : 8 posts
• 21:55 : IT Security News Daily Summary 2026-04-27