IBM Cloud evaporates as datacenter loses power
Customers say services were down for at least 4 hours, while status page showed no issues
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking
The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was. The post Palo Alto Zero-Day Exploited in Campaign Bearing Hal…
Ivanti warns of new EPMM flaw exploited in zero-day attacks
Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks. [...]
$250M crypto-robbing gang’s dirty work guy sentenced to 6.5 years behind bars
The then-teen was told to break in and steal what the keyboard warriors couldn’t
Boost Security Raises $4 Million for SDLC Defense Platform
The company is expanding its platform’s capabilities with the acquisition of SecureIQx and Korbit.ai. The post Boost Security Raises $4 Million for SDLC Defense Platform appeared f…
TomTom’s route planner takes an unplanned detour into oblivion
Users report disappearing favorites, blank route planners, and cloud sync failures amid outage
Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking
Mitiga researchers say attackers can silently redirect Claude Code MCP traffic, intercept OAuth tokens, and maintain persistent access to connected SaaS platforms. The post Claude …
C++ survey finds AI use rising, though trust is in short supply
Language's popularity continues to grow despite commonly cited frustrations
Chrome 148 Rolls Out With 127 Security Fixes
The fresh browser update resolves critical-severity integer overflow and use-after-free vulnerabilities. The post Chrome 148 Rolls Out With 127 Security Fixes appeared first on Sec…
The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls
Your security controls aren't failing, they're missing where most of today's work actually happens. Keep Aware shows how browser activity like copy/paste and AI prompts bypass trad…
State-backed hackers hammer Palo Alto firewall zero-day before patch lands
Internet-facing PAN-OS firewalls are once again doing impressions of initial access brokers
One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth Breaches
The hardest part of cybersecurity isn't the technology, it’s the people. Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, an…
Attackers Could Exploit AI Vision Models Using Imperceptible Image Changes
Cisco’s AI security researchers have analyzed ways to target vision-language models (VLMs) using pixel-level perturbation. The post Attackers Could Exploit AI Vision Models Using I…
Americans sentenced for running 'laptop farms' for North Korea
Two U.S. nationals were sentenced to 18 months in prison each for operating so-called laptop farms that helped North Korean IT workers fraudulently obtain remote employment at near…
PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026. The vulnerab…
How Cloudflare responded to the “Copy Fail” Linux vulnerability
Article URL: https://blog.cloudflare.com/copy-fail-linux-vulnerability-mitigation/ Comments URL: https://news.ycombinator.com/item?id=48049160 Points: 103 # Comments: 82
Vendor Says Daemon Tools Supply Chain Attack Contained
The software developer has identified the impacted systems, removed potentially compromised files, and validated installation packages. The post Vendor Says Daemon Tools Supply Cha…
Official PCIe 8.0 draft aims for 1 TB/s data rate
Final specs due for release in 2028, so don't hold your breath for the hardware
AI Coding Agents Could Fuel Next Supply Chain Crisis
“TrustFall” attack shows how AI coding agents can be manipulated into launching stealthy supply chain compromises. The post AI Coding Agents Could Fuel Next Supply Chain Crisis app…
AMD puts out new slottable GPU for AI-curious enterprises
MI350P packs 144 GB of HBM3e and up to 4.6 petaFLOPS of FP4 grunt into a dual slot card
'TrustFall' Convention Exposes Claude Code Execution Risk
Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no user interaction, thanks to skimpy warning dialogs.
AI-Driven Cyberattack on Mexico Couldn't Breach OT Systems
What researchers dubbed the most sophisticated AI-integrated ICS campaign to date hit a brick wall in the form of a SCADA login screen.
Crypto gang member gets 6.5 years for role in $230 million heist
A 20-year-old California man was sentenced to 78 months in prison for serving as a home invader and money launderer in a criminal ring that stole over $250 million in cryptocurrenc…
Webinar: Why modern attacks require both security and recovery
Modern attacks don't stop at initial compromise. This webinar explores why security and recovery must work together to reduce downtime and improve resilience. [...]
Webinar Today: Securing Identity Across Humans, Machines and AI
From service accounts to AI-driven processes, identity is evolving faster than most security programs can adapt. Discover strategies for reducing risk and regaining control. The po…
Hungarian cops cuff suspected swatter after two-year FBI probe
20-year-old fessed up after investigators found video of crime in progress
ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories
Bad week. Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped i…
Cisco Patches High-Severity Vulnerabilities in Enterprise Products
Successful exploitation of the flaws could lead to code execution, server-side request forgery attacks, and denial-of-service conditions. The post Cisco Patches High-Severity Vulne…
EU hits snooze on AI Act rules after industry backlash
Brussels says it's simplification, critics may call it retreat
Smart Glasses for the Authorities
ICE is developing its own version of smart glasses, with facial recognition tied to various databases.