Latest Internet & Cybersecurity News

๐Ÿ“…April 17, 2026 at 1:00 PM
Operation PowerOFF dismantles DDoS infrastructure, Salesforce misconfiguration exposes major enterprises, AI vulnerabilities accelerate threat timelines, and White House escalates cyber deterrence strategy.
1

Operation PowerOFF Seizes 53 DDoS Domains, Disrupts 75,000 Cybercriminals

An international law enforcement operation dismantled 53 domains and arrested four individuals connected to commercial DDoS-for-hire servicesSource 3. The operation exposed databases containing over 3 million criminal user accounts and disrupted access to technical infrastructure used by more than 75,000 cybercriminals, with authorities issuing 25 search warrants and sending warning communications to identified usersSource 3.

2

ShinyHunters Exploits Salesforce Misconfiguration, Breaches McGraw Hill and Rockstar Games

The ShinyHunters threat group exposed a critical weakness in cloud system configurations rather than software vulnerabilities, compromising McGraw Hill's Salesforce environment and triggering data leaks of millions of personal recordsSource 5. The breach represents a significant shift toward exploiting operational gaps in cloud infrastructure, with attackers setting ransom deadlines and demonstrating how misconfigured portals enable large-scale data exfiltrationSource 5.

3

White House Unveils Action-Oriented National Cyber Strategy

The White House's Office of the National Cyber Director unveiled a new action-focused cybersecurity strategy centered on six pillars beginning with deterring adversariesSource 4. The approach aims to impose costs on attackers and strengthen protections for American victims, directly addressing transnational criminal organizations and cybercriminals targeting U.S. citizens' financial data and personal informationSource 4.

4

FIRST Concludes CVE/VulnCon 2026 with 500+ Global Security Leaders

The Forum of Incident Response and Security Teams successfully concluded a four-day summit in Scottsdale, Arizona, drawing over 500 attendees to address CVE quality, AI security, and coordinated disclosureSource 2. The conference advanced key vulnerability management milestones and brought together global security leaders to tackle emerging threatsSource 2.

5

Mean Time to Exploit Plummets to Hours Amid AI-Driven Vulnerability Discovery

Cybersecurity community leaders report that the mean time to exploit vulnerabilities has collapsed from weeks to mere hours due to AI automationSource 10. FIRST CEO Chris Gibson emphasized the need for global CVE collaboration and integrating AI companies as Numbering Authorities to stabilize the vulnerability management ecosystem amid the unprecedented explosion of security flawsSource 10.

6

NBLock Ransomware Identified Targeting Windows Systems with AES-256 Encryption

Researchers identified NBLock ransomware, a file-encrypting malware strain designed to restrict access to victim data by appending the '.NBLock' extensionSource 7. The malware enumerates local files and network-accessible storage, applying AES-256 encryption and targeting Windows OS, local file systems, and network sharesSource 7.

7

Gunra Ransomware Emerges as Double-Extortion Threat Targeting Five Nations

Gunra, a sophisticated double-extortion ransomware group that emerged in April 2025, leverages leaked Conti code and primarily targets Brazil, South Korea, the United States, Spain, and CanadaSource 7. The group focuses on Professional Goods & Services, Healthcare, Consumer Goods & Services, Manufacturing, and Finance sectors with advanced encryption and evasion capabilitiesSource 7.

8

Iranian APT Activity Continues Despite Ceasefire with U.S.

Despite reports of a U.S.-Iran ceasefire, security experts warn that Iranian-affiliated Advanced Persistent Threats continue actively compromising critical infrastructureSource 7. While the IRGC-linked group 'Handala' announced a temporary pause in targeting the U.S., intelligence reports indicate ongoing threats from Iranian state-sponsored actorsSource 7.

9

Hacker Breaches Chinese State Supercomputer, Exfiltrates 10 Petabytes

A threat actor using the alias 'FlamingChina' claimed responsibility for breaching a Chinese state-run supercomputer at the National Supercomputing Center in TianjinSource 7. The attacker allegedly exfiltrated over 10 petabytes of highly sensitive information from the facilitySource 7.

10

Anthropic Releases Claude Opus 4.7 and Mythos Model Amid Security Concerns

Anthropic released Claude Opus 4.7 and its Mythos model, which sparked global cybersecurity concerns among regulators and financial institutions due to its ability to detect critical software flawsSource 9. The advanced AI capability raises questions about potential misuse for identifying exploitable vulnerabilities in critical systemsSource 9.

11

ShowDoc Vulnerability Actively Exploited in the Wild

The ShowDoc vulnerability is being actively exploited by threat actors in real-world attacksSource 6. Security researchers are tracking ongoing exploitation attempts as attackers leverage this flaw against vulnerable systemsSource 6.

12

Emerson Partners with OPSWAT for Operational Technology Patch Management

Emerson has partnered with OPSWAT to embed operational technology patch management capabilities into the Ovation platform for critical infrastructure protectionSource 14. The integration aims to strengthen cybersecurity defenses for industrial control systems by improving vulnerability remediation workflowsSource 14.

Back to News