Latest Internet & Cybersecurity News
IBM Announces New Cybersecurity Measures Against Agentic Attacks
IBM launched a cybersecurity assessment to identify risks from frontier AI models enabling autonomous attacks and introduced IBM Autonomous Security using AI agents for rapid vulnerability remediation. These tools help enterprises counter weaponized AI threats at machine speed. The announcement was made on April 15, 2026.
Microsoft Patches 167 Vulnerabilities Including SharePoint Zero-Day
Microsoft released updates fixing 167 security flaws in Windows, including a SharePoint Server zero-day and Windows Defender's 'BlueHammer' weakness. Google Chrome addressed its fourth zero-day of 2026, while Adobe Reader patched an exploited remote code execution flaw. These updates are critical amid ongoing threats.
Russian Hackers Harvest Microsoft Tokens via Vulnerable Routers
Russia's Forest Blizzard group exploited flaws in over 18,000 outdated routers to steal Microsoft Office authentication tokens from 200+ organizations and 5,000 devices without malware. The campaign peaked in December 2025, targeting governments and email providers. Black Lotus Labs at Lumen reported the surveillance dragnet.
Global Operation Dismantles Four Major IoT Botnets
US, Canada, and Germany disrupted botnets Aisuru, Kimwolf, JackSkid, and Mossad infecting 3 million IoT devices like routers and cameras for massive DDoS attacks. Targets included US defense systems. The operation highlights international cooperation against cyber threats.
Trivy Vulnerability Scanner Hit by Supply Chain Attack
TeamPCP injected credential-stealing malware into Aqua Security's Trivy scanner releases on GitHub, targeting SSH keys, cloud credentials, and wallets. Aqua removed the malicious files, but impacts persist. Wiz noted the broad reach of the attack.
Cyberattacks Target US Infrastructure Amid Geopolitical Tensions
Threat actors are hitting US industrial control systems in a shift toward physical disruption, influenced by Middle East conflicts and geopolitics. 64% of organizations now integrate geopolitical risks into cybersecurity plans per Global Cybersecurity Outlook 2026. This reflects evolving cyber warfare tactics.
Ransomware Activity Stable but Elevated in Q1 2026
GuidePoint Security's report shows sustained high ransomware volumes, with US as top target (51%) and construction sector up 44% YoY to 131 victims. New groups like The Gentlemen surged, while data extortion rises without encryption. Manufacturing remains most impacted.
FBI Reports 2,100 Ransomware Incidents on US Critical Infrastructure in 2025
IC3 logged over 2,100 ransomware attacks on sectors like healthcare, energy, and manufacturing, far exceeding data breaches. Top groups Akira, Qilin, and Lynx use double extortion and compromised credentials. State and local governments face ripple effects.
AI-Driven Pushpaganda Scam Poisons Google Discover Feed
Attackers use AI-generated content and SEO poisoning to push scam notifications via Google Discover, peaking at 240 million bid requests across 113 domains. Now global beyond India, Google deployed a fix. HUMAN's CISO highlighted abuse of trusted surfaces.
Manufacturing Faces 56% Ransomware Surge in 2025
Sector saw 1,466 incidents, half of global attacks, driven by RaaS, legacy OT, and supply chains. Groups like Akira, Qilin, and Clop used double extortion and AI malware; US, Europe hardest hit. Operations faced major disruptions.
Basic-Fit Data Breach Exposes 1 Million Gym Members
Europe's largest gym chain disclosed hackers accessed systems, compromising personal data of around 1 million members. The incident underscores risks to consumer data in non-tech sectors. Investigations are ongoing.
Anthropic Launches Project Glasswing AI Cybersecurity Initiative
Anthropic's initiative lets partners like Amazon, Microsoft, Google test unreleased Claude Mythos Preview for vulnerability detection, identifying thousands already. Supports open-source security groups. Aims to bolster defensive AI use.